updated openssl code

[gnutls:gnutls.git] / NEWS

GnuTLS NEWS -- History of user-visible changes.                -*- outline -*-
Copyright (C) 2000-2012 Free Software Foundation, Inc.
See the end for copying conditions.

* Version 3.0.18 (unreleased)

** certtool: Avoid a Y2K38 bug when generating certificates.
Patch by Robert Millan.

** libgnutls: Updated assembler files.

** libgnutls: Time in generated certificates is stored
as GeneralizedTime instead of UTCTime (which only stores
2 digits of a year).

** API and ABI modifications:
gnutls_x509_crt_set_private_key_usage_period: Added
gnutls_x509_crt_get_private_key_usage_period: Added
gnutls_x509_crq_set_private_key_usage_period: Added
gnutls_x509_crq_get_private_key_usage_period: Added
gnutls_session_get_random: Added


* Version 3.0.17 (released 2012-03-17)

** command line apps: Always link with local libopts.

** API and ABI modifications:
No changes since last version.


* Version 3.0.16 (released 2012-03-16)

** minitasn1: Upgraded to libtasn1 version 2.12 (pre-release).

** libgnutls: Corrected SRP-RSA ciphersuites when used under TLS 1.2.

** libgnutls: included assembler files for MacOSX.

** p11tool: Small fixes in handling of the --private command 
line option.

** certtool: The template option allows for setting the domain
component (DC) option of the distinguished name, and the ocsp_uri
as well as the ca_issuers_uri options.

** API and ABI modifications:
gnutls_x509_crt_set_authority_info_access: Added


* Version 3.0.15 (released 2012-03-02)

** test suite: Only run under valgrind in the development
system (the full git repository)

** command line apps: Link with local libopts if the 
installed is an old one.

** libgnutls: Eliminate double free during SRP
authentication. Reported by Peter Penzov.

** libgnutls: Corrections in record packet parsing.
Reported by Matthew Hall.

** libgnutls: Cryptodev updates and fixes.

** libgnutls: Corrected issue with select() that affected
FreeBSD. This prevented establishing DTLS sessions.
Reported by Andreas Metzler.

** libgnutls: Corrected rehandshake and resumption
operations in DTLS. Reported by Sean Buckheister.

** libgnutls: PKCS #11 objects that do not have ID
no longer crash listing. Reported by Sven Geggus.

** API and ABI modifications:
No changes since last version.


* Version 3.0.14 (released 2012-02-24)

** command line apps: Included libopts doesn't get installed
by default.

** libgnutls: Eliminate double free on wrongly formatted
certificate list. Reported by Remi Gacogne.

** libgnutls: cryptodev code corrected, updated to account
for hashes and GCM mode.

** libgnutls: Eliminated memory leak in PCKS #11 initialization.
Report and fix by Sam Varshavchik.

** API and ABI modifications:
No changes since last version.


* Version 3.0.13 (released 2012-02-18)

** gnutls-cli: added the --ocsp option which will verify
the peer's certificate with OCSP.

** gnutls-cli: added the --tofu and if specified, gnutls-cli
will use an ssh-style authentication method.

** gnutls-cli: if no --x509cafile is provided a default is
assumed (/etc/ssl/certs/ca-certificates.crt), if it exists.

** ocsptool: Added --ask parameter, to verify a certificate's
status from an ocsp server.

** command line apps: Use gnu autogen (libopts) to parse command
line arguments and template files.

** tests: Added stress test for DTLS packet losses and 
out-of-order receival. Contributed by Sean Buckheister.

** libgnutls: Several updates and corrections in the DTLS
DTLS lost packet handling and retransmission timeouts.
Report and patches by Sean Buckheister.

** libgnutls: Added new functions to easily allow the usage of
a trust on first use (SSH-style) authentication.

** libgnutls: SUITEB128 and SUITEB192 priority strings account
for the RFC6460 requirements.

** libgnutls: Added new security parameter GNUTLS_SEC_PARAM_LEGACY
to account for security level of 96-bits.

** libgnutls: In client side if server does not advertise any
known CAs and only a single certificate is set in the credentials,
sent that one.

** libgnutls: Added functions to parse authority key identifiers
when stored as a 'general name' and serial combo.

** libgnutls: Added function to force explicit reinitialization
of PKCS #11 modules. This is required on the child process after
a fork (if PKCS #11 functionality is desirable).

