1 GnuTLS NEWS -- History of user-visible changes. -*- outline -*-
2 Bug numbers referenced in this log correspond to bug numbers at our issue tracker,
3 available at https://gitlab.com/gnutls/gnutls/issues
4 Copyright (C) 2000-2016 Free Software Foundation, Inc.
5 Copyright (C) 2013-2019 Nikos Mavrogiannopoulos
6 See the end for copying conditions.
8 * Version 3.6.9 (unreleased)
10 ** libgnutls: gnutls_privkey_sign_hash2 now accepts the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA
11 flag as documented. This makes it a complete replacement of gnutls_privkey_sign_hash().
13 ** Marked the crypto cipher registration APIs as deprecated. These APIs are rarely used,
14 are for a niche use case, but have significant side effects, such as preventing any
15 internal re-organization and extension of the internal cipher API. The APIs remain
16 functional though a compiler warning will be issued, and a future minor version update
17 may transform them to a no-op while keeping the ABI compatibility (#789)
19 ** The priority configuration was enhanced to allow more elaborate
20 system-wide configuration of the library. The following changes were done:
21 - The file is read as an ini file with '#' indicating a comment.
22 - The section "[priorities]" or global follows the existing semantics of
23 the configuration file, and allows to specify system-wide priority strings
24 which are accessed with the '@' prefix.
25 - The section "[overrides]" is added with the parameters "insecure-hash",
26 "insecure-sig", "insecure-sig-for-cert", "disabled-curve",
27 "disabled-version", "min-verification-profile", "tls-disabled-cipher",
28 "tls-disabled-mac", "tls-disabled-group", "tls-disabled-kx", which prohibit
29 specific algorithms or options globally. Existing algorithms in the
30 library can be marked as disabled and insecure, but no hard-coded
31 insecure algorithm can be marked as secure (so that the configuration
32 cannot be abused to make the system vulnerable).
33 - Unknown sections or options are skipped with a debug message, unless
34 the GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID environment parameter is
37 ** libgnutls: add gnutls_hash_copy/gnutls_hmac_copy functions that will create a copy
38 of digest or MAC context. Copying contexts for externally-registered digest and MAC
39 contexts is unupported.
41 ** libgnutls: Added new flag for GNUTLS_CPUID_OVERRIDE
42 0x20: Enable SHA_NI instruction set
44 ** API and ABI modifications:
45 gnutls_get_system_config_file: Added
46 gnutls_crypto_register_cipher: Deprecated
47 gnutls_crypto_register_aead_cipher: Deprecated
48 gnutls_crypto_register_digest: Deprecated
49 gnutls_crypto_register_mac: Deprecated
50 gnutls_hash_copy: Added
51 gnutls_hmac_copy: Added
54 * Version 3.6.8 (released 2019-05-28)
56 ** libgnutls: Added gnutls_prf_early() function to retrieve early keying
59 ** libgnutls: Added support for AES-XTS cipher (#354)
61 ** libgnutls: Fix calculation of Streebog digests (incorrect carry operation in
64 ** libgnutls: During Diffie-Hellman operations in TLS, verify that the peer's
65 public key is on the right subgroup (y^q=1 mod p), when q is available (under
66 TLS 1.3 and under earlier versions when RFC7919 parameters are used).
68 ** libgnutls: the gnutls_srp_set_server_credentials_function can now be used
69 with the 8192 parameters as well (#995).
71 ** libgnutls: Fixed bug preventing the use of gnutls_pubkey_verify_data2() and
72 gnutls_pubkey_verify_hash2() with the GNUTLS_VERIFY_DISABLE_CA_SIGN flag (#754)
74 ** libgnutls: The priority string option %ALLOW_SMALL_RECORDS was added to allow
75 clients to communicate with the server advertising smaller limits than 512
77 ** libgnutls: Apply STD3 ASCII rules in gnutls_idna_map() to prevent
78 hostname/domain crafting via IDNA conversion (#720)
80 ** certtool: allow the digital signature key usage flag in CA certificates.
81 Previously certtool would ignore this flag for CA certificates even if
84 ** gnutls-cli/serv: added the --keymatexport and --keymatexportsize options.
85 These allow testing the RFC5705 using these tools.
87 ** API and ABI modifications:
88 gnutls_prf_early: Added
89 gnutls_record_set_max_recv_size: Added
90 gnutls_dh_params_import_raw3: Added
91 gnutls_ffdhe_2048_group_q: Added
92 gnutls_ffdhe_3072_group_q: Added
93 gnutls_ffdhe_4096_group_q: Added
94 gnutls_ffdhe_6144_group_q: Added
95 gnutls_ffdhe_8192_group_q: Added
98 * Version 3.6.7 (released 2019-03-27)
100 ** libgnutls, gnutls tools: Every gnutls_free() will automatically set
101 the free'd pointer to NULL. This prevents possible use-after-free and
102 double free issues. Use-after-free will be turned into NULL dereference.
103 The counter-measure does not extend to applications using gnutls_free().
105 ** libgnutls: Fixed a memory corruption (double free) vulnerability in the
106 certificate verification API. Reported by Tavis Ormandy; addressed with
107 the change above. [GNUTLS-SA-2019-03-27, #694]
109 ** libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages;
110 Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704]
112 ** libgnutls: enforce key usage limitations on certificates more actively.
113 Previously we would enforce it for TLS1.2 protocol, now we enforce it
114 even when TLS1.3 is negotiated, or on client certificates as well. When
115 an inappropriate for TLS1.3 certificate is seen on the credentials structure
116 GnuTLS will disable TLS1.3 support for that session (#690).
118 ** libgnutls: the default number of tickets sent under TLS 1.3 was increased to
119 two. This makes it easier for clients which perform multiple connections
120 to the server to use the tickets sent by a default server.
122 ** libgnutls: enforce the equality of the two signature parameters fields in
123 a certificate. We were already enforcing the signature algorithm, but there
124 was a bug in parameter checking code.
126 ** libgnutls: fixed issue preventing sending and receiving from different
127 threads when false start was enabled (#713).
129 ** libgnutls: the flag GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO now implies a writable
130 session, as non-writeable security officer sessions are undefined in PKCS#11
133 ** libgnutls: no longer send downgrade sentinel in TLS 1.3.
134 Previously the sentinel value was embedded to early in version
135 negotiation and was sent even on TLS 1.3. It is now sent only when
136 TLS 1.2 or earlier is negotiated (#689).
138 ** gnutls-cli: Added option --logfile to redirect informational messages output.
140 ** API and ABI modifications:
141 No changes since last version.
144 * Version 3.6.6 (released 2019-01-25)
146 ** libgnutls: gnutls_pubkey_import_ecc_raw() was fixed to set the number bits
147 on the public key (#640).
149 ** libgnutls: Added support for raw public-key authentication as defined in RFC7250.
150 Raw public-keys can be negotiated by enabling the corresponding certificate
151 types via the priority strings. The raw public-key mechanism must be explicitly
152 enabled via the GNUTLS_ENABLE_RAWPK init flag (#26, #280).
154 ** libgnutls: When on server or client side we are sending no extensions we do
155 not set an empty extensions field but we rather remove that field competely.
156 This solves a regression since 3.5.x and improves compatibility of the server
157 side with certain clients.
159 ** libgnutls: We no longer mark RSA keys in PKCS#11 tokens as RSA-PSS capable if
160 the CKA_SIGN is not set (#667).
162 ** libgnutls: The priority string option %NO_EXTENSIONS was improved to completely
163 disable extensions at all cases, while providing a functional session. This
164 also implies that when specified, TLS1.3 is disabled.
166 ** libgnutls: GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION was marked as deprecated.
167 The previous definition was non-functional (#609).
169 ** API and ABI modifications:
170 GNUTLS_ENABLE_RAWPK: Added
171 GNUTLS_ENABLE_CERT_TYPE_NEG: Removed (was no-op; replaced by GNUTLS_ENABLE_RAWPK)
172 GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION: Deprecated
173 GNUTLS_PCERT_NO_CERT: Deprecated
176 * Version 3.6.5 (released 2018-12-01)
178 ** libgnutls: Provide the option of transparent re-handshake/reauthentication
179 when the GNUTLS_AUTO_REAUTH flag is specified in gnutls_init() (#571).
181 ** libgnutls: Added support for TLS 1.3 zero round-trip (0-RTT) mode (#127)
183 ** libgnutls: The priority functions will ignore and not enable TLS1.3 if
184 requested with legacy TLS versions enabled but not TLS1.2. That is because
185 if such a priority string is used in the client side (e.g., TLS1.3+TLS1.0 enabled)
186 servers which do not support TLS1.3 will negotiate TLS1.2 which will be
187 rejected by the client as disabled (#621).
189 ** libgnutls: Change RSA decryption to use a new side-channel silent function.
190 This addresses a security issue where memory access patterns as well as timing
191 on the underlying Nettle rsa-decrypt function could lead to new Bleichenbacher
192 attacks. Side-channel resistant code is slower due to the need to mask
193 access and timings. When used in TLS the new functions cause RSA based
194 handshakes to be between 13% and 28% slower on average (Numbers are indicative,
195 the tests where performed on a relatively modern Intel CPU, results vary
196 depending on the CPU and architecture used). This change makes nettle 3.4.1
197 the minimum requirement of gnutls (#630). [CVSS: medium]
199 ** libgnutls: gnutls_priority_init() and friends, allow the CTYPE-OPENPGP keyword
200 in the priority string. It is only accepted as legacy option and is ignored.
202 ** libgnutls: Added support for EdDSA under PKCS#11 (#417)
204 ** libgnutls: Added support for AES-CFB8 cipher (#357)
206 ** libgnutls: Added support for AES-CMAC MAC (#351)
208 ** libgnutls: In two previous versions GNUTLS_CIPHER_GOST28147_CPB/CPC/CPD_CFB ciphers
209 have incorrectly used CryptoPro-A S-BOX instead of proper (CryptoPro-B/-C/-D
210 S-BOXes). They are fixed now.
212 ** libgnutls: Added support for GOST key unmasking and unwrapped GOST private
213 keys parsing, as specified in R 50.1.112-2016.
215 ** gnutls-serv: It applies the default settings when no --priority option is given,
216 using gnutls_set_default_priority().
218 ** p11tool: Fix initialization of security officer's PIN with the --initialize-so-pin
221 ** certtool: Add parameter --no-text that prevents certtool from outputting
222 text before PEM-encoded private key, public key, certificate, CRL or CSR.
224 ** API and ABI modifications:
225 GNUTLS_AUTO_REAUTH: Added
226 GNUTLS_CIPHER_AES_128_CFB8: Added
227 GNUTLS_CIPHER_AES_192_CFB8: Added
228 GNUTLS_CIPHER_AES_256_CFB8: Added
229 GNUTLS_MAC_AES_CMAC_128: Added
230 GNUTLS_MAC_AES_CMAC_256: Added
231 gnutls_record_get_max_early_data_size: Added
232 gnutls_record_send_early_data: Added
233 gnutls_record_recv_early_data: Added
234 gnutls_db_check_entry_expire_time: Added
235 gnutls_anti_replay_set_add_function: Added
236 gnutls_anti_replay_init: Added
237 gnutls_anti_replay_deinit: Added
238 gnutls_anti_replay_set_window: Added
239 gnutls_anti_replay_enable: Added
240 gnutls_privkey_decrypt_data2: Added
243 * Version 3.6.4 (released 2018-09-24)
245 ** libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol.
247 ** libgnutls: Corrected regression since 3.6.3 in the callbacks set with
248 gnutls_certificate_set_retrieve_function() which could not handle the case where
249 no certificates were returned, or the callbacks were set to NULL (see #528).
251 ** libgnutls: gnutls_handshake() on server returns early on handshake when no
252 certificate is presented by client and the gnutls_init() flag GNUTLS_ENABLE_EARLY_START
255 ** libgnutls: Added session ticket key rotation on server side with TOTP.
256 The key set with gnutls_session_ticket_enable_server() is used as a
257 master key to generate time-based keys for tickets. The rotation
258 relates to the gnutls_db_set_cache_expiration() period.
260 ** libgnutls: The 'record size limit' extension is added and preferred to the
261 'max record size' extension when possible.
263 ** libgnutls: Provide a more flexible PKCS#11 search of trust store certificates.
264 This addresses the problem where the CA certificate doesn't have a subject key
265 identifier whereas the end certificates have an authority key identifier (#569)
267 ** libgnutls: gnutls_privkey_export_gost_raw2(), gnutls_privkey_import_gost_raw(),
268 gnutls_pubkey_export_gost_raw2(), gnutls_pubkey_import_gost_raw() import
269 and export GOST parameters in the "native" little endian format used for these
270 curves. This is an intentional incompatible change with 3.6.3.
272 ** libgnutls: Added support for seperately negotiating client and server certificate types
273 as defined in RFC7250. This mechanism must be explicitly enabled via the
274 GNUTLS_ENABLE_CERT_TYPE_NEG flag in gnutls_init().
276 ** gnutls-cli: enable CRL validation on startup (#564)
278 ** API and ABI modifications:
279 GNUTLS_ENABLE_EARLY_START: Added
280 GNUTLS_ENABLE_CERT_TYPE_NEG: Added
281 GNUTLS_TL_FAIL_ON_INVALID_CRL: Added
282 GNUTLS_CERTIFICATE_VERIFY_CRLS: Added
283 gnutls_ctype_target_t: New enumeration
284 gnutls_record_set_max_early_data_size: Added
285 gnutls_certificate_type_get2: Added
286 gnutls_priority_certificate_type_list2: Added
287 gnutls_ffdhe_6144_group_prime: Added
288 gnutls_ffdhe_6144_group_generator: Added
289 gnutls_ffdhe_6144_key_bits: Added
292 * Version 3.6.3 (released 2018-07-16)
294 ** libgnutls: Introduced support for draft-ietf-tls-tls13-28. It includes version
295 negotiation, post handshake authentication, length hiding, multiple OCSP support,
296 consistent ciphersuite support across protocols, hello retry requests, ability
297 to adjust key shares via gnutls_init() flags, certificate authorities extension,
298 and key usage limits. TLS1.3 draft-28 support can be enabled by default if
299 the option --enable-tls13-support is given to configure script.
301 ** libgnutls: Apply compatibility settings for existing applications running with TLS1.2 or
302 earlier and TLS 1.3. When SRP or NULL ciphersuites are specified in priority strings
303 TLS 1.3 is will be disabled. When Anonymous ciphersuites are specified in priority
304 strings, then TLS 1.3 negotiation will be disabled if the session is associated
305 only with an anonymous credentials structure.
307 ** Added support for Russian Public Key Infrastructure according to RFCs 4491/4357/7836.
308 This adds support for using GOST keys for digital signatures and under PKCS#7, PKCS#12,
309 and PKCS#8 standards. In particular added elliptic curves GOST R 34.10-2001 CryptoProA
310 256-bit curve (RFC 4357), GOST R 34.10-2001 CryptoProXchA 256-bit curve (RFC 4357),
311 and GOST R 34.10-2012 TC26-512-A 512-bit curve (RFC 7836).
313 ** Provide a uniform cipher list across supported TLS protocols; the CAMELLIA ciphers
314 as well as ciphers utilizing HMAC-SHA384 and SHA256 have been removed from the default
315 priority strings, as they are undefined under TLS1.3 and they provide no advantage
316 over other options in earlier protocols.
318 ** The SSL 3.0 protocol is disabled on compile-time by default. It can be re-enabled
319 by specifying --enable-ssl3-support on configure script.
321 ** libgnutls: Introduced function to switch the current FIPS140-2 operational
322 mode, i.e., strict vs a more lax mode which will allow certain non FIPS140-2
325 ** libgnutls: Introduced low-level function to assist applications attempting client
326 hello extension parsing, prior to GnuTLS' parsing of the message.
328 ** libgnutls: When exporting an X.509 certificate avoid re-encoding if there are no
329 modifications to the certificate. That prevents DER re-encoding issues with incorrectly
330 encoded certificates, or other DER incompatibilities to affect a TLS session.
333 ** libgnutls: on group exchange honor the %SERVER_PRECEDENCE and select the groups
334 which are preferred by the server. That unfortunately has complicated semantics
335 as TLS1.2 requires specific ordering of the groups based on the ciphersuite ordering,
336 which could make group order unpredictable if TLS1.3 is negotiated.
338 ** Improved counter-measures for TLS CBC record padding. Kenny Paterson, Eyal Ronen
339 and Adi Shamir reported that the existing counter-measures had certain issues and
340 were insufficient when the attacker has additional access to the CPU cache and
341 performs a chosen-plaintext attack. This affected the legacy CBC ciphersuites. [CVSS: medium]
343 ** Introduced the %FORCE_ETM priority string option. This option prevents the negotiation
344 of legacy CBC ciphersuites unless encrypt-then-mac is negotiated.
346 ** libgnutls: gnutls_privkey_import_ext4() was enhanced with the
347 GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS flag.
349 ** libgnutls: gnutls_pkcs11_copy_secret_key, gnutls_pkcs11_copy_x509_privkey2,
350 gnutls_pkcs11_privkey_generate3 will mark objects as sensitive by default
351 unless GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE is specified. This is an API
352 change for these functions which make them err towards safety.
354 ** libgnutls: improved aarch64 cpu features detection by using getauxval().
356 ** certtool: It is now possible to specify certificate and serial CRL numbers greater
357 than 2**63-2 as a hex-encoded string both when prompted and in a template file.
358 Default certificate serial numbers are now fully random. Default CRL
359 numbers include more random bits and are larger than in previous GnuTLS versions.
360 Since CRL numbers are required to be monotonic, specify suitable CRL numbers manually
361 if you intend to later downgrade to previous versions as it was not possible
362 to specify large CRL numbers in previous versions of certtool.
364 ** API and ABI modifications:
365 gnutls_fips140_set_mode: Added
366 gnutls_session_key_update: Added
367 gnutls_ext_get_current_msg: Added
369 gnutls_ocsp_status_request_get2: Added
370 gnutls_ocsp_resp_import2: Added
371 gnutls_ocsp_resp_export2: Added
372 gnutls_ocsp_resp_list_import2: Added
373 gnutls_certificate_set_retrieve_function3: Added
374 gnutls_certificate_set_ocsp_status_request_file2: Added
375 gnutls_certificate_set_ocsp_status_request_mem: Added
376 gnutls_certificate_get_ocsp_expiration: Added
377 gnutls_record_send2: Added
378 gnutls_ext_raw_parse: Added
379 gnutls_x509_crt_list_import_url: Added
380 gnutls_pcert_list_import_x509_file: Added
381 gnutls_pkcs11_token_get_ptr: Added
382 gnutls_pkcs11_obj_get_ptr: Added
383 gnutls_session_ticket_send: Added
384 gnutls_aead_cipher_encryptv: Added
385 gnutls_gost_paramset_get_name: Added
386 gnutls_gost_paramset_get_oid: Added
387 gnutls_oid_to_gost_paramset: Added
388 gnutls_decode_gost_rs_value: Added
389 gnutls_encode_gost_rs_value: Added
390 gnutls_pubkey_export_gost_raw2: Added
391 gnutls_pubkey_import_gost_raw: Added
392 gnutls_x509_crt_get_pk_gost_raw: Added
393 gnutls_privkey_export_gost_raw2: Added
394 gnutls_privkey_import_gost_raw: Added
395 gnutls_x509_privkey_export_gost_raw: Added
396 gnutls_x509_privkey_import_gost_raw: Added
397 gnutls_set_default_priority_append: Added
398 gnutls_priority_init2: Added
399 GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS: Added
400 GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE: Added
403 * Version 3.6.2 (released 2018-02-16)
405 ** libgnutls: When verifying against a self signed certificate ignore issuer.
406 That is, ignore issuer when checking the issuer's parameters strength, resolving
407 issue #347 which caused self signed certificates to be additionally marked as of
408 insufficient security level.
410 ** libgnutls: Corrected MTU calculation for the CBC ciphersuites. The data
411 MTU calculation now, it correctly accounts for the fixed overhead due to
412 padding (as 1 byte), while at the same time considers the rest of the
413 padding as part of data MTU.
415 ** libgnutls: Address issue of loading of all PKCS#11 modules on startup
416 on systems with a PKCS#11 trust store (as opposed to a file trust store).
417 Introduced a multi-stage initialization which loads the trust modules, and
418 other modules are deferred for the first pure PKCS#11 request.
420 ** libgnutls: The SRP authentication will reject any parameters outside
421 RFC5054. This protects any client from potential MitM due to insecure
422 parameters. That also brings SRP in par with the RFC7919 changes to
425 ** libgnutls: Added the 8192-bit parameters of SRP to the accepted parameters
426 for SRP authentication.
428 ** libgnutls: Addressed issue in the accelerated code affecting interoperability
429 with versions of nettle >= 3.4.
431 ** libgnutls: Addressed issue in the AES-GCM acceleration under aarch64.
433 ** libgnutls: Addressed issue in the AES-CBC acceleration under ssse3 (patch by
436 ** srptool: the --create-conf option no longer includes 1024-bit parameters.
438 ** p11tool: Fixed the deletion of objects in batch mode.
440 ** API and ABI modifications:
441 gnutls_srp_8192_group_generator: Added
442 gnutls_srp_8192_group_prime: Added
445 * Version 3.6.1 (released 2017-10-21)
447 ** libgnutls: Fixed interoperability issue with openssl when safe renegotiation was
448 used. Resolves gitlab issue #259.
450 ** libgnutls: gnutls_x509_crl_sign, gnutls_x509_crt_sign,
451 gnutls_x509_crq_sign, were modified to sign with a better algorithm than
452 SHA1. They will now sign with an algorithm that corresponds to the security
453 level of the signer's key.
455 ** libgnutls: gnutls_x509_*_sign2() functions and gnutls_x509_*_privkey_sign()
456 accept GNUTLS_DIG_UNKNOWN (0) as a hash function option. That will signal
457 the function to auto-detect an appropriate hash algorithm to use.
459 ** libgnutls: Removed support for signature algorithms using SHA2-224 in TLS.
460 TLS 1.3 no longer uses SHA2-224 and it was never a widespread algorithm
461 in TLS 1.2. As such, no reason to keep supporting it.
463 ** libgnutls: Refuse to use client certificates containing disallowed
464 algorithms for a session. That reverts a change on 3.5.5, which allowed
465 a client to use DSA-SHA1 due to his old DSA certificate, without requiring him
466 to enable DSA-SHA1 (and thus make it acceptable for the server's certificate).
467 The previous approach was to allow a smooth move for client infrastructure
468 after the DSA algorithm became disabled by default, and is no longer necessary
469 as DSA is now being universally depracated.
471 ** libgnutls: Refuse to resume a session which had a different SNI advertised. That
472 improves RFC6066 support in server side. Reported by Thomas Klute.
474 ** p11tool: Mark all generated objects as sensitive by default.
476 ** p11tool: added options --sign-params and --hash. This allows testing
477 signature with multiple algorithms, including RSA-PSS.
479 ** API and ABI modifications:
480 No changes since last version.
483 * Version 3.6.0 (released 2017-08-21)
485 ** libgnutls: tlsfuzzer is part of the CI testsuite. This is a TLS testing and
486 fuzzying toolkit, allowing for corner case testing, and ensuring that the
487 behavior of the library will not change across releases.
488 https://github.com/tomato42/tlsfuzzer
490 ** libgnutls: Introduced a lock-free random generator which operates per-thread
491 and eliminates random-generator related bottlenecks in multi-threaded operation.
492 Resolves gitlab issue #141.
493 http://nmav.gnutls.org/2017/03/improving-by-simplifying-gnutls-prng.html
495 ** libgnutls: Replaced the Salsa20 random generator with one based on CHACHA.
496 The goal is to reduce code needed in cache (CHACHA is also used for TLS),
497 and the number of primitives used by the library. That does not affect the
498 AES-DRBG random generator used in FIPS140-2 mode.
500 ** libgnutls: Added support for RSA-PSS key type as well as signatures in
501 certificates, and TLS key exchange. Contributed by Daiki Ueno.
502 RSA-PSS signatures can be generated by RSA-PSS keys and normal RSA keys,
503 but not vice-versa. The feature includes:
504 * RSA-PSS key generation and key handling (in PKCS#8 form)
505 * RSA-PSS key generation and key handling from PKCS#11 (with CKM_RSA_PKCS_PSS mech)
506 * Handling of RSA-PSS subjectPublicKeyInfo parameters, when present
507 in either the private key or certificate.
508 * RSA-PSS signing and verification of PKIX certificates
509 * RSA-PSS signing and verification of TLS 1.2 handshake
510 * RSA-PSS signing and verification of PKCS#7 structures
511 * RSA-PSS and RSA key combinations for TLS credentials. That is, when
512 multiple keys are supplied, RSA-PSS keys are preferred over RSA for RSA-PSS
513 TLS signatures, to contain risks of cross-protocol attacks between the algorithms.
514 * RSA-PSS key conversion to RSA PKCS#1 form (certtool --to-rsa)
515 Note that RSA-PSS signatures with SHA1 are (intentionally) not supported.
517 ** libgnutls: Added support for Ed25519 signing in certificates and TLS key
518 exchange following draft-ietf-tls-rfc4492bis-17. The feature includes:
519 * Ed25519 key generation and key handling (in PKCS#8 form)
520 * Ed25519 signing and verification of PKIX certificates
521 * Ed25519 signing and verification of TLS 1.2 handshake
522 * Ed25519 signing and verification of PKCS#7 structures
524 ** libgnutls: Enabled X25519 key exchange by default, following draft-ietf-tls-rfc4492bis-17.
526 ** libgnutls: Added support for Diffie-Hellman group negotiation following RFC7919.
527 That makes the DH parameters negotiation more robust and less prone to errors
528 due to insecure parameters. Servers are no longer required to specific explicit
529 DH parameters, though if they do these parameters will be used. Group
530 selection can be done via priority strings. The introduced strings are
531 GROUP-ALL, GROUP-FFDHE2048, GROUP-FFDHE3072, GROUP-FFDHE4096 and
532 GROUP-FFDHE8192, as well as the corresponding to curves groups. Note that
533 the 6144 group from RFC7919 is not supported.
535 ** libgnutls: Introduced various sanity checks on certificate import. Refuse
536 to import certificates which have fractional seconds in Time fields, X.509v1
537 certificates which have the unique identifiers set, and certificates with illegal
538 version numbers. All of these are prohibited by RFC5280.
540 ** libgnutls: Introduced gnutls_x509_crt_set_flags(). This function can set flags
541 in the crt structure. The only flag supported at the moment is
542 GNUTLS_X509_CRT_FLAG_IGNORE_SANITY which skips the certificate sanity
545 ** libgnutls: PKIX certificates with unknown critical extensions are rejected
546 on verification with status GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS. This
547 behavior can be overridden by providing the flag GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS
548 to verification functions. Resolves gitlab issue #177.
550 ** libgnutls: Refuse to generate a certificate with an illegal version, or an
551 illegal serial number. That is, gnutls_x509_crt_set_version() and
552 gnutls_x509_crt_set_serial(), will fail on input considered to be invalid
555 ** libgnutls: Calls to gnutls_record_send() and gnutls_record_recv()
556 prior to handshake being complete are now refused. Addresses gitlab issue #158.
558 ** libgnutls: Added support for PKCS#12 files with no salt (zero length) in their
559 password encoding, and PKCS#12 files using SHA384 and SHA512 as MAC.
561 ** libgnutls: Exported functions to encode and decode DSA and ECDSA r,s values.
563 ** libgnutls: Added new callback setting function to gnutls_privkey_t for external
564 keys. The new function (gnutls_privkey_import_ext4), allows signing in addition
565 to previous algorithms (RSA PKCS#1 1.5, DSA, ECDSA), with RSA-PSS and Ed25519
568 ** libgnutls: Introduced the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1
569 priority string options. These allows enabling all broken and SHA1-based signature
570 algorithms in certificate verification, respectively.
572 ** libgnutls: 3DES-CBC is no longer included in the default priorities
573 list. It has to be explicitly enabled, e.g., with a string like
576 ** libgnutls: SHA1 was marked as insecure for signing certificates. Verification
577 of certificates signed with SHA1 is now considered insecure and will
578 fail, unless flags intended to enable broken algorithms are set. Other uses
579 of SHA1 are still allowed. This can be reverted on compile time with the configure
580 flag --enable-sha1-support.
582 ** libgnutls: RIPEMD160 was marked as insecure for certificate signatures. Verification
583 of certificates signed with RIPEMD160 hash algorithm is now considered insecure and
584 will fail, unless flags intended to enable broken algorithms are set.
586 ** libgnutls: No longer enable SECP192R1 and SECP224R1 by default on TLS handshakes.
587 These curves were rarely used for that purpose, provide no advantage over
588 x25519 and were deprecated by TLS 1.3.
590 ** libgnutls: Removed support for DEFLATE, or any other compression method.
592 ** libgnutls: OpenPGP authentication was removed; the resulting library is ABI
593 compatible, with the openpgp related functions being stubs that fail
596 ** libgnutls: Removed support for libidn (i.e., IDNA2003); gnutls can now be compiled
597 only with libidn2 which provides IDNA2008.
599 ** certtool: The option '--load-ca-certificate' can now accept PKCS#11
600 URLs in addition to files.
602 ** certtool: The option '--load-crl' can now be used when generating PKCS#12
603 files (i.e., in conjunction with '--to-p12' option).
605 ** certtool: Keys with provable RSA and DSA parameters are now only read and
606 exported from PKCS#8 form, following draft-mavrogiannopoulos-pkcs8-validated-parameters-00.txt.
607 This removes support for the previous a non-standard key format.
609 ** certtool: Added support for generating, printing and handling RSA-PSS and
610 Ed25519 keys and certificates.
612 ** certtool: the parameters --rsa, --dsa and --ecdsa to --generate-privkey are now
613 deprecated, replaced by the --key-type option.
615 ** p11tool: The --generate-rsa, --generate-ecc and --generate-dsa options were
616 replaced by the --generate-privkey option.
618 ** psktool: Generate 256-bit keys by default.
620 ** gnutls-server: Increase request buffer size to 16kb, and added the --alpn and
621 --alpn-fatal options, allowing testing of ALPN negotiation.
623 ** API and ABI modifications:
624 gnutls_encode_rs_value: Added
625 gnutls_decode_rs_value: Added
626 gnutls_base64_encode2: Added
627 gnutls_base64_decode2: Added
628 gnutls_x509_crt_set_flags: Added
629 gnutls_x509_crt_check_ip: Added
630 gnutls_x509_ext_import_inhibit_anypolicy: Added
631 gnutls_x509_ext_export_inhibit_anypolicy: Added
632 gnutls_x509_crt_get_inhibit_anypolicy: Added
633 gnutls_x509_crt_set_inhibit_anypolicy: Added
634 gnutls_pubkey_export_rsa_raw2: Added
635 gnutls_pubkey_export_dsa_raw2: Added
636 gnutls_pubkey_export_ecc_raw2: Added
637 gnutls_privkey_export_rsa_raw2: Added
638 gnutls_privkey_export_dsa_raw2: Added
639 gnutls_privkey_export_ecc_raw2: Added
640 gnutls_x509_spki_init: Added
641 gnutls_x509_spki_deinit: Added
642 gnutls_x509_spki_get_pk_algorithm: Added
643 gnutls_x509_spki_set_pk_algorithm: Added
644 gnutls_x509_spki_get_digest_algorithm: Added
645 gnutls_x509_spki_set_digest_algorithm: Added
646 gnutls_x509_spki_get_salt_size: Added
647 gnutls_x509_spki_set_salt_size: Added
648 gnutls_x509_crt_set_spki: Added
649 gnutls_x509_crt_get_spki: Added
650 gnutls_x509_privkey_get_spki: Added
651 gnutls_x509_privkey_set_spki: Added
652 gnutls_x509_crq_get_spki: Added
653 gnutls_x509_crq_set_spki: Added
654 gnutls_pubkey_set_spki: Added
655 gnutls_pubkey_get_spki: Added
656 gnutls_privkey_set_spki: Added
657 gnutls_privkey_get_spki: Added
658 gnutls_privkey_import_ext4: Added
659 GNUTLS_EXPORT_FLAG_NO_LZ: Added
660 GNUTLS_DT_IP_ADDRESS: Added
661 GNUTLS_X509_CRT_FLAG_IGNORE_SANITY: Added
662 GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS: Added
663 GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1: Added
664 GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES: Added
665 GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS: Added
666 GNUTLS_SFLAGS_RFC7919: Added
669 * Version 3.5.7 (released 2016-12-8)
671 ** libgnutls: Include CHACHA20-POLY1305 ciphersuites in the SECURE128
672 and SECURE256 priority strings.
674 ** libgnutls: Require libtasn1 4.9; this ensures gnutls will correctly
675 operate with OIDs which have elements that exceed 2^32.
677 ** libgnutls: The DN decoding functions output the traditional DN format
678 rather than the strict RFC4514 compliant textual DN. This reverts the
679 3.5.6 introduced change, and allows applications which depended on the
680 previous format to continue to function. Introduced new functions which
681 output the strict format by default, and can revert to the old one using
684 ** libgnutls: Improved TPM key handling. Check authorization requirements
685 prior to using a key and fix issue on loop for PIN input. Patches by
688 ** libgnutls: In all functions accepting UTF-8 passwords, ensure that
689 passwords are normalized according to RFC7613. When invalid UTF-8
690 passwords are detected, they are only tolerated for decryption.
691 This introduces a libunistring dependency on GnuTLS. A version of
692 libunistring is included in the library for the platforms that do
693 not ship it; it can be used with the '--with-included-unistring'
694 option to configure script.
696 ** libgnutls: When setting a subject alternative name in a certificate
697 which is in UTF-8 format, it will transparently be converted to IDNA form
700 ** libgnutls: GNUTLS_CRT_PRINT_ONELINE flag on gnutls_x509_crt_print()
701 will print the SHA256 key-ID instead of a certificate fingerprint.
703 ** libgnutls: enhance the PKCS#7 verification capabilities. In the case
704 signers that are not discoverable using the trust list or input, use
705 the stored list as pool to generate a trusted chain to the signer.
707 ** libgnutls: Improved MTU calculation precision for the CBC ciphersuites
710 ** libgnutls: [added missing news entry since 3.5.0]
711 No longer tolerate certificate key usage violations for
712 TLS signature verification, and decryption. That is GnuTLS will fail
713 to connect to servers which incorrectly use a restricted to signing certificate
714 for decryption, or vice-versa. This reverts the lax behavior introduced
715 in 3.1.0, due to several such broken servers being available. The %COMPAT
716 priority keyword can be used to work-around connecting on these servers.
718 ** certtool: When exporting a CRQ in DER format ensure no text data are
719 intermixed. Patch by Dmitry Eremin-Solenikov.
721 ** certtool: Include the SHA-256 variant of key ID in --certificate-info
724 ** p11tool: Introduced the --initialize-pin and --initialize-so-pin
727 ** API and ABI modifications:
728 gnutls_utf8_password_normalize: Added
729 gnutls_ocsp_resp_get_responder2: Added
730 gnutls_x509_crt_get_issuer_dn3: Added
731 gnutls_x509_crt_get_dn3: Added
732 gnutls_x509_rdn_get2: Added
733 gnutls_x509_dn_get_str2: Added
734 gnutls_x509_crl_get_issuer_dn3: Added
735 gnutls_x509_crq_get_dn3: Added
738 * Version 3.5.6 (released 2016-11-04)
740 ** libgnutls: Enhanced the PKCS#7 parser to allow decoding old
741 (pre-rfc5652) structures with arbitrary encapsulated content.
743 ** libgnutls: Introduced a function group to set known DH parameters
744 using groups from RFC7919.
746 ** libgnutls: Added more strict RFC4514 textual DN encoding and decoding.
747 Now the generated textual DN is in reverse order according to RFC4514,
748 and functions which generate a DN from strings such gnutls_x509_crt_set_*dn()
749 set the expected DN (reverse of the provided string).
751 ** libgnutls: Introduced time and constraints checks in the end certificate
752 in the gnutls_x509_crt_verify_data2() and gnutls_pkcs7_verify_direct()
755 ** libgnutls: Set limits on the maximum number of alerts handled. That is,
756 applications using gnutls could be tricked into an busy loop if the
757 peer sends continuously alert messages. Applications which set a maximum
758 handshake time (via gnutls_handshake_set_timeout) will eventually recover
759 but others may remain in a busy loops indefinitely. This is related but
760 not identical to CVE-2016-8610, due to the difference in alert handling
761 of the libraries (gnutls delegates that handling to applications).
763 ** libgnutls: Reverted the change which made the gnutls_certificate_set_*key*
764 functions return an index (introduced in 3.5.5), to avoid affecting programs
765 which explicitly check success of the function as equality to zero. In order
766 for these functions to return an index an explicit call to gnutls_certificate_set_flags
767 with the GNUTLS_CERTIFICATE_API_V2 flag is now required.
769 ** libgnutls: Reverted the behavior of sending a status request extension even
770 without a response (introduced in 3.5.5). That is, we no longer reply to a
771 client's hello with a status request, with a status request extension. Although
772 that behavior is legal, it creates incompatibility issues with releases in
773 the gnutls 3.3.x branch.
775 ** libgnutls: Delayed the initialization of the random generator at
776 the first call of gnutls_rnd(). This allows applications to load
777 on systems which getrandom() would block, without blocking until
778 real random data are needed.
780 ** certtool: --get-dh-params will output parameters from the RFC7919
783 ** p11tool: improvements in --initialize option.
785 ** API and ABI modifications:
786 GNUTLS_CERTIFICATE_API_V2: Added
787 GNUTLS_NO_TICKETS: Added
788 gnutls_pkcs7_get_embedded_data_oid: Added
789 gnutls_anon_set_server_known_dh_params: Added
790 gnutls_certificate_set_known_dh_params: Added
791 gnutls_psk_set_server_known_dh_params: Added
792 gnutls_x509_crt_check_key_purpose: Added
795 * Version 3.5.5 (released 2016-10-09)
797 ** libgnutls: enhanced gnutls_certificate_set_ocsp_status_request_file()
798 to allow importing multiple OCSP request files, one for each chain
801 ** libgnutls: The gnutls_certificate_set_key* functions return an
802 index of the added chain. That index can be used either with
803 gnutls_certificate_set_ocsp_status_request_file(), or with
804 gnutls_certificate_get_crt_raw() and friends.
806 ** libgnutls: Added SHA*, AES-GCM, AES-CCM and AES-CBC optimized implementations
807 for the aarch64 architecture. Uses Andy Polyakov's assembly code.
809 ** libgnutls: Ensure proper cleanups on gnutls_certificate_set_*key()
810 failures due to key mismatch. This prevents leaks or double freeing
813 ** libgnutls: Increased the maximum size of the handshake message hash.
814 This will allow the library to cope better with larger packets, as
815 the ones offered by current TLS 1.3 drafts.
817 ** libgnutls: Allow to use client certificates despite them containing
818 disallowed algorithms for a session. That allows for example a client
819 to use DSA-SHA1 due to his old DSA certificate, without requiring him
820 to enable DSA-SHA1 (and thus make it acceptable for the server's certificate).
822 ** libgnutls: Reverted AESNI code on x86 to earlier version as the
823 latest version was creating position depending code. Added checks
824 in the CI to detect position depending code early.
826 ** guile: Update code to the I/O port API of Guile >= 2.1.4
827 This makes sure the GnuTLS bindings will work with the forthcoming 2.2
828 stable series of Guile, of which 2.1 is a preview.
830 ** API and ABI modifications:
831 gnutls_certificate_set_ocsp_status_request_function2: Added
832 gnutls_session_ext_register: Added
833 gnutls_session_supplemental_register: Added
834 GNUTLS_E_PK_INVALID_PUBKEY: Added
835 GNUTLS_E_PK_INVALID_PRIVKEY: Added
838 * Version 3.5.4 (released 2016-09-08)
840 ** libgnutls: Corrected the comparison of the serial size in OCSP response.
841 Previously the OCSP certificate check wouldn't verify the serial length
842 and could succeed in cases it shouldn't (GNUTLS-SA-2016-3).
843 Reported by Stefan Buehler.
845 ** libgnutls: Added support for IP name constraints. Patch by Martin Ukrop.
847 ** libgnutls: Added support of PKCS#8 file decryption using DES-CBC-MD5. This
848 is added to allow decryption of PKCS #8 private keys from openssl prior to 1.1.0.
850 ** libgnutls: Added support for decrypting PKCS#8 files which use HMAC-SHA256
851 as PRF. This allow decrypting PKCS #8 private keys generated with openssl 1.1.0.
853 ** libgnutls: Added support for internationalized passwords in PKCS#12 files.
854 Previous versions would only encrypt or decrypt using passwords from the ASCII
857 ** libgnutls: Addressed issue with PKCS#11 signature generation on ECDSA
858 keys. The signature is now written as unsigned integers into the DSASignatureValue
859 structure. Previously signed integers could be written depending on what
860 the underlying module would produce. Addresses #122.
862 ** gnutls-cli: Fixed starttls regression from 3.5.3.
864 ** API and ABI modifications:
865 GNUTLS_E_MALFORMED_CIDR: Added
866 gnutls_x509_cidr_to_rfc5280: Added
867 gnutls_oid_to_mac: Added
870 * Version 3.5.3 (released 2016-08-09)
872 ** libgnutls: Added support for TCP fast open (RFC7413), allowing
873 to reduce by one round-trip the handshake process. Based on proposal and
874 patch by Tim Ruehsen.
876 ** libgnutls: Adopted a simpler with less memory requirements DTLS sliding
877 window implementation. Based on Fridolin Pokorny's implementation for
880 ** libgnutls: Use getrandom where available via the syscall interface.
881 This works around an issue of not-using getrandom even if it exists
882 since glibc doesn't declare such function.
884 ** libgnutls: Fixed DNS name constraints checking in the case of empty
885 intersection of domain names in the chain. Report and fix by Martin Ukrop.
887 ** libgnutls: Fixed name constraints checking in the case of chains
888 where the higher level certificates contained different types of
889 constraints than the ones present in the lower intermediate CAs.
890 Report and fix by Martin Ukrop.
892 ** libgnutls: Dropped support for the EGD random generator.
894 ** libgnutls: Allow the decoding of raw elements (starting with #)
895 in RFC4514 DN string decoding.
897 ** libgnutls: Fixes in gnutls_x509_crt_list_import2, which was
898 ignoring flags if all certificates in the list fit within the
899 initially allocated memory. Patch by Tim Kosse.
901 ** libgnutls: Corrected issue which made gnutls_certificate_get_x509_crt()
902 to return invalid pointers when returned more than a single certificate.
903 Report and fix by Stefan Sørensen.
905 ** libgnutls: Fix gnutls_pkcs12_simple_parse to always extract the complete chain,
906 even when the extra_certs was non-null. Report and fix by Stefan Sørensen.
908 ** certtool: Added the "add_extension" and "add_critical_extension"
909 template options. This allows specifying arbitrary extensions into
910 certificates and certificate requests.
912 ** gnutls-cli: Added the --fastopen option.
914 ** API and ABI modifications:
915 GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE: Added
916 gnutls_x509_crq_set_extension_by_oid: Added
917 gnutls_x509_dn_set_str: Added
918 gnutls_transport_set_fastopen: Added
921 * Version 3.5.2 (released 2016-07-06)
923 ** libgnutls: Address issue when utilizing the p11-kit trust store
924 for certificate verification (GNUTLS-SA-2016-2).
926 ** libgnutls: Fixed DTLS handshake packet reconstruction. Reported by
929 ** libgnutls: Fixed issues with PKCS#11 reading of sensitive objects
930 from SafeNet Network HSM. Reported by Anthony Alba in #108.
932 ** libgnutls: Corrected the writing of PKCS#11 CKA_SERIAL_NUMBER. Report
933 and fix by Stanislav Židek.
935 ** libgnutls: Added AES-GCM optimizations using the AVX and MOVBE
936 instructions. Uses Andy Polyakov's assembly code.
938 ** API and ABI modifications:
939 No changes since last version.
942 * Version 3.5.1 (released 2016-06-14)
944 ** libgnutls: The SSL 3.0 protocol support can completely be removed
945 using a compile time option. The configure option is --disable-ssl3-support.
947 ** libgnutls: The SSL 2.0 client hello support can completely be removed
948 using a compile time option. The configure option is --disable-ssl2-support.
950 ** libgnutls: Added support for OCSP Must staple PKIX extension. That is,
951 implemented the RFC7633 TLSFeature for OCSP status request extension.
952 Feature implemented by Tim Kosse.
954 ** libgnutls: More strict OCSP staple verification. That is, no longer
955 ignore invalid or too old OCSP staples. The previous behavior was
956 to rely on application use gnutls_ocsp_status_request_is_checked(),
957 while the new behavior is to include OCSP verification by default
958 and set the GNUTLS_CERT_INVALID_OCSP_STATUS verification flag on error.
960 ** libgnutls: Treat CA certificates with the "Server Gated Cryptography" key
961 purpose OIDs equivalent to having the GNUTLS_KP_TLS_WWW_SERVER OID. This
962 improves interoperability with several old intermediate CA certificates
963 carrying these legacy OIDs.
965 ** libgnutls: Re-read the system wide priority file when needed. Patch by
968 ** libgnutls: Allow for fallback in system-specific initial keywords
969 (prefixed with '@'). That allows to specify a keyword such as
970 "@KEYWORD1,KEYWORD2" which will use the first available of these
971 two keywords. Patch by Daniel P. Berrange.
973 ** libgnutls: The SSLKEYLOGFILE environment variable can be used to log
974 session keys. These session keys are compatible with the NSS Key Log
975 Format and can be used to decrypt the session for debugging using
978 ** API and ABI modifications:
979 GNUTLS_CERT_INVALID_OCSP_STATUS: Added
980 gnutls_x509_crt_set_crq_extension_by_oid: Added
981 gnutls_x509_ext_import_tlsfeatures: Added
982 gnutls_x509_ext_export_tlsfeatures: Added
983 gnutls_x509_tlsfeatures_add: Added
984 gnutls_x509_tlsfeatures_init: Added
985 gnutls_x509_tlsfeatures_deinit: Added
986 gnutls_x509_tlsfeatures_get: Added
987 gnutls_x509_crt_get_tlsfeatures: Added
988 gnutls_x509_crt_set_tlsfeatures: Added
989 gnutls_x509_crq_get_tlsfeatures: Added
990 gnutls_x509_crq_set_tlsfeatures: Added
991 gnutls_ext_get_name: Added
994 * Version 3.5.0 (released 2016-05-09)
996 ** libgnutls: Added SHA3 based signing algorithms for DSA, RSA and ECDSA,
997 based on https://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
999 ** libgnutls: Added support for curve X25519 (RFC 7748, draft-ietf-tls-rfc4492bis-07).
1000 This curve is disabled by default as it is still on specification status. It
1001 can be enabled using the priority string modifier +CURVE-X25519.
1003 ** libgnutls: Added support for TLS false start (draft-ietf-tls-falsestart-01)
1004 by introducing gnutls_init() flag GNUTLS_ENABLE_FALSE_START (#73).
1006 ** libgnutls: Added new APIs to access the FIPS186-4 (Shawe-Taylor based) provable
1007 RSA and DSA parameter generation from a seed.
1009 ** libgnutls: The CHACHA20-POLY1305 ciphersuite is enabled by default. This
1010 cipher is prioritized after AES-GCM.
1012 ** libgnutls: On a rehandshake ensure that the certificate of the peer or
1013 its username remains the same as in previous handshakes. That is to protect
1014 applications which do not check user credentials on rehandshakes. The
1015 threat to address depends on the application protocol. Primarily it
1016 protects against applications which authenticate the peer initially and
1017 perform accounting using the session's information, from being misled
1018 by a rehandshake which switches the peer's identity. Applications can
1019 disable this protection by using the %GNUTLS_ALLOW_ID_CHANGE flag in
1022 ** libgnutls: No longer tolerate certificate key usage violations for
1023 TLS signature verification, and decryption. That is GnuTLS will fail
1024 to connect to servers which incorrectly use a restricted to signing certificate
1025 for decryption, or vice-versa. This reverts the lax behavior introduced
1026 in 3.1.0, due to several such broken servers being available. The %COMPAT
1027 priority keyword can be used to work-around connecting on these servers.
1029 ** libgnutls: Be strict in TLS extension decoding. That is, do not tolerate
1030 parsing errors in the extensions field and treat it as a typical Hello
1031 message structure. Reported by Hubert Kario (#40).
1033 ** libgnutls: Old and unsupported version numbers in client hellos are
1034 rejected with a "protocol_version" alert message. Reported by Hubert
1037 ** libgnutls: Lifted the limitation of calling the gnutls_session_get_data*()
1038 functions, only on non-resumed sessions. This brings the API in par with
1041 ** libgnutls: Follow RFC5280 strictly in name constraints computation. The
1042 permitted subtrees is intersected with any previous values. Report and
1043 patch by Daiki Ueno.
1045 ** libgnutls: Enforce the RFC 7627 (extended master secret) requirements on
1046 session resumption. Reported by Hubert Kario (#69).
1048 ** libgnutls: Consider the max-record TLS extension even when under DTLS.
1049 Reported by Peter Dettman (#61).
1051 ** libgnutls: Replaced writev() system call with sendmsg().
1053 ** libgnutls: Replaced select() system call with poll() on POSIX systems.
1055 ** libgnutls: Preload the system priority file on library load. This allows
1056 applications that chroot() to also use the system priorities.
1058 ** libgnutls: Applications are allowed to override the built-in key and
1061 ** libgnutls: The gnutls.h header marks constant and pure functions explictly.
1063 ** certtool: Added the ability to sign certificates using SHA3.
1065 ** certtool: Added the --provable and --verify-allow-broken options.
1067 ** gnutls-cli: The --dane option will cause verification failure if gnutls is not
1068 compiled with DANE support.
1070 ** crywrap: The tool was unbundled from gnutls' distribution. It can be found at
1071 https://github.com/nmav/crywrap
1073 ** guile: .go files are now built and installed
1075 ** guile: Fix compatibility issue of the test suite with Guile 2.1
1077 ** guile: When --with-guile-site-dir is passed, modules are installed in a
1078 versioned directory, typically $(datadir)/guile/site/2.0
1080 ** guile: Tests no longer leave zombie processes behind
1082 ** API and ABI modifications:
1083 GNUTLS_FORCE_CLIENT_CERT: Added
1084 GNUTLS_ENABLE_FALSE_START: Added
1085 GNUTLS_INDEFINITE_TIMEOUT: Added
1086 GNUTLS_ALPN_SERVER_PRECEDENCE: Added
1087 GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING: Added
1088 GNUTLS_E_HANDSHAKE_DURING_FALSE_START: Added
1089 gnutls_check_version_numeric: Added
1090 gnutls_x509_crt_equals: Added
1091 gnutls_x509_crt_equals2: Added
1092 gnutls_x509_crt_set_subject_alt_othername: Added
1093 gnutls_x509_crt_set_issuer_alt_othername: Added
1094 gnutls_x509_crt_get_signature_oid: Added
1095 gnutls_x509_crt_get_pk_oid: Added
1096 gnutls_x509_crq_set_subject_alt_othername: Added
1097 gnutls_x509_crq_get_pk_oid: Added
1098 gnutls_x509_crq_get_signature_oid: Added
1099 gnutls_x509_crl_get_signature_oid: Added
1100 gnutls_x509_privkey_generate2: Added
1101 gnutls_x509_privkey_get_seed: Added
1102 gnutls_x509_privkey_verify_seed: Added
1103 gnutls_privkey_generate2: Added
1104 gnutls_privkey_get_seed: Added
1105 gnutls_privkey_verify_seed: Added
1106 gnutls_decode_ber_digest_info: Added
1107 gnutls_encode_ber_digest_info: Added
1108 gnutls_dh_params_import_dsa: Added
1109 gnutls_session_get_master_secret: Added
1112 * Version 3.4.3 (released 2015-07-12)
1114 ** libgnutls: Follow closely RFC5280 recommendations and use UTCTime for
1115 dates prior to 2050.
1117 ** libgnutls: Force 16-byte alignment to all input to ciphers (previously it
1118 was done only when cryptodev was enabled).
1120 ** libgnutls: Removed support for pthread_atfork() as it has undefined
1121 semantics when used with dlopen(), and may lead to a crash.
1123 ** libgnutls: corrected failure when importing plain files
1124 with gnutls_x509_privkey_import2(), and a password was provided.
1126 ** libgnutls: Don't reject certificates if a CA has the URI or IP address
1127 name constraints, and the end certificate doesn't have an IP address
1130 ** libgnutls: set and read the hint in DHE-PSK and ECDHE-PSK ciphersuites.
1132 ** p11tool: Added --list-token-urls option, and print the token module name
1135 ** API and ABI modifications:
1136 gnutls_ecc_curve_get_oid: Added
1137 gnutls_digest_get_oid: Added
1138 gnutls_pk_get_oid: Added
1139 gnutls_sign_get_oid: Added
1140 gnutls_ecc_curve_get_id: Added
1141 gnutls_oid_to_digest: Added
1142 gnutls_oid_to_pk: Added
1143 gnutls_oid_to_sign: Added
1144 gnutls_oid_to_ecc_curve: Added
1145 gnutls_pkcs7_get_signature_count: Added
1148 * Version 3.4.2 (released 2015-06-16)
1150 ** libgnutls: DTLS blocking API is more robust against infinite blocking,
1151 and will notify of more possible timeouts.
