| 1 | | New point version. |
| | 1 | New point version.. |
| | 2 | |
| | 3 | |
| | 4 | {{{ |
| | 5 | Hello, |
| | 6 | I've just released gnutls 3.5.5. This is an enhancements and |
| | 7 | bugfix release for the 3.5.x branch. |
| | 8 | |
| | 9 | * Version 3.5.5 (released 2016-10-09) |
| | 10 | |
| | 11 | ** libgnutls: enhanced gnutls_certificate_set_ocsp_status_request_file() |
| | 12 | to allow importing multiple OCSP request files, one for each chain |
| | 13 | provided. |
| | 14 | |
| | 15 | ** libgnutls: The gnutls_certificate_set_key* functions return an |
| | 16 | index of the added chain. That index can be used either with |
| | 17 | gnutls_certificate_set_ocsp_status_request_file(), or with |
| | 18 | gnutls_certificate_get_crt_raw() and friends. |
| | 19 | |
| | 20 | ** libgnutls: Added SHA*, AES-GCM, AES-CCM and AES-CBC optimized implementations |
| | 21 | for the aarch64 architecture. Uses Andy Polyakov's assembly code. |
| | 22 | |
| | 23 | ** libgnutls: Ensure proper cleanups on gnutls_certificate_set_*key() |
| | 24 | failures due to key mismatch. This prevents leaks or double freeing |
| | 25 | on such failures. |
| | 26 | |
| | 27 | ** libgnutls: Increased the maximum size of the handshake message hash. |
| | 28 | This will allow the library to cope better with larger packets, as |
| | 29 | the ones offered by current TLS 1.3 drafts. |
| | 30 | |
| | 31 | ** libgnutls: Allow to use client certificates despite them containing |
| | 32 | disallowed algorithms for a session. That allows for example a client |
| | 33 | to use DSA-SHA1 due to his old DSA certificate, without requiring him |
| | 34 | to enable DSA-SHA1 (and thus make it acceptable for the server's certificate). |
| | 35 | |
| | 36 | ** libgnutls: Reverted AESNI code on x86 to earlier version as the |
| | 37 | latest version was creating position depending code. Added checks |
| | 38 | in the CI to detect position depending code early. |
| | 39 | |
| | 40 | ** guile: Update code to the I/O port API of Guile >= 2.1.4 |
| | 41 | This makes sure the GnuTLS bindings will work with the forthcoming 2.2 |
| | 42 | stable series of Guile, of which 2.1 is a preview. |
| | 43 | |
| | 44 | ** API and ABI modifications: |
| | 45 | gnutls_certificate_set_ocsp_status_request_function2: Added |
| | 46 | gnutls_session_ext_register: Added |
| | 47 | gnutls_session_supplemental_register: Added |
| | 48 | GNUTLS_E_PK_INVALID_PUBKEY: Added |
| | 49 | GNUTLS_E_PK_INVALID_PRIVKEY: Added |
| | 50 | |
| | 51 | }}} |