** libgnutls: Depend on p11-kit 0.11.

** API and ABI modifications:
gnutls_dtls_get_timeout: Added
gnutls_verify_stored_pubkey: Added
gnutls_store_pubkey: Added
gnutls_store_commitment: Added
gnutls_x509_crt_get_authority_key_gn_serial: Added
gnutls_x509_crl_get_authority_key_gn_serial: Added
gnutls_pkcs11_reinit: Added
gnutls_ecc_curve_list: Added
gnutls_priority_certificate_type_list: Added
gnutls_priority_sign_list: Added
gnutls_priority_protocol_list: Added
gnutls_priority_compression_list: Added
gnutls_priority_ecc_curve_list: Added
gnutls_tdb_init: Added
gnutls_tdb_set_store_func: Added
gnutls_tdb_set_store_commitment_func: Added
gnutls_tdb_set_verify_func: Added
gnutls_tdb_deinit: Added


* Version 3.0.12 (released 2012-01-20)

** libgnutls: Added OCSP support.
There is a new header file gnutls/ocsp.h and a set of new functions
under the gnutls_ocsp namespace.  Currently the functionality provided
is to parse and extract information from OCSP requests/responses, to
generate OCSP requests and to verify OCSP responses.  See the manual
for more information.  Run ./configure with --disable-ocsp to build
GnuTLS without OCSP support.

This work was sponsored by Smoothwall <http://smoothwall.net/>.

** ocsptool: Added new command line tool.
The tool can parse OCSP request/responses, generate OCSP requests and
verify OCSP responses.  See the manual for more information.

** certtool: --outder option now works for private
and public keys as well.

** libgnutls: Added error code GNUTLS_E_NO_PRIORITIES_WERE_SET
to warn when no or insufficient priorities were set.

** libgnutls: Corrected an alignment issue in ECDH
key generation which prevented some keys from being
correctly aligned in rare circumstances.

** libgnutls: Corrected memory leaks in DH parameter
generation and ecc_projective_check_point().

** libgnutls: Added gnutls_x509_dn_oid_name() to 
return a descriptive name of a DN OID.

** API and ABI modifications:
gnutls_pubkey_encrypt_data: Added
gnutls_x509_dn_oid_name: Added
gnutls_session_resumption_requested: Added
gnutls/ocsp.h: Added new header file.
gnutls_ocsp_print_formats_t: Added new type.
gnutls_ocsp_resp_status_t: Added new type.
gnutls_ocsp_cert_status_t: Added new type.
gnutls_x509_crl_reason_t: Added new type.
gnutls_ocsp_req_add_cert: Added.
gnutls_ocsp_req_add_cert_id: Added.
gnutls_ocsp_req_deinit: Added.
gnutls_ocsp_req_export: Added.
gnutls_ocsp_req_get_cert_id: Added.
gnutls_ocsp_req_get_extension: Added.
gnutls_ocsp_req_get_nonce: Added.
gnutls_ocsp_req_get_version: Added.
gnutls_ocsp_req_import: Added.
gnutls_ocsp_req_init: Added.
gnutls_ocsp_req_print: Added.
gnutls_ocsp_req_randomize_nonce: Added.
gnutls_ocsp_req_set_extension: Added.
gnutls_ocsp_req_set_nonce: Added.
gnutls_ocsp_resp_deinit: Added.
gnutls_ocsp_resp_export: Added.
gnutls_ocsp_resp_get_certs: Added.
gnutls_ocsp_resp_get_extension: Added.
gnutls_ocsp_resp_get_nonce: Added.
gnutls_ocsp_resp_get_produced: Added.
gnutls_ocsp_resp_get_responder: Added.
gnutls_ocsp_resp_get_response: Added.
gnutls_ocsp_resp_get_signature: Added.
gnutls_ocsp_resp_get_signature_algorithm: Added.
gnutls_ocsp_resp_get_single: Added.
gnutls_ocsp_resp_get_status: Added.
gnutls_ocsp_resp_get_version: Added.
gnutls_ocsp_resp_import: Added.
gnutls_ocsp_resp_init: Added.
gnutls_ocsp_resp_print: Added.
gnutls_ocsp_resp_verify: Added.

