Hello, I've just released gnutls 3.2.7. This release adds new features and fixes bugs on the next stable branch. Note that this will be the last release of 3.2.7 with (major) new features added. If there are no serious bugs reported on this branch for a while, it will be marked as stable.
* Version 3.2.7 (released 2013-11-23) ** libgnutls: gnutls_cipher_get_iv_size() now returns the correct IV size in GCM ciphers (previously it returned the implicit IV used in TLS). ** libgnutls: gnutls_certificate_set_x509_key_file() et al when provided with a PKCS #11 URL pointing to a certificate, will attempt to load the whole chain. ** libgnutls: When traversing PKCS #11 tokens looking for an object, avoid looking in unrelated to the object tokens. ** libgnutls: Added an experimental %DUMBFW option in priority strings. This avoids a black hole behavior in some firewalls by sending a large client hello. See http://www.ietf.org/mail-archive/web/tls/current/msg10423.html ** libgnutls: The GNUTLS_DEBUG_LEVEL variable if set to a log level number will force output of debug messages to stderr. ** libgnutls: Fixed the setting of the ciphersuite when gnutls_premaster_set() is used with another protocol than the GNUTLS_DTLS0_9 protocol. ** libgnutls: gnutls_x509_crt_set_expiration_time() will set the no well defined expiration date when (time_t)-1 is specified as date. ** libgnutls: Session tickets are encrypted using AES-GCM. ** libgnutls: Corrected issue in record decompression. Issue pinpointed by Frank Zschockel. ** libgnutls: Forbid all compression methods in DTLS. ** gnutls-serv: Fixed issue with IPv6 address in UDP mode. ** certtool: When exporting an encrypted PEM private key do not output the key parameters. ** certtool: Expiration days template option allows for a -1 value which will set to the no well defined expiration date (RFC5280), and no longer chokes on integer overflows. Suggested by Stefan Buehler. ** certtool: Added new template options: 'activation_date', and 'expiration_date'. ** tools: The environment variable GNUTLS_PIN can be used to read any PIN requested from tokens. ** tools: The installed version of libopts is used if the autogen tool is present. ** API and ABI modifications: gnutls_pkcs11_obj_export3: Added gnutls_pkcs11_get_raw_issuer: Added gnutls_est_record_overhead_size: Exported Getting the Software ==================== GnuTLS may be downloaded directly from <ftp://ftp.gnutls.org/gcrypt/gnutls/>. A list of GnuTLS mirrors can be found at <http://www.gnutls.org/download.html>. Here are the XZ and LZIP compressed sources: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.7.tar.xz ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.7.tar.lz Here are OpenPGP detached signatures signed using key 0x96865171: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.7.tar.xz.sig ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.7.tar.lz.sig Note that it has been signed with my openpgp key: pub 3104R/96865171 2008-05-04 [expires: 2028-04-29] uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org> uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at> gmail.com> sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
