A long overdue release... Remember, the GnuTLS 1.7.x branch is NOT
what you want for your stable system. It is intended for developers
and experienced users.
* Version 1.7.8 (released 2007-04-16)
** Added examples for the authorization extension.
See doc/examples/ex-client-authz.c and doc/examples/ex-serv-authz.c.
** The examples only use gnutls_set_default_priority().
The exception is when DH_ANON is needed.
** Improve gnutls_set_default_priority() priorities.
The new approach is for it to try and negotiate all secure and
standard mechanisms available. Currently, DH_ANON ciphersuites and
LZO compressions are not enabled by default, because they are,
respectively, insecure and non-standardized. Note that TLS 1.2 will
not be enabled by default in non-experimental release until it has
been approved by the IETF.
** gnutls-cli and gnutls-serv now uses the library's default priorities.
This means that to get DH_ANON and LZO compression, you'll need to
specify that manually using '--kx anon' or '--comp lzo'.
** Minor fixes to the human display format of X.509 certificates.
** New APIs to extract Distinguished Name's from X.509 certificates.
Based on patch from Howard Chu .
** Improved library searching for opencdk.
It will now add the appropriate -R or -Wl,-rpath flags as necessary.
The deprecated opencdk.m4 is no longer used.
** New APIs to list supported algorithms in the library.
The APIs are gnutls_cipher_list, gnutls_mac_list,
gnutls_certificate_type_list, gnutls_kx_list, and
gnutls_cipher_suite_info. Suggested by Howard Chu .
** The gnutls_x509_crt_get_key_id API now handle non-RSA/DSA keys.
** New configure option --disable-tls-authorization to disable tls-authz.
** Fix prototype for `gnutls_psk_set_client_credentials'.
The last parameter was renamed from 'flags' to 'format' and the type
changed from 'unsigned int' to 'gnutls_psk_key_flags' (an enum type),
which shouldn't cause any ABI changes. Reported by firstname.lastname@example.org
** API and ABI modifications:
Here are the compressed sources (4.3MB):
Here are GPG detached signatures signed using key 0xB565716F:
Here are the SHA-1 and SHA-224 checksums:
Improving GnuTLS is costly, but you can help! We are looking for
organizations that find GnuTLS useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.
Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance. Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance. We are always looking for interesting development
projects. See http://josefsson.org/ for more details.