* Version 3.0.11 (released 2012-01-06)

** libgnutls: Corrected functionality of 
gnutls_record_get_direction(). Reported by Philip Allison.

** libgnutls: Provide less timing information when decoding
TLS/DTLS record packets. Patch by Nadhem Alfardan.

** API and ABI modifications:
No changes since last version.


* Version 3.0.10 (released 2012-01-04)

** gnutls-cli/serv: Set don't fragment bit in DTLS sessions
in Linux as well as in BSD.

** gnutls-cli: Fixed reading from windows terminals.

** libgnutls: When GNUTLS_OPENPGP_FMT_BASE64 is specified
the stream is assumed to be base64 encoded (previously
the encoding was auto-detected). This avoids a decoding
issue in windows systems.

** libgnutls: Corrected ciphersuite GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384

** libgnutls: Added ciphersuites: GNUTLS_PSK_WITH_AES_256_GCM_SHA384
and GNUTLS_DHE_PSK_WITH_AES_256_GCM_SHA384.

** libgnutls: Added function gnutls_random_art() to convert 
fingerprints to images (currently ascii-art).

** libgnutls: Corrected bug in DSA private key parsing, which
prevented the verification of the key.

** API and ABI modifications:
gnutls_random_art: Added


* Version 3.0.9 (released 2011-12-13)

** certtool: Added new parameter --dh-info.

** certtool: -l option was overloaded so if combined with --priority
it will only list the ciphersuites that are enabled by the given
priority string.

** libgnutls: Added new priority string %SERVER_PRECEDENCE, which
changes the ciphersuite selection procedure. If specified the server
priorities will be used for selection instead of the client's.

** libgnutls: Optimizations in Diffie-Hellman parameters generation
and key exchange.

** libgnutls: When session tickets are negotiated and used in a
session, a server will not store that session data into its cache.

** libgnutls: Added the SECP192R1 curve.

** libgnutls: Added gnutls_priority_get_cipher_suite_index() to
allow listing the ciphersuites enabled in a priority structure.
It outputs an index to be used in gnutls_get_cipher_suite_info().

** libgnutls: Optimizations in the elliptic curve code --timing
attacks resistant code is only used in ECDSA private key operations.

** doc: man pages for API functions generation was fixed and are
now added again in the distribution.

** API and ABI modifications:
GNUTLS_ECC_CURVE_SECP192R1: New curve definition
gnutls_priority_get_cipher_suite_index: Added


* Version 3.0.8 (released 2011-11-12)

** certtool: Certtool -e returns error code on verification
failure.

** certtool: Verifies parameters of generated keys.

** libgnutls: Corrected ECC key generation (introduced in 3.0.6)

** libgnutls: Provide less timing information when decoding
TLS/DTLS record packets.

** doc: man pages for API functions were removed.
The reason was that the code that auto-generated the man pages missed
many APIs and we couldn't fix it (volunteers welcome).  See the info
manual or the GTK-DOC manual instead.

** API and ABI modifications:
gnutls_x509_privkey_verify_params: Added


* Version 3.0.7 (released 2011-11-08)

** libgnutls: Corrected fix in gnutls_session_get_data()
to report the actual session size when the provided buffer
is not enough.

** libgnutls: Fixed ciphersuite GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256,
which was using a wrong MAC algorithm. Reported by Fabrice Gautier.

** API and ABI modifications:
No changes since last version.


* Version 3.0.6 (released 2011-11-07)

** gnutls-guile: Compilation fixes.

** libgnutls: Fixed possible buffer overflow in 
gnutls_session_get_data(). Reported and fix by Alban Crequy.

** libgnutls: Bug fixes in the ciphersuites with NULL cipher.
Reported by Fabrice Gautier.

** libgnutls: Bug fixes in ECC code for 64-bit MIPS systems. 
Thanks to Joseph Graham for providing access to such a system.

** libgnutls: Correctly report ECC private key parsing errors.
Reported by Fabrice Gautier.

** libgnutls: In ECDHE verify that the received point lies on
the selected curve. The ECDHE ciphersuites now take precendence
to plain DHE.

** API and ABI modifications:
No changes since last version.


* Version 3.0.5 (released 2011-10-27)

** libgnutls-extra: is no more

** libgnutls: Corrections in order to compile with mingw32.

** libgnutls: Corrections in VIA padlock code for VIA C5 processor
and new detection of PHE with support for partial hashing.

