Version 0.3.91 (3/03/2002) - Added gnutls-cli-debug program - Corrections in session resumption - Rehandshake can now handle negotiation of different authentication type. - gnutls-cli, gnutls-serv, gnutls-srpcrypt and gnutls-cli-debug are now being installed. Version 0.3.90 (24/02/2002) - Handshake messages are not kept in memory any more. Now we use less memory during a handshake - Added support for certificates with DSA parameters - Added DHE_DSS cipher suites - Key exchange methods changed so they do not depend on the certificate type. Added certificate type negotiation TLS extension. - Added openpgp key support (EXPERIMENTAL) - Improved Diffie Hellman key exchange support. - Bug fixes in the RSA key exchange. - Added check for the requested TLS extensions - TLS extensions now use a 16 bit type field. - Added a minimal string library to assist in ASN.1 parsing - Changes in ASN.1 parser to work with the new bison - Added gnutls_x509_extract_subject_alt_name(), which deprecates gnutls_x509_extract_subject_dns_name() - gnutls_x509_set_trust_(file/mem) can now be called multiple times - gnutls_srp_server_set_cred_file() can now be called multiple times Version 0.3.5 (25/01/2002) - Corrected the RSA key exchange method, to avoid attacks against PKCS-1 formating. Version 0.3.4 (20/01/2002) - Corrected bugs in DHE_RSA key exchange method Version 0.3.3 (19/01/2002) - Added gnutls_x509pki_verify_certificate() - Added gnutls_x509pki_set_trust_mem() and gnutls_x509pki_set_key_mem() - Bug fixes in srpcrypt (based on patch by Marc Huber) - Bug fixes in the Handshake protocol (based on patch by Guillaume Morin) - Corrected library versioning Version 0.3.2 (5/01/2002) - Corrected bug which did not allow a client to accept multiple CA names - Added gnutls_fingerprint() - Added gnutls_x509pki_extract_certificate_serial() - Added gnutls_b64_encode_fmt() and gnutls_b64_decode_fmt() - Corrected behaviour in version advertizing - Updated documentation - Prefixed all types in gnutls.h with 'GNUTLS_' to avoid namespace collisions Version 0.3.1 (21/12/2001) - Corrections in the configuration files - Fixes a bug in anonymous authentication Version 0.3.0 (17/12/2001) - Corrected bug in new integer formatting (now we use the old format again) - Several corrections and usual cleanups Version 0.2.91 (10/12/2001) - Fixes in MPI handling (fixes possible bug with signed integers) - Removed name indication extension - Added gnutls_transport_get_ptr() and gnutls_db_get_ptr() - Optimizations in server certificate callback. - Fixes in anonymous authentication - Corrections in client ciphersuite selection Version 0.2.90 (7/12/2001) - gnutls_handshake(), gnutls_read() etc. functions no longer require the 'SOCKET cd' argument. This argument is set using the function gnutls_set_transport_ptr(). - introduced gnutls_x509pki_get_peer_certificate_list(). This function returns a list containing peer's certificate and issuers DER encoded. - Updated X.509 certificate handling API - Added callback to select the server certificate - More consistent function naming (changes in several function names) - Buffer overflow checking in ASN.1 structures parser - Updated documentation Version 0.2.11 (16/11/2001) - Changed the meaning of GNUTLS_E_REHANDSHAKE value. If this value is returned, then the caller should perform a handshake or send an alert to the peer. - Made receive buffer dynamic. Normaly if no large chunks are received it occupies less space. - Added max_record_size extension - Bugfixes in session handling - Improved non blocking IO support in the Handshake Protocol - Usual bugfixes and cleanups - Documentation updated (includes ASN.1 documentation) Version 0.2.10 (5/11/2001) - Corrected bugs and improved non blocking IO - Added hooks to use external database to store sessions - Usual cleanups Version 0.2.9 (27/10/2001) - AUTH_INFO types and structures were moved to library internals - AUTH_FAILED is no longer returned in SRP authentication (any fatal error in SRP means auth failed) - Introduced GNUTLS_E_INTERRUPTED - Added support for non blocking IO - gnutls_recv() and gnutls_send() are now obsolete - Changed semantics of gnutls_rehandshake() Version 0.2.4 (12/10/2001) - Better handling of X.509 certificate extensions - Added DHE_RSA ciphersuites - Updated the Name Indication (dnsname) extension - Improvements in Diffie Hellman primes handling Version 0.2.3 (19/09/2001) - Memory optimizations in gnutls_recv() - Fixed several memory leaks - Added ability to specify callback for x509 client certificate selection - Better documentation Version 0.2.2 (21/08/2001) - Several bugfixes (library and documentation) Version 0.2.1 (07/08/2001) - SRP fixes Version 0.2.0 (07/08/2001) - Partial support for X.509v3 Certificate extensions. - Added Internal memory handlers - Removed gnutls_x509_set_cn() - Added X.509 client authentication - Several bug fixes and protocol fixes Version 0.1.9 (30/07/2001) - Corrected bug(s) in ChangeCipherSpec packet (fixes renegotiate) - SRP is updated to conform to the newest draft. - Added support for DNSNAME extension. - Reentracy fixes in ASN.1 Parsing. - Optimizations in hash/hmac functions - (Error) message handling has changed - Better Protocol Version handling - Added X.509 Certificate Verification - gnutls_read() semantics are now closer to read(2) - added EOF - Documented some part of gnutls in doc/tex/ using Latex Version 0.1.4 (22/06/2001) - Corrected (srp) base64 encoding. - Changed bcrypt algorithm to include username. - Added RSA Ciphersuites (no certificate checking). - Fixes in SSL 2.0 client hello parsing. - Added ASN.1 and DER parsers. - Bugfixes in session resuming - Updated Ciphersuite selection algorithm - Added internal representation of X.509 structures. - Added global state Version 0.1.3 (01/06/2001) - Updated API (and the way it is documented - we use inline documentation) - Added function to access alert messages. - Added support for renegotiating parameters. - Better and Faster Resume Database handling. - Several bugfixes Version 0.1.2 (14/05/2001) - Updated API - Fixes in extension handling Version 0.1.1 (13/05/2001) - Added compatibility with Stanford's libsrp library Version 0.1.0 (09/05/2001) - Added SSL 2.0 client hello support - GNUTLS is a gnu library - Added support for TLS extensions. - Added support for SRP Version 0.0.7 (11/01/2001) - Added server side session resuming (using gdbm) - Added twofish algorithm Version 0.0.6 (20/12/2000) - Added client side session resuming - Better documentation (check doc/API) - Better socket handling (gnutls can be used with select()) - Some primitive support for non blocking IO and socket options has been added. Version 0.0.5 (7/12/2000) - Added Compression (using ZLIB) - Added SSL 3.0 support