1153 ** libgnutls: corrected regression with Camellia-256-GCM cipher. Reported
1154 by Manuel Pegourie-Gonnard.
1156 ** libgnutls: Introduced the GNUTLS_NO_SIGNAL flag to gnutls_init(). That
1157 allows to disable SIGPIPE for writes done within gnutls.
1159 ** libgnutls: Enhanced the PKCS #7 API to allow signing and verification
1160 of structures. API moved to gnutls/pkcs7.h header.
1162 ** certtool: Added options to generate PKCS #7 bundles and signed
1165 ** API and ABI modifications:
1166 gnutls_x509_dn_get_str: Added
1167 gnutls_pkcs11_get_raw_issuer_by_subject_key_id: Added
1168 gnutls_x509_trust_list_get_issuer_by_subject_key_id: Added
1169 gnutls_x509_crt_verify_data2: Added
1170 gnutls_pkcs7_get_crt_raw2: Added
1171 gnutls_pkcs7_signature_info_deinit: Added
1172 gnutls_pkcs7_get_signature_info: Added
1173 gnutls_pkcs7_verify_direct: Added
1174 gnutls_pkcs7_verify: Added
1175 gnutls_pkcs7_get_crl_raw2: Added
1176 gnutls_pkcs7_sign: Added
1177 gnutls_pkcs7_attrs_deinit: Added
1178 gnutls_pkcs7_add_attr: Added
1179 gnutls_pkcs7_get_attr: Added
1180 gnutls_pkcs7_print: Added
1183 * Version 3.4.1 (released 2015-05-03)
1185 ** libgnutls: gnutls_certificate_get_ours: will return the certificate even
1186 if a callback was used to send it.
1188 ** libgnutls: Check for invalid length in the X.509 version field. Without
1189 the check certificates with invalid length would be detected as having an
1190 arbitrary version. Reported by Hanno Böck.
1192 ** libgnutls: Handle DNS name constraints with a leading dot. Patch by
1195 ** libgnutls: Updated system-keys support for windows to compile in more
1196 versions of mingw. Patch by Tim Kosse.
1198 ** libgnutls: Fix for MD5 downgrade in TLS 1.2 signatures. Reported by
1199 Karthikeyan Bhargavan [GNUTLS-SA-2015-2].
1201 ** libgnutls: Reverted: The gnutls_handshake() process will enforce a timeout
1202 by default. That caused issues with non-blocking programs.
1204 ** certtool: It can generate SHA256 key IDs.
1206 ** gnutls-cli: fixed crash in --benchmark-ciphers. Reported by James Cloos.
1208 ** configure: re-enabled the --enable-local-libopts flag
1210 ** API and ABI modifications:
1211 gnutls_x509_crt_get_pk_ecc_raw: Added
1214 * Version 3.4.0 (released 2015-04-08)
1216 ** libgnutls: Added support for AES-CCM and AES-CCM-8 (RFC6655 and RFC7251)
1217 ciphersuites. The former are enabled by default, the latter need to be
1218 explicitly enabled, since they reduce the overall security level.
1220 ** libgnutls: Added support for Chacha20-Poly1305 ciphersuites following
1221 draft-mavrogiannopoulos-chacha-tls-05 and draft-irtf-cfrg-chacha20-poly1305-10.
1222 That is currently provided as technology preview and is not enabled by
1223 default, since there are no assigned ciphersuite points by IETF and there
1224 is no guarrantee of compatibility between draft versions. The ciphersuite
1225 priority string to enable it is "+CHACHA20-POLY1305".
1227 ** libgnutls: Added support for encrypt-then-authenticate in CBC
1228 ciphersuites (RFC7366 -taking into account its errata text). This is
1229 enabled by default and can be disabled using the %NO_ETM priority
1232 ** libgnutls: Added support for the extended master secret
1233 (triple-handshake fix) following draft-ietf-tls-session-hash-02.
1235 ** libgnutls: Added a new simple and hard to misuse AEAD API (crypto.h).
1237 ** libgnutls: SSL 3.0 is no longer included in the default priorities
1238 list. It has to be explicitly enabled, e.g., with a string like
1239 "NORMAL:+VERS-SSL3.0".
1241 ** libgnutls: ARCFOUR (RC4) is no longer included in the default priorities
1242 list. It has to be explicitly enabled, e.g., with a string like
1243 "NORMAL:+ARCFOUR-128".
1245 ** libgnutls: DSA signatures and DHE-DSS are no longer included in the
1246 default priorities list. They have to be explicitly enabled, e.g., with
1247 a string like "NORMAL:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1". The
1248 DSA ciphersuites were dropped because they had no deployment at all
1249 on the internet, to justify their inclusion.
1251 ** libgnutls: The priority string EXPORT was completely removed. The string
1252 was already defunc as support for the EXPORT ciphersuites was removed in
1255 ** libgnutls: Added API to utilize system specific private keys in
1256 "gnutls/system-keys.h". It is currently provided as technology preview
1257 and is restricted to windows CNG keys.
1259 ** libgnutls: gnutls_x509_crt_check_hostname() and friends will use
1260 RFC6125 comparison of hostnames. That introduces a dependency on libidn.
1262 ** libgnutls: Depend on p11-kit 0.23.1 to comply with the final
1263 PKCS #11 URLs draft (draft-pechanec-pkcs11uri-21).
1265 ** libgnutls: Depend on nettle 3.1.
1267 ** libgnutls: Use getrandom() or getentropy() when available. That
1268 avoids the complexity of file descriptor handling and issues with
1269 applications closing all open file descriptors on startup.
1271 ** libgnutls: Use pthread_atfork() to detect fork when available.
1273 ** libgnutls: If a key purpose (extended key usage) is specified for verification,
1274 it is applied into intermediate certificates. The verification result
1275 GNUTLS_CERT_PURPOSE_MISMATCH is also introduced.
1277 ** libgnutls: When gnutls_certificate_set_x509_key_file2() is used in
1278 combination with PKCS #11, or TPM URLs, it will utilize the provided
1279 password as PIN if required. That removes the requirement for the
1280 application to set a callback for PINs in that case.
1282 ** libgnutls: priority strings VERS-TLS-ALL and VERS-DTLS-ALL are
1283 restricted to the corresponding protocols only, and the VERS-ALL
1284 string is introduced to catch all possible protocols.
1286 ** libgnutls: Added helper functions to obtain information on PKCS #8
1289 ** libgnutls: Certificate chains which are provided to gnutls_certificate_credentials_t
1290 will automatically be sorted instead of failing with GNUTLS_E_CERTIFICATE_LIST_UNSORTED.
1292 ** libgnutls: Added functions to export and set the record state. That
1293 allows for gnutls_record_send() and recv() to be offloaded (to kernel,
1294 hardware or any other subsystem).
1296 ** libgnutls: Added the ability to register application specific URL
1297 types, which express certificates and keys using gnutls_register_custom_url().
1299 ** libgnutls: Added API to override existing ciphers, digests and MACs, e.g.,
1300 to override AES-GCM using a system-specific accelerator. That is, (crypto.h)
1301 gnutls_crypto_register_cipher(), gnutls_crypto_register_aead_cipher(),
1302 gnutls_crypto_register_mac(), and gnutls_crypto_register_digest().
1304 ** libgnutls: Added gnutls_ext_register() to register custom extensions.
1305 Contributed by Thierry Quemerais.
1307 ** libgnutls: Added gnutls_supplemental_register() to register custom
1308 supplemental data handshake messages. Contributed by Thierry Quemerais.
1310 ** libgnutls-openssl: it is no longer built by default.
1313 ** certtool: Added --p8-info option, which will print PKCS #8 information
1314 even if the password is not available.
1316 ** certtool: --key-info option will print PKCS #8 encryption information
1319 ** certtool: Added the --key-id and --fingerprint options.
1321 ** certtool: Added the --verify-hostname, --verify-email and --verify-purpose
1322 options to be used in certificate chain verification, to simulate verification
1323 for specific hostname and key purpose (extended key usage).
1325 ** certtool: --p12-info option will print PKCS #12 MAC and cipher information
1328 ** certtool: it will print the A-label (ACE) names in addition to UTF-8.
1330 ** p11tool: added options --set-id and --set-label.
1332 ** gnutls-cli: added options --priority-list and --save-cert.
1334 ** guile: Deprecated priority API has been removed. The old priority API,
1335 which had been deprecated for some time, is now gone; use 'set-session-priorities!'
1338 ** guile: Remove RSA parameters and related procedures. This API had been
1341 ** guile: Fix compilation on MinGW. Previously only the static version of the
1342 'guile-gnutls-v-2' library would be built, preventing dynamic loading from Guile.
1344 ** API and ABI modifications:
1345 gnutls_record_get_state: Added
1346 gnutls_record_set_state: Added
1347 gnutls_aead_cipher_init: Added
1348 gnutls_aead_cipher_decrypt: Added
1349 gnutls_aead_cipher_encrypt: Added
1350 gnutls_aead_cipher_deinit: Added
1351 gnutls_pkcs12_generate_mac2: Added
1352 gnutls_pkcs12_mac_info: Added
1353 gnutls_pkcs12_bag_enc_info: Added
1354 gnutls_pkcs8_info: Added
1355 gnutls_pkcs_schema_get_name: Added
1356 gnutls_pkcs_schema_get_oid: Added
1357 gnutls_pcert_export_x509: Added
1358 gnutls_pcert_export_openpgp: Added
1359 gnutls_pcert_import_x509_list: Added
1360 gnutls_pkcs11_privkey_cpy: Added
1361 gnutls_x509_crq_get_signature_algorithm: Added
1362 gnutls_x509_trust_list_iter_get_ca: Added
1363 gnutls_x509_trust_list_iter_deinit: Added
1364 gnutls_x509_trust_list_get_issuer_by_dn: Added
1365 gnutls_pkcs11_get_raw_issuer_by_dn: Added
1366 gnutls_certificate_get_trust_list: Added
1367 gnutls_privkey_export_x509: Added
1368 gnutls_privkey_export_pkcs11: Added
1369 gnutls_privkey_export_openpgp: Added
1370 gnutls_privkey_import_ext3: Added
1371 gnutls_certificate_get_x509_key: Added
1372 gnutls_certificate_get_x509_crt: Added
1373 gnutls_certificate_get_openpgp_key: Added
1374 gnutls_certificate_get_openpgp_crt: Added
1375 gnutls_record_discard_queued: Added
1376 gnutls_session_ext_master_secret_status: Added
1377 gnutls_priority_string_list: Added
1378 gnutls_dh_params_import_raw2: Added
1379 gnutls_memset: Added
1380 gnutls_memcmp: Added
1381 gnutls_pkcs12_bag_set_privkey: Added
1382 gnutls_ocsp_resp_get_responder_raw_id: Added
1383 gnutls_system_key_iter_deinit: Added
1384 gnutls_system_key_iter_get_info: Added
1385 gnutls_system_key_delete: Added
1386 gnutls_system_key_add_x509: Added
1387 gnutls_system_recv_timeout: Added
1388 gnutls_register_custom_url: Added
1389 gnutls_pkcs11_obj_list_import_url3: Added
1390 gnutls_pkcs11_obj_list_import_url4: Added
1391 gnutls_pkcs11_obj_set_info: Added
1392 gnutls_crypto_register_cipher: Added
1393 gnutls_crypto_register_aead_cipher: Added
1394 gnutls_crypto_register_mac: Added
1395 gnutls_crypto_register_digest: Added
1396 gnutls_ext_register: Added
1397 gnutls_supplemental_register: Added
1398 gnutls_supplemental_recv: Added
1399 gnutls_supplemental_send: Added
1400 gnutls_openpgp_crt_check_email: Added
1401 gnutls_x509_crt_check_email: Added
1402 gnutls_handshake_set_hook_function: Modified
1403 gnutls_pkcs11_privkey_generate3: Added
1404 gnutls_pkcs11_copy_x509_crt2: Added
1405 gnutls_pkcs11_copy_x509_privkey2: Added
1406 gnutls_pkcs11_obj_list_import_url: Removed
1407 gnutls_pkcs11_obj_list_import_url2: Removed
1408 gnutls_certificate_client_set_retrieve_function: Removed
1409 gnutls_certificate_server_set_retrieve_function: Removed
1410 gnutls_certificate_set_rsa_export_params: Removed
1411 gnutls_certificate_type_set_priority: Removed
1412 gnutls_cipher_set_priority: Removed
1413 gnutls_compression_set_priority: Removed
1414 gnutls_kx_set_priority: Removed
1415 gnutls_mac_set_priority: Removed
1416 gnutls_protocol_set_priority: Removed
1417 gnutls_rsa_export_get_modulus_bits: Removed
1418 gnutls_rsa_export_get_pubkey: Removed
1419 gnutls_rsa_params_cpy: Removed
1420 gnutls_rsa_params_deinit: Removed
1421 gnutls_rsa_params_export_pkcs1: Removed
1422 gnutls_rsa_params_export_raw: Removed
1423 gnutls_rsa_params_generate2: Removed
1424 gnutls_rsa_params_import_pkcs1: Removed
1425 gnutls_rsa_params_import_raw: Removed
1426 gnutls_rsa_params_init: Removed
1427 gnutls_sign_callback_get: Removed
1428 gnutls_sign_callback_set: Removed
1429 gnutls_x509_crt_verify_data: Removed
1430 gnutls_x509_crt_verify_hash: Removed
1431 gnutls_pubkey_get_verify_algorithm: Removed
1432 gnutls_x509_crt_get_verify_algorithm: Removed
1433 gnutls_pubkey_verify_hash: Removed
1434 gnutls_pubkey_verify_data: Removed
1435 gnutls_record_set_max_empty_records: Removed
1438 set-session-cipher-priority!: Removed
1439 set-session-mac-priority!: Removed
1440 set-session-compression-method-priority!: Removed
1441 set-session-kx-priority!: Removed
1442 set-session-protocol-priority!: Removed
1443 set-session-certificate-type-priority!: Removed
1444 set-session-default-priority!: Removed
1445 set-session-default-export-priority!: Removed
1446 make-rsa-parameters: Removed
1447 rsa-parameters?: Removed
1448 set-certificate-credentials-rsa-export-parameters!: Removed
1449 pkcs1-import-rsa-parameters: Removed
1450 pkcs1-export-rsa-parameters: Removed
1454 * Version 3.3.6 (released 2014-07-23)
1456 ** libgnutls: Use inet_ntop to print IP addresses when available
1458 ** libgnutls: gnutls_x509_crt_check_hostname and friends will also check
1459 IP addresses, and match documented behavior. Reported by David Woodhouse.
1461 ** libgnutls: DSA key generation in FIPS140-2 mode doesn't allow 1024
1464 ** libgnutls: fixed issue in gnutls_pkcs11_reinit() which prevented tokens
1465 being usable after a reinitialization.
1467 ** libgnutls: fixed PKCS #11 private key operations after a fork.
1469 ** libgnutls: fixed PKCS #11 ECDSA key generation.
1471 ** libgnutls: The GNUTLS_CPUID_OVERRIDE environment variable can be used to
1472 explicitly enable/disable the use of certain CPU capabilities. Note that CPU
1473 detection cannot be overridden, i.e., VIA options cannot be enabled on an Intel
1474 CPU. The currently available options are:
1475 0x1: Disable all run-time detected optimizations
1479 0x100000: Enable VIA padlock
1480 0x200000: Enable VIA PHE
1481 0x400000: Enable VIA PHE SHA512
1483 ** libdane: added dane_query_to_raw_tlsa(); patch by Simon Arlott.
1485 ** p11tool: use GNUTLS_SO_PIN to read the security officer's PIN if set.
1487 ** p11tool: ask for label when one isn't provided.
1489 ** p11tool: added --batch parameter to disable any interactivity.
1491 ** p11tool: will not implicitly enable so-login for certain types of
1492 objects. That avoids issues with tokens that require different login
1495 ** certtool/p11tool: Added the --curve parameter which allows to explicitly
1496 specify the curve to use.
1498 ** API and ABI modifications:
1499 gnutls_certificate_set_x509_trust_dir: Added
1500 gnutls_x509_trust_list_add_trust_dir: Added
1503 * Version 3.3.5 (released 2014-06-26)
1505 ** libgnutls: Added gnutls_record_recv_packet() and gnutls_packet_deinit().
1506 These functions provide a variant of gnutls_record_recv() that avoids
1507 the final memcpy of data.
1509 ** libgnutls: gnutls_x509_crl_iter_crt_serial() was added as a
1510 faster variant of gnutls_x509_crl_get_crt_serial() when coping with
1511 very large structures.
1513 ** libgnutls: When the decoding of a printable DN element fails, then treat
1514 it as unknown and print its hex value rather than failing. That works around
1515 an issue in a TURKTRST root certificate which improperly encodes the
1516 X520countryName element.
1518 ** libgnutls: gnutls_x509_trust_list_add_trust_file() will return the number
1519 of certificates present in a PKCS #11 token when loading it.
1521 ** libgnutls: Allow the post client hello callback to put the handshake on
1522 hold, by returning GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED.
1524 ** certtool: option --to-p12 will now consider --load-ca-certificate
1526 ** certtol: Added option to specify the PKCS #12 friendly name on command
1529 ** p11tool: Allow marking a certificate copied to a token as a CA.
1531 ** API and ABI modifications:
1532 GNUTLS_PKCS11_OBJ_FLAG_MARK_CA: Added
1533 gnutls_x509_crl_iter_deinit: Added
1534 gnutls_x509_crl_iter_crt_serial: Added
1535 gnutls_record_recv_packet: Added
1536 gnutls_packet_deinit: Added
1537 gnutls_packet_get: Added
1540 * Version 3.3.4 (released 2014-05-31)
1542 ** libgnutls: Updated Andy Polyakov's assembly code. That prevents a
1543 crash on certain CPUs.
1545 ** API and ABI modifications:
1546 No changes since last version.
1549 * Version 3.3.3 (released 2014-05-30)
1551 ** libgnutls: Eliminated memory corruption issue in Server Hello parsing.
1552 Issue reported by Joonas Kuorilehto of Codenomicon.
1554 ** libgnutls: gnutls_global_set_mutex() was modified to operate with the
1555 new initialization process.
1557 ** libgnutls: Increased the maximum certificate size buffer
1558 in the PKCS #11 subsystem.
1560 ** libgnutls: Check the return code of getpwuid_r() instead of relying
1561 on the result value. That avoids issue in certain systems, when using
1562 tofu authentication and the home path cannot be determined. Issue reported
1565 ** libgnutls-dane: Improved dane_verify_session_crt(), which now attempts to
1566 create a full chain. This addresses points from https://savannah.gnu.org/support/index.php?108552
1568 ** gnutls-cli: --dane will only check the end certificate if PKIX validation
1571 ** gnutls-cli: --benchmark-soft-ciphers has been removed. That option cannot
1572 be emulated with the implicit initialization of gnutls.
1574 ** certtool: Allow multiple organizations and organizational unit names to
1575 be specified in a template.
1577 ** certtool: Warn when invalid configuration options are set to a template.
1579 ** ocsptool: Include path in ocsp request. This resolves #108582
1580 (https://savannah.gnu.org/support/?108582), reported by Matt McCutchen.
1582 ** API and ABI modifications:
1583 gnutls_credentials_get: Added
1586 * Version 3.3.2 (released 2014-05-06)
1588 ** libgnutls: Added the 'very weak' certificate verification profile
1589 that corresponds to 64-bit security level.
1591 ** libgnutls: Corrected file descriptor leak on random generator
1594 ** libgnutls: Corrected file descriptor leak on PSK password file
1595 reading. Issue identified using the Codenomicon TLS test suite.
1597 ** libgnutls: Avoid deinitialization if initialization has failed.
1599 ** libgnutls: null-terminate othername alternative names.
1601 ** libgnutls: gnutls_x509_trust_list_get_issuer() will operate correctly
1602 on a PKCS #11 trust list.
1604 ** libgnutls: Several small bug fixes identified using valgrind and
1605 the Codenomicon TLS test suite.
1607 ** libgnutls-dane: Accept a certificate using DANE if there is at least one
1608 entry that matches the certificate. Patch by simon [at] arlott.org.
1610 ** libgnutls-guile: Fixed compilation issue.
1612 ** certtool: Allow exporting a CRL on DER format.
1614 ** certtool: The ECDSA keys generated by default use the SECP256R1 curve
1615 which is supported more widely than the previously used SECP224R1.
1617 ** API and ABI modifications:
1618 GNUTLS_PROFILE_VERY_WEAK: Added
1621 * Version 3.3.1 (released 2014-04-19)
1623 ** libgnutls: Enforce more strict checks to heartbeat messages
1624 concerning padding and payload. Suggested by Peter Dettman.
1626 ** libgnutls: Allow decoding PKCS #8 files with ECC parameters
1629 ** libgnutls: Several small bug fixes found by coverity.
1631 ** libgnutls: The conditionally available self-test functions
1632 were moved to self-test.h.
1634 ** libgnutls: Fixed issue with the check of incoming data when two
1635 different recv and send pointers have been specified. Reported and
1636 investigated by JMRecio.
1638 ** libgnutls: Fixed issue in the RSA-PSK key exchange, which would
1639 result to illegal memory access if a server hint was provided. Reported
1642 ** libgnutls: Fixed client memory leak in the PSK key exchange, if a
1643 server hint was provided.
1645 ** libgnutls: Corrected the *get_*_othername_oid() functions.
1647 ** API and ABI modifications:
1648 No changes since last version.
1651 * Version 3.3.0 (released 2014-04-10)
1653 ** libgnutls: The initialization of the library was moved to a
1654 constructor. That is, gnutls_global_init() is no longer required
1655 unless linking with a static library or a system that does not
1656 support library constructors.
1658 ** libgnutls: static libraries are not built by default.
1660 ** libgnutls: PKCS #11 initialization is delayed to first usage.
1661 That avoids long delays in gnutls initialization due to broken PKCS #11
1664 ** libgnutls: The PKCS #11 subsystem is re-initialized "automatically"
1665 on the first PKCS #11 API call after a fork.
1667 ** libgnutls: certificate verification profiles were introduced
1668 that can be specified as flags to verification functions. They
1669 are enumerations in gnutls_certificate_verification_profiles_t
1670 and can be converted to flags for use in a verification function
1671 using GNUTLS_PROFILE_TO_VFLAGS().
1673 ** libgnutls: Added the ability to read system-specific initial
1674 keywords, if they are prefixed with '@'. That allows a compile-time
1675 specified configuration file to be used to read pre-configured priority
1676 strings from. That can be used to impose system specific policies.
1678 ** libgnutls: Increased the default security level of priority
1679 strings (NORMAL and PFS strings require at minimum a 1008 DH prime),
1680 and set a verification profile by default. The LEGACY keyword is
1681 introduced to set the old defaults.
1683 ** libgnutls: Added support for the name constraints PKIX extension.
1684 Currently only DNS names and e-mails are supported (no URIs, IPs
1687 ** libgnutls: Security parameter SEC_PARAM_NORMAL was renamed to
1688 SEC_PARAM_MEDIUM to avoid confusion with the priority string NORMAL.
1690 ** libgnutls: Added new API in x509-ext.h to handle X.509 extensions.
1691 This API handles the X.509 extensions in isolation, allowing to parse
1692 similarly formatted extensions stored in other structures.
1694 ** libgnutls: When generating DSA keys the macro GNUTLS_SUBGROUP_TO_BITS
1695 can be used to specify a particular subgroup as the number of bits in
1696 gnutls_privkey_generate; e.g., GNUTLS_SUBGROUP_TO_BITS(2048, 256).
1698 ** libgnutls: DH parameter generation is now delegated to nettle.
1699 That unfortunately has the side-effect that DH parameters longer than
1700 3072 bits, cannot be generated (not without a nettle update).
1702 ** libgnutls: Separated nonce RNG from the main RNG. The nonce
1703 random number generator is based on salsa20/12.
1705 ** libgnutls: The buffer alignment provided to crypto backend is
1706 enforced to be 16-byte aligned, when compiled with cryptodev
1707 support. That allows certain cryptodev drivers to operate more
1710 ** libgnutls: Return error when a public/private key pair that doesn't
1711 match is set into a credentials structure.
1713 ** libgnutls: Depend on p11-kit 0.20.0 or later.
1715 ** libgnutls: The new padding (%NEW_PADDING) experimental TLS extension has
1716 been removed. It was not approved by IETF.
1718 ** libgnutls: The experimental xssl library is removed from the gnutls
1721 ** libgnutls: Reduced the number of gnulib modules used in the main library.
1723 ** libgnutls: Added priority string %DISABLE_WILDCARDS.
1725 ** libgnutls: Added the more extensible verification function
1726 gnutls_certificate_verify_peers(), that allows checking, in addition
1727 to a peer's DNS hostname, for the key purpose of the end certificate
1728 (via PKIX extended key usage).
1730 ** certtool: Timestamps for serial numbers were increased to 8 bytes,
1731 and in batch mode to 12 (appended with 4 random bytes).
1733 ** certtool: When no CRL number is provided (or value set to -1), then
1734 a time-based number will be used, similarly to the serial generation
1735 number in certificates.
1737 ** certtool: Print the SHA256 fingerprint of a certificate in addition
1740 ** libgnutls: Added --enable-fips140-mode configuration option (unsupported).
1741 That option enables (when running on FIPS140-enabled system):
1742 o RSA, DSA and DH key generation as in FIPS-186-4 (using provable primes)
1743 o The DRBG-CTR-AES256 deterministic random generator from SP800-90A.
1744 o Self-tests on initialization on ciphers/MACs, public key algorithms
1745 and the random generator.
1746 o HMAC-SHA256 verification of the library on load.
1747 o MD5 is included for TLS purposes but cannot be used by the high level
1749 o All ciphers except AES are disabled.
1750 o All MACs and hashes except GCM and SHA are disabled (e.g., HMAC-MD5).
1751 o All keys (temporal and long term) are zeroized after use.
1752 o Security levels are adjusted to the FIPS140-2 recommendations (rather
1755 ** API and ABI modifications:
1756 GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS: Added
1757 gnutls_certificate_verify_peers: Added
1758 gnutls_privkey_generate: Added
1759 gnutls_pkcs11_crt_is_known: Added
1760 gnutls_fips140_mode_enabled: Added
1761 gnutls_sec_param_to_symmetric_bits: Added
1762 gnutls_pubkey_export_ecc_x962: Added (replaces gnutls_pubkey_get_pk_ecc_x962)
1763 gnutls_pubkey_export_ecc_raw: Added (replaces gnutls_pubkey_get_pk_ecc_raw)
1764 gnutls_pubkey_export_dsa_raw: Added (replaces gnutls_pubkey_get_pk_dsa_raw)
1765 gnutls_pubkey_export_rsa_raw: Added (replaces gnutls_pubkey_get_pk_rsa_raw)
1766 gnutls_pubkey_verify_params: Added
1767 gnutls_privkey_export_ecc_raw: Added
1768 gnutls_privkey_export_dsa_raw: Added
1769 gnutls_privkey_export_rsa_raw: Added
1770 gnutls_privkey_import_ecc_raw: Added
1771 gnutls_privkey_import_dsa_raw: Added
1772 gnutls_privkey_import_rsa_raw: Added
1773 gnutls_privkey_verify_params: Added
1774 gnutls_x509_crt_check_hostname2: Added
1775 gnutls_openpgp_crt_check_hostname2: Added
1776 gnutls_x509_name_constraints_init: Added
1777 gnutls_x509_name_constraints_deinit: Added
1778 gnutls_x509_crt_get_name_constraints: Added
1779 gnutls_x509_name_constraints_add_permitted: Added
1780 gnutls_x509_name_constraints_add_excluded: Added
1781 gnutls_x509_crt_set_name_constraints: Added
1782 gnutls_x509_name_constraints_get_permitted: Added
1783 gnutls_x509_name_constraints_get_excluded: Added
1784 gnutls_x509_name_constraints_check: Added
1785 gnutls_x509_name_constraints_check_crt: Added
1786 gnutls_x509_crl_get_extension_data2: Added
1787 gnutls_x509_crt_get_extension_data2: Added
1788 gnutls_x509_crq_get_extension_data2: Added
1789 gnutls_subject_alt_names_init: Added
1790 gnutls_subject_alt_names_deinit: Added
1791 gnutls_subject_alt_names_get: Added
1792 gnutls_subject_alt_names_set: Added
1793 gnutls_x509_ext_import_subject_alt_names: Added
1794 gnutls_x509_ext_export_subject_alt_names: Added
1795 gnutls_x509_crl_dist_points_init: Added
1796 gnutls_x509_crl_dist_points_deinit: Added
1797 gnutls_x509_crl_dist_points_get: Added
1798 gnutls_x509_crl_dist_points_set: Added
1799 gnutls_x509_ext_import_crl_dist_points: Added
1800 gnutls_x509_ext_export_crl_dist_points: Added
1801 gnutls_x509_ext_import_name_constraints: Added
1802 gnutls_x509_ext_export_name_constraints: Added
1803 gnutls_x509_aia_init: Added
1804 gnutls_x509_aia_deinit: Added
1805 gnutls_x509_aia_get: Added
1806 gnutls_x509_aia_set: Added
1807 gnutls_x509_ext_import_aia: Added
1808 gnutls_x509_ext_export_aia: Added
1809 gnutls_x509_ext_import_subject_key_id: Added
1810 gnutls_x509_ext_export_subject_key_id: Added
1811 gnutls_x509_ext_export_authority_key_id: Added
1812 gnutls_x509_ext_import_authority_key_id: Added
1813 gnutls_x509_aki_init: Added
1814 gnutls_x509_aki_get_id: Added
1815 gnutls_x509_aki_get_cert_issuer: Added
1816 gnutls_x509_aki_set_id: Added
1817 gnutls_x509_aki_set_cert_issuer: Added
1818 gnutls_x509_aki_deinit: Added
1819 gnutls_x509_ext_import_private_key_usage_period: Added
1820 gnutls_x509_ext_export_private_key_usage_period: Added
1821 gnutls_x509_ext_import_basic_constraints: Added
1822 gnutls_x509_ext_export_basic_constraints: Added
1823 gnutls_x509_ext_import_key_usage: Added
1824 gnutls_x509_ext_export_key_usage: Added
1825 gnutls_x509_ext_import_proxy: Added
1826 gnutls_x509_ext_export_proxy: Added
1827 gnutls_x509_policies_init: Added
1828 gnutls_x509_policies_deinit: Added
1829 gnutls_x509_policies_get: Added
1830 gnutls_x509_policies_set: Added
1831 gnutls_x509_ext_import_policies: Added
1832 gnutls_x509_ext_export_policies: Added
1833 gnutls_x509_key_purpose_init: Added
1834 gnutls_x509_key_purpose_deinit: Added
1835 gnutls_x509_key_purpose_set: Added
1836 gnutls_x509_key_purpose_get: Added
1837 gnutls_x509_ext_import_key_purposes: Added
1838 gnutls_x509_ext_export_key_purposes: Added
1839 gnutls_digest_self_test: Added (conditionally)
1840 gnutls_mac_self_test: Added (conditionally)
1841 gnutls_pk_self_test: Added (conditionally)
1842 gnutls_cipher_self_test: Added (conditionally)
1843 gnutls_global_set_mem_functions: Deprecated
1846 * Version 3.2.6 (released 2013-10-31)
1848 ** libgnutls: Support for TPM via trousers is now enabled by default.
1850 ** libgnutls: Camellia in GCM mode has been added in default priorities, and
1851 GCM mode is prioritized over CBC in all of the default priority strings.
1853 ** libgnutls: Added ciphersuite GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384.
1855 ** libgnutls: Fixed ciphersuites GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384,
1856 GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 and GNUTLS_PSK_CAMELLIA_128_GCM_SHA256.
1857 Reported by Stefan Buehler.
1859 ** libgnutls: Added support for ISO OID for RSA-SHA1 signatures.
1861 ** libgnutls: Minimum acceptable DH group parameters were increased to 767
1864 ** libgnutls: Added function to obtain random data from PKCS #11 tokens.
1865 Contributed by Wolfgang Meyer zu Bergsten.
1869 ** libdane: Fixed a one-off bug in dane_query_tlsa() introduced by the
1870 previous fix. Reported by Tomas Mraz.
1872 ** p11tool: Added option generate-random.
1874 ** API and ABI modifications:
1875 gnutls_pkcs11_token_get_random: Added
1878 * Version 3.2.5 (released 2013-10-23)
1880 ** libgnutls: Documentation and build-time fixes.
1882 ** libgnutls: Allow the generation of DH groups of less than 700 bits.
1884 ** libgnutls: Added several combinations of ciphersuites with SHA256 and SHA384 as MAC,
1885 as well as Camellia with GCM.
1887 ** libdane: Added interfaces to allow initialization of dane_query_t from
1888 external DNS resolutions, and to allow direct verification of a certificate
1889 chain against a dane_query_t. Contributed by Christian Grothoff.
1891 ** libdane: Fixed a buffer overflow in dane_query_tlsa(). This could be
1892 triggered by a DNS server supplying more than 4 DANE records. Report and fix
1893 by Christian Grothoff.
1895 ** srptool: Fixed index command line option. Patch by Attila Molnar.
1897 ** gnutls-cli: Added support for inline commands, using the
1898 --inline-commands-prefix and --inline-commands options. Patch by Raj Raman.
1900 ** certtool: pathlen constraint is now read correctly. Reported by
1903 ** API and ABI modifications:
1904 gnutls_certificate_get_crt_raw: Added
1905 dane_verify_crt_raw: Added
1906 dane_raw_tlsa: Added
1909 * Version 3.2.4 (released 2013-08-31)
1911 ** libgnutls: Fixes when session tickets and session DB are used.
1912 Report and initial patch by Stefan Buehler.
1914 ** libgnutls: Added the RSA-PSK key exchange. Patch by by Frank Morgner,
1915 based on previous patch by Bardenheuer GmbH and Bundesdruckerei GmbH.
1917 ** libgnutls: Added ciphersuites that use ARCFOUR with ECDHE. Patch
1920 ** libgnutls: Added the PFS priority string option.
1922 ** libgnutls: Gnulib included files are strictly LGPLv2.
1924 ** libgnutls: Corrected gnutls_certificate_server_set_request().
1925 Reported by Petr Pisar.
1927 ** API and ABI modifications:
1928 gnutls_record_set_timeout: Exported
1931 * Version 3.2.3 (released 2013-07-30)
1933 ** libgnutls: Fixes in parsing of priority strings. Patch by Stefan Buehler.
1935 ** libgnutls: Solve issue with received TLS packets that exceed 2^14.
1936 (this fixes a bug that was accidentally introduced in 3.2.2)
1938 ** libgnutls: Removed gnulib modules under LGPLv3 that could possibly be
1939 used by the library.
1941 ** libgnutls: Fixes in gnutls_record_send_range(). Report and initial fix by
1944 ** API and ABI modifications:
1945 gnutls_priority_kx_list: Added
1946 gnutls_priority_mac_list: Added
1947 gnutls_priority_cipher_list: Added
1950 * Version 3.2.2 (released 2013-07-14)
1952 ** libgnutls: Several optimizations in the related to packet processing
1955 ** libgnutls: DTLS replay detection can now be disabled (to be used
1956 in certain transport layers like SCTP).
1958 ** libgnutls: Fixes in SRTP extension generation when MKI is being
1961 ** libgnutls: Added ability to set hooks before or after sending or receiving
1962 any handshake message with gnutls_handshake_set_hook_function().
1964 ** API and ABI modifications:
1965 GNUTLS_NO_REPLAY_PROTECTION: Added
1966 gnutls_certificate_set_trust_list: Added
1967 gnutls_cipher_get_tag_size: Added
1968 gnutls_record_overhead_size: Added
1969 gnutls_est_record_overhead_size: Added
1970 gnutls_handshake_set_hook_function: Added
1971 gnutls_handshake_description_get_name: Added
1972 gnutls_digest_list: Added
1973 gnutls_digest_get_id: Added
1974 gnutls_digest_get_name: Added
1977 * Version 3.2.1 (released 2013-06-01)
1979 ** libgnutls: Allow ECC when in SSL 3.0 to work-around a bug in certain
1982 ** libgnutls: Fixes in interrupted function resumption. Report
1983 and patch by Tim Kosse.
1985 ** libgnutls: Corrected issue when receiving client hello verify requests
1988 ** libgnutls: Fixes in DTLS record overhead size calculations.
1990 ** libgnutls: gnutls_handshake_get_last_in() was fixed. Reported
1993 ** API and ABI modifications:
1994 gnutls_session_set_id: Added
1997 * Version 3.2.0 (released 2013-05-10)
1999 ** libgnutls: Use nettle's elliptic curve implementation.
2001 ** libgnutls: Added Salsa20 cipher
2003 ** libgnutls: Added UMAC-96 and UMAC-128
2005 ** libgnutls: Added ciphersuites involving Salsa20 and UMAC-96.
2006 As they are not standardized they are defined using private ciphersuite
2009 ** libgnutls: Added support for DTLS 1.2.
2011 ** libgnutls: Added support for the Application Layer Protocol Negotiation
2014 ** libgnutls: Removed support for the RSA-EXPORT ciphersuites.
2016 ** libgnutls: Avoid linking to librt (that also avoids unnecessary
2017 linking to pthreads if p11-kit isn't used).
2019 ** API and ABI modifications:
2020 gnutls_cipher_get_iv_size: Added
2021 gnutls_hmac_set_nonce: Added
2022 gnutls_mac_get_nonce_size: Added
2025 * Version 3.1.10 (released 2013-03-22)
2027 ** certtool: When generating PKCS #12 files use by default the
2028 ARCFOUR (RC4) cipher to be compatible with devices that don't
2029 support AES with PKCS #12.
2031 ** libgnutls: Load CA certificates in android 4.x systems.
2033 ** libgnutls: Optimized CA certificate loading.
2035 ** libgnutls: Private keys are overwritten on deinitialization.
2037 ** libgnutls: PKCS #11 slots are scanned only when needed, not
2038 on initialization. This speeds up gnutls initialization when smart
2041 ** libgnutls: Corrected issue in the (deprecated) external key
2042 signing interface, when used with TLS 1.2. Reported by Bjorn H. Christensen.
2044 ** libgnutls: Fixes in openpgp handshake with fingerprints. Reported by
2047 ** libgnutls-dane: Updated DANE verification options.
2049 ** configure: Trust store file must be explicitly set or unset when
2052 ** API and ABI modifications:
2053 gnutls_x509_crt_get_issuer_dn2: Added
2054 gnutls_x509_crt_get_dn2: Added
2055 gnutls_x509_crl_get_issuer_dn2: Added
2056 gnutls_x509_crq_get_dn2: Added
2057 gnutls_x509_trust_list_remove_trust_mem: Added
2058 gnutls_x509_trust_list_remove_trust_file: Added
2059 gnutls_x509_trust_list_remove_cas: Added
2060 gnutls_session_get_desc: Added
2061 gnutls_privkey_sign_raw_data: Added
2062 gnutls_privkey_status: Added
2065 * Version 3.1.9 (released 2013-02-27)
2067 ** certtool: Option --to-p12 will now ask for a password to generate
2068 a PKCS #12 file from an encrypted key file. Reported by Yan Fiz.
2070 ** libgnutls: Corrected issue in gnutls_pubkey_verify_data().
2072 ** libgnutls: Corrected parsing issue in XMPP within a subject
2073 alternative name. Reported by James Cloos.
2075 ** libgnutls: gnutls_pkcs11_reinit() will reinitialize all PKCS #11
2076 modules, and not only the ones loaded via p11-kit.
2078 ** libgnutls: Added function to check whether the private key is
2079 still available (inserted).
2081 ** libgnutls: Try to detect fork even during nonce generation.
2083 ** API and ABI modifications:
2084 gnutls_handshake_set_random: Added
2085 gnutls_transport_set_int2: Added
2086 gnutls_transport_get_int2: Added
2087 gnutls_transport_get_int: Added
2088 gnutls_record_cork: Exported
2089 gnutls_record_uncork: Exported
2090 gnutls_pkcs11_privkey_status: Added
2093 * Version 3.1.8 (released 2013-02-10)
2095 ** libgnutls: Fixed issue in gnutls_x509_privkey_import2() which didn't return
2096 GNUTLS_E_DECRYPTION_FAILED in all cases, and affect certtool operation
2097 with encrypted keys. Reported by Yan Fiz.
2099 ** libgnutls: The minimum DH bits accepted by priorities NORMAL and
2100 PERFORMANCE was set to previous defaults 727 bits. Reported by Diego
2103 ** libgnutls: Corrected issue which prevented gnutls_pubkey_verify_hash()
2104 to operate with long keys. Reported by Erik A Jensen.
2106 ** API and ABI modifications:
2107 No changes since last version.
2110 * Version 3.1.7 (released 2013-02-04)
2112 ** certtool: Added option "dn" which allows to directly set the DN
2113 in a template from an RFC4514 string.
2115 ** danetool: Added options: --dlv and --insecure. Suggested by Paul Wouters.
2117 ** libgnutls-xssl: Added a new library to simplify GnuTLS usage.
2119 ** libgnutls-dane: Added function to specify a DLV file.
2121 ** libgnutls: Heartbeat code was made optional.
2123 ** libgnutls: Fixes in server side of DTLS-0.9.
2125 ** libgnutls: DN variable 'T' was expanded to 'title'.
2127 ** libgnutls: Fixes in record padding parsing to prevent a timing attack.
2128 Issue reported by Kenny Paterson and Nadhem Alfardan.
2130 ** libgnutls: Added functions to directly set the DN in a certificate
2131 or request from an RFC4514 string.
2133 ** libgnutls: Optimizations in the random generator. The re-seeding of
2134 it is now explicitly done on every session deinit.
2136 ** libgnutls: Simplified the DTLS sliding window implementation.
2138 ** libgnutls: The minimum DH bits accepted by a client are now set
2139 by the specified priority string. The current values correspond to the
2140 previous defaults (727 bits), except for the SECURE128 and SECURE192
2141 strings which increase the minimum to 1248 and 1776 respectively.
2143 ** libgnutls: Added the gnutls_record_cork() and uncork API to enable
2144 buffering in sending application data.
2146 ** libgnutls: Removed default random padding, and added a length-hiding interface
2147 instead. Both the server and the client must support this extension. Whether
2148 length-hiding can be used on a given session can be checked using
2149 gnutls_record_can_use_length_hiding(). Contributed by Alfredo Pironti.
2151 ** libgnutls: Added the experimental %NEW_PADDING priority string. It enables
2152 a new padding mechanism in TLS allowing arbitrary padding in TLS records
2153 in all ciphersuites, which makes length-hiding more efficient and solves
2154 the issues with timing attacks on CBC ciphersuites.
2156 ** libgnutls: Corrected gnutls_cipher_decrypt2() when used with AEAD
2157 ciphers (i.e., AES-GCM). Reported by William McGovern.
2159 ** API and ABI modifications:
2160 gnutls_db_check_entry_time: Added
2161 gnutls_record_set_timeout: Added
2162 gnutls_record_get_random_padding_status: Added
2163 gnutls_x509_crt_set_dn: Added
2164 gnutls_x509_crt_set_issuer_dn: Added
2165 gnutls_x509_crq_set_dn: Added
2166 gnutls_range_split: Added
2167 gnutls_record_send_range: Added
2168 gnutls_record_set_max_empty_records: Added
2169 gnutls_record_can_use_length_hiding: Added
2170 gnutls_rnd_refresh: Added
2174 xssl_getdelim: Added
2178 xssl_client_init: Added
2179 xssl_server_init: Added
2180 xssl_get_session: Added
2181 xssl_get_verify_status: Added
2182 xssl_cred_init: Added
2183 xssl_cred_deinit: Added
2184 dane_state_set_dlv_file: Added
2185 GNUTLS_SEC_PARAM_EXPORT: Added
2186 GNUTLS_SEC_PARAM_VERY_WEAK: Added
2189 * Version 3.1.6 (released 2013-01-02)
2191 ** libgnutls: Fixed record padding parsing issue. Reported by Kenny
2192 Paterson and Nadhem Alfardan.
2194 ** libgnutls: Several updates in the ASN.1 string handling subsystem.
2196 ** libgnutls: gnutls_x509_crt_get_policy() allows for a list of zero
2199 ** libgnutls: Ignore heartbeat messages when received out-of-order,
2200 instead of issuing an error.
2202 ** libgnutls: Stricter RSA PKCS #1 1.5 encoding and decoding. Reported
2205 ** libgnutls: TPM support is disabled by default because GPL programs
2206 cannot link with it. Use --with-tpm to enable it.
2208 ** libgnutls-guile: Fixed parallel compilation issue.
2210 ** gnutls-cli: It will try to connect to all possible returned addresses
2213 ** API and ABI modifications:
2214 No changes since last version.
2217 * Version 3.1.5 (released 2012-11-24)
2219 ** libgnutls: Added functions to parse the certificates policies
2222 ** libgnutls: Handle BMPString (UCS-2) encoding in the Distinguished
2223 Name by translating it to UTF-8 (works on windows or systems with iconv).
2225 ** libgnutls: Added PKCS #11 key generation function that returns the
2226 public key on generation.
2228 ** libgnutls: Corrected bug in priority string parsing, that mostly
2229 affected combined levels. Patch by Tim Kosse.
2231 ** certtool: The --pubkey-info option can be combined with the
2232 --load-privkey or --load-request to print the corresponding public keys.
2234 ** certtool: It is able to set certificate policies via a template.
2236 ** certtool: Added --hex-numbers option which prints big numbers in
2237 an easier to parse format.
2239 ** p11tool: After key generation, outputs the public key (useful in
2240 tokens that do not store the public key).
2242 ** danetool: It is being built even without libgnutls-dane (the
2243 --check functionality is disabled though).
2245 ** API and ABI modifications:
2246 gnutls_pkcs11_privkey_generate2: Added
2247 gnutls_x509_crt_get_policy: Added
2248 gnutls_x509_crt_set_policy: Added
2249 gnutls_x509_policy_release: Added
2250 gnutls_pubkey_import_x509_crq: Added
2251 gnutls_pubkey_print: Added
2252 GNUTLS_CRT_PRINT_FULL_NUMBERS: Added
2255 * Version 3.1.4 (released 2012-11-10)
2257 ** libgnutls: gnutls_certificate_verify_peers2() will set flags depending on
2258 the available revocation data validity.
2260 ** libgnutls: Added gnutls_certificate_verification_status_print(),
2261 a function to print the verification status code in human readable text.
2263 ** libgnutls: Added priority string %VERIFY_DISABLE_CRL_CHECKS.
2265 ** libgnutls: Simplified certificate verification by adding
2266 gnutls_certificate_verify_peers3().
2268 ** libgnutls: Added support for extension to establish keys for SRTP.
2269 Contributed by Martin Storsjo.
2271 ** libgnutls: The X.509 verification functions check the key
2272 usage bits and pathlen constraints and on failure output
2273 GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE.
2275 ** libgnutls: gnutls_x509_crl_verify() includes the time checks.
2277 ** libgnutls: Added verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN
2278 and made GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN the default.
2280 ** libgnutls: Always tolerate key usage violation errors from the side
2281 of the peer, but also notify via an audit message.
2283 ** gnutls-cli: Added --local-dns option.
2285 ** danetool: Corrected bug that prevented loading PEM files.
2287 ** danetool: Added --check option to allow querying and verifying
2290 ** libgnutls-dane: Added pkg-config file for the library.
2292 ** API and ABI modifications:
2293 gnutls_session_get_id2: Added
2294 gnutls_sign_is_secure: Added
2295 gnutls_certificate_verify_peers3: Added
2296 gnutls_ocsp_status_request_is_checked: Added
2297 gnutls_certificate_verification_status_print: Added
2298 gnutls_srtp_set_profile: Added
2299 gnutls_srtp_set_profile_direct: Added
2300 gnutls_srtp_get_selected_profile: Added
2301 gnutls_srtp_get_profile_name: Added
2302 gnutls_srtp_get_profile_id: Added
2303 gnutls_srtp_get_keys: Added
2304 gnutls_srtp_get_mki: Added
2305 gnutls_srtp_set_mki: Added
2306 gnutls_srtp_profile_t: Added
2307 dane_cert_type_name: Added
2308 dane_match_type_name: Added
2309 dane_cert_usage_name: Added
2310 dane_verification_status_print: Added
2311 GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: Added
2312 GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: Added
2313 GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE: Added
2314 GNUTLS_CERT_UNEXPECTED_OWNER: Added
2315 GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN: Added
2318 * Version 3.1.3 (released 2012-10-12)
2320 ** libgnutls: Added support for the OCSP Certificate Status
2323 ** libgnutls: gnutls_certificate_verify_peers2() will use the OCSP
2324 certificate status extension in verification.
2326 ** libgnutls: Bug fixes in gnutls_x509_privkey_import_openssl().
2328 ** libgnutls: Increased maximum password length in the PKCS #12
2331 ** libgnutls: Fixed the receipt of session tickets during session resumption.
2332 Reported by danblack at http://savannah.gnu.org/support/?108146
2334 ** libgnutls: Added functions to export structures in an allocated buffer.
2336 ** libgnutls: Added gnutls_ocsp_resp_check_crt() to check whether the OCSP
2337 response corresponds to the given certificate.
2339 ** libgnutls: In client side gnutls_init() enables the session ticket and
2340 OCSP certificate status request extensions by default. The flag
2341 GNUTLS_NO_EXTENSIONS can be used to prevent that.
2343 ** libgnutls: Several updates in the OpenPGP code. The generating code
2344 is fully RFC6091 compliant and RFC5081 support is only supported in client
2347 ** libgnutls-dane: Added. It is a library to provide DANE with DNSSEC
2348 certificate verification.
2350 ** gnutls-cli: Added --dane option to enable DANE certificate verification.
2352 ** danetool: Added tool to generate DANE TLSA Resource Records (RR).
2354 ** API and ABI modifications:
2355 gnutls_certificate_get_peers_subkey_id: Added
2356 gnutls_certificate_set_ocsp_status_request_function: Added
2357 gnutls_certificate_set_ocsp_status_request_file: Added
2358 gnutls_ocsp_status_request_enable_client: Added
2359 gnutls_ocsp_status_request_get: Added
2360 gnutls_ocsp_resp_check_crt: Added
2361 gnutls_dh_params_export2_pkcs3: Added
2362 gnutls_pubkey_export2: Added
2363 gnutls_x509_crt_export2: Added
2364 gnutls_x509_dn_export2: Added
2365 gnutls_x509_crl_export2: Added
2366 gnutls_pkcs7_export2: Added
2367 gnutls_x509_privkey_export2: Added
2368 gnutls_x509_privkey_export2_pkcs8: Added
2369 gnutls_x509_crq_export2: Added
2370 gnutls_openpgp_crt_export2: Added
2371 gnutls_openpgp_privkey_export2: Added
2372 gnutls_pkcs11_obj_export2: Added
2373 gnutls_pkcs12_export2: Added
2374 gnutls_pubkey_import_openpgp_raw: Added
2375 gnutls_pubkey_import_x509_raw: Added
2376 dane_state_init: Added
2377 dane_state_deinit: Added
2378 dane_query_tlsa: Added
2379 dane_query_status: Added
2380 dane_query_entries: Added
2381 dane_query_data: Added
2382 dane_query_deinit: Added
2383 dane_verify_session_crt: Added
2384 dane_verify_crt: Added
2385 dane_strerror: Added
2388 * Version 3.1.2 (released 2012-09-26)
2390 ** libgnutls: Fixed bug in gnutls_x509_trust_list_add_system_trust()
2391 and gnutls_x509_trust_list_add_trust_mem() that prevented the loading
2392 of certificates in the windows platform.
2394 ** libgnutls: Corrected bug in OpenPGP subpacket encoding.
2396 ** libgnutls: Added support for DTLS/TLS heartbeats by Olga Smolenchuk.
2397 (the work was done during Google Summer of Code).
2399 ** libgnutls: Added X.509 certificate verification flag
2400 GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. This flag allows the verification
2401 of unsorted certificate chains and is enabled by default for
2402 TLS certificate verification (if gnutls_certificate_set_verify_flags()
2403 does not override it).
2405 ** libgnutls: Prints warning on certificates that contain keys of
2406 an insecure level. If the %COMPAT priority flag is not specified
2407 the TLS connection fails.
2409 ** libgnutls: Correctly restore gnutls_record_recv() in DTLS mode
2410 if interrupted during the retrasmition of handshake data.
2412 ** libgnutls: Better mingw32 support (patch by LRN).
2414 ** libgnutls: The %COMPAT keyword, if specified, will tolerate
2415 key usage violation errors (they are far too common to ignore).
2417 ** libgnutls: Added GNUTLS_STATELESS_COMPRESSION flag to gnutls_init(),
2418 which provides a tool to counter compression-related attacks where
2419 parts of the data are controlled by the attacker _and_ are placed in
2420 separate records (use with care - do not use compression if not sure).
2422 ** libgnutls: Depends on libtasn1 2.14 or later.
2424 ** certtool: Prints the number of bits of the public key algorithm
2425 parameter in a private key.