** libgnutls: Corrected bug in gnutls_x509_data2hex. Report and fix 
by Vincent Untz.

** minitasn1: Upgraded to libtasn1 version 2.10.

** API and ABI modifications:
No changes since last version.


* Version 3.0.4 (released 2011-10-15)

** libgnutls-extra: gnutls_register_md5_handler() was
removed.

** gnutls-cli-debug: Added more tests including AES-GCM,
SHA256 and elliptic curves.

** gnutls-cli: Added --benchmark-soft-ciphers to benchmark
the software version of the ciphers instead of hw accelerated 
(where available)

** libgnutls: Public key ID calculation is consistent among
all structures. It uses a SHA-1 hash of the subjectPublicKeyInfo.

** libgnutls: gnutls_privkey_t allows setting external callback
to perform signing or decryption. Can be set using
gnutls_privkey_import_ext()

** libgnutls: A certificate credentials structure can be
used with a gnutls_privkey_t and a gnutls_pcert_st
structure using gnutls_certificate_set_key().

** libgnutls: Fixes to enable external signing callback to
operate with TLS 1.2. 

** libgnutls: Fixed crash when printing ECDSA certificate key 
ID. Reported by Erik Jensen.

** libgnutls: Corrected VIA padlock code for C3. In C3 benchmarks 
show a 50x increase in AES speed and a 14x increase in VIA nano. Added 
support for hashes and HMACs.

** libgnutls: Compilation fixed when p11-kit is not detected.

** libgnutls: Fixed the deflate compression code.

** libgnutls: Added gnutls_x509_crt_get_authority_info_access.
Used to get the PKIX Authority Information Access (AIA) field.

** libgnutls: gnutls_x509_crt_print supports printing AIA fields.

** libgnutls: Added ability to gnutls_privkey_t to operate with
signing callback function.

** API and ABI modifications:
gnutls_x509_crt_get_authority_info_access (x509.h): Added function.
gnutls_privkey_import_ext: Added function.
gnutls_certificate_set_key: Added function.
gnutls_info_access_what_t (x509.h): Added enum.
GNUTLS_OID_AIA (x509.h): Added symbol.
GNUTLS_OID_AD_OCSP (x509.h): Added symbol.
GNUTLS_OID_AD_CAISSUERS (x509.h): Added symbol.

* Version 3.0.3 (released 2011-09-18)

** libgnutls: Added gnutls_record_get_discarded() to return the
number of discarded records in a DTLS session.

** libgnutls: All functions related to RSA-EXPORT were deprecated.
Support for RSA-EXPORT ciphersuites will be ceased in future versions.

** libgnutls: Memory leak fixes in credentials private key 
deinitialization. Reported by Dan Winship.

** libgnutls: Memory leak fixes in ECC ciphersuites.

** libgnutls: Do not send an empty extension structure in server 
hello. This affected old implementations that do not support extensions. 
Reported by J. Cameijo Cerdeira.

** libgnutls: Allow CA importing of 0 certificates to succeed.
Reported by Jonathan Nieder <jrnieder@gmail.com> in
<http://bugs.debian.org/640639>.

** libgnutls: Added support for VIA padlock AES optimizations.
(disabled by default)

** libgnutls: Added support for elliptic curves in
PKCS #11.

** libgnutls: Added gnutls_pkcs11_privkey_generate()
to allow generating a key in a token.

** p11tool: Added generate-rsa, generate-dsa and 
generate-ecc options to allow generating private
keys in the token.

** libgnutls: gnutls_transport_set_lowat dummy macro was 
removed.

** API and ABI modifications:
gnutls_pkcs11_privkey_generate: Added
gnutls_pubkey_import_ecc_raw: Added
gnutls_pubkey_import_ecc_x962: Added
gnutls_pubkey_get_pk_ecc_x962: Added
gnutls_record_get_discarded: Added


* Version 3.0.2 (released 2011-09-01)

** libgnutls: OpenPGP certificate type is not enabled
by default.

** libgnutls: Added %NO_EXTENSIONS priority string.

** libgnutls: Corrected issue in gnutls_record_recv()
triggered on encryption or compression error.

** libgnutls: Compatibility fixes in CPU ID detection 
for i386 and old GCC.

** gnutls-cli: Benchmark applications were incorporated
with it.

** libgnutls: Corrected parsing of XMPP subject
alternative names.

** libgnutls: Allow for out-of-order ChangeCipherSpec
message in DTLS.

** libgnutls: gnutls_certificate_set_x509_key() and
gnutls_certificate_set_openpgp_key() operate as in 2.10.x
and allow the release of the private key during the
lifetime of the certificate structure.

