Release Notes: This stable version includes support for TLS/IA, which is useful in 802.1x wireless authentication protocols, and support for pre-shared-keys in TLS. APIs for accessing the TLS PRF and other internal functions are provided, mostly for 802.1x and other low-level purposes. The session resumption data is now system independent. Error messages are now translated by GNU Gettext and the translation project. Support keys and certificates are now stored in PKCS#12 files.
Release Notes: The function gnutls_x509_crt_to_xml is not supported any more, to avoid calling internal libtasn1 functions. This release updates the libtasn1 requirement to 0.3.4 and refreshes the internal mintiasn1. gnulib compatibility files have been updated. This release fixes _gnutls_x509_get_raw_crt_expiration_time and _gnutls_x509_get_raw_crt_activation_time to return (time_t)-1 on errors.
Release Notes: Error messages are now translated using GNU Gettext. The function gnutls_x509_crt_to_xml now returns an internal error, to avoid using internal libtasn1 functions. Libraries are now built with libtool's -no-undefined. Documentation fixes to explain that gnutls_record_send can block. Libtasn1 0.3.1 or later is now required. gnutls-cli can now recognize services and port numbers with the -p option.
Release Notes: This release fixes a bug in certtool for 64 bit machines, a bug in the non-blocking gnutls_bye(), bugs that caused memory corruption if more than one certificate was added, a gnutls-cli STARTTLS hang which occurred when SIGINT was sent too quickly, and a reading bug in the DER parser. Libtasn1 0.2.18 is now required. The included libtasn1 version has been updated. gnutls_record_send() will no longer invalidate a session if the underlying send fails, but it will prevent future writes, to allow reading the already-received data.
Release Notes: This release fixes a bug in the non-blocking gnutls_bye(), bugs in gnutls_certificate_set_x509_crl() and gnutls_certificate_set_x509_trust() (which caused memory corruption if more than one certificate was added), build problems with OpenCDK on AIX, and a reading bug in the DER parser. gnutls_record_send() will no longer invalidate a session if the underlying send fails, but it will prevent future writes, to allow reading the already-received data.
Release Notes: A new API to access the TLS master secret. Improved handling when multiple libraries use GnuTLS at the same time. A self test of TLS resume functionality. A crash in the TLS resume code caused by TLS/IA changes has been fixed. Documentation fixes about unsafe thread issues. 'const' keywords have been added in various places. The code was indented again, including the external header files.
Release Notes: This release supports the TLS Inner Application (TLS/IA) extension needed by the EAP-TTLSv1 protocol to authenticate Wireless LAN nodes using IEEE 802.1x. New APIs to access the TLS PRF. New APIs to access the client and server random fields. Internal type cleanup.
Release Notes: Support for DHE-PSK cipher suites. Functions to set an X.509 key/certificate pair from a PKCS#12 file. Several bugfixes for PKCS#8 functionality. Other bugfixes.
Release Notes: The RSA-MD2 signature algorithm is now supported. The RSA-MD2 and RSA-MD5 algorithms are now disabled by default for verifying intermediare certificates, due to cryptographic weaknesses. It is possible to send empty packets. Low-level crypto code has been replaced by gnulib.
Release Notes: Support for TLS Pre-Shared-Keys. The session resumption data is now system independent. The code is indented to conform to the GNU coding standard. The RIPEMD cipher suites have been removed. Documentation improvements. Several minor fixes.