[gnutls-dev] GnuTLS 2.1.2

Simon Josefsson simon at josefsson.org
Sun Oct 14 19:57:15 CEST 2007

The GnuTLS 2.1.x branch is NOT what you want for your stable system.  It
is intended for developers and experienced users.

Yes, this release breaks API/ABI backwards compatibility.  This should
probably be better documented for the 2.2 release notes.

News in this release:

* Version 2.1.2 (released 2007-10-14)

** Removed all the trustdb code from openpgp authentication.
We now use only the well-specified keyrings.

** The 256 bit ciphers are not enabled in the default priorities.

** Added support for DSA2 using libgcrypt 1.3.0.

** certtool: Fixed data corruption when using --outder.

** Removed all the xml related stubs and functions.

** Added capability to set a callback after the client hello is received
by the server in order to adjust parameters before the handshake.

** SRP was corrected to adhere to the latest draft (published soon as RFC)

** Corrected bug which did not allow a server to run without supporting

** Updated the DN parser which now prints wrongly decoded values as hex

** certtool: Add option --quick-random.
For generating low security test credentials.

** API and ABI modifications:
gnutls_x509_crt_to_xml: REMOVED
gnutls_openpgp_key_to_xml: REMOVED
gnutls_openpgp_key_verify_trustdb: REMOVED
gnutls_openpgp_trustdb_init: REMOVED
gnutls_openpgp_trustdb_deinit: REMOVED
gnutls_openpgp_trustdb_import: REMOVED
gnutls_certificate_set_openpgp_trustdb: REMOVED
gnutls_srp_client_credentials_function: CHANGED
gnutls_handshake_set_post_client_hello_function: ADDED
gnutls_mac_get_key_size: ADDED

The goals for the 2.1.x branch are tracked at:


More ideas are welcome, just create a new ticket.

Here are the compressed sources:

Improving GnuTLS is costly, but you can help!  We are looking for
organizations that find GnuTLS useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.

Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance.  We are always looking for interesting development
projects.  See http://josefsson.org/ for more details.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 419 bytes
Desc: not available
URL: </pipermail/attachments/20071014/3d1f249e/attachment.pgp>

More information about the Gnutls-devel mailing list