** API and ABI modifications:
GNUTLS_PRIVKEY_IMPORT_COPY: new gnutls_privkey_import() flag


* Version 3.0.1 (released 2011-08-20)

** libgnutls: gnutls_certificate_set_x509_key_file() and 
friends support server name indication. If multiple 
certificates are set using these functions the proper one 
will be selected during a handshake. 

** libgnutls: Added AES-256-GCM which was left out from
the previous release. Reported by Benjamin Hof.

** libgnutls: When asking for a PKCS# 11 PIN multiple 
times, the flags in the callback were not being updated 
to reflect for PIN low count or final try.

** libgnutls: Do not allow second instances of PKCS #11
modules.

** libgnutls: fixed alignment issue in AES-NI code.

** libgnutls: The config file at gnutls_pkcs11_init()
is being read if provided.

** libgnutls: Ensure that a certificate list specified
using gnutls_certificate_set_x509_key() and friends, is 
sorted according to TLS specification (from subject to issuer).

** libgnutls: Added GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag for
gnutls_x509_crt_list_import. It checks whether the list to be 
imported is properly sorted.

** crywrap: Added to the distribution. It is an application
that proxies TLS session to a port using a plaintext service.

** doc: Many GTK-DOC improvements.

** i18n: Translations were updated.

** API and ABI modifications:
GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED: New element in gnutls_certificate_import_flags
GNUTLS_PKCS11_PIN_WRONG: New flag for PIN callback


* Version 3.0.0 (released 2011-07-29)

** libgnutls: writev_emu: stop on the first incomplete write. Patch by
Sjoerd Simons.

** libgnutls: Fix zlib handling in gnutls.pc. Patch by Andreas
Metzler.

** certtool: bug fixes in certificate request generation. Patch
by Petr Písař.

** API and ABI modifications:
gnutls_pcert_list_import_x509_raw: ADDED


* Version 2.99.4 (released 2011-07-23)

** doc: documentation updates.

** libgnutls: gnutls_rsa_params_t is now identical to gnutls_x509_privkey_t
to avoid thread-safety issues. Reported by Sam Varshavchik.

** libgnutls: Added compatibility mode with /etc/gnutls/pkcs11.conf

** libgnutls: license upgraded to LGPLv3

** libgnutls: gnutls_srp_verifier() returns data allocated with gnutls_malloc()
for consistency.

** API and ABI modifications:
No changes since last version.


* Version 2.99.3 (released 2011-06-18)

** libgnutls: Added new PKCS #11 flags to force an object being private or
not. (GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE and GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE)

** libgnutls: Added SUITEB128 and SUITEB192 priority
strings to enable the NSA SuiteB cryptography ciphersuites.

** libgnutls: Added gnutls_pubkey_verify_data2() that will
verify data provided the signature algorithm.

** libgnutls: Simplified the handling of handshake messages to 
be hashed. Instead of hashing during the handshake process we now 
keep the data until handshake is over and hash them on request. 
This uses more memory but eliminates issues with TLS 1.2 and 
simplifies code.

** libgnutls: Added AES-GCM optimizations using the PCLMULQDQ
instruction. Uses Andy Polyakov's assembly code.

** libgnutls: Added gnutls_x509_trust_list_add_named_crt() and
gnutls_x509_trust_list_verify_named_crt() that allow having a
list of certificates in the trusted list that will be associated
with a name (e.g. server name) and will not be used as CAs.

** libgnutls: PKCS #11 back-end rewritten to use p11-kit
http://p11-glue.freedesktop.org/p11-kit.html. Rewrite by
Stef Walter.

