1 | | New point version. |
| 1 | New point version.. |
| 2 | |
| 3 | |
| 4 | {{{ |
| 5 | Hello, |
| 6 | I've just released gnutls 3.5.5. This is an enhancements and |
| 7 | bugfix release for the 3.5.x branch. |
| 8 | |
| 9 | * Version 3.5.5 (released 2016-10-09) |
| 10 | |
| 11 | ** libgnutls: enhanced gnutls_certificate_set_ocsp_status_request_file() |
| 12 | to allow importing multiple OCSP request files, one for each chain |
| 13 | provided. |
| 14 | |
| 15 | ** libgnutls: The gnutls_certificate_set_key* functions return an |
| 16 | index of the added chain. That index can be used either with |
| 17 | gnutls_certificate_set_ocsp_status_request_file(), or with |
| 18 | gnutls_certificate_get_crt_raw() and friends. |
| 19 | |
| 20 | ** libgnutls: Added SHA*, AES-GCM, AES-CCM and AES-CBC optimized implementations |
| 21 | for the aarch64 architecture. Uses Andy Polyakov's assembly code. |
| 22 | |
| 23 | ** libgnutls: Ensure proper cleanups on gnutls_certificate_set_*key() |
| 24 | failures due to key mismatch. This prevents leaks or double freeing |
| 25 | on such failures. |
| 26 | |
| 27 | ** libgnutls: Increased the maximum size of the handshake message hash. |
| 28 | This will allow the library to cope better with larger packets, as |
| 29 | the ones offered by current TLS 1.3 drafts. |
| 30 | |
| 31 | ** libgnutls: Allow to use client certificates despite them containing |
| 32 | disallowed algorithms for a session. That allows for example a client |
| 33 | to use DSA-SHA1 due to his old DSA certificate, without requiring him |
| 34 | to enable DSA-SHA1 (and thus make it acceptable for the server's certificate). |
| 35 | |
| 36 | ** libgnutls: Reverted AESNI code on x86 to earlier version as the |
| 37 | latest version was creating position depending code. Added checks |
| 38 | in the CI to detect position depending code early. |
| 39 | |
| 40 | ** guile: Update code to the I/O port API of Guile >= 2.1.4 |
| 41 | This makes sure the GnuTLS bindings will work with the forthcoming 2.2 |
| 42 | stable series of Guile, of which 2.1 is a preview. |
| 43 | |
| 44 | ** API and ABI modifications: |
| 45 | gnutls_certificate_set_ocsp_status_request_function2: Added |
| 46 | gnutls_session_ext_register: Added |
| 47 | gnutls_session_supplemental_register: Added |
| 48 | GNUTLS_E_PK_INVALID_PUBKEY: Added |
| 49 | GNUTLS_E_PK_INVALID_PRIVKEY: Added |
| 50 | |
| 51 | }}} |