[mod_gnutls-devel] New release: mod_gnutls 0.8.0

Thomas Klute thomas2.klute at uni-dortmund.de
Mon Dec 12 20:38:52 CET 2016

Hi everyone,

I have just uploaded the source archive for mod_gnutls 0.8.0. The
biggest news are OCSP stapling support and bugfixes regarding TLS
session caching and session tickets. Session tickets are off by default
now, you may want to enable them, a cache, or both. Note that a cache is
required for OCSP stapling anyway. Full changelog below and in the
signed git tag mod_gnutls/0.8.0 as usual.

If anyone has been using the 0.8.0-beta version: I have replaced the
GnuTLSOCSPGraceTime directive with GnuTLSOCSPCacheTimeout, which should
be easier to understand, and hopefully to add asynchronous updates for
in a later version.

Best regards,

Changelog since mod_gnutls 0.7.5:

* New: Support for OCSP stapling

* Bugfix: Access to DBM cache is locked using global mutex

* Bugfix: GnuTLSSessionTickets is now disabled by default as described
  in the handbook

* Fixed memory leak while checking proxy backend certificate

* Fixed memory leaks in post_config

* Safely delete session ticket key (requires GnuTLS >= 3.4)

* Improved error handling in post_config hook

* Various handbook updates

* Internal API documentation can be generated using Doxygen

* Unused code has been removed (conditionals for GnuTLS 2.x and Apache
  versions before 2.2, internal Lua bytecode structure last used in

* Test suite: Fixed locking for access to the PGP keyring of the test
  certificate authority

* mod_gnutls can be built using Clang (unsupported)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20161212/b16ac26f/attachment.sig>

More information about the mod_gnutls-devel mailing list