Support for Supplemental handshake messages and the TLS authorization
extension, and some other stuff. Remember, the GnuTLS 1.7.x branch is
NOT what you want for your stable system. It is intended for
developers and experienced users.
* Version 1.7.7 (released 2007-02-22)
** Support for supplemental handshake messages and authorization data.
Supplemental data is described in RFC 4680 and the authorization
extensions in draft-housley-tls-authz-extns-07.
** Support for authorization data in gnutls-cli and gnutls-serv.
New parameters --authz-x509-attr-cert and --authz-saml-assertion.
** Fix for gnutls_x509_crt_check_hostname.
Before it would have reported that the certificate matched a hostname
when it did not have any dNSName or any CN field. Report and tiny
patch from "Richard W.M. Jones" .
** New self test for RFC 2818 comparison in gnutls_x509_crt_check_hostname.
Tests regressions of the bug, and several other features.
** GnuTLS now matches URI's with IP Addresses against iPAddress SAN's.
Before there were no support for iPAddress SAN's during comparison.
** New API to print information about CRL's.
The function is gnutls_x509_crl_print.
** New API to extract signature value from CRL's.
The function is gnutls_x509_crl_get_signature.
** Support for directoryName Subject Alternative Name's.
The gnutls_x509_crt_get_subject_alt_name function returns the DN as a
string in the provided buffer.
** Internal improvements to certtool.
It uses gnutls_x509_crl_print to print CRL information. It uses some
more gnulib modules to simplify error handling.
** API and ABI modifications:
GNUTLS_HANDSHAKE_SUPPLEMENTAL: ADD, new gnutls_handshake_description_t
gnutls_authz_send_callback_func: ADD, callback prototypes.
GNUTLS_SAN_DN: ADD, new gnutls_x509_subject_alt_name_t element.
Here are the compressed sources (4.2MB):
Here are GPG detached signatures signed using key 0xB565716F:
Here are the SHA-1 and SHA-224 checksums:
Improving GnuTLS is costly, but you can help! We are looking for
organizations that find GnuTLS useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.
Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance. Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance. We are always looking for interesting development
projects. See http://josefsson.org/ for more details.