[gnutls-dev] GnuTLS 2.1.7

Simon Josefsson simon at josefsson.org
Thu Nov 29 15:24:18 CET 2007 

The GnuTLS 2.1.x branch is NOT what you want for your stable system.  It
is intended for developers and experienced users.

Consider this a release candidate for version 2.2.  We plan to release
this within two weeks or so.

We are considering to use the GPLv3 instead of GPLv2 for everything
except the core library, and I'd like to invite comments about this.

We know that the LZO library is GPLv2 only, even though earlier versions
are GPLv2 or later, and we suggest to disable LZO functionality if this
is a problem.  LZO compression is not a standard feature in TLS, and we
may decide to disable it by default.  Opinions on that are appreciated
as well.  I'll try to understand what the license status is on LZO, I
know some people was going to contact the author of it some time ago..

News in this release:

* Version 2.1.7 (released 2007-11-29)

** PKCS #8 parser can now encode/decode DSA keys.

** We now ignore received packets with unknown content types
to follow the TLS spec.

** Updated gnutls_set_default_priority2() now renamed to
gnutls_priority_set() and gnutls_priority_set_direct() which
accept a string to indicate preferences of ciphersuite parameters.

** gnutls-cli and gnutls-serv now have a --priority option to set
the priority string.

** The gnutls_*_convert_priority() functions were deprecated by
the gnutls_priority_set() and gnutls_priority_set_direct().

** Internal copy of OpenCDK upgraded to version 0.6.6.

** API and ABI modifications:
gnutls_priority_init: ADD.
gnutls_priority_deinit: ADD.
gnutls_priority_set: ADD.
gnutls_priority_set_direct: ADD.
gnutls_set_default_priority2: RENAMED to gnutls_priority_set_direct()
gnutls_mac_convert_priority: REMOVED
gnutls_compression_convert_priority: REMOVED
gnutls_protocol_convert_priority: REMOVED
gnutls_kx_convert_priority: REMOVED
gnutls_cipher_convert_priority: REMOVED
gnutls_certificate_type_convert_priority: REMOVED
gnutls_set_default_priority: UNDEPRECATED
gnutls_set_default_priority_export: UNDEPRECATED

** Undocumented API and ABI modifications earlier in the 2.1.x series:
GNUTLS_CIPHER_UNKNOWN: ADD.
GNUTLS_CIPHER_CAMELLIA_128_CBC: ADD.
GNUTLS_CIPHER_CAMELLIA_256_CBC: ADD.
GNUTLS_KX_UNKNOWN: ADD.
GNUTLS_COMP_UNKNOWN: ADD.
GNUTLS_CRT_UNKNOWN: ADD.
gnutls_mac_get_id: ADD.
gnutls_compression_get_id: ADD.
gnutls_cipher_get_id: ADD.
gnutls_kx_get_id: ADD.
gnutls_protocol_get_id: ADD.
gnutls_certificate_type_get_id: ADD.
gnutls_handshake_post_client_hello_func: ADD.
gnutls_certificate_send_x509_rdn_sequence: ADD prototype to gnutls.h.in.

The goals for the 2.1.x branch are tracked at:

http://trac.gnutls.org/cgi-bin/trac.cgi/milestone/gnutls-2.2

More ideas are welcome, just create a new ticket.

Here are the compressed sources:
  ftp://ftp.gnutls.org/pub/gnutls/gnutls-2.1.7.tar.bz2
  http://josefsson.org/gnutls/releases/gnutls-2.1.7.tar.bz2

Improving GnuTLS is costly, but you can help!  We are looking for
organizations that find GnuTLS useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.

Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance.  We are always looking for interesting development
projects.  See http://josefsson.org/ for more details.

/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 419 bytes
Desc: not available
URL: </pipermail/attachments/20071129/105a8e42/attachment.pgp>

More information about the Gnutls-devel mailing list