2427 ** API and ABI modifications:
2428 gnutls_x509_privkey_get_pk_algorithm2: Added
2429 gnutls_heartbeat_ping: Added
2430 gnutls_heartbeat_pong: Added
2431 gnutls_heartbeat_allowed: Added
2432 gnutls_heartbeat_enable: Added
2433 gnutls_heartbeat_set_timeouts: Added
2434 gnutls_heartbeat_get_timeout: Added
2435 GNUTLS_SEC_PARAM_WEAK: Added
2436 GNUTLS_SEC_PARAM_INSECURE: Added
2438 * Version 3.1.1 (released 2012-09-02)
2440 ** gnutls-serv: Listens on IPv6. Patch by Bernhard R. Link.
2442 ** certtool: Changes in password handling of certtool.
2443 Ask password when required and only if the '--password' option is not
2444 given. If the '--password' option is given during key generation then
2445 assume the PKCS #8 file format, instead of ignoring the password.
2447 ** tpmtool: No longer asks for key password in registered keys.
2449 ** libgnutls: Elliptic curve code was optimized by Ilya Tumaykin.
2450 wmNAF is now used for point multiplication and other optimizations.
2451 (the major part of the work was done during Google Summer of Code).
2453 ** libgnutls: The default pull_timeout_function only uses select
2454 instead of a combination of select() and recv() to prevent issues
2455 when used in stream sockets in some systems.
2457 ** libgnutls: Be tolerant in ECDSA signature violations (e.g. using
2458 SHA256 with a SECP384 curve instead of SHA-384), to interoperate with
2461 ** libgnutls: Fixed DSA and ECDSA signature generation in smart
2462 cards. Thanks to Andreas Schwier from cardcontact.de for providing
2463 me with ECDSA capable smart cards.
2465 ** API and ABI modifications:
2466 gnutls_sign_algorithm_get: Added
2467 gnutls_sign_get_hash_algorithm: Added
2468 gnutls_sign_get_pk_algorithm: Added
2471 * Version 3.1.0 (released 2012-08-15)
2473 ** libgnutls: Added direct support for TPM as a cryptographic module
2474 in gnutls/tpm.h. TPM keys can be used in functions accepting files
2475 using URLs of the following types:
2476 tpmkey:file=/path/to/file
2477 tpmkey:uuid=7f468c16-cb7f-11e1-824d-b3a4f4b20343;storage=user
2479 ** libgnutls: Priority string level keywords can be combined.
2480 For example the string "SECURE256:+SUITEB128" is now allowed.
2482 ** libgnutls: requires libnettle 2.5.
2484 ** libgnutls: Use the PKCS #1 1.5 encoding provided by nettle (2.5)
2485 for encryption and signatures.
2487 ** libgnutls: Added GNUTLS_CERT_SIGNATURE_FAILURE to differentiate between
2488 generic errors and signature verification errors in the verification
2491 ** libgnutls: Added gnutls_pkcs12_simple_parse() as a helper function
2492 to simplify parsing in most PKCS #12 use cases.
2494 ** libgnutls: gnutls_certificate_set_x509_simple_pkcs12_file() adds
2495 the whole certificate chain (if any) to the credentials structure, instead
2496 of only the end-user certificate.
2498 ** libgnutls: Key import functions such as gnutls_pkcs12_simple_parse()
2499 and gnutls_x509_privkey_import_pkcs8(), return consistently
2500 GNUTLS_E_DECRYPTION_FAILED if the input structure is encrypted but no
2501 password was provided.
2503 ** libgnutls: Added gnutls_handshake_set_timeout() a function that
2504 allows to set the maximum time spent in a handshake.
2506 ** libgnutlsxx: Added session::set_transport_vec_push_function. Patch
2509 ** tpmtool: Added. It is a tool to generate private keys in the
2512 ** gnutls-cli: --benchmark-tls was split to --benchmark-tls-kx
2513 and --benchmark-tls-ciphers
2515 ** certtool: generated PKCS #12 structures may hold more than one
2516 private key. Patch by Lucas Fisher.
2518 ** certtool: Added option --null-password to generate/decrypt keys
2519 that use a NULL password (in schemas that distinguish between NULL
2520 an empty passwords).
2522 ** minitasn1: Upgraded to libtasn1 version 2.13.
2524 ** API and ABI modifications:
2525 GNUTLS_CERT_SIGNATURE_FAILURE: Added
2526 GNUTLS_CAMELLIA_192_CBC: Added
2527 GNUTLS_PKCS_NULL_PASSWORD: Added
2528 gnutls_url_is_supported: Added
2529 gnutls_pkcs11_obj_list_import_url2: Added
2530 gnutls_pkcs11_obj_set_pin_function: Added
2531 gnutls_pkcs11_privkey_set_pin_function: Added
2532 gnutls_pkcs11_get_pin_function: Added
2533 gnutls_privkey_import_tpm_raw: Added
2534 gnutls_privkey_import_tpm_url: Added
2535 gnutls_privkey_import_pkcs11_url: Added
2536 gnutls_privkey_import_openpgp_raw: Added
2537 gnutls_privkey_import_x509_raw: Added
2538 gnutls_privkey_import_ext2: Added
2539 gnutls_privkey_import_url: Added
2540 gnutls_privkey_set_pin_function: Added
2541 gnutls_tpm_privkey_generate: Added
2542 gnutls_tpm_key_list_deinit: Added
2543 gnutls_tpm_key_list_get_url: Added
2544 gnutls_tpm_get_registered: Added
2545 gnutls_tpm_privkey_delete: Added
2546 gnutls_pubkey_import_tpm_raw: Added
2547 gnutls_pubkey_import_tpm_url: Added
2548 gnutls_pubkey_import_url: Added
2549 gnutls_pubkey_verify_hash2: Added
2550 gnutls_pubkey_set_pin_function: Added
2551 gnutls_x509_privkey_import2: Added
2552 gnutls_x509_privkey_import_openssl: Added
2553 gnutls_x509_crt_set_pin_function: Added
2554 gnutls_load_file: Added
2555 gnutls_pkcs12_simple_parse: Added
2556 gnutls_certificate_set_x509_system_trust: Added
2557 gnutls_certificate_set_pin_function: Added
2558 gnutls_x509_trust_list_add_system_trust: Added
2559 gnutls_x509_trust_list_add_trust_file: Added
2560 gnutls_x509_trust_list_add_trust_mem: Added
2561 gnutls_pk_to_sign: Added
2562 gnutls_handshake_set_timeout: Added
2563 gnutls_pubkey_verify_hash: Deprecated (use gnutls_pubkey_verify_hash2)
2564 gnutls_pubkey_verify_data: Deprecated (use gnutls_pubkey_verify_data2)
2567 * Version 3.0.22 (released 2012-08-04)
2569 ** libgnutls: gnutls_certificate_set_x509_system_trust()
2570 is now supported on OpenBSD.
2572 ** libgnutls: When verifying a certificate chain make sure it is chain.
2573 If the chain is wronly interrupted at some point then truncate it,
2574 and only try to verify the correct part. Patch by David Woodhouse
2576 ** libgnutls: Restored the behavior of gnutls_x509_privkey_import_pkcs8()
2577 which now may (again) accept a NULL password.
2579 ** certtool: Allow the user to choose the hash algorithm
2580 when signing certificate request or certificate revocation list.
2581 Patch by Petr PÃsaÅ™.
2583 ** API and ABI modifications:
2584 No changes since last version.
2587 * Version 3.0.21 (released 2012-07-02)
2589 ** libgnutls: fixed bug in gnutls_x509_privkey_import()
2590 that prevented the loading of EC private keys when DER
2591 encoded. Reported by David Woodhouse.
2593 ** libgnutls: In DTLS larger to mtu records result to
2594 GNUTLS_E_LARGE_PACKET instead of being truncated.
2596 ** libgnutls: gnutls_dtls_get_data_mtu() is more precise. Based
2597 on patch by David Woodhouse.
2599 ** libgnutls: Fixed memory leak in PKCS #8 key import.
2601 ** libgnutls: Added support for an old version of the DTLS protocol
2602 used by openconnect vpn client for compatibility with Cisco's AnyConnect
2603 SSL VPN. It is marked as GNUTLS_DTLS0_9. Do not use it for newer protocols
2606 ** libgnutls: Corrected bug that prevented resolving PKCS #11 URLs
2607 if only the label is specified. Patch by David Woodhouse.
2609 ** libgnutls: When EMSGSIZE errno is seen then GNUTLS_E_LARGE_PACKET
2612 ** API and ABI modifications:
2613 gnutls_dtls_set_data_mtu: Added
2614 gnutls_session_set_premaster: Added
2617 * Version 3.0.20 (released 2012-06-05)
2619 ** libgnutls: Corrected bug which prevented the parsing of
2620 handshake packets spanning multiple records.
2622 ** libgnutls: Check key identifiers when checking for an issuer.
2624 ** libgnutls: Added gnutls_pubkey_verify_hash2()
2626 ** libgnutls: Added gnutls_certificate_set_x509_system_trust()
2627 that loads the trusted CA certificates from system locations
2628 (e.g. trusted storage in windows and CA bundle files in other systems).
2630 ** certtool: Added support for the URI subject alternative
2631 name type in certtool.
2633 ** certtool: Increase to 128 the maximum number of distinct options
2634 (e.g. dns_names) allowed.
2636 ** gnutls-cli: If --print-cert is given, print the certificate,
2637 even on verification failure.
2639 ** API and ABI modifications:
2640 gnutls_pk_to_sign: Added
2641 gnutls_pubkey_verify_hash2: Added
2642 gnutls_certificate_set_x509_system_trust: Added
2645 * Version 3.0.19 (released 2012-04-22)
2647 ** libgnutls: When decoding a PKCS #11 URL the pin-source field
2648 is assumed to be a file that stores the pin. Based on patch
2651 ** libgnutls: gnutls_record_check_pending() no longer
2652 returns unprocessed data, and thus ensure the non-blocking
2653 of the next call to gnutls_record_recv().
2655 ** libgnutls: Added strict tests in Diffie-Hellman and
2656 SRP key exchange public keys.
2658 ** libgnutls: in ECDSA and DSA TLS 1.2 authentication be less
2659 strict in hash selection, and allow a stronger hash to
2660 be used than the appropriate, to improve interoperability
2663 ** tests: Disabled floating point test, and corrections
2664 in pkcs12 decoding tests.
2666 ** API and ABI modifications:
2667 No changes since last version.
2670 * Version 3.0.18 (released 2012-04-02)
2672 ** certtool: Avoid a Y2K38 bug when generating certificates.
2673 Patch by Robert Millan.
2675 ** libgnutls: Make sure that GNUTLS_E_PREMATURE_TERMINATION
2676 is returned on premature termination (and added unit test).
2678 ** libgnutls: Fixes for W64 API. Patch by B. Scott Michel.
2680 ** libgnutls: Corrected VIA padlock detection for old
2681 VIA processors. Reported by Kris Karas.
2683 ** libgnutls: Updated assembler files.
2685 ** libgnutls: Time in generated certificates is stored
2686 as GeneralizedTime instead of UTCTime (which only stores
2687 2 digits of a year).
2689 ** minitasn1: Upgraded to libtasn1 version 2.13 (pre-release).
2691 ** API and ABI modifications:
2692 gnutls_x509_crt_set_private_key_usage_period: Added
2693 gnutls_x509_crt_get_private_key_usage_period: Added
2694 gnutls_x509_crq_set_private_key_usage_period: Added
2695 gnutls_x509_crq_get_private_key_usage_period: Added
2696 gnutls_session_get_random: Added
2699 * Version 3.0.17 (released 2012-03-17)
2701 ** command line apps: Always link with local libopts.
2703 ** API and ABI modifications:
2704 No changes since last version.
2707 * Version 3.0.16 (released 2012-03-16)
2709 ** minitasn1: Upgraded to libtasn1 version 2.12 (pre-release).
2711 ** libgnutls: Corrected SRP-RSA ciphersuites when used under TLS 1.2.
2713 ** libgnutls: included assembler files for MacOSX.
2715 ** p11tool: Small fixes in handling of the --private command
2718 ** certtool: The template option allows for setting the domain
2719 component (DC) option of the distinguished name, and the ocsp_uri
2720 as well as the ca_issuers_uri options.
2722 ** API and ABI modifications:
2723 gnutls_x509_crt_set_authority_info_access: Added
2726 * Version 3.0.15 (released 2012-03-02)
2728 ** test suite: Only run under valgrind in the development
2729 system (the full git repository)
2731 ** command line apps: Link with local libopts if the
2732 installed is an old one.
2734 ** libgnutls: Eliminate double free during SRP
2735 authentication. Reported by Peter Penzov.
2737 ** libgnutls: Corrections in record packet parsing.
2738 Reported by Matthew Hall.
2740 ** libgnutls: Cryptodev updates and fixes.
2742 ** libgnutls: Corrected issue with select() that affected
2743 FreeBSD. This prevented establishing DTLS sessions.
2744 Reported by Andreas Metzler.
2746 ** libgnutls: Corrected rehandshake and resumption
2747 operations in DTLS. Reported by Sean Buckheister.
2749 ** libgnutls: PKCS #11 objects that do not have ID
2750 no longer crash listing. Reported by Sven Geggus.
2752 ** API and ABI modifications:
2753 No changes since last version.
2756 * Version 3.0.14 (released 2012-02-24)
2758 ** command line apps: Included libopts doesn't get installed
2761 ** libgnutls: Eliminate double free on wrongly formatted
2762 certificate list. Reported by Remi Gacogne.
2764 ** libgnutls: cryptodev code corrected, updated to account
2765 for hashes and GCM mode.
2767 ** libgnutls: Eliminated memory leak in PCKS #11 initialization.
2768 Report and fix by Sam Varshavchik.
2770 ** API and ABI modifications:
2771 No changes since last version.
2774 * Version 3.0.13 (released 2012-02-18)
2776 ** gnutls-cli: added the --ocsp option which will verify
2777 the peer's certificate with OCSP.
2779 ** gnutls-cli: added the --tofu option and if specified, gnutls-cli
2780 will use an ssh-style authentication method.
2782 ** gnutls-cli: if no --x509cafile is provided a default is
2783 assumed (/etc/ssl/certs/ca-certificates.crt), if it exists.
2785 ** ocsptool: Added --ask parameter, to verify a certificate's
2786 status from an ocsp server.
2788 ** command line apps: Use gnu autogen (libopts) to parse command
2789 line arguments and template files.
2791 ** tests: Added stress test for DTLS packet losses and
2792 out-of-order receival. Contributed by Sean Buckheister.
2794 ** libgnutls: Several updates and corrections in the DTLS
2795 DTLS lost packet handling and retransmission timeouts.
2796 Report and patches by Sean Buckheister.
2798 ** libgnutls: Added new functions to easily allow the usage of
2799 a trust on first use (SSH-style) authentication.
2801 ** libgnutls: SUITEB128 and SUITEB192 priority strings account
2802 for the RFC6460 requirements.
2804 ** libgnutls: Added new security parameter GNUTLS_SEC_PARAM_LEGACY
2805 to account for security level of 96-bits.
2807 ** libgnutls: In client side if server does not advertise any
2808 known CAs and only a single certificate is set in the credentials,
2811 ** libgnutls: Added functions to parse authority key identifiers
2812 when stored as a 'general name' and serial combo.
2814 ** libgnutls: Added function to force explicit reinitialization
2815 of PKCS #11 modules. This is required on the child process after
2816 a fork (if PKCS #11 functionality is desirable).
2818 ** libgnutls: Depend on p11-kit 0.11.
2820 ** API and ABI modifications:
2821 gnutls_dtls_get_timeout: Added
2822 gnutls_verify_stored_pubkey: Added
2823 gnutls_store_pubkey: Added
2824 gnutls_store_commitment: Added
2825 gnutls_x509_crt_get_authority_key_gn_serial: Added
2826 gnutls_x509_crl_get_authority_key_gn_serial: Added
2827 gnutls_pkcs11_reinit: Added
2828 gnutls_ecc_curve_list: Added
2829 gnutls_priority_certificate_type_list: Added
2830 gnutls_priority_sign_list: Added
2831 gnutls_priority_protocol_list: Added
2832 gnutls_priority_compression_list: Added
2833 gnutls_priority_ecc_curve_list: Added
2834 gnutls_tdb_init: Added
2835 gnutls_tdb_set_store_func: Added
2836 gnutls_tdb_set_store_commitment_func: Added
2837 gnutls_tdb_set_verify_func: Added
2838 gnutls_tdb_deinit: Added
2841 * Version 3.0.12 (released 2012-01-20)
2843 ** libgnutls: Added OCSP support.
2844 There is a new header file gnutls/ocsp.h and a set of new functions
2845 under the gnutls_ocsp namespace. Currently the functionality provided
2846 is to parse and extract information from OCSP requests/responses, to
2847 generate OCSP requests and to verify OCSP responses. See the manual
2848 for more information. Run ./configure with --disable-ocsp to build
2849 GnuTLS without OCSP support.
2851 This work was sponsored by Smoothwall <http://smoothwall.net/>.
2853 ** ocsptool: Added new command line tool.
2854 The tool can parse OCSP request/responses, generate OCSP requests and
2855 verify OCSP responses. See the manual for more information.
2857 ** certtool: --outder option now works for private
2858 and public keys as well.
2860 ** libgnutls: Added error code GNUTLS_E_NO_PRIORITIES_WERE_SET
2861 to warn when no or insufficient priorities were set.
2863 ** libgnutls: Corrected an alignment issue in ECDH
2864 key generation which prevented some keys from being
2865 correctly aligned in rare circumstances.
2867 ** libgnutls: Corrected memory leaks in DH parameter
2868 generation and ecc_projective_check_point().
2870 ** libgnutls: Added gnutls_x509_dn_oid_name() to
2871 return a descriptive name of a DN OID.
2873 ** API and ABI modifications:
2874 gnutls_pubkey_encrypt_data: Added
2875 gnutls_x509_dn_oid_name: Added
2876 gnutls_session_resumption_requested: Added
2877 gnutls/ocsp.h: Added new header file.
2878 gnutls_ocsp_print_formats_t: Added new type.
2879 gnutls_ocsp_resp_status_t: Added new type.
2880 gnutls_ocsp_cert_status_t: Added new type.
2881 gnutls_x509_crl_reason_t: Added new type.
2882 gnutls_ocsp_req_add_cert: Added.
2883 gnutls_ocsp_req_add_cert_id: Added.
2884 gnutls_ocsp_req_deinit: Added.
2885 gnutls_ocsp_req_export: Added.
2886 gnutls_ocsp_req_get_cert_id: Added.
2887 gnutls_ocsp_req_get_extension: Added.
2888 gnutls_ocsp_req_get_nonce: Added.
2889 gnutls_ocsp_req_get_version: Added.
2890 gnutls_ocsp_req_import: Added.
2891 gnutls_ocsp_req_init: Added.
2892 gnutls_ocsp_req_print: Added.
2893 gnutls_ocsp_req_randomize_nonce: Added.
2894 gnutls_ocsp_req_set_extension: Added.
2895 gnutls_ocsp_req_set_nonce: Added.
2896 gnutls_ocsp_resp_deinit: Added.
2897 gnutls_ocsp_resp_export: Added.
2898 gnutls_ocsp_resp_get_certs: Added.
2899 gnutls_ocsp_resp_get_extension: Added.
2900 gnutls_ocsp_resp_get_nonce: Added.
2901 gnutls_ocsp_resp_get_produced: Added.
2902 gnutls_ocsp_resp_get_responder: Added.
2903 gnutls_ocsp_resp_get_response: Added.
2904 gnutls_ocsp_resp_get_signature: Added.
2905 gnutls_ocsp_resp_get_signature_algorithm: Added.
2906 gnutls_ocsp_resp_get_single: Added.
2907 gnutls_ocsp_resp_get_status: Added.
2908 gnutls_ocsp_resp_get_version: Added.
2909 gnutls_ocsp_resp_import: Added.
2910 gnutls_ocsp_resp_init: Added.
2911 gnutls_ocsp_resp_print: Added.
2912 gnutls_ocsp_resp_verify: Added.
2914 * Version 3.0.11 (released 2012-01-06)
2916 ** libgnutls: Corrected functionality of
2917 gnutls_record_get_direction(). Reported by Philip Allison.
2919 ** libgnutls: Provide less timing information when decoding
2920 TLS/DTLS record packets. Patch by Nadhem Alfardan.
2922 ** API and ABI modifications:
2923 No changes since last version.
2926 * Version 3.0.10 (released 2012-01-04)
2928 ** gnutls-cli/serv: Set don't fragment bit in DTLS sessions
2929 in Linux as well as in BSD.
2931 ** gnutls-cli: Fixed reading from windows terminals.
2933 ** libgnutls: When GNUTLS_OPENPGP_FMT_BASE64 is specified
2934 the stream is assumed to be base64 encoded (previously
2935 the encoding was auto-detected). This avoids a decoding
2936 issue in windows systems.
2938 ** libgnutls: Corrected ciphersuite GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384
2940 ** libgnutls: Added ciphersuites: GNUTLS_PSK_WITH_AES_256_GCM_SHA384
2941 and GNUTLS_DHE_PSK_WITH_AES_256_GCM_SHA384.
2943 ** libgnutls: Added function gnutls_random_art() to convert
2944 fingerprints to images (currently ascii-art).
2946 ** libgnutls: Corrected bug in DSA private key parsing, which
2947 prevented the verification of the key.
2949 ** API and ABI modifications:
2950 gnutls_random_art: Added
2953 * Version 3.0.9 (released 2011-12-13)
2955 ** certtool: Added new parameter --dh-info.
2957 ** certtool: -l option was overloaded so if combined with --priority
2958 it will only list the ciphersuites that are enabled by the given
2961 ** libgnutls: Added new priority string %SERVER_PRECEDENCE, which
2962 changes the ciphersuite selection procedure. If specified the server
2963 priorities will be used for selection instead of the client's.
2965 ** libgnutls: Optimizations in Diffie-Hellman parameters generation
2968 ** libgnutls: When session tickets are negotiated and used in a
2969 session, a server will not store that session data into its cache.
2971 ** libgnutls: Added the SECP192R1 curve.
2973 ** libgnutls: Added gnutls_priority_get_cipher_suite_index() to
2974 allow listing the ciphersuites enabled in a priority structure.
2975 It outputs an index to be used in gnutls_get_cipher_suite_info().
2977 ** libgnutls: Optimizations in the elliptic curve code --timing
2978 attacks resistant code is only used in ECDSA private key operations.
2980 ** doc: man pages for API functions generation was fixed and are
2981 now added again in the distribution.
2983 ** API and ABI modifications:
2984 GNUTLS_ECC_CURVE_SECP192R1: New curve definition
2985 gnutls_priority_get_cipher_suite_index: Added
2988 * Version 3.0.8 (released 2011-11-12)
2990 ** certtool: Certtool -e returns error code on verification
2993 ** certtool: Verifies parameters of generated keys.
2995 ** libgnutls: Corrected ECC key generation (introduced in 3.0.6)
2997 ** libgnutls: Provide less timing information when decoding
2998 TLS/DTLS record packets.
3000 ** doc: man pages for API functions were removed.
3001 The reason was that the code that auto-generated the man pages missed
3002 many APIs and we couldn't fix it (volunteers welcome). See the info
3003 manual or the GTK-DOC manual instead.
3005 ** API and ABI modifications:
3006 gnutls_x509_privkey_verify_params: Added
3009 * Version 3.0.7 (released 2011-11-08)
3011 ** libgnutls: Corrected fix in gnutls_session_get_data()
3012 to report the actual session size when the provided buffer
3015 ** libgnutls: Fixed ciphersuite GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256,
3016 which was using a wrong MAC algorithm. Reported by Fabrice Gautier.
3018 ** API and ABI modifications:
3019 No changes since last version.
3022 * Version 3.0.6 (released 2011-11-07)
3024 ** gnutls-guile: Compilation fixes.
3026 ** libgnutls: Fixed possible buffer overflow in
3027 gnutls_session_get_data(). Reported and fix by Alban Crequy.
3029 ** libgnutls: Bug fixes in the ciphersuites with NULL cipher.
3030 Reported by Fabrice Gautier.
3032 ** libgnutls: Bug fixes in ECC code for 64-bit MIPS systems.
3033 Thanks to Joseph Graham for providing access to such a system.
3035 ** libgnutls: Correctly report ECC private key parsing errors.
3036 Reported by Fabrice Gautier.
3038 ** libgnutls: In ECDHE verify that the received point lies on
3039 the selected curve. The ECDHE ciphersuites now take precendence
3042 ** API and ABI modifications:
3043 No changes since last version.
3046 * Version 3.0.5 (released 2011-10-27)
3048 ** libgnutls-extra: is no more
3050 ** libgnutls: Corrections in order to compile with mingw32.
3052 ** libgnutls: Corrections in VIA padlock code for VIA C5 processor
3053 and new detection of PHE with support for partial hashing.
3055 ** libgnutls: Corrected bug in gnutls_x509_data2hex. Report and fix
3058 ** minitasn1: Upgraded to libtasn1 version 2.10.
3060 ** API and ABI modifications:
3061 No changes since last version.
3064 * Version 3.0.4 (released 2011-10-15)
3066 ** libgnutls-extra: gnutls_register_md5_handler() was
3069 ** gnutls-cli-debug: Added more tests including AES-GCM,
3070 SHA256 and elliptic curves.
3072 ** gnutls-cli: Added --benchmark-soft-ciphers to benchmark
3073 the software version of the ciphers instead of hw accelerated
3076 ** libgnutls: Public key ID calculation is consistent among
3077 all structures. It uses a SHA-1 hash of the subjectPublicKeyInfo.
3079 ** libgnutls: gnutls_privkey_t allows setting external callback
3080 to perform signing or decryption. Can be set using
3081 gnutls_privkey_import_ext()
3083 ** libgnutls: A certificate credentials structure can be
3084 used with a gnutls_privkey_t and a gnutls_pcert_st
3085 structure using gnutls_certificate_set_key().
3087 ** libgnutls: Fixes to enable external signing callback to
3088 operate with TLS 1.2.
3090 ** libgnutls: Fixed crash when printing ECDSA certificate key
3091 ID. Reported by Erik Jensen.
3093 ** libgnutls: Corrected VIA padlock code for C3. In C3 benchmarks
3094 show a 50x increase in AES speed and a 14x increase in VIA nano. Added
3095 support for hashes and HMACs.
3097 ** libgnutls: Compilation fixed when p11-kit is not detected.
3099 ** libgnutls: Fixed the deflate compression code.
3101 ** libgnutls: Added gnutls_x509_crt_get_authority_info_access.
3102 Used to get the PKIX Authority Information Access (AIA) field.
3104 ** libgnutls: gnutls_x509_crt_print supports printing AIA fields.
3106 ** libgnutls: Added ability to gnutls_privkey_t to operate with
3107 signing callback function.
3109 ** API and ABI modifications:
3110 gnutls_x509_crt_get_authority_info_access (x509.h): Added function.
3111 gnutls_privkey_import_ext: Added function.
3112 gnutls_certificate_set_key: Added function.
3113 gnutls_info_access_what_t (x509.h): Added enum.
3114 GNUTLS_OID_AIA (x509.h): Added symbol.
3115 GNUTLS_OID_AD_OCSP (x509.h): Added symbol.
3116 GNUTLS_OID_AD_CAISSUERS (x509.h): Added symbol.
3118 * Version 3.0.3 (released 2011-09-18)
3120 ** libgnutls: Added gnutls_record_get_discarded() to return the
3121 number of discarded records in a DTLS session.
3123 ** libgnutls: All functions related to RSA-EXPORT were deprecated.
3124 Support for RSA-EXPORT ciphersuites will be ceased in future versions.
3126 ** libgnutls: Memory leak fixes in credentials private key
3127 deinitialization. Reported by Dan Winship.
3129 ** libgnutls: Memory leak fixes in ECC ciphersuites.
3131 ** libgnutls: Do not send an empty extension structure in server
3132 hello. This affected old implementations that do not support extensions.
3133 Reported by J. Cameijo Cerdeira.
3135 ** libgnutls: Allow CA importing of 0 certificates to succeed.
3136 Reported by Jonathan Nieder <jrnieder@gmail.com> in
3137 <http://bugs.debian.org/640639>.
3139 ** libgnutls: Added support for VIA padlock AES optimizations.
3140 (disabled by default)
3142 ** libgnutls: Added support for elliptic curves in
3145 ** libgnutls: Added gnutls_pkcs11_privkey_generate()
3146 to allow generating a key in a token.
3148 ** p11tool: Added generate-rsa, generate-dsa and
3149 generate-ecc options to allow generating private
3152 ** libgnutls: gnutls_transport_set_lowat dummy macro was
3155 ** API and ABI modifications:
3156 gnutls_pkcs11_privkey_generate: Added
3157 gnutls_pubkey_import_ecc_raw: Added
3158 gnutls_pubkey_import_ecc_x962: Added
3159 gnutls_pubkey_get_pk_ecc_x962: Added
3160 gnutls_record_get_discarded: Added
3163 * Version 3.0.2 (released 2011-09-01)
3165 ** libgnutls: OpenPGP certificate type is not enabled
3168 ** libgnutls: Added %NO_EXTENSIONS priority string.
3170 ** libgnutls: Corrected issue in gnutls_record_recv()
3171 triggered on encryption or compression error.
3173 ** libgnutls: Compatibility fixes in CPU ID detection
3174 for i386 and old GCC.
3176 ** gnutls-cli: Benchmark applications were incorporated
3179 ** libgnutls: Corrected parsing of XMPP subject
3182 ** libgnutls: Allow for out-of-order ChangeCipherSpec
3185 ** libgnutls: gnutls_certificate_set_x509_key() and
3186 gnutls_certificate_set_openpgp_key() operate as in 2.10.x
3187 and allow the release of the private key during the
3188 lifetime of the certificate structure.
3190 ** API and ABI modifications:
3191 GNUTLS_PRIVKEY_IMPORT_COPY: new gnutls_privkey_import() flag
3194 * Version 3.0.1 (released 2011-08-20)
3196 ** libgnutls: gnutls_certificate_set_x509_key_file() and
3197 friends support server name indication. If multiple
3198 certificates are set using these functions the proper one
3199 will be selected during a handshake.
3201 ** libgnutls: Added AES-256-GCM which was left out from
3202 the previous release. Reported by Benjamin Hof.
3204 ** libgnutls: When asking for a PKCS# 11 PIN multiple
3205 times, the flags in the callback were not being updated
3206 to reflect for PIN low count or final try.
3208 ** libgnutls: Do not allow second instances of PKCS #11
3211 ** libgnutls: fixed alignment issue in AES-NI code.
3213 ** libgnutls: The config file at gnutls_pkcs11_init()
3214 is being read if provided.
3216 ** libgnutls: Ensure that a certificate list specified
3217 using gnutls_certificate_set_x509_key() and friends, is
3218 sorted according to TLS specification (from subject to issuer).
3220 ** libgnutls: Added GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag for
3221 gnutls_x509_crt_list_import. It checks whether the list to be
3222 imported is properly sorted.
3224 ** crywrap: Added to the distribution. It is an application
3225 that proxies TLS session to a port using a plaintext service.
3227 ** doc: Many GTK-DOC improvements.
3229 ** i18n: Translations were updated.
3231 ** API and ABI modifications:
3232 GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED: New element in gnutls_certificate_import_flags
3233 GNUTLS_PKCS11_PIN_WRONG: New flag for PIN callback
3236 * Version 3.0.0 (released 2011-07-29)
3238 ** libgnutls: writev_emu: stop on the first incomplete write. Patch by
3241 ** libgnutls: Fix zlib handling in gnutls.pc. Patch by Andreas
3244 ** certtool: bug fixes in certificate request generation. Patch
3247 ** API and ABI modifications:
3248 gnutls_pcert_list_import_x509_raw: ADDED
3251 * Version 2.99.4 (released 2011-07-23)
3253 ** doc: documentation updates.
3255 ** libgnutls: gnutls_rsa_params_t is now identical to gnutls_x509_privkey_t
3256 to avoid thread-safety issues. Reported by Sam Varshavchik.
3258 ** libgnutls: Added compatibility mode with /etc/gnutls/pkcs11.conf
3260 ** libgnutls: license upgraded to LGPLv3
3262 ** libgnutls: gnutls_srp_verifier() returns data allocated with gnutls_malloc()
3265 ** API and ABI modifications:
3266 No changes since last version.
3269 * Version 2.99.3 (released 2011-06-18)
3271 ** libgnutls: Added new PKCS #11 flags to force an object being private or
3272 not. (GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE and GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE)
3274 ** libgnutls: Added SUITEB128 and SUITEB192 priority
3275 strings to enable the NSA SuiteB cryptography ciphersuites.
3277 ** libgnutls: Added gnutls_pubkey_verify_data2() that will
3278 verify data provided the signature algorithm.
3280 ** libgnutls: Simplified the handling of handshake messages to
3281 be hashed. Instead of hashing during the handshake process we now
3282 keep the data until handshake is over and hash them on request.
3283 This uses more memory but eliminates issues with TLS 1.2 and
3286 ** libgnutls: Added AES-GCM optimizations using the PCLMULQDQ
3287 instruction. Uses Andy Polyakov's assembly code.
3289 ** libgnutls: Added gnutls_x509_trust_list_add_named_crt() and
3290 gnutls_x509_trust_list_verify_named_crt() that allow having a
3291 list of certificates in the trusted list that will be associated
3292 with a name (e.g. server name) and will not be used as CAs.
3294 ** libgnutls: PKCS #11 back-end rewritten to use p11-kit
3295 http://p11-glue.freedesktop.org/p11-kit.html. Rewrite by
3298 ** libgnutls: Added ECDHE-PSK ciphersuites for TLS (RFC 5489).
3300 ** API and ABI modifications:
3301 gnutls_pubkey_verify_data2: ADDED
3302 gnutls_ecc_curve_get: ADDED
3303 gnutls_x509_trust_list_add_named_crt: ADDED
3304 gnutls_x509_trust_list_verify_named_crt: ADDED
3305 gnutls_x509_privkey_verify_data: REMOVED
3306 gnutls_crypto_bigint_register: REMOVED
3307 gnutls_crypto_cipher_register: REMOVED
3308 gnutls_crypto_digest_register: REMOVED
3309 gnutls_crypto_mac_register: REMOVED
3310 gnutls_crypto_pk_register: REMOVED
3311 gnutls_crypto_rnd_register: REMOVED
3312 gnutls_crypto_single_cipher_register: REMOVED
3313 gnutls_crypto_single_digest_register: REMOVED
3314 gnutls_crypto_single_mac_register: REMOVED
3315 GNUTLS_KX_ECDHE_PSK: New key exchange method
3316 GNUTLS_VERIFY_DISABLE_CRL_CHECKS: New certificate verification flag.
3317 GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE: New PKCS#11 object flag.
3318 GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE: New PKCS#11 object flag.
3321 * Version 2.99.2 (released 2011-05-26)
3323 ** libgnutls: Added Elliptic curve support. This is not
3324 enabled by default. Requires priority strings:
3325 +CURVE-ALL: to add all supported curves
3326 +ECDHE-RSA: to add ephemeral ECDHE with an RSA-signed certificate
3327 +ECDHE-ECDSA: to add ephemeral ECDHE with an ECDSA-signed certificate
3328 +ANON-ECDHE: to add anonymous ECDH
3330 ** libgnutls: PKCS #11 URLs conform to the latest draft
3331 being http://tools.ietf.org/html/draft-pechanec-pkcs11uri-04.
3333 ** certtool: Can now load private keys and public keys from PKCS #11 tokens
3336 ** libgnutls: Added gnutls_global_set_audit_log_function() that allows
3337 to get important auditing information including the corresponding session.
3338 That might be useful to block DoS or other attacker from specific IPs.
3340 ** libgnutls: gnutls_pkcs11_privkey_import_url() will now correctly read
3341 the public key algorithm of the key.
3343 ** libgnutls: Added gnutls_certificate_get_issuer() and
3344 gnutls_x509_trust_list_get_issuer() to compensate for the
3345 missing gnutls_certificate_get_x509_cas().
3347 ** libgnutls: Added gnutls_x509_crq_verify() to allow
3348 verification of the self signature in a certificate request.
3349 This allows verifying whether the owner of the private key
3350 is the generator of the request.
3352 ** libgnutls: gnutls_x509_crt_set_crq() implicitly verifies
3353 the self signature of the request.
3355 ** API and ABI modifications:
3356 gnutls_certificate_get_issuer: ADDED
3357 gnutls_x509_trust_list_get_issuer: ADDED
3358 gnutls_x509_crq_verify: ADDED
3359 gnutls_global_set_audit_log_function: ADDED
3360 gnutls_ecc_curve_get_name: ADDED
3361 gnutls_ecc_curve_get_size: ADDED
3362 gnutls_x509_privkey_import_ecc_raw: ADDED
3363 gnutls_x509_privkey_export_ecc_raw: ADDED
3364 gnutls_global_set_time_function: ADDED
3366 GNUTLS_E_ECC_NO_SUPPORTED_CURVES: New error code
3367 GNUTLS_E_ECC_UNSUPPORTED_CURVE: New error code
3368 GNUTLS_KX_ECDHE_RSA: New key exchange method
3369 GNUTLS_KX_ECDHE_ECDSA: New key exchange method
3370 GNUTLS_KX_ANON_ECDH: New key exchange method
3371 GNUTLS_PK_ECC: New public key algorithm
3372 GNUTLS_SIGN_ECDSA_SHA1: New signature algorithm
3373 GNUTLS_SIGN_ECDSA_SHA256: New signature algorithm
3374 GNUTLS_SIGN_ECDSA_SHA384: New signature algorithm
3375 GNUTLS_SIGN_ECDSA_SHA512: New signature algorithm
3376 GNUTLS_SIGN_ECDSA_SHA224: New signature algorithm
3377 GNUTLS_ECC_CURVE_INVALID: New curve definition
3378 GNUTLS_ECC_CURVE_SECP224R1: New curve definition
3379 GNUTLS_ECC_CURVE_SECP256R1: New curve definition
3380 GNUTLS_ECC_CURVE_SECP384R1: New curve definition
3381 GNUTLS_ECC_CURVE_SECP521R1: New curve definition
3384 * Version 2.99.1 (released 2011-04-23)
3386 ** libgnutls: LZO support was removed.
3388 ** libgnutls: Corrections in SSLv2 client hello parsing.
3390 ** libgnutls: Added support for AES-NI if detected. Uses
3391 Andy Polyakov's AES-NI code.
3393 ** libgnutls: Restored HMAC-MD5 for compatibility. Although considered
3394 weak, several sites require it for connection. It is enabled for
3395 "NORMAL" and "PERFORMANCE" priority strings.
3397 ** libgnutls: depend on libdl.
3399 ** libgnutls-extra: Dropped support of LZO compression via liblzo.
3401 ** libgnutls: gnutls_transport_set_global_errno() was removed. This
3402 function required GnuTLS to access system specific data, for no reason.
3403 Use gnutls_transport_set_errno(), or your system's errno fascility
3406 ** libgnutls: Added gnutls_certificate_set_retrieve_function2()
3407 to set a callback to retrieve a certificate. The certificate is
3408 received in a format that requires no processing from gnutls thus
3409 it is suitable when performance is required.
3411 ** API and ABI modifications:
3412 gnutls_transport_set_global_errno: REMOVED
3413 gnutls_certificate_set_retrieve_function2: ADDED
3415 * Version 2.99.0 (released 2011-04-09)
3417 ** libgnutls: Added Datagram TLS support.
3419 ** libgnutls: Uses a single configure file and a single
3420 gnulib library to save space.
3422 ** libgnutls: Several bug fixes.
3424 ** libgnutls: gnutls_transport_set_lowat() is no more.
3426 ** libgnutls-openssl: modified to use modern gnutls' functions.
3427 This introduces an ABI incompatibility with previous versions.
3429 ** libgnutls: Corrected signature generation and verification
3430 in the Certificate Verify message when in TLS 1.2. Reported
3433 ** libgnutlsxx: The C++ interface returns exception on
3434 every error and not only on fatal ones. This allows easier
3437 ** libgnutls: Corrected issue in DHE-PSK ciphersuites that ignored
3440 ** libgnutls: SRP and PSK are no longer set on the default priorities.
3441 They have to be explicitly set.
3443 ** libgnutls: During handshake message verification using DSS
3444 use the hash algorithm required by it.
3446 ** libgnutls: gnutls_recv() return GNUTLS_E_PREMATURE_TERMINATION
3447 on unexpected EOF, instead of GNUTLS_E_UNEXPECTED_PACKET_LENGTH.
3449 ** libgnutls: Added GCM mode (interoperates with tls.secg.org)
3451 ** libgnutls-extra: Inner application extension was removed.
3452 It was never standardized nor published as an RFC.
3454 ** libgnutls: Added new certificate verification functions, that
3455 can provide more details and are more efficient. Check
3456 gnutls_x509_trust_list_*.
3458 ** certtool: Uses the new certificate verification functions for
3461 ** certtool: Added new certificate verification functionality
3462 using the --verify option. Combined with --load-ca-certificate
3463 it can verify a certificate chain against a list of certificates.
3465 ** Several files unnecessarily included <gcrypt.h>; this has been fixed.
3467 ** API and ABI modifications:
3468 gnutls_dtls_set_timeouts: ADDED
3469 gnutls_dtls_get_mtu: ADDED
3470 gnutls_dtls_get_data_mtu: ADDED
3471 gnutls_dtls_set_mtu: ADDED
3472 gnutls_dtls_cookie_send: ADDED
3473 gnutls_dtls_cookie_verify: ADDED
3474 gnutls_dtls_prestate_set: ADDED
3475 gnutls_x509_trust_list_verify_crt: ADDED
3476 gnutls_x509_trust_list_add_crls: ADDED
3477 gnutls_x509_trust_list_add_cas: ADDED
3478 gnutls_x509_trust_list_init: ADDED
3479 gnutls_x509_trust_list_deinit: ADDED
3480 gnutls_cipher_add_auth: ADDED
3481 gnutls_cipher_tag: ADDED
3482 gnutls_psk_netconf_derive_key: REMOVED
3483 gnutls_certificate_verify_peers: REMOVED
3484 gnutls_session_set_finished_function: REMOVED
3485 gnutls_ext_register: REMOVED
3486 gnutls_certificate_get_x509_crls: REMOVED
3487 gnutls_certificate_get_x509_cas: REMOVED
3488 gnutls_certificate_get_openpgp_keyring: REMOVED
3489 gnutls_session_get_server_random: REMOVED
3490 gnutls_session_get_client_random: REMOVED
3491 gnutls_session_get_master_secret: REMOVED
3492 gnutls_ia_allocate_client_credentials: REMOVED
3493 gnutls_ia_allocate_server_credentials: REMOVED
3494 gnutls_ia_enable: REMOVED
3495 gnutls_ia_endphase_send: REMOVED
3496 gnutls_ia_extract_inner_secret: REMOVED
3497 gnutls_ia_free_client_credentials: REMOVED
3498 gnutls_ia_free_server_credentials: REMOVED
3499 gnutls_ia_generate_challenge: REMOVED
3500 gnutls_ia_get_client_avp_ptr: REMOVED
3501 gnutls_ia_get_server_avp_ptr: REMOVED
3502 gnutls_ia_handshake: REMOVED
3503 gnutls_ia_handshake_p: REMOVED
3504 gnutls_ia_permute_inner_secret: REMOVED
3505 gnutls_ia_recv: REMOVED
3506 gnutls_ia_send: REMOVED
3507 gnutls_ia_set_client_avp_function: REMOVED
3508 gnutls_ia_set_client_avp_ptr: REMOVED
3509 gnutls_ia_set_server_avp_function: REMOVED
3510 gnutls_ia_set_server_avp_ptr: REMOVED
3511 gnutls_ia_verify_endphase: REMOVED
3514 * Version 2.12.2 (released 2011-04-08)
3516 ** libgnutls: Several updates and fixes for win32. Patches by LRN.
3518 ** libgnutls: Several bug and memory leak fixes.
3520 ** srptool: Accepts the -d option to enable debugging.
3522 ** libgnutls: Corrected bug in gnutls_srp_verifier() that prevented
3523 the allocation of a verifier. Reported by Andrew Wiseman.
3525 ** API and ABI modifications:
3526 No changes since last version.
3529 * Version 2.12.1 (released 2011-04-02)
3531 ** certtool: Generated certificate request with stricter permissions.
3532 Reported by Luca Capello.
3534 ** libgnutls: Bug fixes in opencdk code. Reported by Vitaly Kruglikov.
3536 ** libgnutls: Corrected windows system_errno() function prototype.
3538 ** libgnutls: C++ compatibility fix for compat.h. Reported by Mark Brand.
3540 ** libgnutls: Fix size of gnutls_openpgp_keyid_t by using the
3541 GNUTLS_OPENPGP_KEYID_SIZE definition. Reported by Andreas Metzler.
3543 ** API and ABI modifications:
3544 No changes since last version.
3549 * Version 2.12.0 (released 2011-03-24)
3551 ** certtool: Warns on generation of DSA keys of over 1024 bits, about
3552 the incompatibility with TLS other than 1.2.
3554 ** libgnutls: Modified signature algorithm selection in client
3555 certificate request, to avoid failures in DSA certificates.
3557 ** libgnutls: Instead of failing with internal error, return
3558 GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL if an incompatible DSA
3559 key with the negotiated protocol is encountered.
3561 ** libgnutls: Bug fixes in the RSA ciphersuite behavior with openpgp keys.
3563 ** libgnutls: Force state update when fork is detected in the nettle
3566 ** libgnutls: modified gnutls_pubkey_import_openpgp() to use the preferred
3567 subkey instead of setting explicitly one.
3569 ** libgnutls: Corrected default behavior in record version of Client Hellos.
3571 ** libgnutls-openssl: modified to use modern gnutls' functions.
3572 This introduces an ABI incompatibility with previous versions.
3574 ** API and ABI modifications:
3575 gnutls_pubkey_import_openpgp: MODIFIED
3580 ** libgnutls: The deprecated gnutls_x509_privkey_sign_hash() was
3581 replaced by gnutls_privkey_sign_hash2().
3583 ** libgnutls: gnutls_pubkey_verify_data, gnutls_pubkey_verify_hash,
3584 gnutls_x509_privkey_verify_data, gnutls_x509_crt_verify_data,
3585 gnutls_x509_crt_verify_hash return the negative error code
3586 GNUTLS_E_PK_SIG_VERIFY_FAILED if verification fails to simplify error
3589 ** libgnutls: Added helper functions for signature verification:
3590 gnutls_pubkey_verify_data() and gnutls_pubkey_import_privkey().
3592 ** libgnutls: Modified gnutls_privkey_sign_data().
3594 ** gnutls_x509_crl_privkey_sign2(), gnutls_x509_crq_sign2()
3595 gnutls_x509_privkey_sign_hash(), gnutls_x509_privkey_sign_data(),
3596 gnutls_x509_crt_verify_hash(), gnutls_x509_crt_verify_data(), were
3597 deprecated for gnutls_x509_crl_privkey_sign(),
3598 gnutls_x509_crq_privkey_sign(), gnutls_privkey_sign_hash(),
3599 gnutls_privkey_sign_data(), gnutls_pubkey_verify_hash()
3600 gnutls_pubkey_verify_data() respectively.
3602 ** libgnutls: gnutls_*_export_raw() functions now add leading zero in
3605 ** libgnutls: Added convenience functions gnutls_x509_crl_list_import2()
3606 and gnutls_x509_crt_list_import2().
3608 ** crypto.h: Fix use with C++.
3609 Reported by "Brendan Doherty" <brendand@gentrack.com>.
3611 ** API and ABI modifications:
3612 gnutls_x509_crl_list_import: ADDED
3613 gnutls_x509_crl_list_import2: ADDED
3614 gnutls_x509_crt_list_import2: ADDED
3615 gnutls_x509_crl_get_raw_issuer_dn: ADDED
3616 gnutls_pubkey_import_privkey: ADDED
3617 gnutls_pubkey_verify_data: ADDED
3618 gnutls_privkey_sign_hash: MODIFIED (was added in 2.11.0)
3619 gnutls_privkey_sign_data: MODIFIED (was added in 2.11.0)
3620 gnutls_x509_crq_sign2: DEPRECATED (use: gnutls_x509_crq_privkey_sign)
3621 gnutls_x509_crq_sign: DEPRECATED (use: gnutls_x509_crq_privkey_sign)
3622 gnutls_x509_crq_get_preferred_hash_algorithm: REMOVED (was added in 2.11.0)
3623 gnutls_x509_crl_sign: DEPRECATED (use: gnutls_x509_crl_privkey_sign)
3624 gnutls_x509_crl_sign2: DEPRECATED (use: gnutls_x509_crl_privkey_sign)
3625 gnutls_x509_privkey_sign_data: DEPRECATED (use: gnutls_privkey_sign_data2)
3626 gnutls_x509_privkey_sign_hash: DEPRECATED (use: gnutls_privkey_sign_hash2)
3627 gnutls_x509_privkey_verify_data: DEPRECATED (use: gnutls_pubkey_verify_data)
3628 gnutls_session_set_finished_function: DEPRECATED
3629 gnutls_x509_crt_verify_hash: DEPRECATED (use: gnutls_pubkey_verify_hash)
3630 gnutls_x509_crt_verify_data: DEPRECATED (use: gnutls_pubkey_verify_data)
3631 gnutls_x509_crt_get_verify_algorithm: DEPRECATED (use: gnutls_pubkey_get_verify_algorithm)
3632 gnutls_x509_crt_get_preferred_hash_algorithm: DEPRECATED (use: gnutls_pubkey_get_preferred_hash_algorithm)
3633 gnutls_openpgp_privkey_sign_hash: DEPRECATED (use: gnutls_privkey_sign_hash2)
3634 gnutls_pkcs11_privkey_sign_hash: REMOVED (was added in 2.11.0)
3635 gnutls_pkcs11_privkey_decrypt_data: REMOVED (was added in 2.11.0)
3636 gnutls_privkey_sign_hash: REMOVED (was added in 2.11.0)
3638 * Version 2.11.6 (released 2010-12-06)
3640 ** libgnutls: Record version of Client Hellos is now set by default to
3641 SSL 3.0. To restore the previous default behavior use %LATEST_RECORD_VERSION
3644 ** libgnutls: Use ASN1_NULL when writing parameters for RSA signatures.
3645 This makes us comply with RFC3279. Reported by Michael Rommel.
3647 ** gnutls-serv: Corrected a buffer overflow. Reported and patch by Tomas Mraz.
3649 ** API and ABI modifications:
3650 No changes since last version.
3652 * Version 2.11.5 (released 2010-12-01)
3654 ** libgnutls: Reverted default behavior for verification and
3655 introduced GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT. Thus by default
3656 V1 trusted CAs are allowed, unless the new flag is specified.
3658 ** libgnutls: Correctly add leading zero to PKCS #8 encoded DSA key.
3659 Reported by Jeffrey Walton.
3661 ** libgnutls: Added SIGN-ALL, CTYPE-ALL, COMP-ALL, and VERS-TLS-ALL
3662 as priority strings. Those allow to set all the supported algorithms
3665 ** p11tool: Introduced. It allows manipulating pkcs 11 tokens.
3667 ** gnutls-cli: Print channel binding only in verbose mode.
3668 Before it printed it after the 'Compression:' output, thus breaking
3669 Emacs starttls.el string searches.
3671 ** API and ABI modifications:
3672 gnutls_pkcs11_token_init: New function
3673 gnutls_pkcs11_token_set_pin: New function
3675 * Version 2.11.4 (released 2010-10-15)
3677 ** libgnutls: Add new API gnutls_session_channel_binding.
3678 The function is used to get the channel binding data. Currently only
3679 the "tls-unique" (RFC 5929) channel binding type is supported, through
3680 the GNUTLS_CB_TLS_UNIQUE type. See new section "Channel Bindings" in
3683 ** gnutls-cli, gnutls-serv: Print 'tls-unique' Channel Bindings.
3685 ** doc: Added pkcs11.h header file to GTK-DOC manual.
3687 ** build: Update gnulib files.
3689 ** i18n: Update translations.
3691 ** tests: Add self tests gendh.c. Speed up Guile self checks.
3693 ** API and ABI modifications:
3694 gnutls_session_channel_binding: New function.
3695 gnutls_channel_binding_t: New enumeration.
3696 GNUTLS_CB_TLS_UNIQUE: New gnutls_channel_binding_t enum member.
3697 GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE: New error code.
3699 * Version 2.11.3 (released 2010-10-14)
3701 ** Indent code to follow the GNU Coding Standard.
3702 You should be able to unpack the 2.11.2 release and run 'make indent'
3703 twice to get exactly the same content as 2.11.3 except for generated
3704 files. Using GNU Indent 2.2.11.
3706 ** API and ABI modifications:
3707 No changes since last version.
3709 * Version 2.11.2 (released 2010-10-08)
3711 ** libgnutls: Several bug fixes on session resumption
3712 and session tickets support.
3714 ** libgnutls: Add new extended key usage ipsecIKE.
3716 ** certtool: Renamed PKCS #11 options to: --p11-provider,
3717 --p11-export-url, --p11-list-certs, --p11-list-certs,
3718 --p11-list-privkeys, --p11-list-trusted, --p11-list-all-certs,
3719 --p11-list-all, --p11-list-tokens, --p11-login, --p11-write,
3720 --p11-write-label, --p11-write-trusted, --p11-detailed-url,
3723 ** libgnutls: Corrected bug that caused importing DSA keys as RSA,
3724 introduced with the new nettle code.
