Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Simon Josefsson <simon <at> josefsson.org>
Subject: GnuTLS 1.7.7
Newsgroups: gmane.comp.encryption.gpg.gnutls.devel
Date: Thursday 22nd February 2007 08:58:30 UTC (over 10 years ago)
Support for Supplemental handshake messages and the TLS authorization
extension, and some other stuff.  Remember, the GnuTLS 1.7.x branch is
NOT what you want for your stable system.  It is intended for
developers and experienced users.

* Version 1.7.7 (released 2007-02-22)

** Support for supplemental handshake messages and authorization data.
Supplemental data is described in RFC 4680 and the authorization
extensions in draft-housley-tls-authz-extns-07.

** Support for authorization data in gnutls-cli and gnutls-serv.
New parameters --authz-x509-attr-cert and --authz-saml-assertion.

** Fix for gnutls_x509_crt_check_hostname.
Before it would have reported that the certificate matched a hostname
when it did not have any dNSName or any CN field.  Report and tiny
patch from "Richard W.M. Jones" .

** New self test for RFC 2818 comparison in gnutls_x509_crt_check_hostname.
Tests regressions of the bug, and several other features.

** GnuTLS now matches URI's with IP Addresses against iPAddress SAN's.
Before there were no support for iPAddress SAN's during comparison.

** New API to print information about CRL's.
The function is gnutls_x509_crl_print.

** New API to extract signature value from CRL's.
The function is gnutls_x509_crl_get_signature.

** Support for directoryName Subject Alternative Name's.
The gnutls_x509_crt_get_subject_alt_name function returns the DN as a
string in the provided buffer.

** Internal improvements to certtool.
It uses gnutls_x509_crl_print to print CRL information.  It uses some
more gnulib modules to simplify error handling.

** API and ABI modifications:
GNUTLS_HANDSHAKE_SUPPLEMENTAL: ADD, new gnutls_handshake_description_t
element.
gnutls_supplemental_data_format_type_t: ADD.
gnutls_authz_data_format_type_t: ADD.
gnutls_supplemental_get_name: ADD.
gnutls_authz_recv_callback_func,
gnutls_authz_send_callback_func: ADD, callback prototypes.
gnutls_authz_enable: ADD.
gnutls_authz_send_x509_attr_cert,
gnutls_authz_send_saml_assertion,
gnutls_authz_send_x509_attr_cert_url,
gnutls_authz_send_saml_assertion_url: ADD.
GNUTLS_SAN_DN: ADD, new gnutls_x509_subject_alt_name_t element.
gnutls_x509_crl_print: ADD.
gnutls_x509_crl_get_signature: ADD.

Here are the compressed sources (4.2MB):
  ftp://ftp.gnutls.org/pub/gnutls/gnutls-1.7.7.tar.bz2
  http://josefsson.org/gnutls/releases/gnutls-1.7.7.tar.bz2

Here are GPG detached signatures signed using key 0xB565716F:
  ftp://ftp.gnutls.org/pub/gnutls/gnutls-1.7.7.tar.bz2.sig
  http://josefsson.org/gnutls/releases/gnutls-1.7.7.tar.bz2.sig

Here are the SHA-1 and SHA-224 checksums:

2306eaa68b41ff51f81d3801282208c5bc12baae  gnutls-1.7.7.tar.bz2
b2a14e5469e7029425c4e524a45c89997b95b075  gnutls-1.7.7.tar.bz2.sig

a4dd37fae3070321ff5936c8384c272192f5d447ffba4aaabe3e6655 
gnutls-1.7.7.tar.bz2
7a72d5ffe485419058810ef6400fb181e8bf7795c845dca608a1d7a4 
gnutls-1.7.7.tar.bz2.sig

Improving GnuTLS is costly, but you can help!  We are looking for
organizations that find GnuTLS useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.

Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance.  We are always looking for interesting development
projects.  See http://josefsson.org/ for more details.

/Simon
 
CD: 5ms