** libgnutls: Added ECDHE-PSK ciphersuites for TLS (RFC 5489).

** API and ABI modifications:
gnutls_pubkey_verify_data2: ADDED
gnutls_ecc_curve_get: ADDED
gnutls_x509_trust_list_add_named_crt: ADDED
gnutls_x509_trust_list_verify_named_crt: ADDED
gnutls_x509_privkey_verify_data: REMOVED
gnutls_crypto_bigint_register: REMOVED
gnutls_crypto_cipher_register: REMOVED
gnutls_crypto_digest_register: REMOVED
gnutls_crypto_mac_register: REMOVED
gnutls_crypto_pk_register: REMOVED
gnutls_crypto_rnd_register: REMOVED
gnutls_crypto_single_cipher_register: REMOVED
gnutls_crypto_single_digest_register: REMOVED
gnutls_crypto_single_mac_register: REMOVED
GNUTLS_KX_ECDHE_PSK: New key exchange method
GNUTLS_VERIFY_DISABLE_CRL_CHECKS: New certificate verification flag.
GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE: New PKCS#11 object flag.
GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE: New PKCS#11 object flag.


* Version 2.99.2 (released 2011-05-26)

** libgnutls: Added Elliptic curve support. This is not
enabled by default. Requires priority strings:
+CURVE-ALL: to add all supported curves
+ECDHE-RSA: to add ephemeral ECDHE with an RSA-signed certificate
+ECDHE-ECDSA: to add ephemeral ECDHE with an ECDSA-signed certificate
+ANON-ECDHE: to add anonymous ECDH

** libgnutls: PKCS #11 URLs conform to the latest draft
being http://tools.ietf.org/html/draft-pechanec-pkcs11uri-04.

** certtool: Can now load private keys and public keys from PKCS #11 tokens
via URLs.

** libgnutls: Added gnutls_global_set_audit_log_function() that allows
to get important auditing information including the corresponding session.
That might be useful to block DoS or other attacker from specific IPs.

** libgnutls: gnutls_pkcs11_privkey_import_url() will now correctly read
the public key algorithm of the key.

** libgnutls: Added gnutls_certificate_get_issuer() and
gnutls_x509_trust_list_get_issuer() to compensate for the
missing gnutls_certificate_get_x509_cas().

** libgnutls: Added gnutls_x509_crq_verify() to allow
verification of the self signature in a certificate request.
This allows verifying whether the owner of the private key
is the generator of the request.

** libgnutls: gnutls_x509_crt_set_crq() implicitly verifies
the self signature of the request.

** API and ABI modifications:
gnutls_certificate_get_issuer: ADDED
gnutls_x509_trust_list_get_issuer: ADDED
gnutls_x509_crq_verify: ADDED
gnutls_global_set_audit_log_function: ADDED
gnutls_ecc_curve_get_name: ADDED
gnutls_ecc_curve_get_size: ADDED
gnutls_x509_privkey_import_ecc_raw: ADDED
gnutls_x509_privkey_export_ecc_raw: ADDED
gnutls_global_set_time_function: ADDED

GNUTLS_E_ECC_NO_SUPPORTED_CURVES: New error code
GNUTLS_E_ECC_UNSUPPORTED_CURVE: New error code
GNUTLS_KX_ECDHE_RSA: New key exchange method
GNUTLS_KX_ECDHE_ECDSA: New key exchange method
GNUTLS_KX_ANON_ECDH: New key exchange method
GNUTLS_PK_ECC: New public key algorithm
GNUTLS_SIGN_ECDSA_SHA1: New signature algorithm
GNUTLS_SIGN_ECDSA_SHA256: New signature algorithm
GNUTLS_SIGN_ECDSA_SHA384: New signature algorithm
GNUTLS_SIGN_ECDSA_SHA512: New signature algorithm 
GNUTLS_SIGN_ECDSA_SHA224: New signature algorithm
GNUTLS_ECC_CURVE_INVALID: New curve definition
GNUTLS_ECC_CURVE_SECP224R1: New curve definition
GNUTLS_ECC_CURVE_SECP256R1: New curve definition
GNUTLS_ECC_CURVE_SECP384R1: New curve definition
GNUTLS_ECC_CURVE_SECP521R1: New curve definition


* Version 2.99.1 (released 2011-04-23)

** libgnutls: LZO support was removed.

** libgnutls: Corrections in SSLv2 client hello parsing.

** libgnutls: Added support for AES-NI if detected. Uses
Andy Polyakov's AES-NI code.

** libgnutls: Restored HMAC-MD5 for compatibility. Although considered 
weak, several sites require it for connection. It is enabled for
"NORMAL" and "PERFORMANCE" priority strings.