3726 ** libgnutls: Corrected advertizing issue for session tickets.
3728 ** API and ABI modifications:
3729 gnutls_x509_crt_get_subject_unique_id: ADDED.
3730 gnutls_x509_crt_get_issuer_unique_id: ADDED.
3732 * Version 2.11.1 (released 2010-09-14)
3734 ** libgnutls: Nettle is the default crypto back end. Use --with-libgcrypt
3735 to use the libgcrypt back end.
3737 ** libgnutls: Depend on nettle 2.1. This makes nettle a fully working
3738 backend crypto library.
3740 ** libgnutls: Added RSA_NULL_SHA1 and SHA256 ciphersuites.
3742 ** libgnutls: Several updates in the buffering internal interface.
3744 ** libgnutls: Is now more liberal in the PEM decoding. That is spaces and
3745 tabs are being skipped.
3747 ** libgnutls: Added support for draft-pechanec-pkcs11uri-02.
3749 ** libgnutls: The %COMPAT flag now allows larger records that violate the
3752 ** libgnutls: by default lowat level has been set to zero to avoid unnecessary
3753 system calls. Applications that depended on it being 1 should explicitly call
3754 gnutls_transport_set_lowat().
3756 ** libgnutls: Updated documentation and gnutls_pk_params_t mappings
3757 to ECRYPT II recommendations. Mappings were moved to a single location
3758 and DSA keys are handled differently (since DSA2 allows for 1024,2048
3759 and 3072 keys only).
3761 ** libgnutls: gnutls_x509_privkey_import() will fallback to
3762 gnutls_x509_privkey_import_pkcs8() without a password, if it
3763 is unable to decode the key.
3765 ** libgnutls: HMAC-MD5 no longer used by default.
3767 ** API and ABI modifications:
3768 gnutls_openpgp_privkey_sec_param: ADDED
3769 gnutls_x509_privkey_sec_param: ADDED
3771 * Version 2.11.0 (released 2010-07-22)
3773 ** libgnutls: support scattered write using writev(). This takes
3774 advantage of the new buffering layer and allows queuing of packets
3775 and flushing them. This is currently used for handshake messages
3778 ** libgnutls: Added gnutls_global_set_mutex() to allow setting
3779 alternative locking procedures. By default the system available
3780 locking is used. In *NIX pthreads are used and in windows the
3781 critical section API. This follows a different approach than the
3782 previous versions that depended on libgcrypt initialization. The
3783 locks are now set by default in systems that support it. Programs
3784 that used gcry_control() to set thread locks should insert it into
3786 #if GNUTLS_VERSION_NUMBER <= 0x020b00
3790 ** libgnutls: Added support for reading DN from EV-certificates.
3792 jurisdictionOfIncorporationLocalityName,
3793 jurisdictionOfIncorporationStateOrProvinceName,
3794 jurisdictionOfIncorporationCountryName
3796 ** libgnutls: Added support for DSA signing/verifying with bit
3799 ** libgnutls-extra: When in FIPS mode gnutls_global_init_extra()
3800 has to be called to register any required md5 handlers.
3802 ** libgnutls: Internal buffering code was replaced by simpler
3803 code contributed by Jonathan Bastien-Filiatrault.
3805 ** libgnutls: Internal API for extensions augmented to allow
3806 safe storing and loading of data on resumption. This allows writing
3807 self-contained extensions (when possible). As a side effect
3808 the OPRFI extension was removed.
3810 ** libgnutls: Added support for DSA-SHA256 and DSA-SHA224
3812 ** libgnutls: Added PKCS #11 support and an API to access objects in
3813 gnutls/pkcs11.h. Currently certificates and public keys can be
3814 imported from tokens, and operations can be performed on private keys.
3816 ** libgnutls: Added abstract gnutls_privkey_t and gnutls_pubkey_t
3818 ** libgnutls: Added initial support for the nettle library. It uses
3819 the system's random generator for seeding. That is /dev/urandom in Linux,
3820 system calls in Win32 and EGD on other systems.
3822 ** libgnutls: Corrected issue on the %SSL3_RECORD_VERSION priority string. It now
3823 works even when resuming a session.
3825 ** libgnutls: Added gnutls_certificate_set_retrieve_function() to replace the
3826 similar gnutls_certificate_set_server_retrieve_function() and
3827 gnutls_certificate_set_client_retrieve_function(). In addition it support
3828 PKCS #11 private keys.
3830 ** libgnutls: Added gnutls_pkcs11_copy_x509_crt(), gnutls_pkcs11_copy_x509_privkey(),
3831 and gnutls_pkcs11_delete_url() to allow copying and deleting data in tokens.
3833 ** libgnutls: Added gnutls_sec_param_to_pk_bits() et al. to allow select bit
3834 sizes for private keys using a human understandable scale.
3836 ** certtool: Added new options: --pkcs11-list-tokens, --pkcs11-list-all
3837 --pkcs11-list-all-certs, --pkcs11-list-trusted, --pkcs11-list-certs,
3838 --pkcs11-delete-url, --pkcs11-write
3840 certtool: The --pkcs-cipher is taken into account when generating a
3841 private key. The default cipher used now is aes-128. The old behavior can
3842 be simulated by specifying "--pkcs-cipher 3des-pkcs12".
3844 certtool: Added --certificate-pubkey to print the public key of the
3847 ** gnutls-cli/gnutls-serv: --x509cafile, --x509certfile and --x509keyfile
3848 can now accept a PKCS #11 URL in addition to a file. This will allow for
3849 example to use the Gnome-keyring trusted certificate list to verify
3850 connections using a url such as:
3851 pkcs11:token=Root%20CA%20Certificates;serial=1%3AROOTS%3ADEFAULT;model=1%2E0;manufacturer=Gnome%20Keyring
3853 ** API and ABI modifications:
3854 gnutls_certificate_set_server_retrieve_function: DEPRECATED
3855 gnutls_certificate_set_client_retrieve_function: DEPRECATED
3856 gnutls_sign_callback_set: DEPRECATED
3857 gnutls_global_set_mutex: ADDED
3858 gnutls_pubkey_get_preferred_hash_algorithm: ADDED
3859 gnutls_x509_crt_get_preferred_hash_algorithm: ADDED
3860 gnutls_x509_privkey_export_rsa_raw2: ADDED
3862 gnutls_sec_param_to_pk_bits: ADDED
3863 gnutls_pk_bits_to_sec_param: ADDED
3864 gnutls_sec_param_get_name: ADDED
3865 gnutls_pkcs11_type_get_name: ADDED
3866 gnutls_certificate_set_retrieve_function: ADDED
3867 gnutls_pkcs11_init: ADDED
3868 gnutls_pkcs11_deinit: ADDED
3869 gnutls_pkcs11_set_pin_function: ADDED
3870 gnutls_pkcs11_set_token_function: ADDED
3871 gnutls_pkcs11_add_provider: ADDED
3872 gnutls_pkcs11_obj_init: ADDED
3873 gnutls_pkcs11_obj_import_url: ADDED
3874 gnutls_pkcs11_obj_export_url: ADDED
3875 gnutls_pkcs11_obj_deinit: ADDED
3876 gnutls_pkcs11_obj_export: ADDED
3877 gnutls_pkcs11_obj_list_import_url: ADDED
3878 gnutls_pkcs11_obj_export: ADDED
3879 gnutls_x509_crt_import_pkcs11: ADDED
3880 gnutls_pkcs11_obj_get_type: ADDED
3881 gnutls_x509_crt_list_import_pkcs11: ADDED
3882 gnutls_x509_crt_import_pkcs11_url: ADDED
3883 gnutls_pkcs11_obj_get_info: ADDED
3884 gnutls_pkcs11_token_get_info: ADDED
3885 gnutls_pkcs11_token_get_url: ADDED
3886 gnutls_pkcs11_privkey_init: ADDED
3887 gnutls_pkcs11_privkey_deinit: ADDED
3888 gnutls_pkcs11_privkey_get_pk_algorithm: ADDED
3889 gnutls_pkcs11_privkey_get_info: ADDED
3890 gnutls_pkcs11_privkey_import_url: ADDED
3891 gnutls_pkcs11_privkey_sign_data: ADDED
3892 gnutls_pkcs11_privkey_sign_hash: ADDED
3893 gnutls_pkcs11_privkey_decrypt_data: ADDED
3894 gnutls_privkey_init: ADDED
3895 gnutls_privkey_deinit: ADDED
3896 gnutls_privkey_get_pk_algorithm: ADDED
3897 gnutls_privkey_get_type: ADDED
3898 gnutls_privkey_import_pkcs11: ADDED
3899 gnutls_privkey_import_x509: ADDED
3900 gnutls_privkey_import_openpgp: ADDED
3901 gnutls_privkey_sign_data: ADDED
3902 gnutls_privkey_sign_hash: ADDED
3903 gnutls_privkey_decrypt_data: ADDED
3904 gnutls_pkcs11_privkey_export_url: ADDED
3905 gnutls_x509_crq_privkey_sign: ADDED
3906 gnutls_x509_crl_privkey_sign: ADDED
3907 gnutls_x509_crt_privkey_sign: ADDED
3908 gnutls_pubkey_init: ADDED
3909 gnutls_pubkey_deinit: ADDED
3910 gnutls_pubkey_get_pk_algorithm: ADDED
3911 gnutls_pubkey_import_x509: ADDED
3912 gnutls_pubkey_import_openpgp: ADDED
3913 gnutls_pubkey_get_pk_rsa_raw: ADDED
3914 gnutls_pubkey_get_pk_dsa_raw: ADDED
3915 gnutls_pubkey_export: ADDED
3916 gnutls_pubkey_get_key_id: ADDED
3917 gnutls_pubkey_get_key_usage: ADDED
3918 gnutls_pubkey_verify_hash: ADDED
3919 gnutls_pubkey_get_verify_algorithm: ADDED
3920 gnutls_pkcs11_type_get_name: ADDED
3921 gnutls_pubkey_import_pkcs11_url: ADDED
3922 gnutls_pubkey_import: ADDED
3923 gnutls_pubkey_import_pkcs11: ADDED
3924 gnutls_pubkey_import_dsa_raw: ADDED
3925 gnutls_pubkey_import_rsa_raw: ADDED
3926 gnutls_x509_crt_set_pubkey: ADDED
3927 gnutls_x509_crq_set_pubkey: ADDED
3928 gnutls_pkcs11_copy_x509_crt: ADDED
3929 gnutls_pkcs11_copy_x509_privkey: ADDED
3930 gnutls_pkcs11_delete_url: ADDED
3932 * Version 2.10.1 (released 2010-07-25)
3934 ** libgnutls: Added support for broken certificates that indicate RSA
3937 ** gnutls-cli: Allow verification using V1 CAs.
3939 ** libgnutls: gnutls_x509_privkey_import() will fallback to
3940 gnutls_x509_privkey_import_pkcs8() without a password, if it
3941 is unable to decode the key.
3943 ** libgnutls: Correctly deinitialize crypto API functions to prevent
3944 a memory leak. Reported by Mads Kiilerich.
3946 ** certtool: If asked to generate DSA keys of size more than 1024 bits,
3947 issue a warning, that the output key might not be working everywhere.
3949 ** certtool: The --pkcs-cipher is taken into account when generating a
3950 private key. The default cipher used now is aes-128. The old behavior
3951 can be simulated by specifying "--pkcs-cipher 3des-pkcs12".
3953 ** API and ABI modifications:
3954 No changes since last version.
3956 * Version 2.10.0 (released 2010-06-25)
3958 ** API and ABI modifications:
3959 No changes since last version.
3961 * Version 2.9.12 (released 2010-06-17)
3963 ** gnutls-cli: Make --starttls work again.
3964 Problem introduced in patch to use read() instead of fgets() committed
3967 ** API and ABI modifications:
3968 No changes since last version.
3970 * Version 2.9.11 (released 2010-06-07)
3972 ** libgnutls: Removed two APIs related to safe renegotiation.
3973 Use priority strings instead. The APIs were
3974 gnutls_safe_negotiation_set_initial and gnutls_safe_renegotiation_set.
3975 (Remember that we don't promise ABI stability during development
3976 series, so this doesn't cause an shared library ABI increment.)
3978 ** tests: More self testing of safe renegotiation extension.
3979 See tests/safe-renegotiation/README for more information.
3981 ** doc: a PDF version of the API reference manual (GTK-DOC) is now built.
3983 ** doc: Terms 'GNUTLS' and 'GNU TLS' were changed to 'GnuTLS' for consistency.
3985 ** API and ABI modifications:
3986 gnutls_safe_negotiation_set_initial: REMOVED.
3987 gnutls_safe_renegotiation_set: REMOVED.
3989 * Version 2.9.10 (released 2010-04-22)
3991 ** libgnutls: Time verification extended to trusted certificate list.
3992 Unless new constant GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS flag is
3995 ** certtool: Display postalCode and Name X.509 DN attributes correctly.
3996 Based on patch by Pavan Konjarla. Adds new constant
3997 GNUTLS_OID_X520_POSTALCODE and GNUTLS_OID_X520_NAME.
3999 ** libgnutls: Added Steve Dispensa's patch for safe renegotiation (RFC 5746)
4000 Solves the issue discussed in:
4001 <http://www.ietf.org/mail-archive/web/tls/current/msg03928.html> and
4002 <http://www.ietf.org/mail-archive/web/tls/current/msg03948.html>.
4003 Note that to allow connecting to unpatched servers the full protection
4004 is only enabled if the priority string %SAFE_RENEGOTIATION is
4005 specified. You can check whether protection is in place by querying
4006 gnutls_safe_renegotiation_status(). New error codes
4007 GNUTLS_E_SAFE_RENEGOTIATION_FAILED and
4008 GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED added.
4010 ** libgnutls: When checking openpgp self signature also check the signatures
4012 Ilari Liusvaara noticed and reported the issue and provided test
4015 ** libgnutls: Added cryptodev support (/dev/crypto).
4016 Tested with http://www.logix.cz/michal/devel/cryptodev/. Added
4017 benchmark utility for AES. Adds new error codes
4018 GNUTLS_E_CRYPTODEV_IOCTL_ERROR and GNUTLS_E_CRYPTODEV_DEVICE_ERROR.
4020 ** libgnutls: Exported API to access encryption and hash algorithms.
4021 The new API functions are gnutls_cipher_decrypt, gnutls_cipher_deinit,
4022 gnutls_cipher_encrypt, gnutls_cipher_get_block_size,
4023 gnutls_cipher_init, gnutls_hash, gnutls_hash_deinit, gnutls_hash_fast,
4024 gnutls_hash_get_len, gnutls_hash_init, gnutls_hash_output,
4025 gnutls_hmac, gnutls_hmac_deinit, gnutls_hmac_fast,
4026 gnutls_hmac_get_len, gnutls_hmac_init, gnutls_hmac_output. New API
4027 constants are GNUTLS_MAC_SHA224 and GNUTLS_DIG_SHA224.
4029 ** libgnutls: Added gnutls_certificate_set_verify_function() to allow
4030 verification of certificate upon receipt rather than waiting until the
4031 end of the handshake.
4033 ** libgnutls: Don't send alerts during handshake.
4034 Instead new error code GNUTLS_E_UNKNOWN_SRP_USERNAME is added.
4036 ** certtool: Corrected two issues that affected certificate request generation.
4037 (1) Null padding is added on integers (found thanks to Wilankar Trupti),
4038 (2) In optional SignatureAlgorithm parameters field for DSA keys the DSA
4039 parameters were added. Those were rejected by Verisign. Gnutls no longer adds
4040 those parameters there since other implementations don't do either and having
4041 them does not seem to offer anything (anyway you need the signer's certificate
4042 to verify thus public key will be available). Found thanks to Boyan Kasarov.
4043 This however has the side-effect that public key IDs shown by certtool are
4044 now different than previous gnutls releases.
4045 (3) the option --pgp-certificate-info will verify self signatures
4047 ** certtool: Allow exporting of Certificate requests on DER format.
4049 ** certtool: New option --no-crq-extensions to avoid extensions in CSRs.
4051 ** gnutls-cli: Handle reading binary data from server.
4052 Reported by and tiny patch from Vitaly Mayatskikh
4053 <v.mayatskih@gmail.com> in
4054 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4096>.
4056 ** minitasn1: Upgraded to libtasn1 version 2.6.
4058 ** i18n: Updated Czech, Dutch, French, Polish, Swedish translation.
4059 ** Added Italian and Simplified Chinese translation.
4060 Thanks to Petr Pisar, Erwin Poeze, Nicolas Provost, Jakub Bogusz,
4061 Daniel Nylander, Sergio Zanchetta, Tao Wei, and Aron Xu.
4063 ** doc: The GTK-DOC manual is significantly improved.
4065 ** API and ABI modifications:
4066 %DISABLE_SAFE_RENEGOTIATION: Added to priority strings (do not use).
4067 %INITIAL_SAFE_RENEGOTIATION: Added to priority strings.
4068 %UNSAFE_RENEGOTIATION: Added to priority strings.
4069 GNUTLS_DIG_SHA224: ADDED.
4070 GNUTLS_E_CRYPTODEV_DEVICE_ERROR: ADDED.
4071 GNUTLS_E_CRYPTODEV_IOCTL_ERROR: ADDED.
4072 GNUTLS_E_SAFE_RENEGOTIATION_FAILED: ADDED.
4073 GNUTLS_E_UNKNOWN_SRP_USERNAME: ADDED.
4074 GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED: ADDED.
4075 GNUTLS_MAC_SHA224: ADDED.
4076 GNUTLS_OID_X520_NAME: ADDED.
4077 GNUTLS_OID_X520_POSTALCODE: ADDED.
4078 GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: ADDED.
4079 GNUTLS_VERSION_MAX: ADDED.
4080 gnutls_certificate_set_verify_function: ADDED.
4081 gnutls_cipher_decrypt: ADDED.
4082 gnutls_cipher_deinit: ADDED.
4083 gnutls_cipher_encrypt: ADDED.
4084 gnutls_cipher_get_block_size: ADDED.
4085 gnutls_cipher_init: ADDED.
4087 gnutls_hash_deinit: ADDED.
4088 gnutls_hash_fast: ADDED.
4089 gnutls_hash_get_len: ADDED.
4090 gnutls_hash_init: ADDED.
4091 gnutls_hash_output: ADDED.
4093 gnutls_hmac_deinit: ADDED.
4094 gnutls_hmac_fast: ADDED.
4095 gnutls_hmac_get_len: ADDED.
4096 gnutls_hmac_init: ADDED.
4097 gnutls_hmac_output: ADDED.
4098 gnutls_safe_negotiation_set_initial: ADDED.
4099 gnutls_safe_renegotiation_set: ADDED.
4100 gnutls_safe_renegotiation_status: ADDED.
4102 * Version 2.9.9 (released 2009-11-09)
4104 ** libgnutls: Cleanups and several bug fixes.
4105 Found by Steve Grubb and Tomas Mraz.
4107 ** Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv.
4109 ** Fix --disable-valgrind-tests.
4110 Reported by Ingmar Vanhassel in
4111 <https://savannah.gnu.org/support/?107029>.
4113 ** API and ABI modifications:
4114 No changes since last version.
4116 * Version 2.9.8 (released 2009-11-05)
4118 ** libgnutls: Fix for memory leaks on interrupted handshake.
4119 Reported by Tang Tong.
4121 ** libgnutls: Addition of support for TLS 1.2 signature algorithms
4122 ** extension and certificate verify field.
4123 This requires changes for TLS 1.2 servers and clients that use
4124 callbacks for certificate retrieval. They are now required to check
4125 with gnutls_sign_algorithm_get_requested() whether the certificate
4126 they send complies with the peer's preferences in signature
4129 ** libgnutls: In server side when resuming a session do not overwrite the
4130 ** initial session data with the resumed session data.
4132 ** libgnutls: Added support for AES-128, AES-192 and AES-256 in PKCS #8
4134 This affects also PKCS #12 encoded files. This adds the following new
4135 enums: GNUTLS_CIPHER_AES_192_CBC, GNUTLS_PKCS_USE_PBES2_AES_128,
4136 GNUTLS_PKCS_USE_PBES2_AES_192, GNUTLS_PKCS_USE_PBES2_AES_256.
4138 ** libgnutls: Fix PKCS#12 encoding.
4139 The error you would get was "The OID is not supported.". Problem
4140 introduced for the v2.8.x branch in 2.7.6.
4142 ** certtool: Added the --pkcs-cipher option.
4143 To explicitely specify the encryption algorithm to use.
4145 ** tests: Added "pkcs12_encode" self-test to check PKCS#12 functions.
4147 ** tests: Fix time bomb in chainverify self-test.
4148 Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
4149 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>.
4151 ** tests: Fix expired cert in chainverify self-test.
4153 ** i18n: Vietnamese translation updated.
4154 Thanks to Clytie Siddall.
4156 ** API and ABI modifications:
4157 GNUTLS_CIPHER_AES_192_CBC: ADDED to gnutls/gnutls.h.
4158 GNUTLS_PKCS_USE_PBES2_AES_128: ADDED to gnutls/x509.h.
4159 GNUTLS_PKCS_USE_PBES2_AES_192: ADDED to gnutls/x509.h.
4160 GNUTLS_PKCS_USE_PBES2_AES_256: ADDED to gnutls/x509.h.
4161 GNUTLS_BAG_SECRET: ADDED to gnutls/pkcs12.h.
4162 GNUTLS_DIG_UNKNOWN: ADDED to gnutls/gnutls.h.
4163 gnutls_sign_algorithm_get_requested: ADDED.
4165 * Version 2.9.7 (released 2009-10-06)
4167 ** libgnutls: TLS 1.2 server mode fixes.
4168 Now interoperates against Opera. Contributed by Daiki Ueno.
4170 ** libgnutlsxx: Fix link problems.
4171 Tiny patch from Boyan Kasarov <bkasarov@gmail.com>.
4173 ** guile: Compatibility with guile 2.x.
4174 By Ludovic Courtes <ludovic.courtes@laas.fr>.
4176 ** API and ABI modifications:
4177 No changes since last version.
4179 * Version 2.9.6 (released 2009-09-22)
4181 ** libgnutls: Enable Camellia ciphers by default.
4183 ** API and ABI modifications:
4184 No changes since last version.
4186 * Version 2.9.5 (released 2009-09-10)
4188 ** libgnutls: Add new functions to extract X.509 Issuer Alternative Names.
4189 The new functions are gnutls_x509_crt_get_issuer_alt_name2,
4190 gnutls_x509_crt_get_issuer_alt_name, and
4191 gnutls_x509_crt_get_issuer_alt_othername_oid. Contributed by Brad
4192 Hards <bradh@frogmouth.net>.
4194 ** API and ABI modifications:
4195 gnutls_x509_crt_get_issuer_alt_name2: ADDED.
4196 gnutls_x509_crt_get_issuer_alt_name: ADDED.
4197 gnutls_x509_crt_get_issuer_alt_othername_oid: ADDED.
4199 * Version 2.9.4 (released 2009-09-03)
4201 ** libgnutls: Client-side TLS 1.2 and SHA-256 ciphersuites now works.
4202 The new supported ciphersuites are AES-128/256 in CBC mode with
4203 ANON-DH/RSA/DHE-DSS/DHE-RSA. Contributed by Daiki Ueno. Further,
4204 SHA-256 is now the preferred default MAC (however it is only used with
4207 ** libgnutls: Make OpenPGP hostname checking work again.
4208 The patch to resolve the X.509 CN/SAN issue accidentally broken
4209 OpenPGP hostname comparison.
4211 ** libgnutls: When printing X.509 certificates, handle XMPP SANs better.
4212 Reported by Howard Chu <hyc@symas.com> in
4213 <https://savannah.gnu.org/support/?106975>.
4215 ** Fix use of deprecated types internally.
4216 Use of deprecated types in GnuTLS from now on will lead to a compile
4217 error, to prevent this from happening again.
4219 ** API and ABI modifications:
4220 No changes since last version.
4222 * Version 2.9.3 (released 2009-08-19)
4224 ** libgnutls: Support for TLS tickets was contributed by Daiki Ueno.
4225 The new APIs are gnutls_session_ticket_enable_client,
4226 gnutls_session_ticket_enable_server, and
4227 gnutls_session_ticket_key_generate.
4229 ** gnutls-cli, gnutls-serv: New parameter --noticket to disable TLS tickets.
4231 ** API and ABI modifications:
4232 gnutls_session_ticket_key_generate: ADDED.
4233 gnutls_session_ticket_enable_client: ADDED.
4234 gnutls_session_ticket_enable_server: ADDED.
4236 * Version 2.9.2 (released 2009-08-14)
4238 ** libgnutls: Fix problem with NUL bytes in X.509 CN and SAN fields.
4239 By using a NUL byte in CN/SAN fields, it was possible to fool GnuTLS
4240 into 1) not printing the entire CN/SAN field value when printing a
4241 certificate and 2) cause incorrect positive matches when matching a
4242 hostname against a certificate. Some CAs apparently have poor
4243 checking of CN/SAN values and issue these (arguable invalid)
4244 certificates. Combined, this can be used by attackers to become a
4245 MITM on server-authenticated TLS sessions. The problem is mitigated
4246 since attackers needs to get one certificate per site they want to
4247 attack, and the attacker reveals his tracks by applying for a
4248 certificate at the CA. It does not apply to client authenticated TLS
4249 sessions. Research presented independently by Dan Kaminsky and Moxie
4250 Marlinspike at BlackHat09. Thanks to Tomas Hoger <thoger@redhat.com>
4251 for providing one part of the patch. [GNUTLS-SA-2009-4] [CVE-2009-2730].
4253 ** libgnutls: Fix rare failure in gnutls_x509_crt_import.
4254 The function may fail incorrectly when an earlier certificate was
4255 imported to the same gnutls_x509_crt_t structure.
4257 ** minitasn1: Internal copy updated to libtasn1 v2.3.
4259 ** libgnutls: Fix return value of gnutls_certificate_client_get_request_status.
4260 Before it always returned false. Reported by Peter Hendrickson
4261 <pdh@wiredyne.com> in
4262 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3668>.
4264 ** libgnutls: Fix off-by-one size computation error in unknown DN printing.
4265 The error resulted in truncated strings when printing unknown OIDs in
4266 X.509 certificate DNs. Reported by Tim Kosse
4267 <tim.kosse@filezilla-project.org> in
4268 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3651>.
4270 ** libgnutls: Fix PKCS#12 decryption from password.
4271 The encryption key derived from the password was incorrect for (on
4272 average) 1 in every 128 input for random inputs. Reported by "Kukosa,
4273 Tomas" <tomas.kukosa@siemens-enterprise.com> in
4274 <http://permalink.gmane.org/gmane.network.gnutls.general/1663>.
4276 ** libgnutls: Return correct bit lengths of some MPIs.
4277 gnutls_dh_get_prime_bits, gnutls_rsa_export_get_modulus_bits, and
4278 gnutls_dh_get_peers_public_bits. Before the reported value was
4279 overestimated. Reported by Peter Hendrickson <pdh@wiredyne.com> in
4280 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3607>.
4282 ** libgnutls: Avoid internal error when invoked after GNUTLS_E_AGAIN.
4283 Report and patch by Tim Kosse <tim.kosse@filezilla-project.org> in
4284 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3671>
4286 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3670>.
4288 ** libgnutls: Relax checking of required libtasn1/libgcrypt versions.
4289 Before we required that the runtime library used the same (or more
4290 recent) libgcrypt/libtasn1 as it was compiled with. Now we just check
4291 that the runtime usage is above the minimum required. Reported by
4292 Marco d'Itri <md@linux.it> via Andreas Metzler
4293 <ametzler@downhill.at.eu.org> in <http://bugs.debian.org/540449>.
4295 ** tests: Added new self-test pkcs12_s2k_pem to detect MPI bit length error.
4297 ** tests: Improved test vectors in self-test pkcs12_s2k.
4299 ** tests: Added new self-test dn2 to detect off-by-one size error.
4301 ** tests: Fix failure in "chainverify" because a certificate have expired.
4303 ** API and ABI modifications:
4304 No changes since last version.
4306 * Version 2.9.1 (released 2009-06-08)
4308 ** libgnutls: Fix crash in gnutls_global_init after earlier init/deinit cycle.
4309 Forwarded by Martin von Gagern <Martin.vGagern@gmx.net> from
4310 <http://bugs.gentoo.org/272388>.
4312 ** tests: Added new self-tests init_roundtrip.c to detect previous problem.
4314 ** Reduce stack usage for some CRQ functions.
4316 ** Doc fixes for CRQ functions.
4318 ** API and ABI modifications:
4319 No changes since last version.
4321 * Version 2.9.0 (released 2009-05-28)
4325 ** API and ABI modifications:
4326 No changes since last version.
4328 * Version 2.8.6 (released 2010-03-15)
4330 ** libgnutls: For CSRs, don't null pad integers for RSA/DSA value.
4331 VeriSign rejected CSRs with this padding. Reported by Wilankar Trupti
4332 <trupti.wilankar@hp.com> and Boyan Kasarov <bkasarov@gmail.com>.
4334 Note: As a side effect of this change, the "public key identifier"
4335 value computed for a certificate using this version of GnuTLS will be
4336 different from values computed using earlier versions of GnuTLS.
4338 ** libgnutls: For CSRs on DSA keys, don't add DSA parameters to the
4339 ** optional SignatureAlgorithm parameter field.
4340 VeriSign rejected these CSRs. They are stricly speaking not needed
4341 since you need the signer's certificate to verify the certificate
4342 signature anyway. Reported by Wilankar Trupti
4343 <trupti.wilankar@hp.com> and Boyan Kasarov <bkasarov@gmail.com>.
4345 ** libgnutls: When checking openpgp self signature also check the signatures
4347 Ilari Liusvaara noticed and reported the issue and provided test
4350 ** libgnutls: Cleanups and several bug fixes.
4351 Found by Steve Grubb and Tomas Mraz.
4353 ** Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv.
4355 ** Fix --disable-valgrind-tests.
4356 Reported by Ingmar Vanhassel in
4357 <https://savannah.gnu.org/support/?107029>.
4359 ** examples: Use the new APIs for printing X.509 certificate information.
4361 ** Fix build failures on Solaris.
4362 Thanks to Dagobert Michelsen <dam@opencsw.org>.
4364 ** i18n: Updated Czech, Dutch, French, Polish, Swedish and Vietnamese
4365 ** translations. Added Simplified Chinese translation.
4367 ** API and ABI modifications:
4368 No changes since last version.
4370 * Version 2.8.5 (released 2009-11-02)
4372 ** libgnutls: In server side when resuming a session do not overwrite the
4373 ** initial session data with the resumed session data.
4375 ** libgnutls: Fix PKCS#12 encoding.
4376 The error you would get was "The OID is not supported.". Problem
4377 introduced for the v2.8.x branch in 2.7.6.
4379 ** guile: Compatibility with guile 2.x.
4380 By Ludovic Courtes <ludovic.courtes@laas.fr>.
4382 ** tests: Fix expired cert in chainverify self-test.
4384 ** tests: Fix time bomb in chainverify self-test.
4385 Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
4386 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>.
4388 ** API and ABI modifications:
4389 No changes since last version.
4391 * Version 2.8.4 (released 2009-09-18)
4393 ** libgnutls: Enable Camellia ciphers by default.
4395 ** libgnutls: Make OpenPGP hostname checking work again.
4396 The patch to resolve the X.509 CN/SAN issue accidentally broken
4397 OpenPGP hostname comparison.
4399 ** libgnutls: When printing X.509 certificates, handle XMPP SANs better.
4400 Reported by Howard Chu <hyc@symas.com> in
4401 <https://savannah.gnu.org/support/?106975>.
4403 ** API and ABI modifications:
4404 No changes since last version.
4406 * Version 2.8.3 (released 2009-08-13)
4408 ** libgnutls: Fix patch for NUL in CN/SAN in last release.
4409 Code intended to be removed would lead to an read-out-bound error in
4410 some situations. Reported by Tomas Hoger <thoger@redhat.com>. A CVE
4411 code have been allocated for the vulnerability: [CVE-2009-2730].
4413 ** libgnutls: Fix rare failure in gnutls_x509_crt_import.
4414 The function may fail incorrectly when an earlier certificate was
4415 imported to the same gnutls_x509_crt_t structure.
4417 ** libgnutls-extra, libgnutls-openssl: Fix MinGW cross-compiling build error.
4419 ** tests: Made self-test mini-eagain take less time.
4423 ** API and ABI modifications:
4424 No changes since last version.
4426 * Version 2.8.2 (released 2009-08-10)
4428 ** libgnutls: Fix problem with NUL bytes in X.509 CN and SAN fields.
4429 By using a NUL byte in CN/SAN fields, it was possible to fool GnuTLS
4430 into 1) not printing the entire CN/SAN field value when printing a
4431 certificate and 2) cause incorrect positive matches when matching a
4432 hostname against a certificate. Some CAs apparently have poor
4433 checking of CN/SAN values and issue these (arguable invalid)
4434 certificates. Combined, this can be used by attackers to become a
4435 MITM on server-authenticated TLS sessions. The problem is mitigated
4436 since attackers needs to get one certificate per site they want to
4437 attack, and the attacker reveals his tracks by applying for a
4438 certificate at the CA. It does not apply to client authenticated TLS
4439 sessions. Research presented independently by Dan Kaminsky and Moxie
4440 Marlinspike at BlackHat09. Thanks to Tomas Hoger <thoger@redhat.com>
4441 for providing one part of the patch. [GNUTLS-SA-2009-4].
4443 ** libgnutls: Fix return value of gnutls_certificate_client_get_request_status.
4444 Before it always returned false. Reported by Peter Hendrickson
4445 <pdh@wiredyne.com> in
4446 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3668>.
4448 ** libgnutls: Fix off-by-one size computation error in unknown DN printing.
4449 The error resulted in truncated strings when printing unknown OIDs in
4450 X.509 certificate DNs. Reported by Tim Kosse
4451 <tim.kosse@filezilla-project.org> in
4452 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3651>.
4454 ** libgnutls: Return correct bit lengths of some MPIs.
4455 gnutls_dh_get_prime_bits, gnutls_rsa_export_get_modulus_bits, and
4456 gnutls_dh_get_peers_public_bits. Before the reported value was
4457 overestimated. Reported by Peter Hendrickson <pdh@wiredyne.com> in
4458 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3607>.
4460 ** libgnutls: Avoid internal error when invoked after GNUTLS_E_AGAIN.
4461 Report and patch by Tim Kosse <tim.kosse@filezilla-project.org> in
4462 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3671>
4464 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3670>.
4466 ** libgnutls: Relax checking of required libtasn1/libgcrypt versions.
4467 Before we required that the runtime library used the same (or more
4468 recent) libgcrypt/libtasn1 as it was compiled with. Now we just check
4469 that the runtime usage is above the minimum required. Reported by
4470 Marco d'Itri <md@linux.it> via Andreas Metzler
4471 <ametzler@downhill.at.eu.org> in <http://bugs.debian.org/540449>.
4473 ** minitasn1: Internal copy updated to libtasn1 v2.3.
4475 ** tests: Fix failure in "chainverify" because a certificate have expired.
4477 ** API and ABI modifications:
4478 No changes since last version.
4480 * Version 2.8.1 (released 2009-06-10)
4482 ** libgnutls: Fix crash in gnutls_global_init after earlier init/deinit cycle.
4483 Forwarded by Martin von Gagern <Martin.vGagern@gmx.net> from
4484 <http://bugs.gentoo.org/272388>.
4486 ** libgnutls: Fix PKCS#12 decryption from password.
4487 The encryption key derived from the password was incorrect for (on
4488 average) 1 in every 128 input for random inputs. Reported by "Kukosa,
4489 Tomas" <tomas.kukosa@siemens-enterprise.com> in
4490 <http://permalink.gmane.org/gmane.network.gnutls.general/1663>.
4492 ** API and ABI modifications:
4493 No changes since last version.
4495 * Version 2.8.0 (released 2009-05-27)
4497 ** doc: Fix gnutls_dh_get_prime_bits. Fix error codes and algorithm lists.
4499 ** Major changes compared to the v2.4 branch:
4501 *** lib: Linker version scripts reduces number of exported symbols.
4503 *** lib: Limit exported symbols on systems without LD linker scripts.
4505 *** libgnutls: Fix namespace issue with version symbols.
4507 *** libgnutls: Add functions to verify a hash against a certificate.
4508 gnutls_x509_crt_verify_hash: ADDED
4509 gnutls_x509_crt_get_verify_algorithm: ADDED
4511 *** gnutls-serv: Listen on all interfaces, including both IPv4 and IPv6.
4513 *** i18n: The GnuTLS gettext domain is now 'libgnutls' instead of 'gnutls'.
4515 *** certtool: Query for multiple dnsName subjectAltName in interactive mode.
4517 *** gnutls-cli: No longer accepts V1 CAs by default during X.509 chain verify.
4519 *** gnutls-serv: No longer disable MAC padding by default.
4521 *** gnutls-cli: Certificate information output format changed.
4523 *** libgnutls: New priority strings %VERIFY_ALLOW_SIGN_RSA_MD5
4524 *** and %VERIFY_ALLOW_X509_V1_CA_CRT.
4526 *** libgnutls: gnutls_x509_crt_print prints signature algorithm in oneline mode.
4528 *** libgnutls: gnutls_openpgp_crt_print supports oneline mode.
4530 *** libgnutls: gnutls_handshake when sending client hello during a
4531 rehandshake, will not offer a version number larger than the current.
4533 *** libgnutls: New interface to get key id for certificate requests.
4534 gnutls_x509_crq_get_key_id: ADDED.
4536 *** libgnutls: gnutls_x509_crq_print will now also print public key id.
4538 *** certtool: --verify-chain now prints results of using library verification.
4540 *** libgnutls: Libgcrypt initialization changed.
4542 *** libgnutls: Small byte reads via gnutls_record_recv() optimized.
4544 *** gnutls-cli: Return non-zero exit code on error conditions.
4546 *** gnutls-cli: Corrected bug which caused a rehandshake request to be ignored.
4548 *** certtool: allow setting arbitrary key purpose object identifiers.
4550 *** libgnutls: Change detection of when to use a linker version script.
4551 Use --enable-ld-version-script or --disable-ld-version-script to
4552 override auto-detection logic.
4554 *** Fix warnings and build GnuTLS with more warnings enabled.
4556 *** New API to set X.509 credentials from PKCS#12 memory structure.
4557 gnutls_certificate_set_x509_simple_pkcs12_mem: ADDED
4559 *** Old libgnutls.m4 and libgnutls-config scripts removed.
4560 Please use pkg-config instead.
4562 *** libgnutls: Added functions to handle CRL extensions.
4563 gnutls_x509_crl_get_authority_key_id: ADDED
4564 gnutls_x509_crl_get_number: ADDED
4565 gnutls_x509_crl_get_extension_oid: ADDED
4566 gnutls_x509_crl_get_extension_info: ADDED
4567 gnutls_x509_crl_get_extension_data: ADDED
4568 gnutls_x509_crl_set_authority_key_id: ADDED
4569 gnutls_x509_crl_set_number: ADDED
4571 *** libgnutls: Added functions to handle X.509 extensions in Certificate
4573 gnutls_x509_crq_get_key_rsa_raw: ADDED
4574 gnutls_x509_crq_get_attribute_info: ADDED
4575 gnutls_x509_crq_get_attribute_data: ADDED
4576 gnutls_x509_crq_get_extension_info: ADDED
4577 gnutls_x509_crq_get_extension_data: ADDED
4578 gnutls_x509_crq_get_key_usage: ADDED
4579 gnutls_x509_crq_get_basic_constraints: ADDED
4580 gnutls_x509_crq_get_subject_alt_name: ADDED
4581 gnutls_x509_crq_get_subject_alt_othername_oid: ADDED
4582 gnutls_x509_crq_get_extension_by_oid: ADDED
4583 gnutls_x509_crq_set_subject_alt_name: ADDED
4584 gnutls_x509_crq_set_basic_constraints: ADDED
4585 gnutls_x509_crq_set_key_usage: ADDED
4586 gnutls_x509_crq_get_key_purpose_oid: ADDED
4587 gnutls_x509_crq_set_key_purpose_oid: ADDED
4588 gnutls_x509_crq_print: ADDED
4589 gnutls_x509_crt_set_crq_extensions: ADDED
4591 *** certtool: Print and set CRL and CRQ extensions.
4593 *** minitasn1: Internal copy updated to libtasn1 v2.1.
4595 *** examples: Now released into the public domain.
4597 *** The Texinfo and GTK-DOC manuals were improved.
4599 *** Several self-tests were added and others improved.
4601 *** API/ABI changes in GnuTLS 2.8 compared to GnuTLS 2.6.x
4602 No offically supported interfaces have been modified or removed. The
4603 library should be completely backwards compatible on both the source
4606 The shared library no longer exports some symbols that have never been
4607 officially supported, i.e., not mentioned in any of the header files.
4613 Normally when symbols are removed, the shared library version has to
4614 be incremented. This leads to a significant cost for everyone using
4615 the library. Because none of the above symbols have ever been
4616 intended for use by well-behaved applications, we decided that the it
4617 would be better for those applications to pay the price rather than
4618 incurring problems on the majority of applications.
4620 If it turns out that applications have been using unofficial
4621 interfaces, we will need to release a follow-on release on the v2.8
4622 branch to exports additional interfaces. However, initial testing
4623 suggests that few if any applications have been using any of the
4626 Although not a new change compared to 2.6.x, we'd like to remind you
4627 interfaces have been modified so that X.509 chain verification now
4628 also checks activation/expiration times on certificates. The affected
4631 gnutls_x509_crt_list_verify: CHANGED, checks activation/expiration times.
4632 gnutls_certificate_verify_peers: Likewise.
4633 gnutls_certificate_verify_peers2: Likewise.
4634 GNUTLS_CERT_NOT_ACTIVATED: ADDED.
4635 GNUTLS_CERT_EXPIRED: ADDED.
4636 GNUTLS_VERIFY_DISABLE_TIME_CHECKS: ADDED.
4638 This change in behaviour was made during the GnuTLS 2.6.x cycle, and
4639 we gave our rationale for it in earlier release notes.
4641 The following symbols have been added to the library:
4643 gnutls_certificate_set_x509_simple_pkcs12_mem: ADDED
4644 gnutls_x509_crl_get_authority_key_id: ADDED
4645 gnutls_x509_crl_get_extension_data: ADDED
4646 gnutls_x509_crl_get_extension_info: ADDED
4647 gnutls_x509_crl_get_extension_oid: ADDED
4648 gnutls_x509_crl_get_number: ADDED
4649 gnutls_x509_crl_set_authority_key_id: ADDED
4650 gnutls_x509_crl_set_number: ADDED
4651 gnutls_x509_crq_get_attribute_data: ADDED
4652 gnutls_x509_crq_get_attribute_info: ADDED
4653 gnutls_x509_crq_get_basic_constraints: ADDED
4654 gnutls_x509_crq_get_extension_by_oid: ADDED
4655 gnutls_x509_crq_get_extension_data: ADDED
4656 gnutls_x509_crq_get_extension_info: ADDED
4657 gnutls_x509_crq_get_key_id: ADDED.
4658 gnutls_x509_crq_get_key_purpose_oid: ADDED
4659 gnutls_x509_crq_get_key_rsa_raw: ADDED
4660 gnutls_x509_crq_get_key_usage: ADDED
4661 gnutls_x509_crq_get_subject_alt_name: ADDED
4662 gnutls_x509_crq_get_subject_alt_othername_oid: ADDED
4663 gnutls_x509_crq_print: ADDED
4664 gnutls_x509_crq_set_basic_constraints: ADDED
4665 gnutls_x509_crq_set_key_purpose_oid: ADDED
4666 gnutls_x509_crq_set_key_usage: ADDED
4667 gnutls_x509_crq_set_subject_alt_name: ADDED
4668 gnutls_x509_crt_get_verify_algorithm: ADDED
4669 gnutls_x509_crt_set_crq_extensions: ADDED
4670 gnutls_x509_crt_verify_hash: ADDED
4672 The following interfaces have been added to the header files:
4674 GNUTLS_VERSION: ADDED, replaces LIBGNUTLS_VERSION.
4675 GNUTLS_VERSION_MAJOR: ADDED, replaces LIBGNUTLS_VERSION_MAJOR.
4676 GNUTLS_VERSION_MINOR: ADDED, replaces LIBGNUTLS_VERSION_MINOR.
4677 GNUTLS_VERSION_PATCH: ADDED, replaces LIBGNUTLS_VERSION_PATCH.
4678 GNUTLS_VERSION_NUMBER: ADDED, replaces LIBGNUTLS_VERSION_NUMBER.
4679 GNUTLS_EXTRA_VERSION: ADDED, replaces LIBGNUTLS_EXTRA_VERSION.
4681 The following interfaces have been deprecated:
4683 LIBGNUTLS_VERSION: DEPRECATED.
4684 LIBGNUTLS_VERSION_MAJOR: DEPRECATED.
4685 LIBGNUTLS_VERSION_MINOR: DEPRECATED.
4686 LIBGNUTLS_VERSION_PATCH: DEPRECATED.
4687 LIBGNUTLS_VERSION_NUMBER: DEPRECATED.
4688 LIBGNUTLS_EXTRA_VERSION: DEPRECATED.
4690 * Version 2.7.14 (released 2009-05-26)
4692 ** libgnutls: Fix namespace issue with version symbol for libgnutls-extra.
4693 The symbol LIBGNUTLS_EXTRA_VERSION were renamed to
4694 GNUTLS_EXTRA_VERSION. The old symbol will continue to work but is
4697 ** Doc: Several typo fixes in documentation.
4698 Reported by Peter Hendrickson <pdh@wiredyne.com>.
4700 ** API and ABI modifications:
4701 GNUTLS_VERSION: ADDED, replaces LIBGNUTLS_EXTRA_VERSION.
4702 LIBGNUTLS_EXTRA_VERSION: DEPRECATED.
4704 * Version 2.7.13 (released 2009-05-25)
4706 ** libgnutls: Fix version of some exported symbols in the shared library.
4707 Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
4708 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3576>.
4710 ** tests: Handle recently expired certificates in chainverify self-test.
4711 Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
4712 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3580>.
4714 ** API and ABI modifications:
4715 No changes since last version.
4717 * Version 2.7.12 (released 2009-05-20)
4719 ** gnutls-serv, gnutls-cli-debug: Make them work on Windows.
4721 ** tests/crq_key_id: Don't read entropy from /dev/random in self-test.
4722 Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
4723 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3570>.
4725 ** Fix build failures.
4726 Missing sa_family_t and vsnprintf on IRIX. Reported by "Tom
4727 G. Christensen" <tgc@jupiterrise.com> in
4728 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3571>.
4730 ** minitasn1: Internal copy updated to libtasn1 v2.2.
4731 GnuTLS should work fine with libtasn1 v1.x and that is still
4734 ** API and ABI modifications:
4735 No changes since last version.
4737 * Version 2.7.11 (released 2009-05-18)
4739 ** minitasn1: Fix build failure when using internal libtasn1.
4740 Reported by "Tom G. Christensen" <tgc@jupiterrise.com> in
4741 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3548>.
4743 ** libgnutls: Fix build failure with --disable-cxx.
4744 Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
4745 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3557>.
4747 ** gnutls-serv: Fix build failure for unportable NI_MAXHOST/NI_MAXSERV.
4748 Reported by "Tom G. Christensen" <tgc@jupiterrise.com> in
4749 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3560>
4751 ** Building with many warning flags now requires --enable-gcc-warnings.
4752 This avoids crying wolf for normal compiles.
4754 ** API and ABI modifications:
4755 No changes since last version.
4757 * Version 2.7.10 (released 2009-05-13)
4759 ** examples: Now released into the public domain.
4760 This makes the license of the example code compatible with more
4761 licenses, including the (L)GPL.
4763 ** minitasn1: Internal copy updated to libtasn1 v2.1.
4764 GnuTLS should work fine with libtasn1 v1.x and that is still
4767 ** libgnutls: Fix crash in signature verification
4768 The fix for the CVE-2009-1415 problem wasn't merged completely.
4770 ** doc: Fixes for GTK-DOC output.
4772 ** API and ABI modifications:
4773 No changes since last version.
4775 * Version 2.7.9 (released 2009-05-11)
4777 ** doc: Fix strings in man page of gnutls_priority_init.
4779 ** doc: Fix tables of error codes and supported algorithms.
4781 ** Fix build failure when cross-compiled using MinGW.
4783 ** Fix build failure when LZO is enabled.
4784 Reported by Arfrever Frehtes Taifersar Arahesis
4785 <arfrever.fta@gmail.com> in
4786 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3522>.
4788 ** Fix build failure on systems without AF_INET6, e.g., Solaris 2.6.
4789 Reported by "Tom G. Christensen" <tgc@jupiterrise.com> in
4790 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3524>.
4792 ** Fix warnings in self-tests.
4794 ** API and ABI modifications:
4795 No changes since last version.
4797 * Version 2.7.8 (released 2009-05-03)
4799 ** libgnutls: Fix DSA key generation.
4800 Merged from stable branch. [GNUTLS-SA-2009-2] [CVE-2009-1416]
4802 ** libgnutls: Check expiration/activation time on untrusted certificates.
4803 Merged from stable branch. Reported by Romain Francoise
4804 <romain@orebokech.com>. This changes the semantics of
4805 gnutls_x509_crt_list_verify, which in turn is used by
4806 gnutls_certificate_verify_peers and gnutls_certificate_verify_peers2.
4807 We add two new gnutls_certificate_status_t codes for reporting the new
4808 error condition, GNUTLS_CERT_NOT_ACTIVATED and GNUTLS_CERT_EXPIRED.
4809 We also add a new gnutls_certificate_verify_flags flag,
4810 GNUTLS_VERIFY_DISABLE_TIME_CHECKS, that can be used to disable the new
4811 behaviour. [GNUTLS-SA-2009-3] [CVE-2009-1417]
4813 ** lib: Linker version scripts reduces number of exported symbols.
4814 The linker version script now lists all exported ABIs explicitly, to
4815 avoid accidentally exporting unintended functions. Compared to
4816 before, most symbols beginning with _gnutls* are no longer exported.
4817 These functions have never been intended for use by applications, and
4818 there were no prototypes for these function in the public header
4819 files. Thus we believe it is possible to do this without incrementing
4820 the library ABI version which normally has to be done when removing an
4823 ** lib: Limit exported symbols on systems without LD linker scripts.
4824 Before all symbols were exported. Now we limit the exported symbols
4825 to (for libgnutls and libgnutls-extra) gnutls* and (for libgnutls)
4826 _gnutls*. This is a superset of the actual supported ABI, but still
4827 an improvement compared to before. This is implemented using Libtool
4828 -export-symbols-regex. It is more portable than linker version
4831 ** libgnutls: Incremented CURRENT/AGE libtool version to reflect new symbols.
4832 This should have been done in the last release.
4834 ** gnutls-serv: Listen on all interfaces, including both IPv4 and IPv6.
4835 Reported by Peter Hendrickson <pdh@wiredyne.com> in
4836 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3476>.
4838 ** doc: Improved sections for the info manual.
4839 We now follow the advice given by the texinfo manual on which
4840 directory categories to use. In particular, libgnutls moved from the
4841 'GNU Libraries' section to the 'Software libraries' and the command
4842 line tools moved from 'Network Applications' to 'System
4845 ** API and ABI modifications:
4846 gnutls_x509_crt_list_verify: CHANGED, checks activation/expiration times.
4847 gnutls_certificate_verify_peers: Likewise.
4848 gnutls_certificate_verify_peers2: Likewise.
4849 GNUTLS_CERT_NOT_ACTIVATED: ADDED.
4850 GNUTLS_CERT_EXPIRED: ADDED.
4851 GNUTLS_VERIFY_DISABLE_TIME_CHECKS: ADDED.
4853 * Version 2.7.7 (released 2009-04-20)
4855 ** libgnutls: Applied patch by Cedric Bail to add functions
4856 gnutls_x509_crt_verify_hash() and gnutls_x509_crt_get_verify_algorithm().
4858 ** gnutls.pc: Add -ltasn1 to 'pkg-config --libs --static gnutls' output.
4859 Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
4860 <http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3467>.
4862 ** minitasn1: Internal copy updated to libtasn1 v1.8.
4863 GnuTLS is also internally ready to be used with libtasn1 v2.0.
4865 ** doc: Fix build failure of errcodes/printlist.
4866 Reported by Roman Bogorodskiy <novel@FreeBSD.org> in
4867 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3435>.
4869 ** i18n: The GnuTLS gettext domain is now 'libgnutls' instead of 'gnutls'.
4870 It is currently only used by the core library. This will enable a new
4871 domain 'gnutls' for translations of the command line tools.
4873 ** Corrected possible memory corruption on signature verification failure.
4874 Reported by Miroslav Kratochvil <exa.exa@gmail.com>
4876 ** API and ABI modifications:
4877 gnutls_x509_crt_verify_hash: ADDED
4878 gnutls_x509_crt_get_verify_algorithm: ADDED
4880 * Version 2.7.6 (released 2009-02-27)
4882 ** certtool: Query for multiple dnsName subjectAltName in interactive mode.
