[gnutls-devel] gnutls 3.1.10

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri Mar 22 19:47:15 CET 2013


Hello,
 I've just released gnutls 3.1.10. This release adds new features and
fixed bugs on the current stable branch. It also adds support for the
Android system (i.e., loading the trust store, but in a more efficient
way than the 3.0.x branch).

* Version 3.1.10 (released 2013-03-22)

** certtool: When generating PKCS #12 files use by default the
ARCFOUR (RC4) cipher to be compatible with devices that don't
support AES with PKCS #12.

** libgnutls: Load CA certificates in android 4.x systems.

** libgnutls: Optimized CA certificate loading.

** libgnutls: Private keys are overwritten on deinitialization.

** libgnutls: PKCS #11 slots are scanned only when needed, not
on initialization. This speeds up gnutls initialization when smart
cards are present.

** libgnutls: Corrected issue in the (deprecated) external key
signing interface, when used with TLS 1.2. Reported by Bjorn H. Christensen.

** libgnutls: Fixes in openpgp handshake with fingerprints. Reported by
Joke de Buhr.

** libgnutls-dane: Updated DANE verification options.

** configure: Trust store file must be explicitly set or unset when
cross compiling.

** API and ABI modifications:
gnutls_x509_crt_get_issuer_dn2: Added
gnutls_x509_crt_get_dn2: Added
gnutls_x509_crl_get_issuer_dn2: Added
gnutls_x509_crq_get_dn2: Added
gnutls_x509_trust_list_remove_trust_mem: Added
gnutls_x509_trust_list_remove_trust_file: Added
gnutls_x509_trust_list_remove_cas: Added
gnutls_session_get_desc: Added
gnutls_privkey_sign_raw_data: Added
gnutls_privkey_status: Added


Getting the Software
====================

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ and LZIP compressed sources:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.10.tar.xz
  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.10.tar.lz

Here are OpenPGP detached signatures signed using key 0x96865171:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.10.tar.xz.sig
  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.10.tar.lz.sig

Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
gmail.com>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]

regards,
Nikos



More information about the Gnutls-devel mailing list