[gnutls-dev] GnuTLS 1.7.1

Simon Josefsson simon at josefsson.org
Thu Dec 28 15:36:26 CET 2006

This release almost entirely consists of the many fine patches
received during my vacation.  Remember, the GnuTLS 1.7.x branch is NOT
what you want for your stable system.  It is intended for developers
and experienced users.

* Version 1.7.1 (released 2006-12-28)

** TLS 1.2 server side fix.
The Certificate Request sent did not contain the list of supported
hashes field, thus violating the protocol.  It will now contain an
empty list.  Reported by ludovic.courtes at laas.fr (Ludovic Courtès).

** TLS 1.2 DSA signature verification fix.
Reported by ludovic.courtes at laas.fr (Ludovic Courtès).

** Fix the list of trusted CAs that server's send to clients.
Before, the list contained issuer DN's instead of subject DN's of the
trusted CAs.  Reported by Max Kellermann <max at duempel.org>.

** Fix gnutls_certificate_set_x509_crl to initialize the CRL before using it.
Also added a self-test in tests/certificate_set_x509_crl.c to test the
function.  Reported by Max Kellermann <max at duempel.org>.

** Encode UID fields in DN's as DirectoryString.
Before GnuTLS encoded and parsed UID fields as IA5String.  This was
incorrect, it should have used DirectoryString.  Now it will use
DirectoryString for the UID field, but for backwards compatibility it
will also accept IA5String UID's.  Reported by Max Kellermann
<max at duempel.org>.

** Improve out-of-sourcedir builds from CVS.
Reported by ludovic.courtes at laas.fr (Ludovic Courtès).

** Bootstrap tools changed.
We now require autoconf 2.61, automake 1.10, and gettext 0.16, when
building GnuTLS from CVS.  Libtool 1.5.22 is used.

** Fixed a syntax error in lib/gnutls.asn.
Reported by Paul Millar <p.millar at physics.gla.ac.uk>.

** Added German translation of GnuTLS messages.

** Update of gnulib files.

** API and ABI modifications:
No changes since last version.

Here are the compressed sources (4.1MB):

Here are GPG detached signatures signed using key 0xB565716F:

Here are the SHA-1 and SHA-224 checksums:

db39c51200f2068bc5ce1072ef8790c5f77250ae  gnutls-1.7.1.tar.bz2
b142bbf81177b46e0d187c63509a06ae2b8cbd40  gnutls-1.7.1.tar.bz2.sig

48eae5deecf2531ae9d3426c08c7bf0a792f5ed3563e56b4a0abfe3a38975ebe  gnutls-1.7.1.tar.bz2
1b5e3bfc362baa0a17783dd35cf019b0dae4f6b25566917efe1b0ebc06bb8a85  gnutls-1.7.1.tar.bz2.sig

Improving GnuTLS is costly, but you can help!  We are looking for
organizations that find GnuTLS useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.

Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance.  We are always looking for interesting development
projects.  See http://josefsson.org/ for more details.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 419 bytes
Desc: not available
URL: </pipermail/attachments/20061228/1a38e8f0/attachment.pgp>

More information about the Gnutls-devel mailing list