4883 This applies both to generating certificates and certificate requests.
4885 ** pkix.asn: Removed unneeded definitions to reduce memory usage.
4887 ** gnutls-cli: No longer accepts V1 CAs by default during X.509 chain verify.
4888 Use --priority NORMAL:%VERIFY_ALLOW_X509_V1_CA_CRT to permit V1 CAs to
4889 be used for chain verification.
4891 ** gnutls-serv: No longer disable MAC padding by default.
4892 Use --priority NORMAL:%COMPAT to disable MAC padding again.
4894 ** gnutls-cli: Certificate information output format changed.
4895 The tool now uses libgnutls' functions to print certificate
4896 information. This avoids code duplication.
4898 ** libgnutls: New priority strings %VERIFY_ALLOW_SIGN_RSA_MD5
4899 ** and %VERIFY_ALLOW_X509_V1_CA_CRT.
4900 They can be used to override the default certificate chain validation
4903 ** libgnutls: Added %SSL3_RECORD_VERSION priority string that allows to
4904 specify the client hello message record version. Used to overcome buggy
4905 TLS servers. Report by Martin von Gagern.
4907 ** libgnutls: gnutls_x509_crt_print prints signature algorithm in oneline mode.
4909 ** libgnutls: gnutls_openpgp_crt_print supports oneline mode.
4911 ** doc: Update gnutls-cli and gnutls-serv --help output descriptions.
4913 ** API and ABI modifications:
4914 No changes since last version.
4916 * Version 2.7.5 (released 2009-02-06)
4918 ** libgnutls: Accept chains where intermediary certs are trusted.
4919 Before GnuTLS needed to validate the entire chain back to a
4920 self-signed certificate. GnuTLS will now stop looking when it has
4921 found an intermediary trusted certificate. The new behaviour is
4922 useful when chains, for example, contains a top-level CA, an
4923 intermediary CA signed using RSA-MD5, and an end-entity certificate.
4924 To avoid chain validation errors due to the RSA-MD5 cert, you can
4925 explicitly add the intermediary RSA-MD5 cert to your trusted certs.
4926 The signature on trusted certificates are not checked, so the chain
4927 has a chance to validate correctly. Reported by "Douglas E. Engert"
4928 <deengert@anl.gov> in
4929 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.
4931 ** libgnutls: result_size in gnutls_hex_encode now holds
4932 the size of the result. Report by John Brooks <special@dereferenced.net>.
4934 ** libgnutls: gnutls_handshake when sending client hello during a
4935 rehandshake, will not offer a version number larger than the current.
4936 Reported by Tristan Hill <stan@saticed.me.uk>.
4938 ** libgnutls: Permit V1 Certificate Authorities properly.
4939 Before they were mistakenly rejected even though
4940 GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
4941 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied. Reported by
4942 "Douglas E. Engert" <deengert@anl.gov> in
4943 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.
4945 ** API and ABI modifications:
4946 No changes since last version.
4948 * Version 2.7.4 (released 2009-01-07)
4950 ** libgnutls: deprecate X.509 validation chains using MD5 and MD2 signatures.
4951 This is a bugfix -- the previous attempt to do this from internal x509
4952 certificate verification procedures did not return the correct value
4953 for certificates using a weak hash. Reported by Daniel Kahn Gillmor
4954 <dkg@fifthhorseman.net> in
4955 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3332>,
4956 debugged and patch by Tomas Mraz <tmraz@redhat.com> and Daniel Kahn
4957 Gillmor <dkg@fifthhorseman.net>.
4959 ** libgnutls: New interface to get key id for certificate requests.
4960 Patch from David MarÃn Carreño <davefx@gmail.com> in
4961 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3321>.
4963 ** libgnutls: gnutls_x509_crq_print will now also print public key id.
4965 ** certtool: --verify-chain now prints results of using library verification.
4966 Earlier, certtool --verify-chain used its own validation algorithm
4967 which wasn't guaranteed to give the same result as the libgnutls
4968 internal validation algorithm. Now this command print a new final
4969 line with header 'Chain verification output:' that contains the result
4970 from using the internal verification algorithm on the same chain.
4972 ** tests: Add crq_key_id self-test of gnutls_x509_crq_get_key_id.
4974 ** API and ABI modifications:
4975 gnutls_x509_crq_get_key_id: ADDED.
4977 * Version 2.7.3 (released 2008-12-10)
4979 ** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
4980 Reported by Michael Kiefer <Michael-Kiefer@web.de> in
4981 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
4982 Andreas Metzler <ametzler@downhill.at.eu.org> in
4983 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.
4985 ** libgnutls: Libgcrypt initialization changed.
4986 If libgcrypt has not already been initialized, GnuTLS will now
4987 initialize libgcrypt with disabled secure memory. Initialize
4988 libgcrypt explicitly in your application if you want to enable secure
4989 memory. Before GnuTLS initialized libgcrypt to use GnuTLS's memory
4990 allocation functions, which doesn't use secure memory, so there is no
4991 real change in behaviour.
4993 ** libgnutls: Fix memory leak in PSK authentication.
4994 Reported by Michael Weiser <michael@weiser.dinsnail.net> in
4995 <http://permalink.gmane.org/gmane.network.gnutls.general/1465>.
4997 ** libgnutls: Small byte reads via gnutls_record_recv() optimized.
4999 ** certtool: Move gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0) call earlier.
5000 It needs to be invoked before libgcrypt is initialized.
5002 ** gnutls-cli: Return non-zero exit code on error conditions.
5004 ** gnutls-cli: Corrected bug which caused a rehandshake request to be ignored.
5006 ** tests: Added chainverify self-test that tests X.509 chain verifications.
5008 ** API and ABI modifications:
5009 No changes since last version.
5011 * Version 2.7.2 (released 2008-11-18)
5013 ** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3]
5014 The flaw makes it possible for man in the middle attackers (i.e.,
5015 active attackers) to assume any name and trick GnuTLS clients into
5016 trusting that name. Thanks for report and analysis from Martin von
5017 Gagern <Martin.vGagern@gmx.net>. [CVE-2008-4989]
5019 Any updates with more details about this vulnerability will be added
5020 to <https://www.gnu.org/software/gnutls/security.html>
5022 ** libgnutls: Fix namespace issue with version symbols.
5023 The symbols LIBGNUTLS_VERSION, LIBGNUTLS_VERSION_MAJOR,
5024 LIBGNUTLS_VERSION_MINOR, LIBGNUTLS_VERSION_PATCH, and
5025 LIBGNUTLS_VERSION_NUMBER were renamed to GNUTLS_VERSION_NUMBER,
5026 GNUTLS_VERSION_MAJOR, GNUTLS_VERSION_MINOR, GNUTLS_VERSION_PATCH, and
5027 GNUTLS_VERSION_NUMBER respectively. The old symbols will continue to
5028 work but are deprecated.
5030 ** certtool: allow setting arbitrary key purpose object identifiers.
5032 ** libgnutls: Fix detection of C99 macros, to make debug logging work again.
5034 ** libgnutls: Add missing prototype for gnutls_srp_set_prime_bits.
5035 Reported by Kevin Quick <quick@sparq.org> in
5036 <https://savannah.gnu.org/support/index.php?106454>.
5038 ** libgnutls-extra: Make building with LZO compression work again.
5039 Build failure reported by Arfrever Frehtes Taifersar Arahesis
5040 <arfrever.fta@gmail.com> in
5041 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3194>.
5043 ** libgnutls: Change detection of when to use a linker version script.
5044 Use --enable-ld-version-script or --disable-ld-version-script to
5045 override auto-detection logic.
5047 ** doc: Change license on the manual to GFDLv1.3+.
5049 ** doc: GTK-DOC fixes for new splitted configuration system.
5051 ** doc: Texinfo stylesheet uses white background.
5053 ** tests: Add cve-2008-4989.c self-test.
5054 Tests regressions of the GNUTLS-SA-2008-3 security problem, and the
5055 follow-on problem with crashes on length 1 certificate chains.
5057 ** gnulib: Deprecated modules removed.
5058 Modules include memchr and memcmp.
5060 ** Fix warnings and build GnuTLS with more warnings enabled.
5062 ** minitasn1: Internal copy updated to libtasn1 v1.7.
5064 ** API and ABI modifications:
5065 gnutls_certificate_set_x509_simple_pkcs12_mem: ADDED
5066 GNUTLS_VERSION: ADDED, replaces LIBGNUTLS_VERSION.
5067 GNUTLS_VERSION_MAJOR: ADDED, replaces LIBGNUTLS_VERSION_MAJOR.
5068 GNUTLS_VERSION_MINOR: ADDED, replaces LIBGNUTLS_VERSION_MINOR.
5069 GNUTLS_VERSION_PATCH: ADDED, replaces LIBGNUTLS_VERSION_PATCH.
5070 GNUTLS_VERSION_NUMBER: ADDED, replaces LIBGNUTLS_VERSION_NUMBER.
5071 LIBGNUTLS_VERSION: DEPRECATED.
5072 LIBGNUTLS_VERSION_MAJOR: DEPRECATED.
5073 LIBGNUTLS_VERSION_MINOR: DEPRECATED.
5074 LIBGNUTLS_VERSION_PATCH: DEPRECATED.
5075 LIBGNUTLS_VERSION_NUMBER: DEPRECATED.
5077 * Version 2.7.1 (released 2008-10-31)
5079 ** certtool: print a PKCS #8 key even if it is not encrypted.
5081 ** Old libgnutls.m4 and libgnutls-config scripts removed.
5082 Please use pkg-config instead.
5084 ** Configuration system modified.
5085 There is now a configure script in lib/ and libextra/ as well, because
5086 gnulib works better with a config.h per gnulib directory.
5088 ** API and ABI modifications:
5089 No changes since last version.
5091 * Version 2.7.0 (released 2008-10-16)
5093 ** libgnutls: Added functions to handle CRL extensions.
5095 ** libgnutls: Added functions to handle X.509 extensions in Certificate
5098 ** libgnutls: Improved error string for GNUTLS_E_AGAIN.
5099 Suggested by "Lavrentiev, Anton (NIH/NLM/NCBI) [C]" <lavr@ncbi.nlm.nih.gov>.
5101 ** certtool: Print and set CRL and CRQ extensions.
5103 ** libgnutls-extra: Protect internal symbols with static.
5104 Fixes problem when linking certtool statically. Tiny patch from Aaron
5105 Ucko <ucko@ncbi.nlm.nih.gov>.
5107 ** libgnutls-openssl: fix out of bounds access.
5108 Problem in X509_get_subject_name and X509_get_issuer_name. Tiny patch
5109 from Thomas Viehmann <tv@beamnet.de>.
5111 ** libgnutlsxx: Define server_session::get_srp_username even if no SRP.
5113 ** tests: Make tests compile when using internal libtasn1.
5114 Patch by ludo@gnu.org (Ludovic Courtès).
5116 ** Changed detection of libtasn1 and libgcrypt to avoid depending on *-config.
5117 We now require a libgcrypt that has Camellia constants declared in
5118 gcrypt.h, which means v1.3.0 or later.
5120 ** API and ABI modifications:
5121 gnutls_x509_crl_get_authority_key_id: ADDED
5122 gnutls_x509_crl_get_number: ADDED
5123 gnutls_x509_crl_get_extension_oid: ADDED
5124 gnutls_x509_crl_get_extension_info: ADDED
5125 gnutls_x509_crl_get_extension_data: ADDED
5126 gnutls_x509_crl_set_authority_key_id: ADDED
5127 gnutls_x509_crl_set_number: ADDED
5128 gnutls_x509_crq_get_key_rsa_raw: ADDED
5129 gnutls_x509_crq_get_attribute_info: ADDED
5130 gnutls_x509_crq_get_attribute_data: ADDED
5131 gnutls_x509_crq_get_extension_info: ADDED
5132 gnutls_x509_crq_get_extension_data: ADDED
5133 gnutls_x509_crq_get_key_usage: ADDED
5134 gnutls_x509_crq_get_basic_constraints: ADDED
5135 gnutls_x509_crq_get_subject_alt_name: ADDED
5136 gnutls_x509_crq_get_subject_alt_othername_oid: ADDED
5137 gnutls_x509_crq_get_extension_by_oid: ADDED
5138 gnutls_x509_crq_set_subject_alt_name: ADDED
5139 gnutls_x509_crq_set_basic_constraints: ADDED
5140 gnutls_x509_crq_set_key_usage: ADDED
5141 gnutls_x509_crq_get_key_purpose_oid: ADDED
5142 gnutls_x509_crq_set_key_purpose_oid: ADDED
5143 gnutls_x509_crq_print: ADDED
5144 gnutls_x509_crt_set_crq_extensions: ADDED
5146 * Version 2.6.6 (released 2009-04-30)
5148 ** libgnutls: Corrected double free on signature verification failure.
5149 Reported by Miroslav Kratochvil <exa.exa@gmail.com>. See the advisory
5150 for more details. [GNUTLS-SA-2009-1] [CVE-2009-1415]
5152 ** libgnutls: Fix DSA key generation.
5153 Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All
5154 DSA keys generated using GnuTLS 2.6.x are corrupt. See the advisory
5155 for more details. [GNUTLS-SA-2009-2] [CVE-2009-1416]
5157 ** libgnutls: Check expiration/activation time on untrusted certificates.
5158 Reported by Romain Francoise <romain@orebokech.com>. Before the
5159 library did not check activation/expiration times on certificates, and
5160 was documented as not doing so. We have realized that many
5161 applications that use libgnutls, including gnutls-cli, fail to perform
5162 proper checks. Implementing similar logic in all applications leads
5163 to code duplication. Hence, we decided to check whether the current
5164 time (as reported by the time function) is within the
5165 activation/expiration period of certificates when verifying untrusted
5168 This changes the semantics of gnutls_x509_crt_list_verify, which in
5169 turn is used by gnutls_certificate_verify_peers and
5170 gnutls_certificate_verify_peers2. We add two new
5171 gnutls_certificate_status_t codes for reporting the new error
5172 condition, GNUTLS_CERT_NOT_ACTIVATED and GNUTLS_CERT_EXPIRED. We also
5173 add a new gnutls_certificate_verify_flags flag,
5174 GNUTLS_VERIFY_DISABLE_TIME_CHECKS, that can be used to disable the new
5177 More details about the vulnerabilities will be posted at
5178 <https://www.gnu.org/software/gnutls/security.html>.
5180 ** gnutls-cli, gnutls-cli-debug: Fix AIX build problem.
5181 Reported by LAUPRETRE François (P) <francois.laupretre@ratp.fr> in
5182 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3468>.
5184 ** tests: Fix linking of tests/openpgp/keyring self-test.
5185 Reported by Daniel Black in <https://savannah.gnu.org/support/?106543>.
5187 ** API and ABI modifications:
5188 gnutls_x509_crt_list_verify: CHANGED, checks activation/expiration times.
5189 gnutls_certificate_verify_peers: Likewise.
5190 gnutls_certificate_verify_peers2: Likewise.
5191 GNUTLS_CERT_NOT_ACTIVATED: ADDED.
5192 GNUTLS_CERT_EXPIRED: ADDED.
5193 GNUTLS_VERIFY_DISABLE_TIME_CHECKS: ADDED.
5195 * Version 2.6.5 (released 2009-04-11)
5197 ** libgnutls: Added %SSL3_RECORD_VERSION priority string that allows to
5198 specify the client hello message record version. Used to overcome buggy
5199 TLS servers. Report by Martin von Gagern.
5201 ** GnuTLS no longer uses the libtasn1-config script to find libtasn1.
5202 Libtasn1 0.3.4 or later is required. This is to align with the
5203 upcoming libtasn1 v2.0 release that doesn't have a libtasn1-script.
5205 ** API and ABI modifications:
5206 No changes since last version.
5208 * Version 2.6.4 (released 2009-02-06)
5210 ** libgnutls: Accept chains where intermediary certs are trusted.
5211 Before GnuTLS needed to validate the entire chain back to a
5212 self-signed certificate. GnuTLS will now stop looking when it has
5213 found an intermediary trusted certificate. The new behaviour is
5214 useful when chains, for example, contains a top-level CA, an
5215 intermediary CA signed using RSA-MD5, and an end-entity certificate.
5216 To avoid chain validation errors due to the RSA-MD5 cert, you can
5217 explicitly add the intermediary RSA-MD5 cert to your trusted certs.
5218 The signature on trusted certificates are not checked, so the chain
5219 has a chance to validate correctly. Reported by "Douglas E. Engert"
5220 <deengert@anl.gov> in
5221 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.
5223 ** libgnutls: result_size in gnutls_hex_encode now holds
5224 the size of the result. Report by John Brooks <special@dereferenced.net>.
5226 ** libgnutls: gnutls_handshake when sending client hello during a
5227 rehandshake, will not offer a version number larger than the current.
5228 Reported by Tristan Hill <stan@saticed.me.uk>.
5230 ** libgnutls: Permit V1 Certificate Authorities properly.
5231 Before they were mistakenly rejected even though
5232 GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
5233 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied. Reported by
5234 "Douglas E. Engert" <deengert@anl.gov> in
5235 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.
5237 ** libgnutls: deprecate X.509 validation chains using MD5 and MD2 signatures.
5238 This is a bugfix -- the previous attempt to do this from internal x509
5239 certificate verification procedures did not return the correct value
5240 for certificates using a weak hash. Reported by Daniel Kahn Gillmor
5241 <dkg@fifthhorseman.net> in
5242 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3332>,
5243 debugged and patch by Tomas Mraz <tmraz@redhat.com> and Daniel Kahn
5244 Gillmor <dkg@fifthhorseman.net>.
5246 ** libgnutls: Fix compile error with Sun CC.
5247 Reported by Jeff Cai <jeff.cai@sun.com> in
5248 <https://savannah.gnu.org/support/?106549>.
5250 ** API and ABI modifications:
5251 No changes since last version.
5253 * Version 2.6.3 (released 2008-12-12)
5255 ** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
5256 Reported by Michael Kiefer <Michael-Kiefer@web.de> in
5257 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
5258 Andreas Metzler <ametzler@downhill.at.eu.org> in
5259 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.
5261 ** libgnutls: Fix memory leak in PSK authentication.
5262 Reported by Michael Weiser <michael@weiser.dinsnail.net> in
5263 <http://permalink.gmane.org/gmane.network.gnutls.general/1465>.
5265 ** certtool: Move gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0) call earlier.
5266 It needs to be invoked before libgcrypt is initialized.
5268 ** gnutls-cli: Return non-zero exit code on error conditions.
5270 ** gnutls-cli: Corrected bug which caused a rehandshake request to be ignored.
5272 ** API and ABI modifications:
5273 No changes since last version.
5275 * Version 2.6.2 (released 2008-11-12)
5277 ** libgnutls: Fix crash in X.509 validation code for self-signed certificates.
5278 The patch to fix the security problem GNUTLS-SA-2008-3 introduced a
5279 problem for certificate chains that contained just one self-signed
5280 certificate. Reported by Michael Meskes <meskes@debian.org> in
5281 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.
5283 ** API and ABI modifications:
5284 No changes since last version.
5286 * Version 2.6.1 (released 2008-11-10)
5288 ** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3]
5289 The flaw makes it possible for man in the middle attackers (i.e.,
5290 active attackers) to assume any name and trick GnuTLS clients into
5291 trusting that name. Thanks for report and analysis from Martin von
5292 Gagern <Martin.vGagern@gmx.net>. [CVE-2008-4989]
5294 Any updates with more details about this vulnerability will be added
5295 to <https://www.gnu.org/software/gnutls/security.html>
5297 ** libgnutls: Add missing prototype for gnutls_srp_set_prime_bits.
5298 Reported by Kevin Quick <quick@sparq.org> in
5299 <https://savannah.gnu.org/support/index.php?106454>.
5301 ** libgnutls-extra: Protect internal symbols with static.
5302 Fixes problem when linking certtool statically. Tiny patch from Aaron
5303 Ucko <ucko@ncbi.nlm.nih.gov>.
5305 ** libgnutls-openssl: Fix patch against X509_get_issuer_name.
5306 It incorrectly returned the subject DN instead of issuer DN in v2.6.0.
5307 Thanks to Thomas Viehmann <tv@beamnet.de> for report.
5309 ** certtool: Print a PKCS #8 key even if it is not encrypted.
5311 ** tests: Make tests compile when using internal libtasn1.
5312 Patch by ludo@gnu.org (Ludovic Courtès).
5314 ** API and ABI modifications:
5315 No changes since last version.
5317 * Version 2.6.0 (released 2008-10-06)
5319 ** libgnutls: Correct printing and parsing of IPv6 addresses.
5321 ** libgnutls-openssl: fix out of bounds access.
5322 Problem in X509_get_subject_name and X509_get_issuer_name. Tiny patch
5323 from Thomas Viehmann <tv@beamnet.de>.
5325 ** certtool: Use inet_pton for parsing IPv6 addresses.
5327 ** Major changes compared to the v2.4 branch:
5329 *** Added API to replace and update the crypto backend.
5331 *** certtool: can add several subject alternative names via template file.
5333 *** opencdk: Parse (but not decrypt) encrypted secret keys.
5335 *** libgnutls: gnutls_x509_crt_set_subject_alt_name() was added that can
5336 either set or append alternative names. It can also handle binary structures
5337 such as IP addresses.
5339 *** libgnutls: New function to set minimum acceptable SRP bits.
5340 The function is gnutls_srp_set_prime_bits.
5342 *** libgnutls: Add interface to deal with public key and signature algorithms.
5343 The functions are called gnutls_pk_list, gnutls_pk_get_id,
5344 gnutls_sign_list, and gnutls_sign_get_id.
5346 *** libgnutls: New interfaces to get name of public key and signing algorithms.
5347 The functions are gnutls_sign_get_name and gnutls_pk_get_name.
5349 *** libgnutls: New API to get a string corresponding to a error symbol.
5350 The function is gnutls_strerror_name.
5352 *** libgnutls: New API to set the public parameters in a certificate request
5353 *** from a private key.
5354 The function is gnutls_x509_crq_set_key_rsa_raw.
5356 *** libgnutls: New API to set a callback to extract TLS Finished data.
5357 The function to register is gnutls_session_set_finished_function and
5358 it takes a callback of the gnutls_finished_callback_func type.
5360 *** libgnutls: Fix namespace problem with TLS_MASTER_SIZE and TLS_RANDOM_SIZE.
5362 *** libgnutls: New interface to register a new TLS extension handler.
5363 The new function gnutls_ext_register can be used to register handlers
5364 for specific TLS extension types. The callback functions have the new
5365 types gnutls_ext_recv_func and gnutls_ext_send_func. A type to
5366 classify TLS extensions, gnutls_ext_parse_type_t, has been added as
5369 *** libgnutls-extra: Add function to work with Libgcrypt in FIPS mode.
5370 The function is gnutls_register_md5_handler. When libgcrypt is in
5371 FIPS mode, MD5 is disabled, but TLS normally requires use of MD5 in
5374 *** API/ABI changes in GnuTLS 2.6
5375 No functions have been removed or modified. The library should be
5376 fully backwards compatible on both the source and binary level.
5378 A new header file <gnutls/crypto.h> have been added. It contains
5379 definitions related to replacing the internal crypto functionality.
5380 All definitions and the header itself is experimental but supported.
5382 We have realized that the symbols TLS_MASTER_SIZE and TLS_RANDOM_SIZE
5383 does not use the normal namespace. We have added GNUTLS_MASTER_SIZE
5384 and GNUTLS_RANDOM_SIZE, but the old symbols are still defined.
5386 The following functions have been added to libgnutls:
5390 gnutls_crypto_bigint_register2
5391 gnutls_crypto_cipher_register2
5392 gnutls_crypto_digest_register2
5393 gnutls_crypto_mac_register2
5394 gnutls_crypto_pk_register2
5395 gnutls_crypto_rnd_register2
5396 gnutls_crypto_single_cipher_register2
5397 gnutls_crypto_single_digest_register2
5398 gnutls_crypto_single_mac_register2
5403 gnutls_session_set_finished_function
5405 gnutls_sign_get_name
5407 gnutls_srp_set_prime_bits:
5408 gnutls_strerror_name
5409 gnutls_x509_crq_set_key_rsa_raw
5410 gnutls_x509_crt_set_crl_dist_points2
5411 gnutls_x509_crt_set_subject_alt_name
5413 The following functions have been added to libgnutls-extra:
5415 gnutls_register_md5_handler
5417 ** API and ABI modifications:
5418 No changes since last version.
5420 * Version 2.5.9 (released 2008-09-29)
5422 ** libgnutls: Fix several memory leaks.
5423 Reported by Sam Varshavchik <mrsam@courier-mta.com>.
5425 ** libgnutls: Fix buffer overrun in gnutls_x509_crt_list_import.
5426 Report and patch by Jonathan Manktelow.
5428 ** libgnutls: crypto.h gnutls_pk_params_st changes allocation strategy.
5429 The parameters are now allocated in the structure itself.
5431 ** doc: Texinfo HTML manual uses a stylesheet to improve readability.
5433 ** tests: Scripts now use EXEEXT properly.
5434 Modern libtool doesn't create wrapper script, so the self tests need
5435 to invoke certtool.exe under MinGW32+Wine.
5437 ** Uses autoconf 2.63, automake 1.10.1, libtool 2.2.6a.
5438 Automake warnings are now also enabled.
5440 ** API and ABI modifications:
5441 gnutls_pk_params_st: MODIFIED
5443 * Version 2.5.8 (released 2008-09-21)
5445 ** certtool: updated so it can add several subject alternative names using
5448 ** libgnutls: gnutls_x509_crt_set_subject_alt_name() was added that can
5449 either set or append alternative names. It can also handle binary structures
5450 such as IP addresses.
5452 ** libgnutls: Fix crash in hashing code when using non-libgcrypt handlers.
5454 ** libgnutls: New function to set minimum acceptable SRP bits.
5455 The function is gnutls_srp_set_prime_bits. Tiny patch by Kevin Quick
5456 <quick@sparq.org> in <https://savannah.gnu.org/support/index.php?106454>.
5458 ** libgnutls: Check for overflows in gnutls_calloc and gnutls_secure_calloc.
5459 Also fix overflows in calls to those functions. Reported by Werner
5460 Koch <wk@gnupg.org>.
5462 ** libgnutls-extra: Add function to work with Libgcrypt in FIPS mode.
5463 The function is gnutls_register_md5_handler. When libgcrypt is in
5464 FIPS mode, MD5 is disabled, but TLS normally requires use of MD5 in
5467 ** Opencdk: Add calls to gnutls_assert to ease debugging.
5471 ** API and ABI modifications:
5472 gnutls_srp_set_prime_bits: ADDED
5473 gnutls_register_md5_handler: ADDED
5474 gnutls_x509_crt_set_crl_dist_points2: ADDED
5475 gnutls_x509_crt_set_subject_alt_name: ADDED
5477 * Version 2.5.7 (released 2008-09-16)
5479 ** libgnutls: New interfaces to get name of public key and signing algorithms.
5480 The functions are gnutls_sign_get_name and gnutls_pk_get_name.
5482 ** libgnutls: Don't crash when gnutls_credentials_set is called twice.
5484 ** libgnutls: Fix libgnutls shared library version.
5485 It wasn't properly incremented after adding symbols in the last
5488 ** manual: Now mention supported public key and public key signing algorithms.
5490 ** tests/openssl: initialize gnutls before use.
5492 ** tests/setcredcrash: New test to catch regressions of gnutls_credentials_set.
5494 ** GTK-DOC manual: mention new symbols in 2.6.x. Mention crypto.h functions.
5496 ** API and ABI modifications:
5497 gnutls_sign_get_name: ADDED
5498 gnutls_pk_get_name: ADDED
5500 * Version 2.5.6 (released 2008-09-08)
5502 ** libgnutls: Add interface to deal with public key and signature algorithms.
5503 The functions are called gnutls_pk_list, gnutls_pk_get_id,
5504 gnutls_sign_list, and gnutls_sign_get_id. Suggested by Sam
5505 Varshavchik <mrsam@courier-mta.com>.
5507 ** libgnutls: Refactor and clean up some code.
5509 ** libgnutls: Fix compile error with Sun CC.
5511 ** gnutls-cli: Improve --list output to include public key and signature algs.
5513 ** gnutls-cli, gnutls-serv: Remove --copyright parameter.
5514 Use standard --version to get license info.
5516 ** gnutls-cli.1: Document all new parameters.
5517 Thanks to James Westby <jw+debian@jameswestby.net>.
5519 ** tests: New self-test pgps2kgnu to test parsing of encrypted secrets.
5520 Contributed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.
5522 ** API and ABI modifications:
5523 gnutls_pk_list: ADDED
5524 gnutls_pk_get_id: ADDED
5525 gnutls_sign_list: ADDED
5526 gnutls_sign_get_id: ADDED
5528 * Version 2.5.5 (released 2008-08-29)
5530 ** libgnutls: New API to get a string corresponding to a error symbol.
5531 The function is gnutls_strerror_name.
5533 ** libgnutls: Fix include paths so that building with internal libtasn1 works.
5534 Reported by "jth.net ApS" <info@jth.net>.
5536 ** libgnutls: Fix segmentation fault when generating private keys.
5537 Reported by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.
5539 ** libgnutls: Remove code to import certificate chains in PKCS#7 format.
5540 The code has not worked since v0.9.0 and apparently nobody has missed
5541 it, so we decided to remove the code rather than fix it. If you have
5542 old certificate chains stored in PKCS#7 format, you can convert them
5543 to a list of PEM certificates by using 'certtool --p7-info'. Reported
5544 by Christian Grothoff <christian@grothoff.org>.
5546 ** opencdk: Parse (but not decrypt) encrypted secret keys.
5547 Contributed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.
5549 ** libgnutls: Fix many warnings.
5551 ** Included copy of libtasn1 is upgraded to version 1.5.
5553 ** Add French translation, thanks to Nicolas Provost.
5555 ** API and ABI modifications:
5556 gnutls_strerror_name: ADDED
5558 * Version 2.5.4 (released 2008-08-19)
5560 ** Fix secure memory initialization of libgcrypt.
5561 Reported by Joe Orton <joe@manyfish.co.uk> in
5562 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2992>.
5565 Reference to NIST SP 800-57 in the manual on key size recommendations.
5566 Added 'Since:' tags to new APIs for gtk-doc.
5568 ** API and ABI modifications:
5569 No changes since last version.
5571 * Version 2.5.3 (released 2008-08-14)
5573 ** libgnutls: New API to set the public parameters in a certificate request
5574 ** from a private key.
5575 The function is gnutls_x509_crq_set_key_rsa_raw. Inspired by
5576 discussion with "Zach C." <fxchip@gmail.com>.
5578 ** libgnutls: New API to set a callback to extract TLS Finished data.
5579 The function to register is gnutls_session_set_finished_function and
5580 it takes a callback of the gnutls_finished_callback_func type.
5582 ** libgnutls: Drop final comma after GNUTLS_CRT_PRINT_UNSIGNED_FULL in enum.
5583 Reported in <https://savannah.gnu.org/support/?106453>.
5585 ** libgnutls: Fix namespace problem with TLS_MASTER_SIZE and TLS_RANDOM_SIZE.
5586 The new names are GNUTLS_MASTER_SIZE and GNUTLS_RANDOM_SIZE. The old
5587 names are mapped to the new names in compat.h. These mappings will
5588 likely be removed more quickly than other mappings in that file due to
5589 the namespace violation.
5591 ** libgnutlsxx: Make it build when SRP is disabled.
5593 ** doc: Add doxygen files in doc/doxygen/.
5595 ** API and ABI modifications:
5596 gnutls_x509_crq_set_key_rsa_raw: ADDED
5597 gnutls_session_set_finished_function: ADDED
5598 gnutls_finished_callback_func: ADDED
5599 GNUTLS_MASTER_SIZE: ADDED
5600 GNUTLS_RANDOM_SIZE: ADDED
5601 TLS_MASTER_SIZE: DEPRECATED
5602 TLS_RANDOM_SIZE: DEPRECATED
5604 * Version 2.5.2 (released 2008-07-08)
5606 ** libgnutls: Fix bug in gnutls_dh_params_generate2.
5607 The prime and generator was swapped.
5609 ** libgnutls: New interface to register a new TLS extension handler.
5610 The new function gnutls_ext_register can be used to register handlers
5611 for specific TLS extension types. The callback functions have the new
5612 types gnutls_ext_recv_func and gnutls_ext_send_func. A type to
5613 classify TLS extensions, gnutls_ext_parse_type_t, has been added as
5616 ** Move more code for TLS/IA extension from libgnutls to libgnutls-extra.
5617 This was made possible by using the new gnutls_ext_register interface.
5618 The TLS/IA functionality has only been supported through the
5619 libgnutls-extra library, so it makes sense for the code to belong
5622 ** API and ABI modifications:
5623 gnutls_ext_recv_func: ADDED
5624 gnutls_ext_send_func: ADDED
5625 gnutls_ext_parse_type_t: ADDED
5626 gnutls_ext_register: ADDED
5628 * Version 2.5.1 (released 2008-07-02)
5632 ** API and ABI modifications:
5633 No changes since last version.
5635 * Version 2.5.0 (released 2008-07-02)
5637 ** Port fixes from v2.4.1 release, see below.
5639 ** Added API to replace and update the crypto backend.
5640 The header gnutls/crypto.h is now officially supported, and declares
5643 ** Rewritten opencdk crypto backend, to use the gnutls internal one.
5645 ** Update gnulib and translations.
5646 The gnulib gc crypto code has been removed since it was never finished
5647 and is no longer even used. An internal non-libgcrypt crypto
5648 implementation may be added in the future, but we'll decide that later
5651 ** API and ABI modifications:
5652 gnutls_crypto_bigint_register2: ADDED.
5653 gnutls_crypto_cipher_register2: ADDED.
5654 gnutls_crypto_digest_register2: ADDED.
5655 gnutls_crypto_mac_register2: ADDED.
5656 gnutls_crypto_pk_register2: ADDED.
5657 gnutls_crypto_rnd_register2: ADDED.
5658 gnutls_crypto_single_cipher_register2: ADDED.
5659 gnutls_crypto_single_digest_register2: ADDED.
5660 gnutls_crypto_single_mac_register2: ADDED.
5662 * Version 2.4.3 (released 2009-02-06)
5664 ** libgnutls: Accept chains where intermediary certs are trusted.
5665 Before GnuTLS needed to validate the entire chain back to a
5666 self-signed certificate. GnuTLS will now stop looking when it has
5667 found an intermediary trusted certificate. The new behaviour is
5668 useful when chains, for example, contains a top-level CA, an
5669 intermediary CA signed using RSA-MD5, and an end-entity certificate.
5670 To avoid chain validation errors due to the RSA-MD5 cert, you can
5671 explicitly add the intermediary RSA-MD5 cert to your trusted certs.
5672 The signature on trusted certificates are not checked, so the chain
5673 has a chance to validate correctly. Reported by "Douglas E. Engert"
5674 <deengert@anl.gov> in
5675 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.
5677 ** libgnutls: Permit V1 Certificate Authorities properly.
5678 Before they were mistakenly rejected even though
5679 GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
5680 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied. Reported by
5681 "Douglas E. Engert" <deengert@anl.gov> in
5682 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.
5684 ** libgnutls: deprecate X.509 validation chains using MD5 and MD2 signatures.
5685 This is a bugfix -- the previous attempt to do this from internal x509
5686 certificate verification procedures did not return the correct value
5687 for certificates using a weak hash. Reported by Daniel Kahn Gillmor
5688 <dkg@fifthhorseman.net> in
5689 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3332>,
5690 debugged and patch by Tomas Mraz <tmraz@redhat.com> and Daniel Kahn
5691 Gillmor <dkg@fifthhorseman.net>.
5693 ** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
5694 Reported by Michael Kiefer <Michael-Kiefer@web.de> in
5695 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
5696 Andreas Metzler <ametzler@downhill.at.eu.org> in
5697 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.
5699 ** libgnutls: Fix crash in X.509 validation code for self-signed certificates.
5700 The patch to fix the security problem GNUTLS-SA-2008-3 introduced a
5701 problem for certificate chains that contained just one self-signed
5702 certificate. Reported by Michael Meskes <meskes@debian.org> in
5703 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.
5705 ** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3]
5706 The flaw makes it possible for man in the middle attackers (i.e.,
5707 active attackers) to assume any name and trick GnuTLS clients into
5708 trusting that name. Thanks for report and analysis from Martin von
5709 Gagern <Martin.vGagern@gmx.net>. [CVE-2008-4989]
5711 Any updates with more details about this vulnerability will be added
5712 to <https://www.gnu.org/software/gnutls/security.html>
5714 ** libgnutls: Fix buffer overrun in gnutls_x509_crt_list_import.
5715 Report and patch by Jonathan Manktelow.
5717 ** libgnutls: Avoid use of non-thread safe strerror.
5719 ** API and ABI modifications:
5720 No changes since last version.
5722 * Version 2.4.2 (released 2008-09-15)
5724 ** libgnutls: Don't crash when gnutls_credentials_set is called twice.
5726 ** libgnutls: Corrected memory leak in X.509 functions.
5727 Thanks to Colin Leroy <colin@colino.net>.
5729 ** libgnutls: Fix compile error with Sun CC.
5731 ** gnutls-cli.1: Document all new parameters.
5732 Thanks to James Westby <jw+debian@jameswestby.net>.
5734 ** tests/openssl: initialize gnutls before use.
5735 Fixes crash with libgcrypt 1.4.2. Reported by Ludovic Courtes
5736 <ludovic.courtes@laas.fr>.
5738 ** doc/: Fix texinfo markup for old texinfo versions.
5740 ** Included copy of libtasn1 is upgraded to version 1.5.
5742 ** API and ABI modifications:
5743 No changes since last version.
5745 * Version 2.4.1 (released 2008-06-30)
5747 ** libgnutls: Fix local crash in gnutls_handshake. [GNUTLS-SA-2008-2]
5748 If the gnutls_handshake function is called for a normal session, which
5749 can happen for re-handshakes, the library would crash because it tried
5750 to hash some data using a libgcrypt handle that had been deallocated.
5751 Report and tiny patch from Tomas Mraz <tmraz@redhat.com>. Any updates
5752 with more details about this vulnerability will be added to
5753 <https://www.gnu.org/software/gnutls/security.html>
5755 ** libgnutls: Fix memory leaks when doing a re-handshake.
5756 Reported by Sam Varshavchik <mrsam@courier-mta.com> in
5757 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2928>.
5759 ** Fix compiler warnings.
5760 Reported by Massimo Gaspari <massimo.gaspari@alice.it> in
5761 <http://thread.gmane.org/gmane.network.gnutls.general/1281>.
5763 ** Fix ordering of -I's to avoid opencdk.h conflict with system headers.
5764 Reported by Roman Bogorodskiy <novel@FreeBSD.org> in
5765 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2930>.
5767 ** srptool: Fix a problem where --verify check does not succeed.
5768 Report and tiny patch by Matthias Koenig <mkoenig@suse.de> in
5769 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2944>.
5771 ** API and ABI modifications:
5772 No changes since last version.
5774 * Version 2.4.0 (released 2008-06-19)
5776 ** Major changes compared to the v2.2 branch:
5778 *** The OpenPGP sub-system has been improved and now supports subkeys.
5780 *** The PSK sub-system has been improved and now supports password
5781 *** derivation and PSK identity hints.
5782 The password derivation algorithms support is documented in
5783 draft-ietf-netconf-tls-02.txt.
5785 *** The certtool --inder and --outder has been replaced by --inraw and --outraw.
5786 This aligns terminology with OpenPGP, which doesn't use DER encoding.
5787 The old parameters will continue to work for some time.
5789 *** Certtool now confirm passwords and changes permissions of private key files.
5791 *** The default handshake size limit has been increased to 48kb.
5792 It appears as if some valid handshakes are large due to sending many
5793 CA certificates. (The earlier limit was 16kb.)
5795 *** LZO compression is now disabled by default.
5796 The main reason is that LZO compression in TLS is not standardized,
5797 but license compatiblity issues with minilzo triggered us to make this
5800 *** Improvements for cross-compilation to Windows and OpenWRT.
5802 *** The look of the GTK-DOC manual has been improved.
5803 Major developer visible changes compared to the v2.2 branch:
5805 *** Full OpenPGP support is part of libgnutls, licensed under the LGPL.
5807 *** New APIs to access the raw X.509 Subject and Issuer DN's and
5808 *** elements from the certificate credentials structure.
5809 Thanks to Joe Orton.
5811 *** New APIs to improve working with username/passwords and PSK.
5813 *** Names of constants to affect certificate printing changed.
5814 The constants are used for OpenPGP too, which the names didn't
5815 reflect, so the following name change has been made:
5818 GNUTLS_X509_CRT_FULL GNUTLS_CRT_PRINT_FULL
5819 GNUTLS_X509_CRT_ONELINE GNUTLS_CRT_PRINT_ONELINE
5820 GNUTLS_X509_CRT_UNSIGNED_FULL GNUTLS_CRT_PRINT_UNSIGNED_FULL
5822 The old names will be mapped to the new names for some time.
5824 *** The function gnutls_openpgp_privkey_get_id has been renamed to
5825 *** gnutls_openpgp_privkey_get_key_id.
5826 A compatibility mapping exists to avoid breaking API backwards
5829 *** Replaced all uses of alloca with malloc and free.
5831 *** We no longer build with -D_REENTRANT -D_THREAD_SAFE.
5832 We have been unable to find a documented rationale for this practice.
5834 *** Of course, many smaller fixes have been made, see the ChangeLog file.
5836 *** API/ABI changes in GnuTLS 2.4
5837 All OpenPGP related functions have been moved from libgnutls-extra to
5838 libgnutls, and several new functions have been added (see below).
5839 Before making the release, we discussed whether moving functions from
5840 libgnutls-extra to libgnutls would require us to increment the ABI
5841 version, but the general opinion was that this would not be required.
5842 All older functions continue to work the same. We are open to the
5843 possibility that this decision will lead to problem on some platform,
5844 and if it turns out that the Right Thing should have been to increment
5845 the shared library version, we would need to release an update within
5846 the 2.4.x branch that increments the shared library version.
5848 This release adds the following functions:
5850 gnutls_psk_client_get_hint
5851 gnutls_psk_set_server_credentials_hint
5852 gnutls_psk_netconf_derive_key
5854 Used to get/set the PSK identity hint, and derive PSK keys from
5855 passwords a'la netconf.
5857 gnutls_x509_dn_deinit
5858 gnutls_x509_dn_export
5859 gnutls_x509_dn_import
5862 Used to handle X.509 Certificate DN's directly.
5866 Converts a data buffer to hex. Useful for handling PSK/SRP shared
5869 gnutls_certificate_get_x509_cas
5870 gnutls_certificate_get_x509_crls
5871 gnutls_certificate_get_openpgp_keyring
5873 Functions for direct access to credential elements.
5875 gnutls_openpgp_crt_get_auth_subkey
5876 gnutls_openpgp_crt_get_key_id
5877 gnutls_openpgp_crt_get_pk_dsa_raw
5878 gnutls_openpgp_crt_get_pk_rsa_raw
5879 gnutls_openpgp_crt_get_preferred_key_id
5880 gnutls_openpgp_crt_get_revoked_status
5881 gnutls_openpgp_crt_get_subkey_count
5882 gnutls_openpgp_crt_get_subkey_creation_time
5883 gnutls_openpgp_crt_get_subkey_expiration_time
5884 gnutls_openpgp_crt_get_subkey_fingerprint
5885 gnutls_openpgp_crt_get_subkey_id
5886 gnutls_openpgp_crt_get_subkey_idx
5887 gnutls_openpgp_crt_get_subkey_pk_algorithm
5888 gnutls_openpgp_crt_get_subkey_pk_dsa_raw
5889 gnutls_openpgp_crt_get_subkey_pk_rsa_raw
5890 gnutls_openpgp_crt_get_subkey_revoked_status
5891 gnutls_openpgp_crt_get_subkey_usage
5892 gnutls_openpgp_crt_print
5893 gnutls_openpgp_crt_set_preferred_key_id
5894 gnutls_openpgp_keyring_get_crt
5895 gnutls_openpgp_keyring_get_crt_count
5896 gnutls_openpgp_privkey_export
5897 gnutls_openpgp_privkey_export_dsa_raw
5898 gnutls_openpgp_privkey_export_rsa_raw
5899 gnutls_openpgp_privkey_export_subkey_dsa_raw
5900 gnutls_openpgp_privkey_export_subkey_rsa_raw
5901 gnutls_openpgp_privkey_get_fingerprint
5902 gnutls_openpgp_privkey_get_key_id
5903 gnutls_openpgp_privkey_get_pk_algorithm
5904 gnutls_openpgp_privkey_get_preferred_key_id
5905 gnutls_openpgp_privkey_get_revoked_status
5906 gnutls_openpgp_privkey_get_subkey_count
5907 gnutls_openpgp_privkey_get_subkey_creation_time
5908 gnutls_openpgp_privkey_get_subkey_expiration_time
5909 gnutls_openpgp_privkey_get_subkey_fingerprint
5910 gnutls_openpgp_privkey_get_subkey_id
5911 gnutls_openpgp_privkey_get_subkey_idx
5912 gnutls_openpgp_privkey_get_subkey_pk_algorithm
5913 gnutls_openpgp_privkey_get_subkey_revoked_status
5914 gnutls_openpgp_privkey_set_preferred_key_id
5916 New OpenPGP related functions.
5918 The function gnutls_openpgp_crt_get_key_id is the same as the old
5919 from gnutls_openpgp_crt_get_id, see above.
5921 The release also adds a new header file 'gnutls/crypto.h', however it
5922 is currently not used.
5924 ** libgnutls [OpenPGP]: New APIs to retrieve fingerprint from OpenPGP subkeys.
5925 Contributed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.
5927 ** API and ABI modifications:
5928 gnutls_openpgp_crt_get_subkey_fingerprint: ADDED.
5929 gnutls_openpgp_privkey_get_subkey_fingerprint: ADDED.
5931 * Version 2.3.15 (released 2008-06-15)
5933 ** Disable the openpgp-certs self-tests.
5934 It results in failure under Wine and doesn't work on Debian buildds.
5936 ** API and ABI modifications:
5937 No changes since last version.
5939 * Version 2.3.14 (released 2008-06-11)
5941 ** libgnutls [OpenPGP]: Changed OpenPGP verification behaviour.
5942 An OpenPGP certificate is now only considered verified if all the user
5945 ** Examples: Make C++ example compile.
5946 Earlier it may have failed with an unresolved reference to strlen.
5948 ** Documentation: Doc fix for gnutls_x509_crt_get_extension_oid.
5949 Reported by Sam Varshavchik <mrsam@courier-mta.com>.
5951 ** API and ABI modifications:
5952 No changes since last version.
5954 * Version 2.3.13 (released 2008-06-07)
5956 ** libgnutls [OpenPGP]: Make OpenPGP handshakes work again.
5958 ** doc/: Add psktool to info index. Some minor cleanups.
5960 ** tests/: Added non-forking TLS handshake test, see tests/mini.c.
5962 ** tests/: Added libgcrypt.supp which can be used with valgrind.
5963 The file suppresses the known libgcrypt memory leaks, so they aren't
5964 printed when you run valgrind on the gnutls self-tests. Use it as
5965 follows: valgrind --suppressions=libgcrypt.supp ./x509self or add
5966 '--suppressions=/home/you/src/gnutls/tests/libgcrypt.supp' to your
5969 ** tests/: Reduce amount of debugging output by default.
5970 Use --verbose for each test to get the full output.
5972 ** tests/: Fix memory leaks in several self-tests.
5973 None of the self tests should be leaking memory when running valgrind
5974 or similar tools. (Known exceptions are dhepskself, pskself, and
5975 set_pkcs12_cred, which appear likely to be due to memory leaks in the
5978 ** API and ABI modifications:
5979 No changes since last version.
5981 * Version 2.3.12 (released 2008-06-04)
5983 ** Merge gnutls_with_netconf branch.
5985 *** libgnutls [PSK]: New API to retrieve PSK identity hint in client.
5986 The function is gnutls_psk_client_get_hint.
5988 *** libgnutls [PSK]: New API to set PSK identity hint in server.
5989 The function is gnutls_psk_set_server_credentials_hint.
5991 *** libgnutls [PSK]: Support server key exchange with PSK identity hint.
5992 In the client, the message is parsed and the application can use
5993 gnutls_psk_client_get_hint to retrieve the hint. In the server, the
5994 message is sent if the application has specified a PSK identity hint
5995 using gnutls_psk_set_server_credentials_hint.
5997 *** libgnutls [PSK]: Support Netconf PSK key derivation.
5998 The function gnutls_psk_netconf_derive_key supports the PSK key
5999 derivation as specified in draft-ietf-netconf-tls-02.txt. New self
6002 *** psktool: Support new --netconf-hint to generate PSK key from password.
6003 Uses the Netconf algorithm to derive PSK key from password.
6005 *** gnutls-serv: Support new --pskhint parameter to set PSK identity hint.
6007 *** gnutls-cli: Always support PSK modes, through a callback.
6008 The callback will derive a PSK key using Netconf algorithm. It will
6009 print the PSK identity hint to help the user.
6011 *** New PSK example client and server.
6012 See doc/examples/ex-client-psk.c and doc/examples/ex-serv-psk.c.
6014 ** libgnutls: Fix gnutls_x509_crl_set_version on arm platforms.
6015 The code didn't work properly on platforms where 'char' is unsigned,
6016 when you set version 0. Reported by Laurence Withers
6017 <l@lwithers.me.uk> in
6018 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2825>.
6020 ** libgnutls-openssl: added RAND_pseudo_bytes API.
6021 Patch from Robert Millan <rmh@aybabtu.com>.
6023 ** API and ABI modifications:
6024 RAND_pseudo_bytes: ADDED to libgnutls-openssl.
6025 gnutls_psk_client_get_hint: ADDED.
6026 gnutls_psk_set_server_credentials_hint: ADDED.
6027 gnutls_psk_netconf_derive_key: ADDED
6029 * Version 2.3.11 (released 2008-05-20)
6031 ** Fix flaw in fix for GNUTLS-SA-2008-1-3.
6032 The flaw would result in incorrectly terminated sessions with the
6033 error "Decryption has failed" when the server sends a small packet
6034 (typically when the session is closed). Reported by Andreas Metzler
6035 <ametzler@downhill.at.eu.org> in
6036 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2807>.
6038 ** Don't use gnulib headers when building C++ library.
6039 Fixes builds under Windows.
6041 ** Make umask a requirement.
6042 We don't know of any system that lacks it, even GNU CoreUtils use it
6045 ** Update gnulib files.
6046 Fixes a problem where it pulled in a replacement for memcmp under
6047 MinGW, which caused the C++ example to fail to build.
6049 ** API and ABI modifications:
6050 No changes since last version.
6052 * Version 2.3.10 (released 2008-05-19)
6054 ** Added wide wildcard hostname matching.
6055 Tiny patch by Jean-Philippe Garcia Ballester.
6057 ** Fix three security vulnerabilities. [GNUTLS-SA-2008-1]
6058 Thanks to CERT-FI for finding the bugs and providing detailed reports,
6059 which allowed the bugs to be reproduced and fixed easily. Patches
6060 developed by Simon Josefsson and Nikos Mavrogiannopoulos. Any updates
6061 with more details about these vulnerabilities will be added to
6062 <https://www.gnu.org/software/gnutls/security.html>
6064 *** [GNUTLS-SA-2008-1-1]
6065 *** libgnutls: Fix crash when sending invalid server name.
6066 The crash can be triggered remotely before authentication, which can
6067 lead to a Daniel of Service attack to disable the server. The bug
6068 cause gnutls to store more session resumption data than what was
6069 allocated for, thus overwriting unallocated memory.
6071 *** [GNUTLS-SA-2008-1-2]
6072 *** libgnutls: Fix crash when sending repeated client hellos.
6073 The crash can be triggered remotely before authentication, which can
6074 lead to a Daniel of Service attack to disable the server. The bug
6075 triggers a null-pointer dereference.
6077 *** [GNUTLS-SA-2008-1-3]
6078 *** libgnutls: Fix crash in cipher padding decoding for invalid record lengths.
6079 The crash can be triggered remotely before authentication, which can
6080 lead to a Daniel of Service attack to disable the server. The bug
6081 cause gnutls to read memory beyond the end of the received record.
6083 ** libgnutlsxx: Updated API according to patches from Eduardo
6084 Villanueva Che (discussion at
6085 <http://lists.gnu.org/archive/html/gnutls-devel/2007-02/msg00017.html>)
6087 ** Use umask to restrict permissions to owner before creating a file.
6089 ** API and ABI modifications:
6090 No changes since last version.
6092 * Version 2.3.9 (released 2008-05-16)
6094 ** libgnutls: Fix build failures if SRP/OpenPGP is disabled.
6095 Based on report and tiny patches from
6096 <jared.jennings.ctr@eglin.af.mil>, see
6097 <https://savannah.gnu.org/support/index.php?106342>.
6099 ** libgnutls: Translation fixes.
6101 ** gnutls-cli: Fix so that PSK authentication works.
6102 Also improve manual to give example for gnutls-cli PSK authentication.
6104 ** certtool: Encrypting a private key now require a confirmed password.
6105 Before './certtool -k -8' would merely ask for a password once.
6106 Reported by Daniel 'NebuchadnezzaR' Dehennin
6107 <nebuchadnezzar@asgardr.info> see
6108 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364287>.