** libgnutls: depend on libdl.

** libgnutls-extra: Dropped support of LZO compression via liblzo.

** libgnutls: gnutls_transport_set_global_errno() was removed. This
function required GnuTLS to access system specific data, for no reason.
Use gnutls_transport_set_errno(), or your system's errno fascility
instead.

** libgnutls: Added gnutls_certificate_set_retrieve_function2()
to set a callback to retrieve a certificate. The certificate is
received in a format that requires no processing from gnutls thus
it is suitable when performance is required.

** API and ABI modifications:
gnutls_transport_set_global_errno: REMOVED
gnutls_certificate_set_retrieve_function2: ADDED

* Version 2.99.0 (released 2011-04-09)

** libgnutls: Added Datagram TLS support.

** libgnutls: Uses a single configure file and a single
gnulib library to save space.

** libgnutls: Several bug fixes.

** libgnutls: gnutls_transport_set_lowat() is no more.

** libgnutls-openssl: modified to use modern gnutls' functions.
This introduces an ABI incompatibility with previous versions.

** libgnutls: Corrected signature generation and verification
in the Certificate Verify message when in TLS 1.2. Reported
by Todd A. Ouska.

** libgnutlsxx: The C++ interface returns exception on
every error and not only on fatal ones. This allows easier
handling of errors.

** libgnutls: Corrected issue in DHE-PSK ciphersuites that ignored    
the PSK callback.

** libgnutls: SRP and PSK are no longer set on the default priorities. 
They have to be explicitly set.

** libgnutls: During handshake message verification using DSS
use the hash algorithm required by it.

** libgnutls: gnutls_recv() return GNUTLS_E_PREMATURE_TERMINATION
on unexpected EOF, instead of GNUTLS_E_UNEXPECTED_PACKET_LENGTH.

** libgnutls: Added GCM mode (interoperates with tls.secg.org)

** libgnutls-extra: Inner application extension was removed.
It was never standardized nor published as an RFC.

** libgnutls: Added new certificate verification functions, that
can provide more details and are more efficient. Check 
gnutls_x509_trust_list_*.

** certtool: Uses the new certificate verification functions for
--verify-chain.

** certtool: Added new certificate verification functionality
using the --verify option. Combined with --load-ca-certificate
it can verify a certificate chain against a list of certificates.

** Several files unnecessarily included <gcrypt.h>; this has been fixed.

** API and ABI modifications:
gnutls_dtls_set_timeouts: ADDED
gnutls_dtls_get_mtu: ADDED
gnutls_dtls_get_data_mtu: ADDED
gnutls_dtls_set_mtu: ADDED
gnutls_dtls_cookie_send: ADDED
gnutls_dtls_cookie_verify: ADDED
gnutls_dtls_prestate_set: ADDED
gnutls_x509_trust_list_verify_crt: ADDED
gnutls_x509_trust_list_add_crls: ADDED
gnutls_x509_trust_list_add_cas: ADDED
gnutls_x509_trust_list_init: ADDED
gnutls_x509_trust_list_deinit: ADDED
gnutls_cipher_add_auth: ADDED
gnutls_cipher_tag: ADDED
gnutls_psk_netconf_derive_key: REMOVED
gnutls_certificate_verify_peers: REMOVED
gnutls_session_set_finished_function: REMOVED
gnutls_ext_register: REMOVED
gnutls_certificate_get_x509_crls: REMOVED
gnutls_certificate_get_x509_cas: REMOVED
gnutls_certificate_get_openpgp_keyring: REMOVED
gnutls_session_get_server_random: REMOVED
gnutls_session_get_client_random: REMOVED
gnutls_session_get_master_secret: REMOVED
gnutls_ia_allocate_client_credentials: REMOVED
gnutls_ia_allocate_server_credentials: REMOVED
gnutls_ia_enable: REMOVED
gnutls_ia_endphase_send: REMOVED
gnutls_ia_extract_inner_secret: REMOVED
gnutls_ia_free_client_credentials: REMOVED
gnutls_ia_free_server_credentials: REMOVED
gnutls_ia_generate_challenge: REMOVED
gnutls_ia_get_client_avp_ptr: REMOVED
gnutls_ia_get_server_avp_ptr: REMOVED
gnutls_ia_handshake: REMOVED
gnutls_ia_handshake_p: REMOVED
gnutls_ia_permute_inner_secret: REMOVED
gnutls_ia_recv: REMOVED
gnutls_ia_send: REMOVED
gnutls_ia_set_client_avp_function: REMOVED
gnutls_ia_set_client_avp_ptr: REMOVED
gnutls_ia_set_server_avp_function: REMOVED
gnutls_ia_set_server_avp_ptr: REMOVED
gnutls_ia_verify_endphase: REMOVED


* Version 2.12.2 (released 2011-04-08)

** libgnutls: Several updates and fixes for win32. Patches by LRN.

** libgnutls: Several bug and memory leak fixes.

** srptool: Accepts the -d option to enable debugging.

** libgnutls: Corrected bug in gnutls_srp_verifier() that prevented
the allocation of a verifier. Reported by Andrew Wiseman.

