[gnutls-devel] gnutls 3.4.12

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri May 20 07:46:23 CEST 2016


Hello, 
 I've just released gnutls 3.4.12. This is a bug fix release of the
current stable branch.

* Version 3.4.12 (released 2016-05-20)

** libgnutls: The CHACHA20-POLY1305 ciphersuite is enabled by default.
   This cipher is prioritized after AES-GCM.

** libgnutls: Fixes in gnutls_privkey_import_ecc_raw().

** libgnutls: Fixed gnutls_pkcs11_get_raw_issuer() usage with the
   GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. Previously that
   operation could fail on certain PKCS#11 modules.

** libgnutls: gnutls_pkcs11_obj_import_url() and
   gnutls_x509_crt_import_url() can accept the 
   GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag.

** libgnutls: gnutls_certificate_set_key() was enhanced to import the
   DNS name of the certificates if the provided names are NULL.

** libgnutls: when receiving SNI names, only save and expose to
   application the supported DNS names.

** libgnutls: when importing the certificate names at the
   gnutls_certificate_set* functions, only consider the CN as a
   fallback if DNS names are provided via the alternative name
   extension.

** gnutls-cli: on OCSP verification do not fail if we have a single
   valid reply. Report and reproducer by Thomas Klute.

** libgnutls: The GNUTLS_KEYLOGFILE environment variable can be used to
   log session keys in client side. These session keys are compatible
   with the NSS Key Log Format and can be used to decrypt the session
   for debugging using wireshark.

** API and ABI modifications:
No changes since last version.


Getting the Software
====================

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ compressed sources:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.12.tar.xz

Here are OpenPGP detached signatures signed using key 0x96865171:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.12.tar.xz.sig

Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
gmail.com>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]

regards,
Nikos




More information about the Gnutls-devel mailing list