doc updategnutls_3_5_x-san-parsing-optimization

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-02-05 07:43:17 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-02-15 13:51:52 +0100
commit: d4177c5a132b6392183235bb5f1e46647928320f (patch)
tree: 3f6559872cf6c2fcab5098d70e67f1839ef4883f
parent: c565d16ef6595d4f87f3f6db90f44097fb2e07b8 (diff)
download: gnutls_3_5_x-san-parsing-optimization.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 7091b734a3..3b0ef3b0c7 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,19 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc.
 Copyright (C) 2013-2016 Nikos Mavrogiannopoulos
 See the end for copying conditions.
 
+* Version 3.5.10 (unreleased)
+
+** libgnutls: optimized access to subject alternative names (SANs) in parsed
+   certificates. The previous implementation assumed a small number of
+   SANs in a certificate, with repeated calls to ASN.1 decoding of the extension
+   without any intermediate caching. That caused delays in certificates with
+   a long list of names in functions such as gnutls_x509_crt_check_hostname().
+   With the current code, the SANs are parsed once on certificate import.
+
+** API and ABI modifications:
+No changes since last version.
+
+
 * Version 3.5.9 (released 2017-02-12)
 
 ** libgnutls: Removed any references to OpenPGP functionality in documentation,
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-02-05 07:43:17 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-02-15 13:51:52 +0100
commit	d4177c5a132b6392183235bb5f1e46647928320f (patch)
tree	3f6559872cf6c2fcab5098d70e67f1839ef4883f
parent	c565d16ef6595d4f87f3f6db90f44097fb2e07b8 (diff)
download	gnutls_3_5_x-san-parsing-optimization.tar.gz