6110 ** certtool: When writing private keys to files, change permissions of file.
6111 Now the file which the private key is saved to is chmod'ed 0600.
6112 Reported by martin f krafft <madduck@debian.org> see
6113 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373169>.
6115 ** guile: Fix -fgnu89-inline test.
6117 ** Removed --enable-profile-mode.
6118 The code linked gnutls with the libfc project (Function Check) which
6119 appears to have been stalled since around 2002.
6121 ** Clean up header file checks by ./configure.
6123 ** Update of gnulib files.
6125 ** API and ABI modifications:
6126 No changes since last version.
6128 * Version 2.3.8 (released 2008-04-29)
6130 ** libgnutls: Increase default handshake packet size limit to 48kb.
6131 The old limit was 16kb and some servers send huge list of trusted CAs,
6132 thus running into the limit. FYI, applications can further increase
6133 this limit using gnutls_handshake_set_max_packet_length. Thanks to
6134 Marc Haber <mh+debian-bugs@zugschlus.de> and "Marc F. Clemente"
6135 <marc@mclemente.net> for reporting and providing test servers.
6137 ** libgnutls: Add new error code: GNUTLS_E_HANDSHAKE_TOO_LARGE
6138 Returned when the handshake data size is too large. Before
6139 GNUTLS_E_MEMORY_ERROR was used, which could be confused with other
6142 ** libgnutls: Hide definitions in crypto.h.
6143 We have decided that the APIs defined in crypto.h are not stable
6144 enough for v2.4, so don't use any of those functions.
6146 ** gnutls-cli: exit when hostname doesn't match certificate.
6147 Use --insecure to avoid hostname comparison.
6149 ** certtool: --inder and --outder replaced by --inraw and --outraw.
6150 The reason is to align terminology with OpenPGP, which doesn't use
6151 DER. The old parameters will continue to work for some time.
6153 ** doc: Add section 'Index of new symbols in 2.4.0' to the GTK-DOC manual.
6155 ** doc: Many cosmetic fixes, to silence (most) gtk-doc warnings.
6157 ** Mingw32: Revert libgcrypt vasprintf work-around added in last release.
6158 Use libgcrypt 1.4.1 or later when building on MinGW32, it removes the
6159 vasprintf symbol from the libgcrypt library which caused problems.
6161 ** Update of gnulib files.
6163 ** tests: New self-test of crypto.h RNG code tests/crypto_rng.
6165 ** API and ABI modifications:
6166 GNUTLS_E_HANDSHAKE_TOO_LARGE: ADDED.
6168 * Version 2.3.7 (released 2008-04-21)
6170 ** opencdk now properly sets the key usage bits into openpgp keys.
6172 ** gnutls-cli: Fix crash on TLS handshake failures.
6173 Reported by "Marc F. Clemente" <marc@mclemente.net> in Debian BTS #466477.
6174 This is similar to <http://bugs.debian.org/429183>.
6176 ** certtool: with --generate-request and newly generated keys, print the key.
6178 ** Build fixes for MinGW.
6179 Missing rpl_fseeko symbol in lib/opencdk/. Better checks for linking
6180 with -lws2_32 when needed. Use ASCII only isprint() when printing
6181 X.509 certificate information, to avoid non-ASCII but printable
6182 characters. Thanks to Massimo Gaspari <massimo.gaspari@alice.it> for
6185 ** Update internal copy of libtasn1 to version 1.4.
6187 ** API and ABI modifications:
6188 No changes since last version.
6190 * Version 2.3.6 (released 2008-04-17)
6192 ** Make gnutls_x509_crq_sign2 set certificate request version if not set.
6193 ** Improve documentation for gnutls_x509_crq_sign2.
6194 Based on report from "John Brooks" <aspecialj@gmail.com> in
6195 <http://permalink.gmane.org/gmane.network.gnutls.general/1154>.
6197 ** tests/pathlen: run diff without parameters to improve portability.
6198 Based on HPUX build hints in
6199 <http://hpux.cs.utah.edu/hppd/cgi-bin/wwwtar?/hpux/Gnu/gnutls-2.3.4/gnutls-2.3.4-src-11.11.tar.gz+gnutls-2.3.4/HPUX.Install+text>.
6201 ** Don't use %e specifier with strftime, it doesn't work under Windows.
6202 Reported by Massimo Gaspari <massimo.gaspari@alice.it> in
6203 <http://permalink.gmane.org/gmane.network.gnutls.general/1170>.
6205 ** Remove all uses of gnutls_alloca/gnutls_afree.
6206 Use normal gnutls_malloc instead. One reason is increased portability
6207 to Windows, the other is that several of the uses may be unsafe
6208 because the size of data allocated could be large. Reported by
6209 Massimo Gaspari <massimo.gaspari@alice.it> in
6210 <http://permalink.gmane.org/gmane.network.gnutls.general/1170>.
6212 ** Build Guile code with -fgnu89-inline only when supported.
6213 Reported by Kris Karas <ktk@enterprise.bidmc.harvard.edu> in
6214 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2708>.
6216 ** Several GTK-DOC related fixes.
6218 ** Clean up OpenCDK related code.
6219 GnuTLS now requires its internal OpenCDK code rather than the external
6220 GPL library OpenCDK. Unfortunately, we don't have resources to
6221 maintain an external library (help welcome).
6223 ** API and ABI modifications:
6224 No changes since last version.
6226 * Version 2.3.5 (released 2008-04-14)
6228 ** Build fix for MinGW and --disable-shared.
6229 Reported by Massimo Gaspari <massimo.gaspari@alice.it> in
6230 <http://permalink.gmane.org/gmane.network.gnutls.general/1145>.
6232 ** Document how to generate CRLs.
6233 Suggested by "Rainer Gerhards" <rgerhards@gmail.com>.
6235 ** Documented the --priority option to gnutls-cli and gnutls-serv.
6237 ** Several minor fixes in the OpenPGP interface.
6238 Thanks to Daniel Kahn Gillmor.
6240 ** Fix fopen file descriptor leak in PSK server code.
6241 Thanks to Laurence Withers <l@lwithers.me.uk>, see
6242 <http://lists.gnu.org/archive/html/gnutls-devel/2008-04/msg00002.html>.
6244 ** Translations files not stored directly in git to avoid merge conflicts.
6246 ** New APIs to let applications replace the RNG used.
6247 Update all RNG callers in the code to use the new interface.
6249 ** Guile code now built with -fgnu89-inline to fix inline semantic problem.
6251 ** Update gnulib files.
6253 ** API and ABI modifications:
6254 gnutls_crypto_rnd_register: ADDED
6255 gnutls_rnd_level_t: ADDED
6256 GNUTLS_RND_KEY: ADDED, gnutls_rnd_level_t member
6257 GNUTLS_RND_RANDOM: ADDED, gnutls_rnd_level_t member
6258 GNUTLS_RND_NONCE: ADDED, gnutls_rnd_level_t member
6259 gnutls_crypto_rnd_st: ADDED
6260 GNUTLS_DIG_SHA224: ADDED
6261 GNUTLS_SIGN_RSA_SHA224: ADDED
6262 gnutls_openpgp_crt_get_auth_subkey: MODIFIED
6264 * Version 2.3.4 (released 2008-03-19)
6266 ** Finish renaming of gnutls_certificate_export_x509_cas etc.
6267 They weren't renamed in the public header file.
6269 ** Added functions to register a cipher/mac/digest. This allows to
6270 override the included ones.
6272 ** Fix a bunch of compiler warnings.
6274 ** API and ABI modifications:
6275 gnutls_crypto_cipher_st: ADDED
6276 gnutls_crypto_mac_st: ADDED
6277 gnutls_crypto_digest_st: ADDED
6278 gnutls_crypto_cipher_register: ADDED
6279 gnutls_crypto_mac_register: ADDED
6280 gnutls_crypto_digest_register: ADDED
6281 GNUTLS_E_CRYPTO_ALREADY_REGISTERED: ADDED
6283 * Version 2.3.3 (released 2008-03-10)
6285 ** Fix build failure in libextra/gnutls_extra.c that needed opencdk.h.
6286 Reported by Roman Bogorodskiy <novel@FreeBSD.org>.
6288 ** No longer compiled using -D_REENTRANT -D_THREAD_SAFE.
6289 We could not find any modern justification for enabling these flags by
6290 default. If you know of some platform that needs one of the flags to
6291 work properly, please let us know. (Actually introduced in v2.3.0 but
6292 not documented until now.)
6294 ** Importing many CA certificates are now considerably faster.
6295 This affect gnutls_certificate_set_x509_trust_mem,
6296 gnutls_certificate_set_x509_trust, and
6297 gnutls_certificate_set_x509_trust_file. The complexity was reduced
6298 from O(2*n^2) to O(n). When adding 206 files containing 408
6299 certificates, using gnutls_certificate_set_x509_trust_file, the time
6300 dropped from 40 seconds to 0.3 seconds. Thanks to Edgar Fuß for code
6301 to trigger the problem. See also
6302 <http://blog.josefsson.org/2008/02/27/real-world-performance-tuning-with-callgrind/>.
6304 ** Clarify documentation for gnutls_x509_crt_set_subject_alternative_name
6305 ** to be explicit that it takes zero terminated data.
6307 ** gnutls-cli --print-cert now print PKCS#3 format Diffie-Hellman parameters.
6309 ** Documentation fixes for the GTK-DOC manual.
6311 ** Fix compilation error related to __FUNCTION__ on some systems.
6312 Reported by Tim Mooney, see
6313 <https://savannah.gnu.org/support/?106267>.
6315 ** Updated translations.
6317 ** Update gnulib files.
6319 ** API and ABI modifications:
6320 gnutls_hex2bin: MODIFIED, uses size_t instead of int for string length,
6321 and char* instead of void* for output buffer.
6323 * Version 2.3.2 (released 2008-02-26)
6325 ** Fix srcdir!=objdir failure in openpgpself test.
6327 ** Improved API documentation output from GTK-DOC.
6329 ** Added gnutls_x509_dn_export(). Patch by Joe Orton.
6331 ** Renamed gnutls_certificate_export_x509_cas and friends.
6332 See <http://lists.gnu.org/archive/html/gnutls-devel/2008-02/msg00043.html>.
6334 ** Internal header files cleanup.
6336 ** API and ABI modifications:
6337 gnutls_certificate_export_x509_cas: RENAMED to gnutls_certificate_get_x509_cas
6338 gnutls_certificate_export_x509_crls: RENAMED to gnutls_certificate_get_x509_crls
6339 gnutls_certificate_export_openpgp_keyring: RENAMED to gnutls_certificate_get_openpgp_keyring
6340 gnutls_x509_dn_export: ADDED
6342 * Version 2.3.1 (released 2008-02-21)
6344 ** OpenPGP support merged into libgnutls and is now licensed under LGPL.
6345 The included copy of OpenCDK has been stripped down and re-licensed
6348 ** Cipher priority string handling now handle strings that starts with NULL.
6349 Thanks to Laurence Withers <l@lwithers.me.uk>.
6351 ** gnutls-cli: When -d is used, also prints RNG information from libgcrypt.
6353 ** Corrected memory leaks in session resuming and DHE ciphersuites. Reported
6356 ** Increased the default certificate verification chain limits and allowed
6357 for checks without limitation.
6359 ** Corrected the behaviour of gnutls_x509_crt_get_subject_alt_name()
6360 and gnutls_x509_crt_get_subject_alt_name() to not null terminate binary
6361 strings and return the proper size.
6363 ** Add section 'On Record Padding' to the manual.
6364 This collects all problems related to record padding with
6365 Nokia/Sony-Ericsson phones that we know about.
6367 ** Several improvements in the OpenPGP authentication.
6368 Now subkeys can be used for authentication, according to
6369 draft-mavrogiannopoulos-rfc5081bis-00.txt.
6371 ** certtool can print information on OpenPGP certificates and keys.
6373 ** Added gnutls_x509_dn_import/init/deinit() to access raw DER DN.
6376 ** Added gnutls_certificate_export_x509_cas and other functions to
6377 export elements from the certificate credentials structure. Based on
6378 suggestion from Joe Orton.
6381 Clarify that srp_base64 is not the same as normal base64.
6383 ** Fix non-portable use of brace expansion in makefiles.
6385 ** API and ABI modifications:
6386 gnutls_certificate_export_x509_cas: ADDED
6387 gnutls_certificate_export_x509_crls: ADDED
6388 gnutls_certificate_export_openpgp_keyring: ADDED
6389 gnutls_openpgp_keyid_t: ADDED, instead of hard-coded 'unsigned char[8]'.
6390 gnutls_openpgp_crt_get_key_id: ADDED, obsoletes gnutls_openpgp_crt_get_id.
6391 gnutls_openpgp_crt_get_revoked_status: ADDED
6392 gnutls_openpgp_crt_get_subkey_count: ADDED
6393 gnutls_openpgp_crt_get_subkey_idx: ADDED
6394 gnutls_openpgp_crt_get_subkey_revoked_status: ADDED
6395 gnutls_openpgp_crt_get_subkey_pk_algorithm: ADDED
6396 gnutls_openpgp_crt_get_subkey_creation_time: ADDED
6397 gnutls_openpgp_crt_get_subkey_expiration_time: ADDED
6398 gnutls_openpgp_crt_get_subkey_id: ADDED
6399 gnutls_openpgp_crt_get_subkey_usage: ADDED
6400 gnutls_openpgp_privkey_get_fingerprint: ADDED
6401 gnutls_openpgp_privkey_get_key_id: ADDED
6402 gnutls_openpgp_privkey_get_subkey_count: ADDED
6403 gnutls_openpgp_privkey_get_subkey_idx: ADDED
6404 gnutls_openpgp_privkey_get_subkey_revoked_status: ADDED
6405 gnutls_openpgp_privkey_get_revoked_status: ADDED
6406 gnutls_openpgp_privkey_get_subkey_pk_algorithm: ADDED
6407 gnutls_openpgp_privkey_get_subkey_expiration_time: ADDED
6408 gnutls_openpgp_privkey_get_subkey_id: ADDED
6409 gnutls_openpgp_privkey_get_subkey_creation_time: ADDED
6410 gnutls_openpgp_crt_get_subkey_pk_dsa_raw: ADDED
6411 gnutls_openpgp_crt_get_subkey_pk_rsa_raw: ADDED
6412 gnutls_openpgp_crt_get_pk_dsa_raw: ADDED
6413 gnutls_openpgp_crt_get_pk_rsa_raw: ADDED
6414 gnutls_openpgp_privkey_export_subkey_dsa_raw: ADDED
6415 gnutls_openpgp_privkey_export_subkey_rsa_raw: ADDED
6416 gnutls_openpgp_privkey_export_dsa_raw: ADDED
6417 gnutls_openpgp_privkey_export_rsa_raw: ADDED
6418 gnutls_openpgp_privkey_export: ADDED
6419 gnutls_certificate_set_openpgp_key_file2: ADDED
6420 gnutls_certificate_set_openpgp_key_mem2: ADDED
6421 gnutls_x509_dn_init: ADDED
6422 gnutls_x509_dn_import: ADDED
6423 gnutls_x509_dn_deinit: ADDED
6424 GNUTLS_E_OPENPGP_SUBKEY_ERROR: ADDED
6425 gnutls_hex2bin: ADDED
6426 GNUTLS_CRT_PRINT_FULL: ADDED, same as old GNUTLS_X509_CRT_FULL.
6427 GNUTLS_CRT_PRINT_ONELINE: ADDED, same as old GNUTLS_X509_CRT_ONELINE.
6428 GNUTLS_CRT_PRINT_UNSIGNED_FULL: ADDED, same as
6429 old GNUTLS_X509_CRT_UNSIGNED_FULL.
6431 * Version 2.3.0 (released 2008-01-08)
6433 ** LZO compression is now disabled by default.
6434 The reason is that LZO compression is not standardized in TLS. If you
6435 wish to experiment with it, you will have to supply --with-lzo when
6436 invoking ./configure. The internal copy of minilzo is no longer
6437 included with GnuTLS, so you will need to install liblzo or liblzo2 on
6438 your system to have --with-lzo to be effective.
6440 ** More than one server name field is now sent to the server properly.
6441 Thanks to mark.phillips@virgin.net.
6443 ** Fixes the post_client_hello_function(). The extensions are now parsed
6444 in a callback friendly way.
6446 ** Fix for certificate selection in servers with certificate callbacks.
6448 ** Updated translations.
6450 ** Update gnulib files.
6452 ** API and ABI modifications:
6453 No changes since last version.
6455 * Version 2.2.5 (released 2008-05-19)
6457 ** Fix flaw in fix for GNUTLS-SA-2008-1-3.
6458 The flaw would result in incorrectly terminated sessions with the
6459 error "Decryption has failed" when the server sends a small packet
6460 (typically when the session is closed). Reported by Andreas Metzler
6461 <ametzler@downhill.at.eu.org> in
6462 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2807>.
6464 ** API and ABI modifications:
6465 No changes since last version.
6467 * Version 2.2.4 (released 2008-05-19)
6469 ** Fix three security vulnerabilities. [GNUTLS-SA-2008-1]
6470 Thanks to CERT-FI for finding the bugs and providing detailed reports,
6471 which allowed the bugs to be reproduced and fixed easily. Patches
6472 developed by Simon Josefsson and Nikos Mavrogiannopoulos. Any updates
6473 with more details about these vulnerabilities will be added to
6474 <https://www.gnu.org/software/gnutls/security.html>
6476 *** [GNUTLS-SA-2008-1-1]
6477 *** libgnutls: Fix crash when sending invalid server name.
6478 The crash can be triggered remotely before authentication, which can
6479 lead to a Daniel of Service attack to disable the server. The bug
6480 cause gnutls to store more session resumption data than what was
6481 allocated for, thus overwriting unallocated memory.
6483 *** [GNUTLS-SA-2008-1-2]
6484 *** libgnutls: Fix crash when sending repeated client hellos.
6485 The crash can be triggered remotely before authentication, which can
6486 lead to a Daniel of Service attack to disable the server. The bug
6487 triggers a null-pointer dereference.
6489 *** [GNUTLS-SA-2008-1-3]
6490 *** libgnutls: Fix crash in cipher padding decoding for invalid record lengths.
6491 The crash can be triggered remotely before authentication, which can
6492 lead to a Daniel of Service attack to disable the server. The bug
6493 cause gnutls to read memory beyond the end of the received record.
6495 ** API and ABI modifications:
6496 No changes since last version.
6498 * Version 2.2.3 (released 2008-05-06)
6500 ** Increase default handshake packet size limit to 48kb.
6501 The old limit was 16kb and some servers send huge list of trusted CAs,
6502 thus running into the limit. FYI, applications can further increase
6503 this limit using gnutls_handshake_set_max_packet_length. Thanks to
6504 Marc Haber <mh+debian-bugs@zugschlus.de> and "Marc F. Clemente"
6505 <marc@mclemente.net> for reporting and providing test servers.
6507 ** Fix compilation error related to __FUNCTION__ on some systems.
6508 Reported by Tim Mooney, see
6509 <https://savannah.gnu.org/support/?106267>.
6511 ** Documented the --priority option to gnutls-cli and gnutls-serv.
6513 ** Fix fopen file descriptor leak in PSK server code.
6514 Thanks to Laurence Withers <l@lwithers.me.uk>, see
6515 <http://lists.gnu.org/archive/html/gnutls-devel/2008-04/msg00002.html>.
6517 ** Build Guile code with -fgnu89-inline only when supported.
6518 Reported by Kris Karas <ktk@enterprise.bidmc.harvard.edu> in
6519 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2708>.
6521 ** Make Camellia encryption work.
6522 Reported by Yoshisato YANAGISAWA <yanagisawa@csg.is.titech.ac.jp> in
6523 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2746>.
6525 ** API and ABI modifications:
6526 No changes since last version.
6528 * Version 2.2.2 (released 2008-02-21)
6530 ** Cipher priority string handling now handle strings that starts with NULL.
6531 Thanks to Laurence Withers <l@lwithers.me.uk>.
6533 ** Corrected memory leaks in session resuming and DHE ciphersuites. Reported
6536 ** Increased the default certificate verification chain limits and allowed
6537 for checks without limitation.
6539 ** Corrected the behaviour of gnutls_x509_crt_get_subject_alt_name()
6540 and gnutls_x509_crt_get_subject_alt_name() to not null terminate binary
6541 strings and return the proper size.
6543 ** API and ABI modifications:
6544 No changes since last version.
6546 * Version 2.2.1 (released 2008-01-17)
6548 ** Prevent linking libextra against previously installed libgnutls.
6549 Tiny patch from "Alon Bar-Lev" <alon.barlev@gmail.com>, see
6550 <http://bugs.gentoo.org/show_bug.cgi?id=202269>.
6552 ** Fixes the post_client_hello_function(). The extensions are now parsed
6553 in a callback friendly way.
6555 ** Fix for certificate selection in servers with certificate callbacks.
6557 ** API and ABI modifications:
6558 No changes since last version.
6560 * Version 2.2.0 (released 2007-12-14)
6562 ** Update internal copy of libtasn1 to version 1.2.
6564 ** Certtool --verify-chain now handle inputs larger than 64kb.
6565 This fixes the self-test "rsa-md5-collision" under MinGW+Wine with
6566 recent versions of libgcrypt. The problem was that Wine with the
6567 libgcrypt RNG generates huge amounts of debugging output.
6569 ** Translation updates.
6570 Added Dutch translation. Updated Polish and Swedish translation.
6572 ** Major changes compared to the v2.0 branch:
6574 *** SRP support aligned with newly published RFC 5054.
6576 *** OpenPGP support aligned with newly published RFC 5081.
6578 *** Support for DSA2 keys.
6580 *** Support for Camellia cipher.
6582 *** Support for Opaque PRF Input extension.
6584 *** PKCS#8 parser now handle DSA keys.
6586 *** Change from GPLv2 to GPLv3 for command-line tools, libgnutls-extra, etc.
6587 Notice that liblzo2 2.02 is licensed under GPLv2 only. Earlier
6588 versions, such as 2.01 which is included with GnuTLS, is available
6589 under GPLv2 or later. If this incompatibility causes problems, we
6590 recommend you to disable LZO using --without-lzo. LZO compression is
6591 not a standard TLS compression algorithm, so the impact should be
6594 *** Functions for disabling record protocol padding.
6595 Works around bugs on Nokia/Ericsson phones.
6597 *** New functions gnutls_priority_set() for setting cipher priorities easily.
6598 Priorities like "COMPAT" also enables other work arounds, such as
6601 *** Other minor improvements and bug fixes.
6603 ** Backwards incompatible API/ABI changes in GnuTLS 2.2
6604 To adapt to changes in the TLS extension specifications for OpenPGP
6605 and SRP, the GnuTLS API had to be modified. This means breaking the
6606 API and ABI backwards compatibility. That is something we try to
6607 avoid unless it is necessary. We decided to also remove the already
6608 deprecated stub functions for X.509 to XML conversion and TLS
6609 authorization (see below) when we had the opportunity.
6611 Generally, most applications does not need to be modified. Just
6612 re-compile them against the latest GnuTLS release, and it should work
6615 Applications that use the OpenPGP or SRP features needs to be
6616 modified. Below is a list of the modified APIs and discussion of what
6617 the minimal things you need to modify in your application to make it
6618 work with GnuTLS 2.2.
6620 Note that GnuTLS 2.2 also introduces new APIs -- such as
6621 gnutls_set_priority() that is superior to
6622 gnutls_set_default_priority() -- that you may want to start using.
6623 However, using those new APIs is not required to use GnuTLS 2.2 since
6624 the old functions continue are still supported. This text only
6625 discuss what you minimally have to modify.
6627 *** XML related changes
6628 The function `gnutls_x509_crt_to_xml' has been removed. It has been
6629 deprecated and only returned an error code since GnuTLS version
6630 1.2.11. Nobody has complained, so users doesn't seem to miss the
6631 functionality. We don't know of any other library to convert X.509
6632 certificates into XML format, but we decided (long ago) that GnuTLS
6633 isn't the right place for this kind of functionality. If you want
6634 help to find some other library to use here, please explain and
6635 discuss your use case on help-gnutls@gnu.org.
6637 *** TLS Authorization related changes
6638 Everything related to TLS authorizations have been removed, they were
6639 only stub functions that returned an error code:
6641 GNUTLS_SUPPLEMENTAL_AUTHZ_DATA
6642 gnutls_authz_data_format_type_t
6643 gnutls_authz_recv_callback_func
6644 gnutls_authz_send_callback_func
6646 gnutls_authz_send_x509_attr_cert
6647 gnutls_authz_send_saml_assertion
6648 gnutls_authz_send_x509_attr_cert_url
6649 gnutls_authz_send_saml_assertion_url
6651 *** SRP related changes
6652 The callback gnutls_srp_client_credentials_function has a new
6653 prototype, and its semantic has changed. You need to rewrite the
6654 callback, see the updated function documentation and SRP example code
6655 (doc/examples/ex-client-srp.c and doc/examples/ex-serv-srp.c) for more
6658 The alert codes GNUTLS_A_MISSING_SRP_USERNAME and
6659 GNUTLS_A_UNKNOWN_SRP_USERNAME are no longer used by the SRP
6660 specification, instead the GNUTLS_A_UNKNOWN_PSK_IDENTITY alert is
6661 used. There are #define's to map the old names to the new. You may
6662 run into problems if you have a switch-case with cases for both SRP
6663 alerts, since they are now mapped to the same value. The solution is
6664 to drop the SRP alerts from such switch cases, as they are now
6665 deprecated in favor of GNUTLS_A_UNKNOWN_PSK_IDENTITY.
6667 *** OpenPGP related changes
6668 The function `gnutls_certificate_set_openpgp_keyserver' have been
6669 removed. There is no replacement functionality inside GnuTLS. If you
6670 need keyserver functionality, consider using the GnuPG tools.
6672 All functions, types, and error codes related to OpenPGP trustdb
6673 format have been removed. The trustdb format is a non-standard
6674 GnuPG-specific format, and we recommend you to use key rings instead.
6675 The following have been removed:
6677 gnutls_certificate_set_openpgp_trustdb
6678 gnutls_openpgp_trustdb_init
6679 gnutls_openpgp_trustdb_deinit
6680 gnutls_openpgp_trustdb_import
6681 gnutls_openpgp_key_verify_trustdb
6682 gnutls_openpgp_trustdb_t
6683 GNUTLS_E_OPENPGP_TRUSTDB_VERSION_UNSUPPORTED
6685 The following functions has an added parameter of the (new) type
6686 `gnutls_openpgp_crt_fmt_t'. The type specify the format of the data
6687 (binary or base64). The functions are:
6688 gnutls_certificate_set_openpgp_key_file
6689 gnutls_certificate_set_openpgp_key_mem
6690 gnutls_certificate_set_openpgp_keyring_mem
6691 gnutls_certificate_set_openpgp_keyring_file
6693 To improve terminology and align with the X.509 interface, some
6694 functions have been renamed. Compatibility mappings exists. The old
6695 and new names of the affected functions and types are:
6698 gnutls_openpgp_key_t gnutls_openpgp_crt_t
6699 gnutls_openpgp_key_fmt_t gnutls_openpgp_crt_fmt_t
6700 gnutls_openpgp_key_status_t gnutls_openpgp_crt_status_t
6701 GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT
6702 GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT
6703 gnutls_openpgp_key_init gnutls_openpgp_crt_init
6704 gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit
6705 gnutls_openpgp_key_import gnutls_openpgp_crt_import
6706 gnutls_openpgp_key_export gnutls_openpgp_crt_export
6707 gnutls_openpgp_key_get_key_usage gnutls_openpgp_crt_get_key_usage
6708 gnutls_openpgp_key_get_fingerprint gnutls_openpgp_crt_get_fingerprint
6709 gnutls_openpgp_key_get_pk_algorithm gnutls_openpgp_crt_get_pk_algorithm
6710 gnutls_openpgp_key_get_name gnutls_openpgp_crt_get_name
6711 gnutls_openpgp_key_get_version gnutls_openpgp_crt_get_version
6712 gnutls_openpgp_key_get_creation_time gnutls_openpgp_crt_get_creation_time
6713 gnutls_openpgp_key_get_expiration_time gnutls_openpgp_crt_get_expiration_time
6714 gnutls_openpgp_key_get_id gnutls_openpgp_crt_get_id
6715 gnutls_openpgp_key_check_hostname gnutls_openpgp_crt_check_hostname
6716 gnutls_openpgp_send_key gnutls_openpgp_send_cert
6718 ** API and ABI modifications:
6719 No changes since last version.
6721 * Version 2.1.8 (released 2007-12-10)
6723 ** The GPL version has been changed from version 2 to version 3.
6724 This affects the self-tests, command-line tools, the libgnutls-extra
6725 library, the relevant guile parts, and the build environment.
6727 ** Added gnutls_x509_crt_get_subject_alt_name2().
6729 ** Corrected a segfault when setting an empty gnutls_priority_t
6730 at gnutls_priority_set().
6732 ** Use gettext 0.17 which updates m4/lib-*.m4 macros.
6733 Fixes a problem with spurious -L/usr/lib additions.
6735 ** API and ABI modifications:
6736 gnutls_x509_crt_get_subject_alt_name2: ADD.
6738 * Version 2.1.7 (released 2007-11-29)
6740 ** PKCS #8 parser can now encode/decode DSA keys.
6742 ** Updated gnutls_set_default_priority2() now renamed to
6743 gnutls_priority_set() and gnutls_priority_set_direct() which
6744 accept a string to indicate preferences of ciphersuite parameters.
6746 ** gnutls-cli and gnutls-serv now have a --priority option to set
6747 the priority string.
6749 ** The gnutls_*_convert_priority() functions were deprecated by
6750 the gnutls_priority_set() and gnutls_priority_set_direct().
6752 ** Internal copy of OpenCDK upgraded to version 0.6.6.
6754 ** API and ABI modifications:
6755 gnutls_priority_init: ADD.
6756 gnutls_priority_deinit: ADD.
6757 gnutls_priority_set: ADD.
6758 gnutls_priority_set_direct: ADD.
6759 gnutls_set_default_priority2: RENAMED to gnutls_priority_set_direct()
6760 gnutls_mac_convert_priority: REMOVED
6761 gnutls_compression_convert_priority: REMOVED
6762 gnutls_protocol_convert_priority: REMOVED
6763 gnutls_kx_convert_priority: REMOVED
6764 gnutls_cipher_convert_priority: REMOVED
6765 gnutls_certificate_type_convert_priority: REMOVED
6766 gnutls_set_default_priority: UNDEPRECATED
6767 gnutls_set_default_priority_export: UNDEPRECATED
6769 ** Undocumented API and ABI modifications earlier in the 2.1.x series:
6770 GNUTLS_CIPHER_UNKNOWN: ADD.
6771 GNUTLS_CIPHER_CAMELLIA_128_CBC: ADD.
6772 GNUTLS_CIPHER_CAMELLIA_256_CBC: ADD.
6773 GNUTLS_KX_UNKNOWN: ADD.
6774 GNUTLS_COMP_UNKNOWN: ADD.
6775 GNUTLS_CRT_UNKNOWN: ADD.
6776 gnutls_mac_get_id: ADD.
6777 gnutls_compression_get_id: ADD.
6778 gnutls_cipher_get_id: ADD.
6779 gnutls_kx_get_id: ADD.
6780 gnutls_protocol_get_id: ADD.
6781 gnutls_certificate_type_get_id: ADD.
6782 gnutls_handshake_post_client_hello_func: ADD.
6783 gnutls_certificate_send_x509_rdn_sequence: ADD prototype to gnutls.h.in.
6785 * Version 2.1.6 (released 2007-11-15)
6787 ** Corrected bug in decompression of expanded compression data.
6789 ** Added the --to-p8 option to certtool to convert private keys
6792 ** Introduced the GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR error code.
6794 ** gnutls_certificate_set_x509_key_* can now read PKCS #8 unencrypted
6797 ** Fixed GNUTLS_E_UNKNOWN_ALGORITHM vs GNUTLS_E_UNKNOWN_HASH_ALGORITHM.
6798 During the 2.1.x series the GNUTLS_E_UNKNOWN_HASH_ALGORITHM error code
6799 was renamed to GNUTLS_E_UNKNOWN_ALGORITHM, unfortunately without being
6800 documented. This caused some problems (e.g., debian #450854). To
6801 avoid backwards compatibility problems, this release revert this
6802 change, so that GNUTLS_E_UNKNOWN_HASH_ALGORITHM works just like it has
6803 done in GnuTLS 2.0.x and earlier, and add a new error code
6804 GNUTLS_E_UNKNOWN_ALGORITHM.
6806 ** Fixes several gtk-doc warnings.
6808 ** API and ABI modifications:
6809 GNUTLS_E_UNKNOWN_ALGORITHM: CHANGED.
6810 GNUTLS_E_UNKNOWN_HASH_ALGORITHM: CHANGED.
6811 GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR: ADD.
6813 * Version 2.1.5 (released 2007-11-01)
6815 ** Fix PKCS#3 parameter export problem.
6817 ** Improve certtool queries, they now print the default value.
6821 ** Update gnulib files.
6823 ** API and ABI modifications:
6824 No changes since last version.
6826 * Version 2.1.4 (released 2007-10-27)
6828 ** Added the --v1 option to certtool, to allow generating X.509
6829 version 1 certificates.
6831 ** certtool: Add option --disable-quick-random to enable the old behaviour
6832 of using /dev/random to generate keys.
6834 ** Added priority functions that accept strings.
6836 ** Added gnutls_set_default_priority2() which accepts a flag to indicate
6837 priorities preferences.
6839 ** Added gnutls_record_disable_padding() to allow servers talking to
6840 buggy clients that complain if the TLS 1.0 record protocol padding is
6843 ** Introduced gnutls_session_enable_compatibility_mode() to allow enabling
6844 all supported compatibility options (like disabling padding).
6846 ** The gnutls_certificate_set_openpgp_* functions were modified to include
6847 the format. This makes the interface consistent with the x509 functions.
6849 ** Internal copy of OpenCDK upgraded to version 0.6.5.
6851 ** Update gnulib files.
6853 ** API and ABI modifications:
6854 gnutls_certificate_set_openpgp_key_mem: MODIFIED
6855 gnutls_certificate_set_openpgp_key_file: MODIFIED
6856 gnutls_certificate_set_openpgp_keyring_mem: MODIFIED
6857 gnutls_certificate_set_openpgp_keyring_file: MODIFIED
6858 gnutls_set_default_priority: DEPRECATED
6859 gnutls_set_default_priority_export: DEPRECATED
6860 gnutls_set_default_priority2: ADDED
6861 gnutls_session_enable_compatibility_mode: ADDED
6862 gnutls_record_disable_padding: ADDED
6863 gnutls_mac_convert_priority: ADDED
6864 gnutls_compression_convert_priority: ADDED
6865 gnutls_protocol_convert_priority: ADDED
6866 gnutls_kx_convert_priority: ADDED
6867 gnutls_cipher_convert_priority: ADDED
6868 gnutls_certificate_type_convert_priority: ADDED
6869 gnutls_openpgp_key_t: RENAMED to gnutls_openpgp_crt_t
6870 gnutls_openpgp_key_status_t: RENAMED to gnutls_openpgp_crt_status_t
6871 gnutls_openpgp_send_key: RENAMED to gnutls_openpgp_send_cert
6872 gnutls_openpgp_key_init: RENAMED to gnutls_openpgp_crt_init
6873 gnutls_openpgp_key_import: RENAMED to gnutls_openpgp_crt_import
6874 gnutls_openpgp_key_export: RENAMED to gnutls_openpgp_crt_export
6875 gnutls_openpgp_key_check_hostname: RENAMED to gnutls_openpgp_crt_check_hostname
6876 gnutls_openpgp_key_get_creation_time: RENAMED to gnutls_openpgp_crt_get_creation_time
6877 gnutls_openpgp_key_get_expiration_time: RENAMED to gnutls_openpgp_crt_get_expiration_time
6878 gnutls_openpgp_key_get_fingerprint: RENAMED to gnutls_openpgp_crt_get_fingerprint
6879 gnutls_openpgp_key_get_version: RENAMED to gnutls_openpgp_crt_get_version
6880 gnutls_openpgp_key_get_pk_algorithm: RENAMED to gnutls_openpgp_crt_get_pk_algorithm
6881 gnutls_openpgp_key_get_name: RENAMED to gnutls_openpgp_crt_get_name
6882 gnutls_openpgp_key_deinit: RENAMED to gnutls_openpgp_crt_deinit
6883 gnutls_openpgp_key_get_id: RENAMED to gnutls_openpgp_crt_get_id
6884 gnutls_openpgp_key_get_key_usage: RENAMED to gnutls_openpgp_crt_get_key_usage
6885 gnutls_openpgp_key_verify_ring: RENAMED to gnutls_openpgp_crt_verify_ring
6886 gnutls_openpgp_key_verify_self: RENAMED to gnutls_openpgp_crt_verify_self
6888 * Version 2.1.3 (released 2007-10-17)
6890 ** TLS authorization support removed.
6891 This technique may be patented in the future, and it is not of crucial
6892 importance for the Internet community. After deliberation we have
6893 concluded that the best thing we can do in this situation is to
6894 encourage society not to adopt this technique. We have decided to
6895 lead the way with our own actions.
6897 ** Re-enabled the 256 bit ciphers in the default priorities.
6899 ** Corrected bugs in openpgp key verification using a keyring (both in
6902 ** API and ABI modifications:
6903 gnutls_certificate_set_openpgp_keyserver: REMOVED
6904 gnutls_authz_data_format_type_t,
6905 gnutls_authz_recv_callback_func,
6906 gnutls_authz_send_callback_func,
6907 gnutls_authz_enable,
6908 gnutls_authz_send_x509_attr_cert,
6909 gnutls_authz_send_saml_assertion,
6910 gnutls_authz_send_x509_attr_cert_url,
6911 gnutls_authz_send_saml_assertion_url: REMOVED.
6912 GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: ADDED. To avoid that the
6913 gnutls_supplemental_data_format_type_t enum type becomes empty.
6915 * Version 2.1.2 (released 2007-10-14)
6917 ** Removed all the trustdb code from openpgp authentication.
6918 We now use only the well-specified keyrings.
6920 ** The 256 bit ciphers are not enabled in the default priorities.
6922 ** Added support for DSA2 using libgcrypt 1.3.0.
6924 ** certtool: Fixed data corruption when using --outder.
6926 ** Removed all the xml related stubs and functions.
6928 ** Added capability to set a callback after the client hello is received
6929 by the server in order to adjust parameters before the handshake.
6931 ** SRP was corrected to adhere to the latest draft (published soon as RFC)
6933 ** Corrected bug which did not allow a server to run without supporting
6936 ** Updated the DN parser which now prints wrongly decoded values as hex
6939 ** certtool: Add option --quick-random.
6940 For generating low security test credentials.
6942 ** API and ABI modifications:
6943 gnutls_x509_crt_to_xml: REMOVED
6944 gnutls_openpgp_key_to_xml: REMOVED
6945 gnutls_openpgp_key_verify_trustdb: REMOVED
6946 gnutls_openpgp_trustdb_init: REMOVED
6947 gnutls_openpgp_trustdb_deinit: REMOVED
6948 gnutls_openpgp_trustdb_import: REMOVED
6949 gnutls_certificate_set_openpgp_trustdb: REMOVED
6950 gnutls_srp_client_credentials_function: CHANGED
6951 gnutls_handshake_set_post_client_hello_function: ADDED
6952 gnutls_mac_get_key_size: ADDED
6953 GNUTLS_E_OPENPGP_TRUSTDB_VERSION_UNSUPPORTED: DEPRECATED.
6954 GNUTLS_A_MISSING_SRP_USERNAME: DEPRECATED
6955 GNUTLS_A_UNKNOWN_SRP_USERNAME: DEPRECATED
6957 * Version 2.1.1 (released 2007-09-24)
6959 ** Added support for Camellia cipher, thanks to Yoshisato YANAGISAWA.
6960 Camellia is only enabled in GnuTLS if the installed libgcrypt has been
6961 compiled with Camellia support. See the libgcrypt documentation on
6962 how to enable it. Unconditionally disable it using the configure
6963 option --disable-camellia. Fixes #1.
6965 ** Properly document in the NEWS file the API change in the last release.
6967 ** API and ABI modifications:
6968 No changes since last version.
6970 * Version 2.1.0 (released 2007-09-20)
6972 ** Support for draft-rescorla-tls-opaque-prf-input-00.txt.
6973 The support is disabled by default. Since no value has been allocated
6974 by the IANA for this extension yet, you will need to provide one
6975 yourself by invoking './configure --enable-opaque-prf-input=42'.
6978 ** Example code: Fix compilation flaw under MinGW.
6980 ** API and ABI modifications:
6981 gnutls_oprfi_callback_func: ADD, new typedef function prototype.
6982 gnutls_oprfi_enable_client: ADD, new function.
6983 gnutls_oprfi_enable_server: ADD, new function.
6985 * Version 2.0.4 (released 2007-11-16)
6987 ** Corrected bug in decompression of expanded compression data.
6989 ** API and ABI modifications:
6990 No changes since last version.
6992 * Version 2.0.3 (released 2007-11-10)
6994 ** This version backports several fixes from the 2.1.x branch.
6996 ** Fixed PKCS #3 parameter export.
6998 ** Added gnutls_record_disable_padding() to allow servers talking to
6999 buggy clients that complain if the TLS 1.0 record protocol padding is
7002 ** Introduced gnutls_session_enable_compatibility_mode() to allow enabling
7003 all supported compatibility options (like disabling padding).
7005 ** Corrected bug which did not allow a server to run without supporting
7008 ** API and ABI modifications:
7009 gnutls_session_enable_compatibility_mode: ADDED
7010 gnutls_record_disable_padding: ADDED
7012 * Version 2.0.2 (released 2007-10-17)
7014 ** TLS authorization support removed.
7015 This technique may be patented in the future, and it is not of crucial
7016 importance for the Internet community. After deliberation we have
7017 concluded that the best thing we can do in this situation is to
7018 encourage society not to adopt this technique. We have decided to
7019 lead the way with our own actions.
7021 ** certtool: Fixed data corruption when using --outder.
7023 ** Fix configure-time Guile detection.
7025 ** API and ABI modifications:
7026 GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: ADDED. To avoid that the
7027 gnutls_supplemental_data_format_type_t enum type becomes empty.
7029 * Version 2.0.1 (released 2007-09-20)
7031 ** New directory doc/credentials/ with test credentials.
7032 This collects the test credentials from the web page and from src/.
7033 The script gnutls-http-serv has also been moved to that directory.
7035 ** Update SRP extension type and cipher suite with official IANA values.
7036 This breaks backwards compatibility with SRP in older versions of
7037 GnuTLS, but this is intentional to speed up the adoption of the
7038 official values. The old values we used were incorrect.
7040 ** Guile: Fix `x509-certificate-dn-oid'
7042 ** API and ABI modifications:
7043 No changes since last version.
7045 * Version 2.0.0 (released 2007-09-04)
7047 ** Included copy of Libtasn1 upgraded to version 1.1.
7049 ** Disable building of some examples if anonymous ciphers are disabled.
7051 ** Don't build examples for disabled features.
7053 ** API and ABI modifications:
7054 No changes since last version.
7056 * Version 1.7.19 (released 2007-08-27)
7058 ** Fix gnutls_error_is_fatal so that positive "errors" are non-critical.
7059 This solves connection problems in mutt, see
7060 <http://bugs.debian.org/439640>.
7062 ** Update gnulib files.
7063 In particular, the getpass module -- with its dependencies on getline,
7064 getdelim, fseeko etc -- where moved from the lgl/ (used by the core
7065 library) directory to the gl/ directory (only used by the command line
7066 tools). The reason is that getpass is now only used by the
7067 command-line tools, and reducing the number of gnulib modules linked
7068 to the core library helps portability and reduces size.
7072 ** Disable building of PGP examples if PGP is disabled.
7074 ** Included copy of OpenCDK upgraded to version 0.6.4.
7076 ** API and ABI modifications:
7077 No changes since last version.
7079 * Version 1.7.18 (released 2007-08-16)
7081 ** Install images for the info manual.
7082 This has a side effect of renaming the images. See
7083 <http://thread.gmane.org/gmane.comp.tex.texinfo.bugs/3533> for
7084 discussions on the approach chosen.
7086 ** Fix pointer mix to variables of different size.
7087 Patch extracted from
7088 <http://cvs.fedora.redhat.com/viewcvs/devel/gnutls/gnutls-1.6.3-incompat-pointers.patch?rev=1.1&view=auto>.
7090 ** Fix warnings during build.
7091 Thanks to Andreas Metzler <ametzler@downhill.at.eu.org>.
7093 ** API and ABI modifications:
7094 No changes since last version.
7096 * Version 1.7.17 (released 2007-08-15)
7098 ** New functions to perform external signing.
7099 Set the signing callback function (of the gnutls_sign_func prototype)
7100 using the gnutls_sign_callback_set function. In the callback, you may
7101 find the new functions gnutls_x509_privkey_sign_hash and
7102 gnutls_openpgp_privkey_sign_hash useful. A new function
7103 gnutls_sign_callback_get is also added, to retrieve the function
7104 pointer. Thanks to "Alon Bar-Lev" <alon.barlev@gmail.com> for
7105 comments and testing.
7107 ** New self test of client and server authenticated X.509 TLS sessions.
7108 See tests/x509self.c and tests/x509signself.c. The latter also tests
7109 the new external signing callback interface.
7111 ** New errors GNUTLS_E_APPLICATION_ERROR_MIN..GNUTLS_E_APPLICATION_ERROR_MAX.
7112 These two actually describe the outer limits of a range of error codes
7113 reserved to the application. All of the errors are treated as fatal
7114 by the library (it has to since it doesn't know the semantics of the
7115 error codes). This can be useful in callbacks, to signal some
7116 application-specific error condition, which will usually eventually
7117 cause some gnutls API to return the same error code as the callback,
7118 which then can be inspected by the application. Note that error codes
7121 ** gnutls_set_default_priority now disable TLS 1.2 by default.
7122 The RFC is not released yet, and we're approaching a major release so
7123 let's not enable it just yet.
7125 ** Fix namespace so that gnutls_*_t is used consistently.
7126 Before, many places in the GnuTLS code used the old deprecated type
7127 names without the '_t' suffix.
7129 ** Build fixes for Guile code.
7130 Patch from Ludovic Courtes <ludovic.courtes@laas.fr>.
7132 ** More documentation fixes.
7133 In particular, the section headings were modified for casing. By
7134 Ludovic Courtes <ludovic.courtes@laas.fr>.
7136 ** Updated Polish and Swedish translations.
7137 Thanks to Jakub Bogusz <qboosh@pld-linux.org> and Daniel Nylander
7138 <po@danielnylander.se>.
7140 ** API and ABI modifications:
7141 gnutls_sign_func: ADD, new type for sign callback.
7142 gnutls_sign_callback_set: ADD, new function to set sign callback.
7143 gnutls_sign_callback_get: ADD, new function to retrieve sign callback.
7144 gnutls_x509_privkey_sign_hash,
7145 gnutls_openpgp_privkey_sign_hash: ADD, new functions useful in sign callback.
7146 GNUTLS_E_APPLICATION_ERROR_MIN,
7147 GNUTLS_E_APPLICATION_ERROR_MAX: ADD, new CPP #defines for error codes.
7149 * Version 1.7.16 (released 2007-08-07)
7151 ** Fix sanity checks and return values in certificate selection.
7152 In some cases, GnuTLS omitted to report suitable error codes when no
7153 suitable certificate was found.
7155 ** Fix gnutls-cli starttls EOF on Mac OS X.
7156 Thanks to Hal Eden <n.mavrogiannopoulos@gmail.com>.
7158 ** Documentation fixes.
7159 In particular, the section headings were modified for casing. By
7160 Ludovic Courtes <ludovic.courtes@laas.fr>.
7162 ** Update gnulib files.
7164 ** API and ABI modifications:
7165 No changes since last version.
7167 * Version 1.7.15 (released 2007-07-02)
7169 ** Fix self-tests key-id under mingw32.
7171 ** Test that the Guile header files are recent enough to work.
7172 Before we just tested that the command line tool 'guile' was recent
7173 enough, which may not be sufficient if you still have an old
7174 libguile.h header installed.
7176 ** Guile bindings are now installed under $prefix by default.
7177 Use --without-guile-site-dir to install it under $pkgdatadir/site/
7178 where $pkgdatadir is as returned by "guile-config info pkgdatadir".
7179 Use --with-guile-site-dir=/your/own/path to specify the path manually.
7180 The default, --with-guile-site-dir, will install the Guile bindings
7181 under $datadir/guile/site. There is a new section 'Guile
7182 Preparations' in the manual that discuss these issues.
7184 ** Fix run-time library path ordering in linking the Guile bindings.
7186 ** Improved manual on downloading, installing, getting help, bug reports etc.
7187 Suggested by Ludovic Courtès <ludovic.courtes@laas.fr>.
7189 ** Add Malay message translations.
7190 Thanks to Sharuzzaman Ahmat Raslan <sharuzzaman@myrealbox.com>.
7192 ** API and ABI modifications:
7193 No changes since last version.
7195 * Version 1.7.14 (released 2007-06-26)
7197 ** Don't enable Guile bindings unless we have Guile 1.8 or later.
7198 Patch from Ludovic Courtès <ludovic.courtes@laas.fr>.
7200 ** Fix memory leak during DSA signature verification.
7201 Patch from Ludovic Courtès <ludovic.courtes@laas.fr>.
7203 ** Fix crash in gnutls-cli when TLS handshake fails.
7204 Reported by Marc Haber <mh+debian-bugs@zugschlus.de> and Andreas
7205 Metzler <ametzler@downhill.at.eu.org> via Debian BTS #429183, see
7206 <http://bugs.debian.org/429183>.
7208 ** Minor OpenPGP fixes in stream_to_datum.
7209 Patch from Timo Schulz <twoaday@freakmail.de> and Ludovic Courtès
7210 <ludovic.courtes@laas.fr>.
7212 ** Fix off-by-one in TLS 1.2 handshake.
7213 Patch from Ludovic Courtès <ludovic.courtes@laas.fr>.
7215 ** Minor Guile binding self-test cleanup.
7216 Patch from Ludovic Courtès <ludovic.courtes@laas.fr>.
7218 ** Update gnulib files.
7220 ** API and ABI modifications:
7221 No changes since last version.
7223 * Version 1.7.13 (released 2007-06-11)
7225 ** OpenCDK copy updated to version 0.6.3.
7227 ** Build fixes for GnuTLS Guile bindings.
7228 Patch from Ludovic Courtès <ludovic.courtes@laas.fr>.
7230 ** Build fix for GTK-DOC manual.
7232 ** Update gnulib files.
7234 ** API and ABI modifications:
7235 No changes since last version.
7237 * Version 1.7.12 (released 2007-06-08)
7239 ** Guile bindings for GnuTLS have been included.
7240 Contributed by Ludovic Courtès <ludovic.courtes@laas.fr>. There is a
7241 new chapter 'Guile Bindings' in the manual.
7243 ** Have PKCS8 parser return better error codes.
7244 Reported by Nate Nielsen <nielsen-list@memberwebs.com>, see
7245 <http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001653.html> and
7246 <http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001654.html>.
7248 ** Fix mem leak for sessions with client authentication via certificates.
7249 Reported by Andrew W. Nosenko <andrew.w.nosenko@gmail.com>, see
7250 <http://lists.gnupg.org/pipermail/gnutls-dev/2007-April/001539.html>.
7253 Reported by Dennis Vshivkov <walrus@amur.ru>, see
7254 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333050>. Added
7255 self-test tests/parse_ca.c to test regressions.
7257 ** Fix build failures related to missing images in manual.
7258 Reported by Andreas Metzler <ametzler@downhill.at.eu.org>.
7260 ** Update gnulib files.
7262 ** API and ABI modifications:
7263 No changes since last version.
7265 * Version 1.7.11 (released 2007-05-26)
7267 ** Include opencdk.h in the release.
7268 Reported by Roman Bogorodskiy <novel@FreeBSD.org>.
7270 ** API and ABI modifications:
7271 No changes since last version.
7273 * Version 1.7.10 (released 2007-05-25)
7275 ** New API functions to extract DER encoded X.509 Subject/Issuer DN.
7276 Suggested by Nate Nielsen <nielsen-list@memberwebs.com>.
7278 ** Update of gnulib files.
7280 ** GnuTLS is now developed in GIT instead of CVS.
7281 See <http://repo.or.cz/w/gnutls.git> for a public repository.
7283 ** API and ABI modifications:
7284 gnutls_x509_crt_get_raw_issuer_dn: ADD.
7285 gnutls_x509_crt_get_raw_dn: ADD.
7287 * Version 1.7.9 (released 2007-05-12)
7289 ** X.509 certificates are preferred over OpenPGP keys.
7290 This is a change in the semantics of gnutls_set_default_priority.
7292 ** The included copy of OpenCDK has been updated to 0.6.1.
7293 There has been some API changes in OpenCDK, and the GnuTLS layer have
7294 been modified as well. Note that while there are API/ABI incompatible
7295 changes in OpenCDK, this does not influence GnuTLS's API/ABI because
7296 its API/ABI have not changed. From this version on, GnuTLS requires
7297 OpenCDK 0.6.0 or later.
7299 ** Fix build failure caused by missing doc/gnutls-logo.pdf.
