[gnutls-dev]gnutls 0.9.0

Nikos Mavroyanopoulos nmav@gnutls.org
Mon Mar 3 17:25:02 2003


I've uploaded the first snapshot of the gnutls unstable branch. It
is on the devel/ directory to distinguish it from the normal releases.
There will not be binary nor source compatibility in the 0.9.x branch.

All the changes since 0.8.1 (more to come):
- This version is not binary compatible with the previous ones.
- The library notifies the application on empty and illegal SRP usernames, 
  so that proper notification (via an alert) is sent to the peer.
- Added ability to send some messages back to the application using
  the gnutls_global_set_log_function().
- gnutls_dh_params_generate() and gnutls_rsa_params_generate() now use 
  gnutls_malloc() to allocate the output parameters.
- Added support for MD2 algorithm in certificate signature verification.
- The RSA and DH parameter generation interface was changed. Added
  ability to import and export from and to PKCS3 structures. This 
  was needed to read parameters generated using the openssl dhparam tool.
- Several changes in the temporary (DH/RSA) parameter codebase. No DH 
  parameters are now included in the library. Also the credentials structure 
  can now hold only one temporary parameter of a kind.
- Added a new Certificate, CRL, Private key and PKCS7 structures handling 
  API, defined in gnutls/x509.h
- Added gnutls_certificate_set_verify_flags() function to allow setting the 
  verification flags in the credentials structure. They will be used in the
  *verify_peers functions.
- Added protection against the new TLS 1.0 record layer timing attack.
- Added support for Certificate revocation lists. Functions defined
  in gnutls/x509.h
- The only functions were removed are:
  gnutls_x509_certificate_to_xml()
  gnutls_x509_extract_dn_string()
- Ported to libtasn1 0.2.x

-- 
Nikos Mavroyanopoulos