From thomas2.klute at uni-dortmund.de Mon Dec 12 20:38:52 2016 From: thomas2.klute at uni-dortmund.de (Thomas Klute) Date: Mon, 12 Dec 2016 20:38:52 +0100 Subject: [mod_gnutls-devel] New release: mod_gnutls 0.8.0 Message-ID: <53e4142e-3e37-cda7-224b-d7c6cdcdaf83@uni-dortmund.de> Hi everyone, I have just uploaded the source archive for mod_gnutls 0.8.0. The biggest news are OCSP stapling support and bugfixes regarding TLS session caching and session tickets. Session tickets are off by default now, you may want to enable them, a cache, or both. Note that a cache is required for OCSP stapling anyway. Full changelog below and in the signed git tag mod_gnutls/0.8.0 as usual. If anyone has been using the 0.8.0-beta version: I have replaced the GnuTLSOCSPGraceTime directive with GnuTLSOCSPCacheTimeout, which should be easier to understand, and hopefully to add asynchronous updates for in a later version. Best regards, Thomas Changelog since mod_gnutls 0.7.5: * New: Support for OCSP stapling * Bugfix: Access to DBM cache is locked using global mutex "gnutls-cache" * Bugfix: GnuTLSSessionTickets is now disabled by default as described in the handbook * Fixed memory leak while checking proxy backend certificate * Fixed memory leaks in post_config * Safely delete session ticket key (requires GnuTLS >= 3.4) * Improved error handling in post_config hook * Various handbook updates * Internal API documentation can be generated using Doxygen * Unused code has been removed (conditionals for GnuTLS 2.x and Apache versions before 2.2, internal Lua bytecode structure last used in 2011). * Test suite: Fixed locking for access to the PGP keyring of the test certificate authority * mod_gnutls can be built using Clang (unsupported) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From thomas2.klute at uni-dortmund.de Wed Dec 21 19:49:33 2016 From: thomas2.klute at uni-dortmund.de (Thomas Klute) Date: Wed, 21 Dec 2016 19:49:33 +0100 Subject: [mod_gnutls-devel] Bugfix release: mod_gnutls 0.8.1 Message-ID: <36fa622e-ec4f-0de7-29bd-37d6a369f1e5@uni-dortmund.de> Hi everyone, mod_gnutls 0.8.0 added four places in format strings where apr_size_t parameters were not handled in a portable way, leading to compile failures on platforms where apr_size_t is not a long int (32 bit architectures). This bugfix release fixes the problem. I have uploaded a new source archive and matching signature to https://mod.gnutls.org/downloads/ as well as the signed mod_gnutls/0.8.1 tag to the git repositories [1, 2]. Sorry for the inconvenience! Thomas [1] https://mod.gnutls.org/git/mod_gnutls [2] https://github.com/airtower-luna/mod_gnutls.git From webmaster at mod.gnutls.org Mon Dec 12 21:17:00 2016 From: webmaster at mod.gnutls.org (mod_gnutls) Date: Mon, 12 Dec 2016 20:17:00 -0000 Subject: [mod_gnutls-devel] [mod_gnutls] #135: mod_gnutls bug ? In-Reply-To: <027.9b96d3d4e0a15e73a228c8001638e0d0@mod.gnutls.org> References: <027.9b96d3d4e0a15e73a228c8001638e0d0@mod.gnutls.org> Message-ID: <042.4b7126bba1c749fe31f987a9dd224765@mod.gnutls.org> #135: mod_gnutls bug ? ----------------------------+------------------------------------------ Reporter: feelingsannkimo | Owner: https://id.mayfirst.org/dkg Type: defect | Status: closed Priority: major | Component: code Version: | Resolution: invalid Keywords: | ----------------------------+------------------------------------------ Changes (by thomas klute): * status: new => closed * resolution: => invalid -- Ticket URL: mod_gnutls The apache httpd module for HTTPS using GnuTLS