7301 ** Change certtool's default serial number from 0 to a time-based value.
7303 ** Fix X.509 signing with RSA-PKCS#1 to set a NULL parameters fields.
7304 Before, we remove the parameters field, which resulted in a slightly
7305 different DER encoding which in turn caused signature verification
7306 failures of GnuTLS-generated RSA certificates in some other
7307 implementations (e.g., GnuPG 2.x's gpgsm). Depending on which RFCs
7308 you read, this may or may not be correct, but our new behaviour appear
7309 to be consistent with other widely used implementations.
7311 ** Fix mem leaks in gnutls_x509_crt_print.
7313 ** API and ABI modifications:
7314 No changes since last version.
7316 * Version 1.7.8 (released 2007-04-16)
7318 ** Added examples for the authorization extension.
7319 See doc/examples/ex-client-authz.c and doc/examples/ex-serv-authz.c.
7321 ** The examples only use gnutls_set_default_priority().
7322 The exception is when DH_ANON is needed.
7324 ** Improve gnutls_set_default_priority() priorities.
7325 The new approach is for it to try and negotiate all secure and
7326 standard mechanisms available. Currently, DH_ANON ciphersuites and
7327 LZO compressions are not enabled by default, because they are,
7328 respectively, insecure and non-standardized. Note that TLS 1.2 will
7329 not be enabled by default in non-experimental release until it has
7330 been approved by the IETF.
7332 ** gnutls-cli and gnutls-serv now uses the library's default priorities.
7333 This means that to get DH_ANON and LZO compression, you'll need to
7334 specify that manually using '--kx anon' or '--comp lzo'.
7336 ** Minor fixes to the human display format of X.509 certificates.
7338 ** New APIs to extract Distinguished Name's from X.509 certificates.
7339 Based on patch from Howard Chu <hyc@symas.com>.
7341 ** Improved library searching for opencdk.
7342 It will now add the appropriate -R or -Wl,-rpath flags as necessary.
7343 The deprecated opencdk.m4 is no longer used.
7345 ** New APIs to list supported algorithms in the library.
7346 The APIs are gnutls_cipher_list, gnutls_mac_list,
7347 gnutls_compression_list, gnutls_protocol_list,
7348 gnutls_certificate_type_list, gnutls_kx_list, and
7349 gnutls_cipher_suite_info. Suggested by Howard Chu <hyc@symas.com>.
7351 ** The gnutls_x509_crt_get_key_id API now handle non-RSA/DSA keys.
7353 ** New configure option --disable-tls-authorization to disable tls-authz.
7355 ** Fix prototype for `gnutls_psk_set_client_credentials'.
7356 The last parameter was renamed from 'flags' to 'format' and the type
7357 changed from 'unsigned int' to 'gnutls_psk_key_flags' (an enum type),
7358 which shouldn't cause any ABI changes. Reported by ludo@chbouib.org
7361 ** Fix allocation in gnutls_certificate_set_openpgp_key.
7362 Tiny patch from ludo@chbouib.org (Ludovic Courtès).
7364 ** API and ABI modifications:
7365 gnutls_x509_dn_t: ADD.
7366 gnutls_x509_ava_st: ADD.
7367 gnutls_x509_crt_get_subject,
7368 gnutls_x509_crt_get_issuer: ADD.
7369 gnutls_x509_dn_get_rdn_ava: ADD.
7370 gnutls_cipher_list: ADD.
7371 gnutls_mac_list: ADD.
7372 gnutls_compression_list: ADD.
7373 gnutls_protocol_list: ADD.
7374 gnutls_certificate_type_list: ADD.
7375 gnutls_kx_list: ADD.
7376 gnutls_cipher_suite_info: ADD.
7378 * Version 1.7.7 (released 2007-02-22)
7380 ** Support for supplemental handshake messages and authorization data.
7381 Supplemental data is described in RFC 4680 and the authorization
7382 extensions in draft-housley-tls-authz-extns-07.
7384 ** Support for authorization data in gnutls-cli and gnutls-serv.
7385 New parameters --authz-x509-attr-cert and --authz-saml-assertion.
7387 ** Fix for gnutls_x509_crt_check_hostname.
7388 Before it would have reported that the certificate matched a hostname
7389 when it did not have any dNSName or any CN field. Report and tiny
7390 patch from "Richard W.M. Jones" <rjones@redhat.com>.
7392 ** New self test for RFC 2818 comparison in gnutls_x509_crt_check_hostname.
7393 Tests regressions of the bug, and several other features.
7395 ** GnuTLS now matches URI's with IP Addresses against iPAddress SAN's.
7396 Before there were no support for iPAddress SAN's during comparison.
7398 ** New API to print information about CRL's.
7399 The function is gnutls_x509_crl_print.
7401 ** New API to extract signature value from CRL's.
7402 The function is gnutls_x509_crl_get_signature.
7404 ** Support for directoryName Subject Alternative Name's.
7405 The gnutls_x509_crt_get_subject_alt_name function returns the DN as a
7406 string in the provided buffer.
7408 ** Internal improvements to certtool.
7409 It uses gnutls_x509_crl_print to print CRL information. It uses some
7410 more gnulib modules to simplify error handling.
7412 ** API and ABI modifications:
7413 GNUTLS_HANDSHAKE_SUPPLEMENTAL: ADD, new gnutls_handshake_description_t element.
7414 gnutls_supplemental_data_format_type_t: ADD.
7415 gnutls_authz_data_format_type_t: ADD.
7416 gnutls_supplemental_get_name: ADD.
7417 gnutls_authz_recv_callback_func,
7418 gnutls_authz_send_callback_func: ADD, callback prototypes.
7419 gnutls_authz_enable: ADD.
7420 gnutls_authz_send_x509_attr_cert,
7421 gnutls_authz_send_saml_assertion,
7422 gnutls_authz_send_x509_attr_cert_url,
7423 gnutls_authz_send_saml_assertion_url: ADD.
7424 GNUTLS_SAN_DN: ADD, new gnutls_x509_subject_alt_name_t element.
7425 gnutls_x509_crl_print: ADD.
7426 gnutls_x509_crl_get_signature: ADD.
7428 * Version 1.7.6 (released 2007-02-12)
7430 ** Support for 'otherName' Subject Alternative Names.
7431 The existing API gnutls_x509_crt_get_subject_alt_name may now return
7432 the new type GNUTLS_SAN_OTHERNAME together with the otherName value.
7433 To find out the otherName OID (necessary for proper parsing of the
7434 value), use the new API gnutls_x509_crt_get_subject_alt_othername_oid.
7435 For known OIDs, gnutls_x509_crt_get_subject_alt_othername_oid will
7436 return "virtual" SAN values, e.g., GNUTLS_SAN_OTHERNAME_XMPP to
7437 simplify OID matching. Suggested by Matthias Wimmer <m@tthias.eu>.
7439 ** Certtool can print otherName SAN values for certificates.
7440 For known otherName OIDs (currently only id-on-xmppAddr as defined by
7441 RFC 3920), it will also print the name.
7443 ** Fix TLS 1.2 RSA signing in servers.
7444 Before it used the old-style MD5+SHA1 signature, but the TLS
7445 signatures should be normal PKCS#1 signatures. FYI, we use and
7446 require that DigestInfo parameters are present and NULL for TLS 1.2.
7448 ** Add APIs to access X.509 extensions sequentially.
7449 The existing APIs gnutls_x509_crt_get_extension_oid() and
7450 gnutls_x509_crt_get_extension_by_oid() does not permit callers to
7451 inspect the extensions in the order defined by the certificate.
7453 ** Add API to extract signature value from X.509 certificates.
7454 The function is gnutls_x509_crt_get_signature.
7456 ** Fix crash when generating proxy certificates in batch mode.
7457 If you don't specify a proxy policy in batch mode, it will use
7460 ** Add API to print information about X.509 certificates.
7461 The function is gnutls_x509_crt_print.
7463 ** Certtool uses the new API gnutls_x509_crt_print to print certificate info.
7464 One consequence of this is that the output syntax has changed
7465 slightly. Some more fields are printed.
7469 ** API and ABI modifications:
7470 gnutls_x509_crt_print: ADD
7471 gnutls_certificate_print_formats_t: ADD, new enum.
7472 gnutls_x509_crt_get_signature: ADD.
7473 gnutls_x509_crt_get_extension_data: ADD.
7474 gnutls_x509_crt_get_extension_info: ADD.
7475 gnutls_x509_crt_get_subject_alt_othername_oid: ADD.
7476 GNUTLS_SAN_OTHERNAME: ADD, new gnutls_x509_subject_alt_name_t element.
7477 GNUTLS_SAN_OTHERNAME_XMPP: ADD, new gnutls_x509_subject_alt_name_t element.
7479 * Version 1.7.5 (released 2007-02-06)
7481 ** Servers won't negotiate SRP RSA/DSS cipher suites if no SRP credential
7484 ** Default behaviour for the gnutls-cli and gnutls-serv tools improved.
7486 ** Fix --list output for gnutls-cli and gnutls-serv.
7487 Mention TLS1.2, SHA512 etc.
7489 ** Manual contains new section on setting up a test HTTP server.
7490 A server set up following those descriptions are available online via
7491 <http://www.gnutls.org/server.html>.
7493 ** Update of gnulib files.
7495 ** API and ABI modifications:
7496 No changes since last version.
7498 * Version 1.7.4 (released 2007-02-05)
7500 ** Support for RSA signing using SHA-256/384/512.
7501 A new self test "sha2" tries to build a long X.509 certificate chain
7502 testing all new hashes.
7504 ** The gnutls-serv tool now use static DH parameters if none are supplied.
7506 ** Discuss proxy certificates in the manual.
7508 ** Improve bibliographical citations in the manual.
7510 ** Update of gnulib files.
7512 ** Fix certtool template handling of pathLenConstraints.
7513 It now defaults to -1 instead of 0, which causes the field to be
7514 missing unless the template specify it.
7516 ** API and ABI modifications:
7519 GNUTLS_MAC_SHA512: New gnutls_mac_algorithm_t values.
7522 GNUTLS_DIG_SHA512: New gnutls_digest_algorithm_t values.
7523 GNUTLS_SIGN_RSA_SHA256,
7524 GNUTLS_SIGN_RSA_SHA384,
7525 GNUTLS_SIGN_RSA_SHA512: New gnutls_sign_algorithm_t values.
7527 * Version 1.7.3 (released 2007-02-01)
7529 ** New option to certtool: --generate-proxy.
7530 This will generate a Proxy Certificate from an end entity certificate.
7531 Proxy Certificates are documented in RFC 3820. You will need to
7532 specify the proxy certificate's private key with --load-privkey, the
7533 user certificate with --load-certificate and the private key used to
7534 sign the new proxy certificate with --load-ca-privkey. Certtool will
7535 query for proxy path length and the policy language OID. Currently
7536 only OIDs that have an empty policy are supported (which includes the
7537 two OIDs defined by RFC 3820).
7539 ** Certtool --certificate-info now prints information for Proxy Certificates.
7540 Before the proxy extension was just printed as DER encoded data.
7542 ** New APIs to set proxy subject names and get/set proxy cert extension.
7544 ** Fix parsing of pathLenConstraints in BasicConstraints with missing cA.
7546 ** Added self-test to test for regressions of pathLenConstraint bug.
7547 Incidentally, this also test (some) other regressions or changes in
7548 the output from certtool --certificate-info.
7550 ** When certtool generates CA certificates, pressing enter on the path
7551 ** length constraint query will now remove the field.
7552 Before it set the path length constraint to 0, which is a rather poor
7555 ** Certtool now print times in UTC when printing certificate/CRL info.
7557 ** Add better fix to work around C++ compiler bug on Mac OS X.
7558 Reported and tiny patch provided by Matthias Scheler <tron@NetBSD.org>.
7560 ** Fix import of ASCII armored OpenPGP keys.
7561 Patch by ludovic.courtes@laas.fr (Ludovic Courtès).
7563 ** Update of gnulib files.
7565 ** API and ABI modifications:
7566 gnutls_x509_crt_set_proxy_dn: ADD.
7567 gnutls_x509_crt_set_proxy: ADD.
7568 gnutls_x509_crt_get_proxy: ADD.
7570 * Version 1.7.2 (released 2007-01-14)
7572 ** Certtool now print the value of the pathLenConstraints field for certs.
7574 ** Certtool now query for path length constraints when generating CA certs.
7575 For batch uses, the certtool configuration name is "path_len".
7576 Suggested by Sascha Ziemann <sascha.ziemann@secunet.com>.
7578 ** Add new API to get/set pathLenConstraint in the Basic Constraints.
7579 The new functions gnutls_x509_crt_get_basic_constraints and
7580 gnutls_x509_crt_set_basic_constraints provide a superset of the
7581 functionality in the old gnutls_x509_crt_get_ca_status and
7582 gnutls_x509_crt_set_ca_status (respectively), but the old functions
7583 will continue to be supported.
7585 ** Add new API in OpenCDK to extract public/secret OpenPGP key to S-expr.
7586 The functions are cdk_pubkey_to_sexp and cdk_seckey_to_sexp. A proper
7587 OpenCDK release with this patch will be made soon, which should bump
7588 the OpenCDK version number. Patch by Mario Lenz <mario.lenz@gmx.net>.
7590 ** Certtool --to-p12 can now store more than one certificate in the blob.
7591 Before it could only store one certificate, but now it will read and
7592 store as many certificate there are from the --load-certificate file.
7593 Suggested by Sascha Ziemann <sascha.ziemann@secunet.com>.
7595 ** Clean up separation of gnutls and gnutls-extra for OpenPGP.
7596 In particular, the OpenPGP function variables are no longer part of
7597 the exported libgnutls interface, and no header files from
7598 libgnutls-extra (GPL) are needed by libgnutls (LGPL). The variables
7599 were never intended for non-internal purposes, and thus this does not
7600 imply a change in the external API/ABI.
7602 ** Print URL to gaa when missing, and fix srcdir!=builddir for GAA files.
7603 Reported by ludovic.courtes@laas.fr (Ludovic Courtès).
7605 ** GnuTLS no longer uses -mms-bitfields --enable-runtime-pseudo-reloc.
7606 Before these parameters were set to make GnuTLS build under mingw32,
7607 however, they appear to no longer be necessary.
7609 ** A minor fix to the C++ library to make it build.
7610 Reported by Pavlov Konstantin <thresh@altlinux.ru>.
7612 ** Update of gnulib files.
7614 ** API and ABI modifications:
7615 gnutls_x509_crt_get_basic_constraints: ADD.
7616 gnutls_x509_crt_set_basic_constraints: ADD.
7617 cdk_pubkey_to_sexp: ADD (in opencdk).
7618 cdk_seckey_to_sexp: ADD (in opencdk).
7620 * Version 1.7.1 (released 2006-12-28)
7622 ** TLS 1.2 server side fix.
7623 The Certificate Request sent did not contain the list of supported
7624 hashes field, thus violating the protocol. It will now contain an
7625 empty list. Reported by ludovic.courtes@laas.fr (Ludovic Courtès).
7627 ** TLS 1.2 DSA signature verification fix.
7628 Reported by ludovic.courtes@laas.fr (Ludovic Courtès).
7630 ** Fix the list of trusted CAs that server's send to clients.
7631 Before, the list contained issuer DN's instead of subject DN's of the
7632 trusted CAs. Reported by Max Kellermann <max@duempel.org>.
7634 ** Fix gnutls_certificate_set_x509_crl to initialize the CRL before using it.
7635 Also added a self-test in tests/certificate_set_x509_crl.c to test the
7636 function. Reported by Max Kellermann <max@duempel.org>.
7638 ** Encode UID fields in DN's as DirectoryString.
7639 Before GnuTLS encoded and parsed UID fields as IA5String. This was
7640 incorrect, it should have used DirectoryString. Now it will use
7641 DirectoryString for the UID field, but for backwards compatibility it
7642 will also accept IA5String UID's. Reported by Max Kellermann
7645 ** Improve out-of-sourcedir builds from CVS.
7646 Reported by ludovic.courtes@laas.fr (Ludovic Courtès).
7648 ** Bootstrap tools changed.
7649 We now require autoconf 2.61, automake 1.10, and gettext 0.16, when
7650 building GnuTLS from CVS. Libtool 1.5.22 is used.
7652 ** Fixed a syntax error in lib/gnutls.asn.
7653 Reported by Paul Millar <p.millar@physics.gla.ac.uk>.
7655 ** Added German translation of GnuTLS messages.
7657 ** Update of gnulib files.
7659 ** API and ABI modifications:
7660 No changes since last version.
7662 * Version 1.7.0 (released 2006-11-29)
7664 ** The default protocol priority try TLS 1.1 and TLS 1.2 too.
7665 The details is that the protocol priority set by
7666 `gnutls_set_default_priority' has been changed from TLS 1.0 and SSL
7667 3.0 to TLS 1.2, TLS 1.1, TLS 1.0 and SSL 3.0.
7669 ** Preliminary support for TLS 1.2.
7670 The client has been successfully tested against
7671 https://www.mikestoolbox.org:4433/.
7673 ** Anonself test now print a lot of debugging info, including TLS version.
7675 ** Doc fixes in OpenCDK, to avoid some gtk-doc warnings.
7677 ** Update of gnulib files.
7679 ** API and ABI modifications:
7680 GNUTLS_TLS1_2: New gnutls_protocol_t enum member.
7682 *** Pulled up from stable 1.6.x branch:
7684 ** Fix ./configure failure with non-GCC compilers.
7685 This fixes the following error message:
7686 configure: error: conditional "HAVE_LD_OUTPUT_DEF" was never defined.
7687 Reported by "Michael C. Vergallen" <mvergall@telenet.be>.
7689 * Version 1.6.3 (released 2007-05-26)
7691 ** New API functions to extract DER encoded X.509 Subject/Issuer DN.
7692 Suggested by Nate Nielsen <nielsen-list@memberwebs.com>. Backported
7693 from the 1.7.x branch, see
7694 <http://lists.gnu.org/archive/html/help-gnutls/2007-05/msg00029.html>.
7696 ** Have PKCS8 parser return better error codes.
7697 Reported by Nate Nielsen <nielsen-list@memberwebs.com>, see
7698 <http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001653.html> and
7699 <http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001654.html>.
7701 ** Fix mem leak for sessions with client authentication via certificates.
7702 Reported by Andrew W. Nosenko <andrew.w.nosenko@gmail.com>, see
7703 <http://lists.gnupg.org/pipermail/gnutls-dev/2007-April/001539.html>.
7705 ** Fix building of 'tlsia' self test.
7706 Earlier some gcc are known to build tlsia linking to
7707 $prefix/lib/libgnutls-extra.so rather than the libgnutls-extra.so in
7708 the build directory, even though command line parameters look OK.
7709 Changing order of some parameters fixes it.
7711 ** API and ABI modifications:
7712 gnutls_x509_crt_get_raw_issuer_dn: ADD.
7713 gnutls_x509_crt_get_raw_dn: ADD.
7715 * Version 1.6.2 (released 2007-04-18)
7717 ** Fix X.509 signing with RSA-PKCS#1 to set a NULL parameters fields.
7718 Before, we remove the parameters field, which resulted in a slightly
7719 different DER encoding which in turn caused signature verification
7720 failures of GnuTLS-generated RSA certificates in some other
7721 implementations (e.g., GnuPG 2.x's gpgsm). Depending on which RFCs
7722 you read, this may or may not be correct, but our new behaviour appear
7723 to be consistent with other widely used implementations.
7725 ** Regenerate the PKIX ASN.1 syntax tree.
7726 For some reason, after changing the ASN.1 type of ldap-UID in the last
7727 release, the generated C file built from the ASN.1 schema was not
7728 refreshed. This can cause problems when reading/writing UID
7729 components inside X.500 Distinguished Names. Reported by devel
7730 <dev001@pas-world.com>.
7732 ** Updated translations.
7734 ** API and ABI modifications:
7735 No changes since last version.
7737 * Version 1.6.1 (released 2006-12-28)
7739 ** Fix the list of trusted CAs that server's send to clients.
7740 Before, the list contained issuer DN's instead of subject DN's of the
7741 trusted CAs. Reported by Max Kellermann <max@duempel.org>.
7743 ** Fix gnutls_certificate_set_x509_crl to initialize the CRL before using it.
7744 Reported by Max Kellermann <max@duempel.org>.
7746 ** Encode UID fields in DN's as DirectoryString.
7747 Before GnuTLS encoded and parsed UID fields as IA5String. This was
7748 incorrect, it should have used DirectoryString. Now it will use
7749 DirectoryString for the UID field, but for backwards compatibility it
7750 will also accept IA5String UID's. Reported by Max Kellermann
7753 ** Fix ./configure failure with non-GCC compilers.
7754 This fixes the following error message:
7755 configure: error: conditional "HAVE_LD_OUTPUT_DEF" was never defined.
7756 Reported by "Michael C. Vergallen" <mvergall@telenet.be>.
7758 ** API and ABI modifications:
7759 No changes since last version.
7761 * Version 1.6.0 (released 2006-11-17)
7763 ** No changes since 1.5.5.
7764 The major changes compared to the 1.4.x branch are:
7766 *** A GnuTLS C++ library is part of the official distribution.
7767 Currently there are no examples or documentation, but hopefully this
7768 will change. See gnutlsxx.h for the API.
7770 *** Windows is a supported platform.
7771 There are, however, two know bugs. One is related to select() in
7772 command line tools (not, nota bene, in the library), the other is a
7773 problem with libgcrypt that causes delays. Help is needed to resolve
7774 those issues, so we feel we can't delay the release because of this.
7776 *** New APIs for custom push/pull function error reporting.
7777 The new APIs are gnutls_transport_set_errno and
7778 gnutls_transport_set_global_errno. See the release notes for version
7779 1.5.4 for more information.
7781 *** Self tests are run under valgrind, if available. See --disable-valgrind.
7783 * Version 1.5.5 (released 2006-11-16)
7785 ** Correctly bump shared library version after adding new APIs.
7786 This was forgotten in the last release.
7788 ** Fix unsigned vs signed problem in ex-x509-info.c example.
7789 Reported by Tim Kosse <tim.kosse@filezilla-project.org>.
7791 ** Fix the rsa-md5-collision self test to work for MinGW+Wine.
7793 ** Update of gnulib files.
7795 ** API and ABI modifications:
7796 No changes since last version.
7798 * Version 1.5.4 (released 2006-11-07)
7800 ** New API functions to set errno in push/pull functions.
7801 Under Windows, setting the errno variable in a push/pull replacement
7802 may end up setting the wrong errno variable, and GnuTLS send/recv
7803 functions become confused about the real errno returned from a failed
7804 push/pull function. Therefor, we have added two APIs to set the errno
7805 variable used by GnuTLS. The APIs can also help to keep things
7806 thread-safe, by avoiding potentially global variables. Typically,
7807 instead of setting errno in your push/pull function, you will call one
7808 of these functions. It is recommended to use
7809 gnutls_transport_set_errno, but if you don't have the session variable
7810 easily accessible in the push/pull replacement function, you can use
7811 gnutls_transport_set_global_errno. Suggested by Tim Kosse
7812 <tim.kosse@filezilla-project.org>.
7814 void gnutls_transport_set_errno (gnutls_session_t session, int err);
7815 void gnutls_transport_set_global_errno (int err);
7817 ** When calling `recv' or `send' Windows errors are handled properly.
7818 The Windows recv/send functions doesn't use errno, and GnuTLS now use
7819 WSAGetLastError to access the error condition instead.
7821 ** Several OpenPGP API fixes.
7822 All suggested by ludovic.courtes@laas.fr (Ludovic Courtès). The most
7823 important fix is to change the return value of
7824 gnutls_openpgp_privkey_get_pk_algorithm and
7825 gnutls_openpgp_key_get_pk_algorithm from 'int' to
7826 'gnutls_pk_algorithm_t', which is an enum type (and thus API/ABI
7827 compatible with 'int').
7829 ** When a GnuTLS server receive a SSLv2 Client Hello for an unknown TLS
7830 ** version, try to negotiate the highest version support by the GnuTLS server,
7831 ** instead of the lowest.
7832 Reported by <Pasi.Eronen@nokia.com>.
7834 ** Replace old constructs with use of gnulib modules.
7835 For example, we can now assume unistd.h, sys/stat.h, sys/socket.h in
7836 the code. If the headers doesn't exist on the target system, gnulib
7837 will make sure its replacement header files are used instead.
7839 ** Fix SOVERSION computation for *.def files.
7840 This fixes build errors similar to "No rule to make target
7841 `libgnutls-`expr', needed by `all-am'." when building for Windows.
7843 ** gnutls_check-version uses strverscmp from gnulib.
7845 ** Update of gnulib files.
7847 ** API and ABI modifications:
7848 gnutls_transport_set_errno: ADD
7849 gnutls_transport_set_global_errno: ADD
7851 * Version 1.5.3 (released 2006-10-26)
7853 ** Add new self-test of RSA-MD5 signature chains.
7854 Note that we already, since GnuTLS 1.2.9, reject RSA-MD5 signatures
7855 when verifying X.509 chains. The code is in tests/rsa-md5-collision/
7856 and is based on the work by Marc Stevens et al, see
7857 <http://www.win.tue.nl/hashclash/TargetCollidingCertificates/>.
7859 ** Re-factor self tests.
7861 ** The include copy of Libtasn1 is updated to version 0.3.7.
7863 ** The included copy of OpenCDK is updated to version 0.5.11.
7865 ** Fix the filename of the *.def file on Windows after library version bump.
7867 ** Separated the gnulib directory into one for LGPL modules and one for GPL.
7868 This allows the GPL'd part of GnuTLS to take advantage of the GPL'd
7869 gnulib modules. Earlier we could only use the LGPL'ed module from
7870 gnulib, because two gnulib directories in the same project didn't
7873 ** API and ABI modifications:
7874 No changes since last version.
7876 * Version 1.5.2 (released 2006-10-03)
7878 ** Decrement the shared library version back to 13 (as in the 1.4.x branch).
7879 Note that if you installed 1.5.0 or 1.5.1, they will have a higher
7880 shared library version than this version, so you'll have to remove
7881 them and possibly relink your applications. The reason for this is
7882 that no API/ABI changes have been made since the 1.4.x branch, and
7883 that incrementing the shared library version was a mistake. Reported
7884 by Andreas Metzler <ametzler@downhill.at.eu.org>.
7886 ** Fix off-by-one error when computing length to malloc.
7887 The code is used by gnutls_openpgp_add_keyring_file and
7888 gnutls_openpgp_add_keyring_mem. Reported by "Adam Langley"
7889 <agl@imperialviolet.org>.
7891 ** Add version script for the GnuTLS C++ library.
7892 Reported by Andreas Metzler <ametzler@downhill.at.eu.org>.
7894 ** Fix the C++ compiler detection logic.
7895 Reported by Andreas Metzler <ametzler@downhill.at.eu.org>.
7897 ** Update of gnulib files.
7899 ** API and ABI modifications:
7900 No changes since last version.
7902 * Version 1.5.1 (released 2006-09-21)
7904 ** Fix PKCS#1 verification to avoid a variant of Bleichenbacher's
7905 ** Crypto 06 rump session attack.
7906 In particular, we check that the digestAlgorithm.parameters field is
7907 missing or empty, to avoid that it can contain "garbage" that may be
7908 used to alter the numeric properties of the signature. See
7909 <http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html> (which is
7910 not exactly the same as the problem we fix here). Reported by Yutaka
7911 OIWA <y.oiwa@aist.go.jp>.
7913 See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more
7914 up to date information.
7916 ** Add self test to test for above flaw.
7918 ** Fix gnutls-cli-debug regarding resume support detection.
7919 Earlier, if the session-id from the server had a length of 0, it would
7920 indicate that the server supports resumption, which isn't the case.
7921 Reported by Kataja Kai <kai.kataja@op.fi>.
7923 ** Fix building of examples on FreeBSD by including netinet/in.h.
7924 Reported by Roman Bogorodskiy <novel@FreeBSD.org>.
7926 ** Fix certtool bug that caused the private key to not be loaded when
7927 generating a certificate with --load-request, which in turn triggered
7928 another unrelated bug in gnutls_x509_crt_sign2 (also fixed). Reported
7929 by Sascha Ziemann <sascha.ziemann@secunet.com>.
7931 ** gnutls-cli and gnutls-serv works on Windows.
7932 The problem was the select() call that doesn't work on file
7933 descriptors (stdin) on Windows. We borrowed some code from plibc to
7934 solve this. It appears to be somewhat unreliable though.
7936 ** Autoconf 2.60 is now used.
7938 ** API and ABI modifications:
7939 No changes since last version.
7941 * Version 1.5.0 (released 2006-08-13)
7943 ** Change SRP and Cert-Type extensions to match IANA registry.
7945 ** Fixed bug in OpenPGP authentication handshake.
7947 ** Improvements for building under MinGW.
7948 Provides internal inet_ntop and inet_pton functions and arpa/inet.h
7949 header. Calls WSAStartup and WSACleanup in gnutls_global_init and
7950 gnutls_global_deinit, respectively. Loads getaddrinfo and getnameinfo
7951 at run-time from ws2_32.dll, and falls back on a simple replacement if
7952 it is not available. Builds the library with -mms-bitfields
7953 -Wl,--enable-runtime-pseudo-reloc. Links with --output-def, to
7954 create *.def files, which are installed.
7956 ** The examples now (conditionally) include config.h and link to gnulib.
7957 No other source changes were necessary, so the examples should
7958 continue to be possible to use stand-alone without any autoconf or
7961 ** Added C++ header "gnutlsxx.h" and library "libgnutlsxx".
7962 You may unconditionally disable it with --disable-cxx. See
7963 includes/gnutls/gnutlsxx.h and lib/gnutlsxx.cpp for the
7966 ** Made command line tool '--version' behave according to GNU Standards.
7967 This enables 'make distcheck' to succeed.
7969 ** OpenCDK updated to 0.5.9 to fix some problems with OpenPGP support.
7971 ** Make --without-included-libtasn1 work.
7972 Reported by Daniel Black <dragonheart@gentoo.org>.
7974 ** Fix a crash (strcmp() on a NULL value) in the certificate verification logic.
7975 See https://www.gnu.org/software/gnutls/security.html regardging
7976 GNUTLS-SA-2006-2 for more up to date information. Reported by
7977 satyakumar <satyam_kkd@hyd.hellosoft.com>.
7979 ** API and ABI modifications:
7980 No changes since last version.
7982 * Version 1.4.5 (released 2006-11-06)
7984 ** When a GnuTLS server receive a SSLv2 Client Hello for an unknown TLS
7985 ** version, try to negotiate the highest version support by the GnuTLS server,
7986 ** instead of the lowest.
7987 Reported by <Pasi.Eronen@nokia.com>.
7989 ** Fix typo in doc/examples/ex-serv-pgp.c.
7990 Reported by Adam Langley" <agl@imperialviolet.org>.
7992 ** API and ABI modifications:
7993 No changes since last version.
7995 * Version 1.4.4 (released 2006-09-12)
7997 ** Relax the test that caught signatures that exploit the variant of
7998 ** Bleichenbacher's Crypto 06 rump session attack on our
7999 ** verification logic flaw.
8000 In particular, we now permit the digestAlgorithm.parameters field to
8001 be present but empty, whereas in 1.4.3 we actually checked that the
8004 ** Revert the removal of debug information for the GNUTLS-SA-2006-3 problem.
8005 The messages are only printed in debug mode, which is not recommended
8006 for normal use, and thus logging this situation cannot be abused as an
8007 oracle in typical recommended situations.
8009 ** API and ABI modifications:
8010 No changes since last version.
8012 * Version 1.4.3 (released 2006-09-08)
8014 ** Fix PKCS#1 verification to avoid a variant of Bleichenbacher's
8015 ** Crypto 06 rump session attack.
8016 In particular, we check that the digestAlgorithm.parameters field is
8017 empty, to avoid that it can contain "garbage" that may be used to
8018 alter the numeric properties of the signature. See
8019 <http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html> (which is
8020 not exactly the same as the problem we fix here). Reported by Yutaka
8021 OIWA <y.oiwa@aist.go.jp>.
8023 See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more
8024 up to date information.
8026 ** Fix PKCS#1 decryption to avoid Bleichenbacher's Crypto 98 attack.
8027 See <http://www.bell-labs.com/user/bleichen/papers/pkcs.ps.gz>.
8028 Reported by Werner Koch <wk@gnupg.org>.
8030 See GNUTLS-SA-2006-3 on http://www.gnutls.org/security.html for more
8031 up to date information.
8033 ** Fix crash in gnutls_x509_crt_sign2 if passed a NULL issuer_key.
8035 ** API and ABI modifications:
8036 No changes since last version.
8038 * Version 1.4.2 (released 2006-08-12)
8040 ** Fix a crash (strcmp() on a NULL value) in the certificate verification logic.
8041 This can happen if you call gnutls_certificate_verify_peers2 and have
8042 a certain mix of local CA certificates and the peer send special
8043 certificates, that together trigger certain behaviour. It is not
8044 known at this point whether the crash can be triggered without the
8045 special local CA certificate, and thus turn this into a remote crash
8046 of clients that verify server certificates when they talk to a server
8047 with the special server certificate. See GNUTLS-SA-2006-2 on
8048 https://www.gnu.org/software/gnutls/security.html for more up to date
8049 information. Reported by satyakumar <satyam_kkd@hyd.hellosoft.com>.
8051 ** Change SRP and Cert-Type extensions to match IANA registry.
8053 ** OpenCDK updated to 0.5.9 to fix some problems with OpenPGP support.
8055 ** Make --without-included-libtasn1 work.
8056 Reported by Daniel Black <dragonheart@gentoo.org>.
8058 ** API and ABI modifications:
8059 No changes since last version.
8061 * Version 1.4.1 (released 2006-06-14)
8063 ** Replaced inactive ifdefs to enable openpgp support in test programs.
8065 ** Fixed bug in OpenPGP authentication handshake.
8067 ** Fixed typographical in man pages.
8069 ** Build fixes of the manual.
8071 ** Added Swedish translation.
8073 ** API and ABI modifications:
8074 No changes since last version.
8076 * Version 1.4.0 (released 2006-05-15)
8078 ** Remove GnuTLS 0.8.x compatibility functions.
8080 ** The libgcrypt RNG is initialized in gnutls_global_init().
8082 ** TLS/IA API changes from Emile van Bergen.
8083 A dummy credential structure is not needed now, if you wish to use the
8084 low-level TLS/IA API, simply call gnutls_ia_enable to enable TLS/IA on
8087 ** The self-tests are now run under valgrind, if it is installed.
8089 ** Libtasn1 is updated to 0.3.4, and that version is now required.
8091 ** The command line tools now use getaddrinfo and support IPv6.
8093 ** API and ABI modifications:
8094 _gnutls_x509_get_raw_crt_activation_time,
8095 _gnutls_x509_get_raw_crt_expiration_time: Removed.
8096 gnutls_ia_require_inner_phase: Removed, replaced by gnutls_ia_enable.
8097 gnutls_ia_enable: Added.
8099 * Version 1.3.5 (released 2006-03-08)
8101 ** Error messages are now translated using GNU Gettext.
8103 ** The function gnutls_x509_crt_to_xml now return an internal error.
8104 This means that the code to convert X.509 certificates to XML format
8105 does not work any more. The reason is that the function called
8106 libtasn1 internal functions. It seems unclean for libtasn1 to export
8107 the APIs needed here. Instead it would be better to implement XML
8108 support inside libtasn1 properly. If you need this functionality
8109 strongly, please consider looking into implementing this suggested
8110 approach instead. As a workaround, you may also modify lib/x509/xml.c
8111 (change '#if 1' to '#if 0') and build using --with-included-libtasn1.
8113 ** Libraries are now built with libtool's -no-undefined.
8114 This helps producing libraries for Windows using mingw32.
8116 ** Doc fixes to explain that gnutls_record_send can block.
8118 ** Libtasn1 0.3.1 or later is now required.
8119 The include copy has been updated too.
8121 ** gnutls-cli can now recognize services and port numbers with the -p option.
8123 ** API and ABI modifications:
8124 No changes since last version.
8126 * Version 1.3.4 (released 2006-02-09)
8128 ** Fix read of out bounds bug in DER parser.
8129 Reported by Evgeny Legerov <admin@gleg.net>, and debugging help from
8130 Protover SSL. Libtasn1 0.2.18 is now required, which contains the
8131 previous bug fix. The included libtasn1 version in GnuTLS has been
8134 ** Fixed bug in non-blocking gnutls_bye(). gnutls_record_send() will no
8135 longer invalidate a session if the underlying send fails, but it will
8136 prevent future writes. That is to allow reading the already received data.
8137 Patches and bug reports by Yoann Vandoorselaere <yoann@prelude-ids.org>
8139 ** Corrected bugs in gnutls_certificate_set_x509_crl() and
8140 gnutls_certificate_set_x509_trust(), that caused memory corruption if
8141 more than one certificates were added. Report and patch by Max Kellermann.
8143 ** Fix build problems of OpenCDK on AIX.
8144 Thanks to "Heiden, John" <JHeiden@UTNet.UToledo.Edu>.
8146 ** API and ABI modifications:
8147 No changes since last version.
8149 * Version 1.3.3 (released 2006-01-12)
8151 ** New API to access the TLS master secret.
8152 When possible, you should use the TLS PRF functions instead.
8153 Suggested by Jouni Malinen <jkmaline@cc.hut.fi>.
8155 ** Improved handling when multiple libraries use GnuTLS at the same time.
8156 Now gnutls_global_init() can be called multiple times, and
8157 gnutls_global_deinit() will only deallocate the structure when it has
8158 been called as many times as gnutls_global_init() was called.
8160 ** Added a self test of TLS resume functionality.
8162 ** Fix crash in TLS resume code, caused by TLS/IA changes.
8164 ** Documentation fixes about thread unsafety, prompted by
8165 ** discussion with bryanh@giraffe-data.com (Bryan Henderson).
8166 In particular, gnutls_global_init() and gnutls_global_deinit() are not
8167 thread safe. Careful callers may want to protect the call using a
8168 mutex. The problem could also be ignored, which would cause a memory
8169 leak under rare conditions when two threads invoke the function
8170 roughly at the same time.
8172 ** Add 'const' keywords in various places, from Frediano ZIGLIO.
8174 ** The code was indented again, including the external header files.
8176 ** API and ABI modifications:
8177 New functions to retrieve the master secret value:
8178 gnutls_session_get_master_secret
8180 Add a 'const' keyword to existing API:
8181 gnutls_x509_crq_get_challenge_password
8183 * Version 1.3.2 (released 2005-12-15)
8185 ** GnuTLS now support TLS Inner application (TLS/IA).
8186 This is per draft-funk-tls-inner-application-extension-01. This
8187 functionality is added to libgnutls-extra, so it is licensed under the
8188 GNU General Public License.
8190 ** New APIs to access the TLS Pseudo-Random-Function (PRF).
8191 The PRF is used by some protocols building on TLS, such as EAP-PEAP
8192 and EAP-TTLS. One function to access the raw PRF and one to access
8193 the PRF seeded with the client/server random fields are provided.
8194 Suggested by Jouni Malinen <jkmaline@cc.hut.fi>.
8196 ** New APIs to acceess the client and server random fields in a session.
8197 These fields can be useful by protocols using TLS. Note that these
8198 fields are typically used as input to the TLS PRF, and if this is your
8199 intended use, you should use the TLS PRF API that use the
8200 client/server random field directly. Suggested by Jouni Malinen
8201 <jkmaline@cc.hut.fi>.
8203 ** Internal type cleanups.
8204 The uint8, uint16, uint32 types have been replaced by uint8_t,
8205 uint16_t, uint32_t. Gnulib is used to guarantee the presence of
8206 correct types on platforms that lack them. The uint type have been
8207 replaced by unsigned.
8209 ** API and ABI modifications:
8210 New functions to invoke the TLS Pseudo-Random-Function (PRF):
8214 New functions to retrieve the session's client and server random values:
8215 gnutls_session_get_server_random
8216 gnutls_session_get_client_random
8218 New function, to perform TLS/IA handshake:
8221 New function to decide whether to do a TLS/IA handshake:
8222 gnutls_ia_handshake_p
8224 New functions to allocate a TLS/IA credential:
8225 gnutls_ia_allocate_client_credentials
8226 gnutls_ia_free_client_credentials
8227 gnutls_ia_allocate_server_credentials
8228 gnutls_ia_free_server_credentials
8230 New functions to handle the AVP callback:
8231 gnutls_ia_set_client_avp_function
8232 gnutls_ia_set_client_avp_ptr
8233 gnutls_ia_get_client_avp_ptr
8234 gnutls_ia_set_server_avp_function
8235 gnutls_ia_set_server_avp_ptr
8236 gnutls_ia_get_server_avp_ptr
8238 New functions, to toggle TLS/IA application phases:
8239 gnutls_ia_require_inner_phase
8241 New function to mix session keys with inner secret:
8242 gnutls_ia_permute_inner_secret
8244 Low-level API (used internally by gnutls_ia_handshake):
8245 gnutls_ia_endphase_send
8249 New functions that can be used after successful TLS/IA negotiation:
8250 gnutls_ia_generate_challenge
8251 gnutls_ia_extract_inner_secret
8253 Enum type with TLS/IA modes:
8256 Enum type with TLS/IA packet types:
8259 Enum values for TLS/IA alerts:
8260 GNUTLS_A_INNER_APPLICATION_FAILURE
8261 GNUTLS_A_INNER_APPLICATION_VERIFICATION
8263 New error codes, to signal when an application phase has finished:
8264 GNUTLS_E_WARNING_IA_IPHF_RECEIVED
8265 GNUTLS_E_WARNING_IA_FPHF_RECEIVED
8267 New error code to signal TLS/IA verify failure:
8268 GNUTLS_E_IA_VERIFY_FAILED
8270 * Version 1.3.1 (released 2005-12-08)
8272 ** Support for DHE-PSK cipher suites has been added.
8273 This method offers perfect forward secrecy.
8275 ** Fix gnutls-cli STARTTLS hang when SIGINT is sent too quickly, thanks to
8276 Otto Maddox <ottomaddox@fastmail.fm> and Nozomu Ando <nand@mac.com>.
8278 ** Corrected a bug in certtool for 64 bit machines. Reported
8279 by Max Kellermann <max@duempel.org>.
8281 ** New function to set a X.509 private key and certificate pairs, and/or
8282 CRLs, from an PKCS#12 file, suggested by Emile van Bergen
8283 <emile@e-advies.nl>.
8285 The integrity of the PKCS#12 file is protected through a password
8286 based MAC; public-key based signatures for integrity protection are
8287 not supported. PKCS#12 bags may be encrypted using password derived
8288 symmetric keys, public-key based encryption is not supported. The
8289 PKCS#8 keys may be encrypted using passwords. The API use the same
8290 password for all operations. We believe that any more flexibility
8291 create too much complexity that would hurt overall security, but may
8292 add more PKCS#12 related APIs if real-world experience indicate
8295 ** gnutls_x509_privkey_import_pkcs8 now accept unencrypted PEM PKCS#8 keys,
8296 reported by Emile van Bergen <emile@e-advies.nl>.
8297 This will enable "certtool -k -8" to parse those keys.
8299 ** Certtool now generate keys in unencrypted PKCS#8 format for empty passwords.
8300 Use "certtool -p -8" and press press enter at the prompt. Earlier,
8301 certtool would have encrypted the key using an empty password.
8303 ** Certtool now accept --password for --key-info and encrypted PKCS#8 keys.
8304 Earlier it would have prompted the user for it, even if --password was
8307 ** Added self test of PKCS#8 parsing.
8308 Unencrypted and encrypted (pbeWithSHAAnd3-KeyTripleDES-CBC and
8309 pbeWithSHAAnd40BitRC2-CBC) formats are tested. The test is in
8312 ** API and ABI modifications:
8313 New function to set X.509 credentials from a PKCS#12 file:
8314 gnutls_certificate_set_x509_simple_pkcs12_file
8316 New gnutls_kx_algorithm_t enum type:
8319 New API to return session data (basically same as gnutls_session_get_data):
8320 gnutls_session_get_data2
8322 New API to set PSK Diffie-Hellman parameters:
8323 gnutls_psk_set_server_dh_params
8325 * Version 1.3.0 (2005-11-15)
8327 ** Support for TLS Pre-Shared Key (TLS-PSK) ciphersuites have been added.
8328 This add several new APIs, see below. Read the updated manual for
8329 more information. A new self test "pskself" has been added, that will
8330 test this functionality.
8332 ** The session resumption data are now system independent.
8334 ** The code has been re-indented to conform to the GNU coding style.
8336 ** Removed the RIPEMD ciphersuites.
8338 ** Added a discussion of the internals of gnutls in manual.
8340 ** Fixes for Tru64 UNIX 4.0D that lack MAP_FAILED, from Albert Chin.
8342 ** Remove trailing comma in enums, for IBM C v6, from Albert Chin.
8344 ** Make sure config.h is included first in a few files, from Albert Chin.
8346 ** Don't use C++ comments ("//") as they are invalid, from Albert Chin.
8348 ** Don't install SRP programs and man pages if --disable-srp-authentication,
8351 ** API and ABI modifications:
8352 New gnutls_kx_algorithm_t key exchange type: GNUTLS_KX_PSK
8354 New gnutls_credentials_type_t credential type:
8357 New credential types:
8358 gnutls_psk_server_credentials_t
8359 gnutls_psk_client_credentials_t
8361 New functions to allocate PSK credentials:
8362 gnutls_psk_allocate_client_credentials
8363 gnutls_psk_free_client_credentials
8364 gnutls_psk_free_server_credentials
8365 gnutls_psk_allocate_server_credentials
8367 New enum type for PSK key flags:
8368 gnutls_psk_key_flags
8370 New function prototypes for credential callback:
8371 gnutls_psk_client_credentials_function
8372 gnutls_psk_server_credentials_function
8374 New function to set PSK username and key:
8375 gnutls_psk_set_client_credentials
8377 New function to set PSK passwd file:
8378 gnutls_psk_set_server_credentials_file
8380 New function to extract PSK user in server:
8381 gnutls_psk_server_get_username
8383 New functions to set PSK callback:
8384 gnutls_psk_set_server_credentials_function
8385 gnutls_psk_set_client_credentials_function
8387 Use size_t instead of int for output size parameter:
8388 gnutls_srp_base64_encode
8389 gnutls_srp_base64_decode
8391 * Version 1.2.11 (2006-05-11)
8392 - The function gnutls_x509_crt_to_xml is not supported any more, and
8393 return an internal error. The reason is that the function called
8394 internal libtasn1 functions which are no longer exported from
8396 - Updated libtasn1 requirement to 0.3.4 and refreshed internal mintiasn1.
8397 - Updated gnulib compatibility files.
8398 - Fixed _gnutls_x509_get_raw_crt_expiration_time and
8399 _gnutls_x509_get_raw_crt_activation_time to return (time_t)-1 on errors.
8400 - API and ABI modifications:
8401 No changes since last version.
8403 * Version 1.2.10 (2006-02-09)
8404 - Fix read out bounds bug in DER parser. Reported by Evgeny Legerov
8405 <admin@gleg.net>, and debugging help from Protover SSL.
8406 - Libtasn1 0.2.18 is now required (contains the previous bug fix).
8407 The included version has been updated too.
8408 - Fix gnutls-cli STARTTLS hang when SIGINT is sent too quickly, thanks to
8409 Otto Maddox <ottomaddox@fastmail.fm> and Nozomu Ando <nand@mac.com>.
8410 - Corrected a bug in certtool for 64 bit machines. Reported
8411 by Max Kellermann <max@duempel.org>.
8412 - Corrected bugs in gnutls_certificate_set_x509_crl() and
8413 gnutls_certificate_set_x509_trust(), that caused memory corruption if
8414 more than one certificates were added. Report and patch by Max Kellermann.
8415 - Fixed bug in non-blocking gnutls_bye(). gnutls_record_send() will no
8416 longer invalidate a session if the underlying send fails, but it will
8417 prevent future writes. That is to allow reading the already received data.
8418 Patches and bug reports by Yoann Vandoorselaere <yoann@prelude-ids.org>
8420 * Version 1.2.9 (2005-11-07)
8421 - Documentation was updated and improved.
8422 - RSA-MD2 is now supported for verifying digital signatures.
8423 - Due to cryptographic advances, verifying untrusted X.509
8424 certificates signed with RSA-MD2 or RSA-MD5 will now fail with a
8425 GNUTLS_CERT_INSECURE_ALGORITHM verification output. For
8426 applications that must remain interoperable, you can use the
8427 GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 or GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5
8428 flags when verifying certificates. Naturally, this is not
8429 recommended default behaviour for applications. To enable the
8430 broken algorithms, call gnutls_certificate_set_verify_flags with the
8431 proper flag, to change the verification mode used by
8432 gnutls_certificate_verify_peers2.
8433 - Make it possible to send empty data through gnutls_record_send,
8434 to align with the send(2) API.
8435 - Some changes in the certificate receiving part of handshake to prevent
8436 some possible errors with non-blocking servers.
8437 - Added numeric version symbols to permit simple CPP-based feature
8438 tests, suggested by Daniel Stenberg <daniel@haxx.se>.
8439 - The (experimental) low-level crypto alternative to libgcrypt used
8440 earlier (Nettle) has been replaced with crypto code from gnulib.
8441 This leads to easier re-use of these components in other projects,
8442 leading to more review and simpler maintenance. The new configure
8443 parameter --with-builtin-crypto replace the old --with-nettle, and
8444 must be used if you wish to enable this functionality. See README
8445 under "Experimental" for more information. Internally, GnuTLS has
8446 been updated to use the new "Generic Crypto" API in gl/gc.h. The
8447 API is similar to the old crypto/gc.h, because the gnulib code were
8448 based on GnuTLS's gc.h.
8449 - Fix compiler warning in the "anonself" self test.
8450 - API and ABI modifications:
8451 gnutls_x509_crt_list_verify: Added 'const' to prototype in <gnutls/x509.h>.
8452 This doesn't reflect a change in behaviour,
8453 so we don't break backwards compatibility.
8454 GNUTLS_MAC_MD2: New gnutls_mac_algorithm_t value.
8455 GNUTLS_DIG_MD2: New gnutls_digest_algorithm_t value.
8456 GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2,
8457 GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: New gnutls_certificate_verify_flags values.
8459 gnutls_x509_crt_list_verify,
8460 gnutls_x509_crt_verify, or
8461 gnutls_certificate_set_verify_flags.
8462 GNUTLS_CERT_INSECURE_ALGORITHM: New gnutls_certificate_status_t value,
8463 used when broken signature algorithms
8464 is used (currently RSA-MD2/MD5).
8465 LIBGNUTLS_VERSION_MAJOR,
8466 LIBGNUTLS_VERSION_MINOR,
8467 LIBGNUTLS_VERSION_PATCH,
8468 LIBGNUTLS_VERSION_NUMBER: New CPP symbols, indicating the GnuTLS
8469 version number, can be used for feature existence
8472 * Version 1.2.8 (2005-10-07)
8473 - Libgcrypt 1.2.2 is required to fix a bug for forking GnuTLS servers.
8474 - Don't install the auxilliary libexamples library used by the
8475 examples in doc/examples/ on "make install", report and tiny patch
8476 from Thomas Klausner <tk@giga.or.at>.
8477 - If you pass a X.509 CA or PGP trust database to the command line
8478 tool, it will now abort the connection if the server certificate
8479 validation fails. Use the parameter --insecure to continue even
8480 after certificate validation failures. Inspired from discussion
8481 with Alexander Kotelnikov <sacha@myxomop.com>.
8482 - The test for socklen_t has been moved to gnulib.
8483 - Link failures for duplicate or missing "program_name" symbol has been fixed,
8484 patch from Martin Lambers <marlam@marlam.de>.
8485 - The command line tool and the examples no longer uses mmap or bzero,
8486 to make them more portable, patch from Martin Lambers
8488 - Made the PKCS #12 API handle null passwords. Based on patch by
8489 Anton Altaparmakov <aia21@cam.ac.uk>.
8490 - The GTK-DOC manual should build with current released tools.
8491 (But a copy of the output is included, so the tools are not required.)
8492 - The inet_ntop function is now used through gnulib.
8493 - API and ABI modifications:
8494 No changes since last version.
8496 * Version 1.2.7 (2005-09-09)
8497 - The GnuTLS and GnuTLS-extra libraries are now built with versioned symbols.
8498 - Certtool now complains when reading out-of-range X.509 serial
8499 numbers, suggested by Fran <e_agf@yahoo.es>.
8500 - Certtool now uses the readline library (when available) when reading
8501 X.509 serial numbers.
8502 - Fixed build problems in getpass on uClibc and Mingw32 platforms.
8503 - Fixed compile warning regarding socklen_t on Mingw32, reported by
8504 Martin Lambers <marlam@marlam.de>.
8505 - Fixed examples in doc/examples/, suggested by Fran <e_agf@yahoo.es>.
8506 - Gnulib is now used for the core library, enabling future code cleanups.
8507 - The gnutls-cli tool now use gnutls_certificate_verify_peers2,
8508 suggested by Daniel Stenberg <daniel@haxx.se>.
8509 - Doc fixes for gnutls_transport_set_push and gnutls_transport_set_pull.
