gnutls 2.11.1

Nikos Mavrogiannopoulos nmav at
Tue Sep 14 13:56:46 CEST 2010


The GnuTLS 2.11.x branch is NOT what you want for your stable system.
It is intended for developers and experienced users.

This is major update release that includes features such as PKCS #11
support for cryptographic objects, support for local system thread
locks, new message buffering layer, support for nettle library and more.

Here are the compressed sources:

Here is the OpenPGP signature:


* Version 2.11.1 (released 2010-09-14)

** libgnutls: Nettle is the default crypto back end. Use
--with-libgcrypt to use the libgcrypt back end.

** libgnutls: Depend on nettle 2.1. This makes nettle a fully working
backend crypto library.

** libgnutls: Added RSA_NULL_SHA1 and SHA256 ciphersuites.

** libgnutls: Several updates in the buffering internal interface.

** libgnutls: Is now more liberal in the PEM decoding. That is spaces
and tabs are being skipped.

** libgnutls: Added support for draft-pechanec-pkcs11uri-02.

** libgnutls: The %COMPAT flag now allows larger records that violate
the TLS spec.

** libgnutls: by default lowat level has been set to zero to avoid
unnecessary system calls. Applications that depended on it being 1
should explicitly call gnutls_transport_set_lowat().

** libgnutls: Updated documentation and gnutls_pk_params_t mappings
to ECRYPT II recommendations. Mappings were moved to a single location
and DSA keys are handled differently (since DSA2 allows for 1024,2048
and 3072 keys only).

** libgnutls: gnutls_x509_privkey_import() will fallback to
gnutls_x509_privkey_import_pkcs8() without a password, if it
is unable to decode the key.

** libgnutls: HMAC-MD5 no longer used by default.

** API and ABI modifications:
gnutls_openpgp_privkey_sec_param: ADDED
gnutls_x509_privkey_sec_param: ADDED

More information about the Gnutls-devel mailing list