8510 - Minilibtasn1 is now 0.2.17 (removed optional use of C99 macros).
8511 - Disable zlib support if zlib.h is not present.
8512 - A number of internal cleanups.
8513 - API and ABI modifications:
8514 No changes since last version.
8516 * Version 1.2.6 (2005-07-16)
8517 - MiniLZO updated to version 2.01 and moved to separate directory.
8518 - Collision between system LZO header files and MiniLZO header file
8519 fixed, reported by Matthias Urlichs <smurf@smurf.noris.de>.
8520 - Will now test for liblzo functionality in liblzo2 too, reported by
8521 Thomas Klausner <tk@giga.or.at>.
8522 - Minilibtasn1 is now 0.2.14 (no code changes).
8523 - Some code changes to avoid GTK-DOC warnings.
8524 - API and ABI modifications:
8525 No changes since last version.
8527 * Version 1.2.5 (2005-07-03)
8528 - More builddir != srcdir fixes, reported by Mike Castle
8529 <dalgoda@ix.netcom.com>.
8530 - Fixed off-by-one bug in the size parameter of gnutls_x509_crt_get*_dn,
8531 reported by Adam Langley <alangley@gmail.com>.
8532 - Corrected some stuff in minilzo detection. Pointed out by
8534 - MiniLZO updated to version 2.00.
8535 - gnutls_x509_crt_list_import now accept a DER formatted CRL.
8536 - API and ABI modifications:
8537 No changes since last version.
8539 * Version 1.2.4 (2005-05-28)
8540 - Corrected some bugs that could affect 64 bit systems.
8541 - Some corrections in the header files to include the prototype
8542 of memmem properly (affected 64 bit systems). Report and patch
8543 by Yoann Vandoorselaere <yoann@prelude-ids.org>.
8544 - Introduced the --fix-key option to certtool, which can be used to
8545 regenerate the (optional) parameters in a private key. It should
8546 be used together with --key-info.
8547 - Corrected a bug in certificate chain verification that could lead
8548 to marking a trusted chain as non trusted, if the last certificate in
8549 the chain was a self signed one.
8550 - Gnulib portability files were updated.
8551 - License were updated to reflect new FSF address.
8552 - API and ABI modifications:
8553 No changes since last version.
8555 * Version 1.2.3 (2005-04-28)
8556 - Corrected bug in record packet parsing that could lead
8557 to a denial of service attack.
8558 - Corrected bug in RSA key export. Previously exported keys
8559 can be fixed using certtool. Use certtool -k <infile >outfile
8560 - API and ABI modifications:
8561 gnutls_x509_privkey_fix(): Add.
8563 * Version 1.2.2 (2005-04-25)
8564 - gnutls_error_to_alert() now considers
8565 GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET.
8566 - Fixed error in session resuming that could cause a crash in a session.
8567 - Fixed pkcs12 friendly name and local key identifier decoding.
8568 - Internal cleanups, removed duplicate typedef/struct definitions,
8569 and made source code include external include file, to check
8570 function prototypes during compile time.
8571 - API and ABI modifications:
8572 No changes since last version. At least not intentional, but due
8573 to the include header changes, there may be inadvertant changes,
8574 please let us know if you find any.
8576 * Version 1.2.1 (2005-04-04)
8577 - gnutls_bye() will no longer fail when RDWR is used and application
8578 data are available for reading.
8579 - Added more strict checks for the SRP parameters (g,n), when they
8580 are not in the included list.
8581 - Added warning to certtool when MD5 is being used for digital
8583 - Optimizations ("-O2 -finline-functions") are not enabled by default,
8584 instead the standard autoconf defaults are used. Use `./configure
8585 CFLAGS="-O2 -finline-functions"' to get the old optimizations.
8586 - Added the option --get-dh-params to certtool, in order to get the
8587 parameters included in the library primes and generators.
8588 - Improved the semantics of GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, to
8589 allow only trusted Version 1 CAs and introduced
8590 GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT which has the old semantics.
8591 - Nettle self tests now build properly, reported by Pierre
8592 <pierre42d@9online.fr>.
8593 - Eliminated some memory leaks in DHE and RSA-EXPORT cipher suites.
8594 Reported by Yoann Vandoorselaere <yoann@prelude-ids.org>.
8595 - If the library has been compiled with features disabled, a warning is
8596 issued during the compilation of any program.
8597 - API and ABI modifications:
8598 gnutls_x509_crt_list_import(): Add
8599 gnutls_x509_crq_get_attribute_by_oid(): Add.
8600 gnutls_x509_crq_set_attribute_by_oid(): Add
8601 gnutls_x509_crt_set_extension_by_oid(): Add.
8602 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Modify semantics.
8603 GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Add, old behaviour.
8605 * Version 1.2.0 (2005-01-27)
8606 - Added the definitions and OIDs for the RIPEMD-160 hash algorithm.
8607 - Introduced gnutls_x509_crt_sign2(), gnutls_x509_crq_sign2() and
8608 gnutls_x509_crl_sign2().
8609 - Fixed license header in source code files.
8611 * Version 1.1.23 (2005-01-18)
8612 - It is now possible to generate PKCS#12 structures without private
8613 keys using "certtool --to-p12", suggested by Fabian Fagerholm
8615 - Certtool now prints information for the RSA and DSA parameters of
8616 certificates and private keys.
8617 - Corrected the write of CRL distribution points.
8618 - The certificate chain verification function now checks certificates
8619 in the reverse order to minimize the spent resources.
8620 - Corrected several bugs found by Marcin Garski <mgarski@post.pl>
8621 - The functions gnutls_x509_crl_get_issuer_dn, gnutls_x509_crq_get_dn,
8622 gnutls_x509_crt_get_issuer_dn, gnutls_x509_crt_get_dn, and
8623 gnutls_x509_rdn_get now set *sizeof_buf to the buffer length that is
8624 required, instead of the string length. That is, the value has been
8625 incremented by 1 to account for the terminating zero. Reported by
8626 Martin Lambers <marlam@web.de>.
8627 - Debug output shouldn't crash on platforms that doesn't handle NULL
8628 printf %s values. Reported by Michael.Ringe@aachen.utimaco.de.
8629 - Sync included copy of libtasn1 with version 0.2.13.
8630 - Client X.509 authenticated connections via gnutls-cli should now work again.
8632 * Version 1.1.22 (2004-11-04)
8633 - Replace GNU LD version script with Libtool -export-symbols-regex,
8634 from Joe Orton <joe@manyfish.co.uk>.
8635 - Documentation improvements.
8636 - Code indented using 'indent -i4 -kr'.
8637 - The API manual is included in Devhelp format. (Was in last release too,
8638 but the NEWS entry was forgotten.)
8639 - The OpenSSL compatibility code now use the internal crypto interface.
8640 - Added simple self test of OpenSSL compatibility library.
8641 - Internally, libtool convenience libraries are used.
8642 - Cleanups to configure.ac.
8644 * Version 1.1.21 (2004-10-27)
8645 - Print DN of certificates with unknown characters in them, but in hexform
8647 - Added second precision to the X.509 parsing and generation functions.
8648 - Corrected bug in _gnutls_x509_get_dn_oid(), and returns the
8650 - Add parameter --la-file to libgnutls-config and libgnutls-extra-config,
8651 tiny patch contributed by Joe Orton <joe@manyfish.co.uk>.
8652 - Add pkg-config meta files, suggested by Stéphane LOEUILLET
8653 <stephane.loeuillet@tiscali.fr>.
8654 - Fix memory initializaion bug in gnutls_certificate_set_x509_trust,
8655 tiny patch by Aleix Conchillo Flaque <aleix@member.fsf.org>.
8656 - Add self test of PKCS#12 functionality in "certtool", based on test
8657 vectors from Joe Orton <joe@manyfish.co.uk>.
8658 - Fix library order in libgnutls*-config --libs output, to permit
8659 static linking, reported by Yoann Vandoorselaere
8660 <yoann@prelude-ids.org>.
8662 * Version 1.1.20 (2004-10-12)
8663 - Fix compile problem in gl/getpass.c on some systems.
8665 * Version 1.1.19 (2004-10-07)
8666 - Fix memory leak in gnutls_certificate_verify_peers and
8667 gnutls_certificate_free_credentials, report and patch by Simon
8668 Posnjak <simon.posnjak@cetrtapot.si>.
8669 - Fix crash in `certtool --to-p12 --load-privkey foo', i.e. exporting
8670 a key and no certificate to PKCS#12.
8671 - Fix objdir != srcdir builds, reported by "Gerrit P. Haase"
8672 <gp@familiehaase.de>.
8673 - Fixes faulty getpass implementation in libextra/opencdk/, reported
8674 by Yoann Vandoorselaere <yoann@prelude-ids.org>.
8675 - Uses memmem instead of strnstr in lib/.
8676 - Using more GNULib portability files, although not yet inside lib/.
8677 - Added gnutls_certificate_verify_peers to gnutls/compat.h.
8678 Nikos deprecated gnutls_certificate_verify_peers in favor of
8679 gnutls_certificate_verify_peers2 earlier in the 1.1 branch.
8680 - Improvements to the manual.
8681 - Add new example "ex-rfc2818" for certificate verification, from Nikos.
8682 - Known bug: the library require snprintf. This has not yet been
8683 fixed, but will be handled via GNULib later on.
8685 * Version 1.1.18 (2004-08-24)
8686 - Corrected handling of certificate with dates after year 2038.
8687 - Corrected DER decoder which could incorrectly treat input as BER and fail.
8688 - Correct certtool --smime-to-p7 end of line character handling.
8689 - Added example client and server for anonymous authentication.
8690 - Added self test that tests anonymous TLS client and server.
8691 - Added self tests of Nettle and generic crypto layer.
8692 - Added API reference manual in HTML format in doc/reference/ using GTK-DOC.
8693 Online version at <https://www.gnu.org/software/gnutls/reference/>.
8694 - Assume C89 or better; removed checks for size_t, ptrdiff_t and time_t.
8695 - Man pages for API functions are included.
8697 * Version 1.1.17 (2004-08-18)
8698 - Bug fix of padding string in RSA PKCS#1 v1.5 type 2 encryption,
8699 reported by Robey Pointer <robey@danger.com>.
8700 - Generic crypto interface for secret key ciphers, hashes and randomness added.
8701 See section "Experimental" within section "COMPILATION ISSUES" in README.
8702 - Removed length limit on passwords read by 'certtool'.
8703 - Documentation fixes.
8705 * Version 1.1.16 (2004-08-15)
8706 - Fix missing gnulib linker parameter when building certtool.
8707 - Add gnulib module 'progname', needed by module 'error'.
8708 - Improve building with srcdir != objdir.
8710 * Version 1.1.15 (2004-08-15)
8711 - Certtool has simplistic --smime-to-p7 to translate RFC 2633 messages into
8713 - Ported to Mac OS X / Darwin.
8714 - Ported to FreeBSD.
8716 * Version 1.1.14 (2004-08-09)
8717 - Documentation converted to Texinfo format.
8718 - Bug fix of test suite.
8719 - Configure now print build information, used by Autobuild.
8721 * Version 1.1.13 (2004-08-05)
8722 - Added simple self test suite.
8724 * Version 1.1.12 (2004-08-02)
8725 - Updated the SRP authentication to conform to the
8726 latest (yet unreleased) draft. Unfortunately this breaks
8727 compatibility with previous versions.
8728 - Changed the makefiles to be more portable.
8729 - SRP ciphersuites were moved to the gnutls library.
8730 - Added some default limits in the verification of certificate
8731 chains, to avoid denial of service attacks. Also added
8732 gnutls_certificate_set_verify_limits() to override them.
8733 Issue pointed out by Patrik Hornik <patrik@hornik.sk>.
8734 - Added gnutls_certificate_verify_peers2().
8736 * Version 1.1.11 (2004-07-16)
8737 - Added the '_t' suffix to all exported symbols.
8738 - Fixed bug in RSA encryption, report and patch by Martijn Koster
8739 <mak@greenhills.co.uk>.
8740 - Corrected a bug in certificate verification. Pointed out by
8741 Yoann Vandoorselaere <yoann@prelude-ids.org>
8742 - Added the GNUTLS_VERIFY_DO_NOT_ALLOW_SAME flags to the
8743 verification functions.
8744 - The ephemeral DH and RSA parameters are no longer stored in the
8746 - Do not free the SRP (prime and generator) parameters obtained from the
8747 callback if they are the static ones defined in extra.h
8748 - Eliminated some memory leaks. Reported by Yoann Vandoorselaere.
8750 * Version 1.1.10 (2004-06-12)
8751 - Added gnutls_sign_algorithm_get_name() and gnutls_pk_algorithm_get_name()
8752 - Corrected bug in TLS renegotiation.
8753 - Corrected bug in OpenPGP key loading using a callback.
8754 - gnutls-srpcrypt was renamed to srptool
8755 - Allow handshake requests by the client.
8756 - Automatically disable certificate types that do not have corresponding
8758 - Added gnutls_auth_client_get_type() and gnutls_auth_server_get_type()
8759 - Opencdk library is being included if not found.
8760 - certtool can now add ip address SAN extension.
8761 - certtool has now support for more X.520 DN attribute types.
8762 - Better handling of EOF in gnutls_record_recv().
8763 - _gnutls_deinit() is no longer used. Sessions are not
8764 automatically removed any more, on abnormal termination.
8765 - Corrected session resuming in SRP ciphersuites.
8766 - Updated to conform to the latest srp draft (draft-ietf-tls-srp-07)
8767 - Added new functions to allow access to the ephemeral
8768 Diffie Hellman parameters.
8769 - Added the functions gnutls_x509_crt_get_pk_rsa_raw() and
8770 gnutls_x509_crt_get_pk_dsa_raw() to retrieve parameters from certificates.
8771 - Added the functions gnutls_dh_get_group(), gnutls_dh_get_pubkey() and
8772 gnutls_rsa_export_get_pubkey() to retrieve parameters of the DH or
8773 RSA-EXPORT key exchange.
8774 - Some fixes in the session resuming code.
8775 - Added gnutls_openpgp_keyring_check_id().
8777 * Version 1.1.9 (2004-04-14)
8778 - Added support for authority key identifier and the extended key usage
8779 X.509 extension fields. The certtoool was updated to support them.
8780 - The RC2 cipher is no more included. The one in libgcrypt is now used.
8781 - Added batch support to certtool. Now it can use templates.
8783 * Version 1.1.8 (2004-04-07)
8784 - Implemented all the tests for the SRP group parameters in
8785 client side. This may lead to incompatibility with very
8787 - Corrected bug in RSA parameters handling which could cause
8789 - Optimized the copying of rsa_params.
8791 * Version 1.1.7 (2004-03-29)
8792 - Added gnutls_certificate_set_params_function() and
8793 gnutls_anon_set_params_function() that set the RSA or DH
8794 parameters using a callback.
8795 - Added functions gnutls_rsa_params_cpy(), gnutls_dh_params_cpy()
8796 and gnutls_x509_privkey_cpy().
8797 - Corrected a compilation issue when opencdk was installed in a
8798 non standard directory.
8799 - Deprecated: gnutls_srp_server_set_select_function(),
8800 gnutls_certificate_client_set_select_function(), gnutls_srp_server_set_select_function().
8802 * Version 1.1.6 (2004-02-24)
8803 - Several bug fixes, by Arne Thomassen.
8804 - Fixed a bug where 'server name' extension was always sent.
8806 * Version 1.1.5 (2004-01-06)
8807 - Added the gnutls_sign_algorithm type.
8809 * Version 1.1.4 (2004-01-04)
8810 - Improved gnutls-cli's SRP behaviour in SRP ciphersuites.
8811 If they are of highest priority then the abbreviated handshake
8813 - Removed all references of missing files.
8814 - Changed handshake behaviour to send the lowest TLS version
8815 when an unsupported version was advertized. The current behaviour
8816 is to send the maximum version we support.
8817 - Corrected problem printing the DC attributes in a DN.
8819 * Version 1.1.3 (2003-12-30)
8820 - Implemented TLS 1.1 (and also obsoleted the TLS 1.0 CBC protection
8823 * Version 1.1.2 (2003-12-28)
8824 - Added CRL verification functionality to certtool.
8825 - Corrected the CRL distribution point extension handling.
8827 * Version 1.1.1 (2003-12-26)
8828 - Added PKCS #7 support to certtool utility.
8829 - Added support for reading and generating CRL distribution
8830 points extensions in certificates.
8831 - Added support for generating CRLs in the library and the
8833 - Added support for the Subject Key ID PKIX extension.
8835 * Version 1.1.0 (2003-12-21)
8836 - The error codes GNUTLS_E_NO_TEMPORARY_DH_PARAMS and GNUTLS_E_NO_TEMPORARY_RSA_PARAMS
8837 are no longer returned by the handshake function. Ciphersuites that
8838 require temporary parameters are removed when such parameters do not exist.
8839 - Added the callbacks gnutls_certificate_client_retrieve_function() and
8840 gnutls_certificate_server_retrieve_function(), to allow a client or a server
8841 to specify certificates for the handshake without storing them to the
8842 credentials structure.
8843 - Added support for generating and exporting DSA private keys.
8844 - Added gnutls_x509_crt_set_key_usage() and certtool can now set the
8845 certificate's key usage.
8846 - Added gnutls_openpgp_key_get_key_usage().
8848 * Version 1.0.25 (2005-04-27)
8849 - Corrected bug in record packet parsing that could lead
8850 to a denial of service attack.
8851 - Corrected bug in RSA key export.
8853 * Version 1.0.24 (2005-01-18)
8854 - Corrected several bugs found by Marcin Garski <mgarski@post.pl>
8856 * Version 1.0.23 (2004-11-13)
8857 - Replace GNU LD version script with Libtool -export-symbols-regex,
8858 from Joe Orton <joe@manyfish.co.uk>.
8859 - Copy libtasn1 has been updated to version 0.2.11.
8860 - Corrected the write of CRL distribution points.
8861 - It is now possible to generate PKCS#12 structures without private
8862 keys using "certtool --to-p12", suggested by Fabian Fagerholm
8865 * Version 1.0.22 (2004-10-28)
8866 - Print DN of certificates with unknown characters in them, but in hexform
8868 - Corrected bug in _gnutls_x509_get_dn_oid(), and returns the
8870 - Added second precision to the X.509 parsing functions.
8871 - Add parameter --la-file to libgnutls-config and libgnutls-extra-config,
8872 tiny patch contributed by Joe Orton <joe@manyfish.co.uk>.
8873 - Add pkg-config meta files, suggested by Stéphane LOEUILLET
8874 <stephane.loeuillet@tiscali.fr>.
8875 - Fix memory initializaion bug in gnutls_certificate_set_x509_trust,
8876 tiny patch by Aleix Conchillo Flaque <aleix@member.fsf.org>.
8877 - Fix certtool --password for PKCS #12, back ported from 1.1.x branch.
8878 - Fix library order in libgnutls*-config --libs output, to permit
8879 static linking, reported by Yoann Vandoorselaere
8880 <yoann@prelude-ids.org>.
8882 * Version 1.0.21 (2004-10-07)
8883 - Fix memory leak in gnutls_certificate_verify_peers and
8884 gnutls_certificate_free_credentials, report and patch by Simon
8885 Posnjak <simon.posnjak@cetrtapot.si>.
8886 - Fix crash in `certtool --to-p12 --load-privkey foo', i.e. exporting
8887 a key and no certificate to PKCS#12.
8888 - Fix objdir != srcdir builds, reported by "Gerrit P. Haase"
8889 <gp@familiehaase.de>.
8890 - Avoid redefining getpass if system already has it, reported by
8891 Yoann Vandoorselaere <yoann@prelude-ids.org>.
8892 - Add new example "ex-rfc2818" for certificate verification, from Nikos.
8893 - Known bug: the library require snprintf.
8895 * Version 1.0.20 (2004-08-18)
8896 - Bug fix of padding string in RSA PKCS#1 v1.5 type 2 encryption,
8897 reported by Robey Pointer <robey@danger.com>.
8899 * Version 1.0.19 (2004-08-09)
8900 - Bug fix of test suite.
8902 * Version 1.0.18 (2004-08-05)
8903 - Added simple self test suite.
8905 * Version 1.0.17 (2004-08-02)
8906 - Updated the SRP authentication to conform to the
8907 latest (yet unreleased) draft. Unfortunately this breaks
8908 compatibility with previous versions.
8909 - Changed the makefiles to be more portable.
8910 - Added some default limits in the verification of certificate
8911 chains, to avoid denial of service attacks. Also added
8912 gnutls_certificate_set_verify_limits() to override them.
8913 Issue pointed out by Patrik Hornik <patrik@hornik.sk>.
8914 - Added gnutls_certificate_verify_peers2().
8916 * Version 1.0.16 (2004-07-10)
8917 - Do not free the SRP (prime and generator) parameters obtained from the
8918 callback if they are the static ones defined in extra.h.
8919 - Eliminated some memory leaks. Reported by Yoann Vandoorselaere.
8920 - Some fixes in the makefiles.
8922 * Version 1.0.15 (2004-06-29)
8923 - Fixed bug in RSA encryption, report and patch by Martijn Koster
8924 <mak@greenhills.co.uk>.
8925 - Corrected a bug in certificate verification. Pointed out by
8926 Yoann Vandoorselaere <yoann@prelude-ids.org>.
8928 * Version 1.0.14 (2004-06-12)
8929 - Automatically disable certificate types that do not have corresponding
8931 - Updates in the documentation.
8932 - certtool can now add ip address SAN extension.
8933 - certtool has now support for more X.520 DN attribute types.
8934 - Opencdk library is being included if not found.
8935 - Added gnutls_openpgp_keyring_check_id().
8936 - Corrected a serious bug in the included libtasn1 library.
8937 - Corrected session resuming in SRP ciphersuites.
8938 - Updated to conform to the latest srp draft (draft-ietf-tls-srp-07)
8939 - Added the functions gnutls_x509_crt_get_pk_rsa_raw() and
8940 gnutls_x509_crt_get_pk_dsa_raw() to retrieve parameters from certificates.
8941 - Some fixes in the session resuming code.
8943 * Version 1.0.13 (2004-04-29)
8944 - Some complilation fixes.
8945 - Added the --xml parameter to the certtool utility.
8947 * Version 1.0.12 (2004-04-23)
8948 - Corrected bug in OpenPGP key loading using a callback.
8949 - Renamed gnutls-srpcrypt to srptool
8950 - Allow handshake requests by the client.
8951 * Things backported from the development branch:
8952 - Added support for authority key identifier and the extended key usage
8953 X.509 extension fields. The certtoool was updated to support them.
8954 - Added batch support to certtool. Now it can use templates.
8955 - The RC2 cipher is no more included. The one in libgcrypt is now used.
8957 * Version 1.0.11 (2004-04-17)
8958 - Added gnutls_sign_algorithm_get_name() and gnutls_pk_algorithm_get_name()
8959 - Corrected bug in TLS renegotiation.
8961 * Version 1.0.10 (2004-04-03)
8962 - Corrected bug in RSA parameters handling which could cause
8964 - Corrected bug in SSL 3.0 authentication.
8966 * Version 1.0.9 (2004-03-29)
8967 - Added gnutls_certificate_set_params_function() and
8968 gnutls_anon_set_params_function() that set the RSA or DH
8969 parameters using a callback.
8970 - Added functions gnutls_rsa_params_cpy(), gnutls_dh_params_cpy()
8971 and gnutls_x509_privkey_cpy().
8972 - Corrected a compilation issue when opencdk was installed in a
8973 non standard directory.
8974 - Documented the changes need in multi-threaded application due
8975 to the new libgcrypt.
8977 * Version 1.0.8 (2004-02-28)
8978 - Corrected bug in mutual certificate authentication in SSL 3.0.
8980 * Version 1.0.7 (2004-02-25)
8981 - Implemented TLS 1.1 (and also obsoleted the TLS 1.0 CBC protection
8983 - Some updates in the documentation.
8985 * Version 1.0.6 (2004-02-12)
8986 * Backported things from the development branch (while maintaining
8987 backwards compatibility):
8988 - Improved gnutls-cli's SRP behaviour in SRP ciphersuites.
8989 If they are of highest priority then the abbreviated handshake
8991 - The error codes GNUTLS_E_NO_TEMPORARY_DH_PARAMS and GNUTLS_E_NO_TEMPORARY_RSA_PARAMS
8992 are no longer returned by the handshake function. Ciphersuites that
8993 require temporary parameters are removed when such parameters do not exist.
8994 - Added the callbacks gnutls_certificate_client_retrieve_function() and
8995 gnutls_certificate_server_retrieve_function(), to allow a client or a server
8996 to specify certificates for the handshake without storing them to the
8997 credentials structure.
8998 - Added support for generating and exporting DSA private keys.
9000 * Version 1.0.5 (2004-02-11)
9001 - Fixed a bug where 'server name' extension was always sent.
9002 * Backported things from the development branch:
9003 - Added CRL verification functionality to certtool.
9004 - Corrected the CRL distribution point extension handling.
9005 - Added PKCS #7 support to certtool utility.
9006 - Added support for reading and generating CRL distribution
9007 points extensions in certificates.
9008 - Added support for generating CRLs in the library and the
9010 - Added support for the Subject Key ID PKIX extension.
9011 - Added the gnutls_sign_algorithm type.
9013 * Version 1.0.4 (2004-01-04)
9014 - Changed handshake behaviour to send the lowest TLS version
9015 when an unsupported version was advertized. The current behaviour
9016 is to send the maximum version we support.
9017 - certtool no longer asks the password in unencrypted private
9019 - The source is now compiled to use the reentrant libc functions.
9021 * Version 1.0.3 (2003-12-21)
9022 - Corrected bug in gnutls_bye() which made it return an error code
9023 of INVALID_REQUEST instead of success.
9024 - Corrected a bug in the GNUTLS_KEY key usage definitions.
9026 * Version 1.0.2 (2003-12-18)
9027 - Corrected a bug in the RSA key generation. This was
9028 generating unusable RSA keys.
9030 * Version 1.0.1 (2003-12-10)
9031 - Some minor fixes in the makefiles. They now include CFLAGS
9032 from libgcrypt or opencdk if installed in a non standard directory.
9033 - Fixed the SRP detection test in gnutls-cli-debug.
9034 - Added gnutls_rsa_params_export_pkcs1() and gnutls_rsa_params_import_pkcs1().
9036 * Version 1.0.0 (2003-12-04)
9037 - Exported the static SRP group parameters.
9038 - Some fixes in the certificate authenticated SRP ciphersuites.
9039 - Improved the support for draft-ietf-tls-srp-05. The two-phase
9040 handshake is now fully supported without any interaction with
9041 the application layer (except for a callback).
9043 * Version 0.9.99 (2003-11-28)
9044 - Some fixes in the gnutls.h header for the gnutls_server_name_set()
9045 and gnutls_server_name_get() prototypes.
9046 - Exported the gnutls_x509_privkey_sign_data(), gnutls_x509_privkey_verify_data()
9047 and gnutls_x509_crt_verify_data().
9048 - Some fixes in the openpgp authentication.
9049 - Removed the Twofish cipher.
9051 * Version 0.9.98 (2003-11-16)
9052 - The openssl compatibility layer was moved to gnutls-openssl
9053 library instead of being included in the gnutls-extra library.
9054 - Added the RIPEMD ciphersuites defined in draft-ietf-tls-openpgp-keys-04.
9055 - Building with openpgp support is now mandatory.
9056 - gnutls4 compatibility header is no longer included by default in
9058 - gnutls8 function usage yelds a deprecation warning in gcc3.
9059 - gnutls_x509_*_set_dn_by_oid() and gnutls_x509_*_get_*_dn_by_oid()
9060 functions have a raw_flag parameter added.
9061 - Added gnutls_x509_*_get_dn_oid() and gnutls_x509_crt_get_extension_oid()
9062 functions which return the available OIDs.
9064 * Version 0.9.97 (2003-11-11)
9065 - The certtool utility can now generate PKCS #12 structures
9066 without specifying a certificate.
9067 - Added capability to read CRLs to certtool.
9068 - Corrected some functions which return GNUTLS_E_SHORT_MEMORY_BUFFER
9069 to properly set the required buffer size.
9070 - Corrected a bug in libgcrypt detection.
9072 * Version 0.9.96 (2003-11-09)
9073 - Some changes to allow compilation with mingw32.
9074 - Several code cleanups.
9076 * Version 0.9.95 (2003-11-02)
9077 - Improved the verification functions. Added new verification
9078 output flags and removed the unused and redundant ones.
9079 - Improved the OpenPGP key support.
9080 - The prime utility was removed, and its functionality was moved
9083 * Version 0.9.94 (2003-10-30)
9084 - Added manpages for the included programs.
9085 - Documented and improved the certtool utility.
9086 - Added PKCS #12 support to certtool utility.
9088 * Version 0.9.93 (2003-10-26)
9089 - Corrected some compilation issues.
9090 - Improved the certtool command line utility.
9092 * Version 0.9.92 (2003-10-25)
9093 - The RFC2818 hostname verification is now case insensitive.
9094 - Added support for generating X.509 certificates.
9095 - Added the certtool, a tool for generating X.509 certificates
9097 * Version 0.9.91 (2003-10-17)
9098 - Fixed a compilation issue in the openpgp authentication part.
9100 * Version 0.9.90 (2003-10-08)
9101 - Updated the openpgp key API (depends on the unreleased new
9104 * Version 0.9.8 (2003-10-02)
9105 - Updated the SRP implementation to follow the latest draft
9106 (draft-ietf-tls-srp-05).
9107 - Improved the gnutls-cli behaviour in error handling,
9108 and added a check for the peer's hostname.
9109 - Use versioned symbols in the library (where available).
9110 - RIJNDAEL ciphersuites were renamed to AES.
9112 * Version 0.9.7 (2003-08-25)
9113 - The tex files are now included in the distribution.
9114 - The library can now decrypt PKCS #12 files encrypted with
9116 - The missing rfc2818_hostname object is now included.
9117 - Several corrections and bug fixes in the library by
9118 Arne Thomassen <arne@arne-thomassen.de>.
9119 - CR is now allowed in the base64 decoder.
9121 * Version 0.9.6 (2003-06-28)
9122 - Added gnutls_x509_privkey_get_key_id() and gnutls_x509_crt_get_key_id()
9123 functions which return a unique (per public key) ID. These can
9124 be used to check if the private key corresponds to a given certificate.
9125 - Corrections in the TLS layer openpgp certificate packet parser.
9126 - Corrected a bug in the record layer buffering, which affected
9127 the case where external pull function was used. Report and patch
9128 by Sergey Poznyakoff <gray@Mirddin.farlep.net>.
9129 - Corrected a bug in gnutls-srpcrypt where a non allocated variable
9131 - SRP programs are now built by default.
9132 - Added API to read and write to PKCS #12 structures. Prototypes
9134 - The gnutls_transport_ptr type was changed to a pointer type (void*).
9136 * Version 0.9.5 (2003-04-06)
9137 - Several improvements in the PKCS #7 handling
9138 - Eliminated several hard coded constants in MPI parameters.
9140 * Version 0.9.4 (2003-03-28)
9141 - Corrected a parsing error in the Certificate request message.
9142 - Corrected behaviour when a certificate request message is received.
9143 Now a certificate packet is always sent, and in SSL 3.0 cipher suites
9144 a no_certificate alert is sent instead.
9145 - Added functionality to generate PKCS #7 structures (with certificates).
9147 * Version 0.9.3 (2003-03-24)
9148 - Support for MD2 was dropped.
9149 - Improved the error logging functions, by adding a level, and
9150 by allowing debugging messages just by increasing the level.
9151 - The diffie Hellman ciphersuites are now of higher priority than
9153 - The RSA premaster secret version check can no longer be disabled.
9154 - Implemented the counter measure discussed in the paper "Attacking
9155 RSA-based Sessions in SSL/TLS", against the attack described in the
9157 - Added the functions: gnutls_handshake_get_last_in(),
9158 gnutls_handshake_get_last_out().
9159 - The gnutls_certificate_set_rsa_params() was renamed to
9160 gnutls_certificate_set_rsa_export_params().
9161 - Added the new functions: gnutls_certificate_set_x509_key()
9162 gnutls_certificate_set_x509_trust(), gnutls_certificate_set_x509_crl(),
9163 gnutls_x509_crt_export(), gnutls_x509_crl_export().
9164 - Added support for encoding and decoding PKCS #8 2.0 encrypted
9167 * Version 0.9.2 (2003-03-15)
9168 - Some corrections in the memory mapping code (file is unmapped after
9170 - Added support for PKCS#10 certificate requests generation.
9172 * Version 0.9.1 (2003-03-12)
9173 - Corrected a bug in 64 bit architectures, which affected the
9174 serial number calculation in the record layer.
9175 - Added gnutls_certificate_free_keys() which deletes all the
9176 private keys and certificates from the credentials structure.
9177 - Corrected a broken buffer check in _gnutls_io_read_buffered(),
9178 which caused some unexpected packet length errors. Report and patch
9179 by Ian Peters <itp@ximian.com>.
9180 - Added ability to generate RSA keys.
9181 - Increased the maximum parameter size in order to read some large keys
9182 by some CAs. Patch by Ian Peters <itp@ximian.com>.
9183 - Added an strnstr() function and the requirement in some functions to
9184 use null terminated PEM structures is no more.
9185 - Use mmap() if available to read files.
9186 - Fixed a memory leak in SRP code reported by Rupert Kittinger
9187 <r.kittinger@efkon.com>.
9189 * Version 0.9.0 (2003-03-03)
9190 - This version is not binary compatible with the previous ones.
9191 - The library notifies the application on empty and illegal SRP usernames,
9192 so that proper notification (via an alert) is sent to the peer.
9193 - Added ability to send some messages back to the application using
9194 the gnutls_global_set_log_function().
9195 - gnutls_dh_params_generate() and gnutls_rsa_params_generate() now use
9196 gnutls_malloc() to allocate the output parameters.
9197 - Added support for MD2 algorithm in certificate signature verification.
9198 - The RSA and DH parameter generation interface was changed. Added
9199 ability to import and export from and to PKCS3 structures. This
9200 was needed to read parameters generated using the openssl dhparam tool.
9201 - Several changes in the temporary (DH/RSA) parameter codebase. No DH
9202 parameters are now included in the library. Also the credentials structure
9203 can now hold only one temporary parameter of a kind.
9204 - Added a new Certificate, CRL, Private key and PKCS7 structures handling
9205 API, defined in gnutls/x509.h
9206 - Added gnutls_certificate_set_verify_flags() function to allow setting the
9207 verification flags in the credentials structure. They will be used in the
9208 *verify_peers functions.
9209 - Added protection against the new TLS 1.0 record layer timing attack.
9210 - Added support for Certificate revocation lists. Functions defined
9212 - The only functions that were removed are:
9213 gnutls_x509_certificate_to_xml()
9214 gnutls_x509_extract_dn_string()
9215 - Ported to libtasn1 0.2.x
9217 * Version 0.8.1 (2003-01-22)
9218 - Improved the SRP support, to prevent attackers guessing the
9219 available usernames by brute force.
9220 - Improved the SRP detection in gnutls-cli-debug
9221 - Some fixes which now allow compilation.
9223 * Version 0.8.0 (2003-01-20)
9224 - Added gnutls_x509_extract_dn_string() which returns a
9225 distinguished name in a single string.
9226 - Added gnutls_openpgp_extract_key_name_string() which returns
9227 an openpgp user ID in a single string.
9228 - Added gnutls_x509_extract_certificate_ca_status() which returns
9229 the CA status of the given certificate.
9230 - Added SRP-6 support. Follows draft-ietf-tls-srp-04.
9231 - If libtasn1 is not present in the system, it is included in
9232 the main gnutls library.
9233 - If liblzo is present in the system, then the included minilzo
9234 will not be used, and libgnutls-extra will depend on liblzo.
9235 - GNUTLS_E_PARSING_ERROR error code was replaced by GNUTLS_E_BASE64_DECODING_ERROR,
9236 and GNUTLS_E_SRP_PWD_PARSING_ERROR. GNUTLS_E_ASCII_ARMOR_ERROR was also
9237 replaced by GNUTLS_E_BASE64_DECODING_ERROR.
9239 * Version 0.6.0 (2002-12-08)
9240 - Added "gnutls/compat4.h" header. This is included in gnutls.h
9241 to emulate the old 0.4.x API.
9242 - Example programs are now stored in doc/examples/
9243 - Several improvements and updates in the documentation.
9244 - Added the certificate authenticated SRP cipher suites.
9245 - gnutls_x509_extract_certificate_dn_string() was updated to return
9246 an RFC2253 conforming string.
9247 - Added the SRP related functions:
9248 gnutls_srp_verifier()
9249 gnutls_srp_base64_encode()
9250 gnutls_srp_base64_decode()
9251 - Added the function gnutls_srp_set_server_credentials_function()
9252 to allow retrieving SRP parameters from an external backend - other
9253 than password files.
9254 - Added the function gnutls_openpgp_set_recv_key_function()
9255 which can be used to set a callback, to get OpenPGP keys.
9256 - Exported the functions:
9259 which should be used by callback functions.
9260 - Changed the semantics of gnutls_pem_base64_encode_alloc()
9261 and gnutls_pem_base64_decode_alloc(). In the default case
9262 were the gnutls library is used with malloc/realloc/free,
9263 these are binary compatible.
9265 * Version 0.5.11 (2002-11-05)
9266 - Some fixes in 'gnutls-cli' client program to prevent some segmentation
9268 - Example programs found in the documentation can now be generated by
9269 running "make examples" in doc/tex directory.
9270 - Added more descriptive error strings, to gnutls_strerror().
9271 - Documented error codes, and the function reference list is now sorted.
9272 - Optimized buffering code.
9273 - gnutls_x509_extract_certificate_dn_string() was rewritten.
9274 - Added GNUTLS_E_SHORT_MEMORY_BUFFER error code, which is returned in the
9275 case where the memory buffer provided is not long enough.
9276 - Depends on the new OpenCDK 0.3.2.
9278 * Version 0.5.10 (2002-10-13)
9279 - Updated documentation.
9280 - Added server name extension. This allows clients to specify the
9281 name of the server they connect to. Useful to HTTPS.
9282 - Several corrections in the code base, mostly in signed/unsigned,
9285 * Version 0.5.9 (2002-10-10)
9286 - Corrected some code which worked fine in gcc 3.2, but not with any
9288 - Updated 'gnutls-cli' with the '--starttls' option, to allow testing
9289 starttls implementations.
9290 - Added gnutls_x509_extract_key_pk_algorithm() function which extracts
9291 the private key type, of a DER encoded key.
9292 - Added gnutls_x509_extract_certificate_dn_string() which returns the
9293 certificate's distinguished name in a single string.
9294 - Added gnutls_set_default_priority() and gnutls_set_default_export_priority()
9295 functions, to avoid calling all the *_priority() functions if the defaults
9297 - Added int gnutls_x509_check_certificates_hostname() which check whether
9298 the given hostname matches the owner of the given X.509 certificate.
9300 * Version 0.5.8 (2002-09-25)
9301 - Updated documentation.
9302 - Added gnutls_record_get_direction() which replaces the obsolete
9303 gnutls_handshake_get_direction().
9304 - Added function to convert error codes to alert descriptions
9305 - Added LZO compression
9307 * Version 0.5.7 (2002-09-11)
9308 - Some fixes in the memory allocation functions (realloc).
9309 - Improved the string functions used in XML certificate generation.
9310 - Removed dependency on libgdbm.
9311 - Corrected bug in gnutls_dh_params_set() which affected
9312 gnutls_dh_params_deinit().
9313 - Corrected bug in session resuming code in server side.
9315 * Version 0.5.6 (2002-09-06)
9316 - Corrected bugs in SRP implementation, which prevented gnutls
9317 to interoperate with other implementations. (interoperability testing
9318 was done by David Taylor)
9319 - Corrected bug in cert_type extension.
9320 - Corrected extension type checks which used an 8 bit extension size,
9322 - Added versioning in the XML output of certificate functions.
9323 - Removed the X.509 test suite.
9325 * Version 0.5.5 (2002-09-03)
9326 - Updated the SRP implementation to the latest draft. The blowfish
9327 crypt implementation was removed, since the new draft does not allow
9328 other hash algorithms except for the srpsha.
9329 - Renamed all the constructed types in order to have more consistent
9331 - Improved the certificate and key read functions. Now they can read
9332 the certificate and the private key from the same file.
9333 - Updated and corrected documentation.
9335 * Version 0.5.4 (2002-08-27)
9336 - Fixes in TLS 1.0 PRF and SSL3 random functions.
9337 - gnutls_handshake_set_exportable_detection() was obsoleted.
9338 - Added gnutls_openpgp_extract_key_id() which returns the key ID.
9339 - Corrected bug in DHE key exchange
9340 - Added support for temporary RSA keys which are needed for the
9341 export cipher suites.
9342 - Added the TLS_RSA_EXPORT_ARCFOUR_40_MD5 ciphersuite.
9344 * Version 0.5.3 (2002-08-23)
9345 - No changes. Replaces the tarball of 0.5.2 which accidentally contained
9346 code from the unstable branch.
9348 * Version 0.5.2 (2002-08-22)
9349 - Added an error code that is returned in clients which connect
9350 to export only servers. This must be enabled using the
9351 gnutls_handshake_set_exportable_detection() function.
9352 - Updated openssl compatibility layer.
9353 - Added gnutls_handshake_get_direction() function which returns
9354 the state of the handshake when interrupted.
9356 * Version 0.5.1 (2002-07-17)
9357 - Corrected the m4 macros which used <gnutls.h> instead of
9359 - Documentation fixes
9360 - Added gnutls_transport_set_ptr2() function, which accepts two
9361 different pointers, to be used while receiving, and
9363 - Semantic changes in gnutls_record_set_max_size(). The requested
9364 size is now immediately enforced at the output buffers.
9365 - gnutls_global_init_extra() now fails if the library versions do
9367 - Fixes in client and server example programs. Null encryption can
9368 be used in these programs, to assist in debuging.
9369 - Fixes in zlib compression code.
9371 * Version 0.5.0 (2002-07-06)
9372 - Added X.509 certificate tests in tests/ directory
9373 - Removed stubs for SRP and Anonymous authentication. They served
9374 no purpose since they are always included, unless it was requested
9376 - Added gnutls_handshake_set_private_extensions() function. This
9377 function can be used to enable private (gnutls specific) cipher suites
9378 and compression algorithms.
9379 - Added check for C99 macro support by the compiler.
9380 - Added functions gnutls_b64_encode_fmt2() and gnutls_b64_decode_fmt2()
9381 - Added the new libtasn1 library.
9382 - Removed the gdbm backend. Applications are now responsible for the
9383 session resuming backend. The gnutls-serv application contains an
9384 simple example on how to use gdbm for resuming.
9385 - Headers for the gnutls library are now installed in $(includedir)/gnutls
9386 - Added an OpenSSL compatible interface (with some limitations).
9387 - Added functions to convert DER encoded certificates to XML format.
9389 * Version 0.4.4 (2002-06-24)
9390 - Corrected bug in PKCS-1 RSA encryption which prevented gnutls to encrypt
9391 using keys of some specific size.
9393 * Version 0.4.3 (2002-05-23)
9394 - The gnutls-extra library now compiles fine, if the opencdk library is
9396 - Several bug fixes.
9397 - Added gnutls_global_set_mem_func() function, to set the memory allocation
9398 functions, if other than the defaults are to be used.
9399 - The default memory allocation functions are now the ones in libc.
9401 * Version 0.4.2 (2002-05-21)
9402 - Separated ASN.1 structures parser documentation and TLS library
9404 - Added gnutls_handshake_set_rsa_pms() function, which disables the
9405 version check in RSA premaster secret.
9406 - Added gnutls_session_is_resumed() function, which reports if a session
9408 - Added gnutls_state_set_ptr() and gnutls_state_get_ptr() functions, to
9409 assist in callback functions.
9410 - Replaced the included 1024 bit prime for Diffie Hellman, with a new
9412 - Relicensed the library under the GNU Lesser General Public License
9413 - Added gnutls-extra library which contains the GPL covered code of gnutls.
9415 * Version 0.4.1 (2002-04-07)
9416 - Now uses alloca() for temporary variables
9417 - Optimized RSA signing
9418 - Added functions to return the peer's certificate activation and
9420 - Corrected time function's behaviour (the time value returned no longer
9421 relate to local timezone).
9423 * Version 0.4.0 (2002-04-01)
9424 - Added support for RFC2630 (PKCS7) X.509 certificate sets
9425 - Added new functions: gnutls_x509_extract_certificate_pk_algorithm(),
9426 gnutls_openpgp_extract_key_pk_algorithm().
9427 - Several optimizations in the Handshake protocol
9428 - Several optimizations in RSA algorithm
9429 - Unified the return values because of small buffers.
9431 * Version 0.3.92 (2002-03-23)
9432 - Updated documentation
9433 - Combined error codes of ASN.1 parser and gnutls
9434 - Removed GNUTLS_CERT_TRUSTED from the CertificateStatus enumeration
9435 - Added protection against CBC chosen plaintext attack (disabled by default)
9436 - Improved and optimized compression support
9438 * Version 0.3.91 (2002-03-03)
9439 - Added gnutls-cli-debug program
9440 - Corrections in session resumption
9441 - Rehandshake can now handle negotiation of different authentication
9443 - gnutls-cli, gnutls-serv, gnutls-srpcrypt and gnutls-cli-debug are
9444 now being installed.
9446 * Version 0.3.90 (2002-02-24)
9447 - Handshake messages are not kept in memory any more. Now we use
9448 less memory during a handshake
9449 - Added support for certificates with DSA parameters
9450 - Added DHE_DSS cipher suites
9451 - Key exchange methods changed so they do not depend on the
9452 certificate type. Added certificate type negotiation TLS extension.
9453 - Added openpgp key support (EXPERIMENTAL)
9454 - Improved Diffie Hellman key exchange support.
9455 - Bug fixes in the RSA key exchange.
9456 - Added check for the requested TLS extensions
9457 - TLS extensions now use a 16 bit type field.
9458 - Added a minimal string library to assist in ASN.1 parsing
9459 - Changes in ASN.1 parser to work with the new bison
9460 - Added gnutls_x509_extract_subject_alt_name(), which deprecates
9461 gnutls_x509_extract_subject_dns_name()
9462 - gnutls_x509_set_trust_(file/mem) can now be called multiple times
9463 - gnutls_srp_server_set_cred_file() can now be called multiple times
9465 * Version 0.3.5 (2002-01-25)
9466 - Corrected the RSA key exchange method, to avoid attacks against
9469 * Version 0.3.4 (2002-01-20)
9470 - Corrected bugs in DHE_RSA key exchange method
9472 * Version 0.3.3 (2002-01-19)
9473 - Added gnutls_x509pki_verify_certificate()
9474 - Added gnutls_x509pki_set_trust_mem() and gnutls_x509pki_set_key_mem()
9475 - Bug fixes in srpcrypt (based on patch by Marc Huber)
9476 - Bug fixes in the Handshake protocol (based on patch by Guillaume Morin)
9477 - Corrected library versioning
9479 * Version 0.3.2 (2002-01-05)
9480 - Corrected bug which did not allow a client to accept multiple CA names
9481 - Added gnutls_fingerprint()
9482 - Added gnutls_x509pki_extract_certificate_serial()
9483 - Added gnutls_b64_encode_fmt() and gnutls_b64_decode_fmt()
9484 - Corrected behaviour in version advertizing
9485 - Updated documentation
9486 - Prefixed all types in gnutls.h with 'GNUTLS_' to avoid namespace collisions
9488 * Version 0.3.1 (2001-12-21)
9489 - Corrections in the configuration files
9490 - Fixes a bug in anonymous authentication
9492 * Version 0.3.0 (2001-12-17)
9493 - Corrected bug in new integer formatting (now we use the old format again)
9494 - Several corrections and usual cleanups
9496 * Version 0.2.91 (2001-12-10)
9497 - Fixes in MPI handling (fixes possible bug with signed integers)
9498 - Removed name indication extension
9499 - Added gnutls_transport_get_ptr() and gnutls_db_get_ptr()
9500 - Optimizations in server certificate callback.
9501 - Fixes in anonymous authentication
9502 - Corrections in client ciphersuite selection
9504 * Version 0.2.90 (2001-12-07)
9505 - gnutls_handshake(), gnutls_read() etc. functions no longer require
9506 the 'SOCKET cd' argument. This argument is set using the function
9507 gnutls_set_transport_ptr().
9508 - introduced gnutls_x509pki_get_peer_certificate_list(). This function returns
9509 a list containing peer's certificate and issuers DER encoded.
9510 - Updated X.509 certificate handling API
9511 - Added callback to select the server certificate
9512 - More consistent function naming (changes in several function names)
9513 - Buffer overflow checking in ASN.1 structures parser
9514 - Updated documentation
9516 * Version 0.2.11 (2001-11-16)
9517 - Changed the meaning of GNUTLS_E_REHANDSHAKE value. If this value
9518 is returned, then the caller should perform a handshake or send
9519 an alert to the peer.
9520 - Made receive buffer dynamic. Normally if no large chunks are received
9521 it occupies less space.
9522 - Added max_record_size extension
9523 - Bugfixes in session handling
9524 - Improved non blocking IO support in the Handshake Protocol
9525 - Usual bugfixes and cleanups
9526 - Documentation updated (includes ASN.1 documentation)
9528 * Version 0.2.10 (2001-11-05)
9529 - Corrected bugs and improved non blocking IO
9530 - Added hooks to use external database to store sessions
9533 * Version 0.2.9 (2001-10-27)
9534 - AUTH_INFO types and structures were moved to library internals
9535 - AUTH_FAILED is no longer returned in SRP authentication
9536 (any fatal error in SRP means auth failed)
9537 - Introduced GNUTLS_E_INTERRUPTED
9538 - Added support for non blocking IO
9539 - gnutls_recv() and gnutls_send() are now obsolete
9540 - Changed semantics of gnutls_rehandshake()
9542 * Version 0.2.4 (2001-10-12)
9543 - Better handling of X.509 certificate extensions
9544 - Added DHE_RSA ciphersuites
9545 - Updated the Name Indication (dnsname) extension
9546 - Improvements in Diffie Hellman primes handling
9548 * Version 0.2.3 (2001-09-19)
9549 - Memory optimizations in gnutls_recv()
9550 - Fixed several memory leaks
9551 - Added ability to specify callback for x509 client certificate selection
9552 - Better documentation
9554 * Version 0.2.2 (2001-08-21)
9555 - Several bugfixes (library and documentation)
9557 * Version 0.2.1 (2001-08-07)
9560 * Version 0.2.0 (2001-08-07)
9561 - Partial support for X.509v3 Certificate extensions.
9562 - Added Internal memory handlers
9563 - Removed gnutls_x509_set_cn()
9564 - Added X.509 client authentication
9565 - Several bug fixes and protocol fixes
9567 * Version 0.1.9 (2001-07-30)
9568 - Corrected bug(s) in ChangeCipherSpec packet (fixes renegotiate)
9569 - SRP is updated to conform to the newest draft.
9570 - Added support for DNSNAME extension.
9571 - Reentracy fixes in ASN.1 Parsing.
9572 - Optimizations in hash/hmac functions
9573 - (Error) message handling has changed
9574 - Better Protocol Version handling
9575 - Added X.509 Certificate Verification
9576 - gnutls_read() semantics are now closer to read(2) - added EOF
9577 - Documented some part of gnutls in doc/tex/ using Latex
9579 * Version 0.1.4 (2001-06-22)
9580 - Corrected (srp) base64 encoding.
9581 - Changed bcrypt algorithm to include username.
9582 - Added RSA Ciphersuites (no certificate checking).
9583 - Fixes in SSL 2.0 client hello parsing.
9584 - Added ASN.1 and DER parsers.
9585 - Bugfixes in session resuming
9586 - Updated Ciphersuite selection algorithm
9587 - Added internal representation of X.509 structures.
9588 - Added global state
9590 * Version 0.1.3 (2001-06-01)
9591 - Updated API (and the way it is documented - we use inline documentation)
9592 - Added function to access alert messages.
9593 - Added support for renegotiating parameters.
9594 - Better and Faster Resume Database handling.
9597 * Version 0.1.2 (2001-05-14)
9599 - Fixes in extension handling
9601 * Version 0.1.1 (2001-05-13)
9602 - Added compatibility with Stanford's libsrp library
9604 * Version 0.1.0 (2001-05-09)
9605 - Added SSL 2.0 client hello support
9606 - GNUTLS is a gnu library
9607 - Added support for TLS extensions.
9608 - Added support for SRP
9610 * Version 0.0.7 (2001-01-11)
9611 - Added server side session resuming (using gdbm)
9612 - Added twofish algorithm
9614 * Version 0.0.6 (2000-12-20)
9615 - Added client side session resuming
9616 - Better documentation (check doc/API)
9617 - Better socket handling (gnutls can be used with select())
9618 - Some primitive support for non blocking IO and socket options has been added.
9620 * Version 0.0.5 (2000-12-07)
9621 - Added Compression (using ZLIB)
9622 - Added SSL 3.0 support
9624 ----------------------------------------------------------------------
9625 Copying and distribution of this file, with or without modification,
9626 are permitted in any medium without royalty provided the copyright
9627 notice and this notice are preserved.