** API and ABI modifications:
No changes since last version.


* Version 2.12.1 (released 2011-04-02)

** certtool: Generated certificate request with stricter permissions.
Reported by Luca Capello.

** libgnutls: Bug fixes in opencdk code. Reported by Vitaly Kruglikov.

** libgnutls: Corrected windows system_errno() function prototype.

** libgnutls: C++ compatibility fix for compat.h. Reported by Mark Brand.

** libgnutls: Fix size of gnutls_openpgp_keyid_t by using the
GNUTLS_OPENPGP_KEYID_SIZE definition. Reported by Andreas Metzler.

** API and ABI modifications:
No changes since last version.




* Version 2.12.0 (released 2011-03-24)

** certtool: Warns on generation of DSA keys of over 1024 bits, about
the incompatibility with TLS other than 1.2.

** libgnutls: Modified signature algorithm selection in client
certificate request, to avoid failures in DSA certificates.

** libgnutls: Instead of failing with internal error, return 
GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL if an incompatible DSA
key with the negotiated protocol is encountered.

** libgnutls: Bug fixes in the RSA ciphersuite behavior with openpgp keys.

** libgnutls: Force state update when fork is detected in the nettle
rng.

** libgnutls: modified gnutls_pubkey_import_openpgp() to use the preferred
subkey instead of setting explicitly one.

** libgnutls: Corrected default behavior in record version of Client Hellos.

** libgnutls-openssl: modified to use modern gnutls' functions.
This introduces an ABI incompatibility with previous versions.

** API and ABI modifications:
gnutls_pubkey_import_openpgp: MODIFIED


* Version 2.11.7

** libgnutls: The deprecated  gnutls_x509_privkey_sign_hash() was
replaced by gnutls_privkey_sign_hash2().

** libgnutls: gnutls_pubkey_verify_data, gnutls_pubkey_verify_hash,
gnutls_x509_privkey_verify_data, gnutls_x509_crt_verify_data, 
gnutls_x509_crt_verify_hash return the negative error code 
GNUTLS_E_PK_SIG_VERIFY_FAILED if verification fails to simplify error 
checking.

** libgnutls: Added helper functions for signature verification:
gnutls_pubkey_verify_data() and gnutls_pubkey_import_privkey().

** libgnutls: Modified gnutls_privkey_sign_data().

** gnutls_x509_crl_privkey_sign2(), gnutls_x509_crq_sign2()
gnutls_x509_privkey_sign_hash(), gnutls_x509_privkey_sign_data(),
gnutls_x509_crt_verify_hash(), gnutls_x509_crt_verify_data(), were
deprecated for gnutls_x509_crl_privkey_sign(),
gnutls_x509_crq_privkey_sign(), gnutls_privkey_sign_hash(),
gnutls_privkey_sign_data(), gnutls_pubkey_verify_hash()
gnutls_pubkey_verify_data() respectively.

** libgnutls: gnutls_*_export_raw() functions now add leading zero in
integers.

** libgnutls: Added convenience functions gnutls_x509_crl_list_import2()
and gnutls_x509_crt_list_import2().

** crypto.h: Fix use with C++.
Reported by "Brendan Doherty" <brendand@gentrack.com>.

** API and ABI modifications:
gnutls_x509_crl_list_import: ADDED
gnutls_x509_crl_list_import2: ADDED
gnutls_x509_crt_list_import2: ADDED
gnutls_x509_crl_get_raw_issuer_dn: ADDED
gnutls_pubkey_import_privkey: ADDED
gnutls_pubkey_verify_data: ADDED
gnutls_privkey_sign_hash: MODIFIED (was added in 2.11.0)
gnutls_privkey_sign_data: MODIFIED (was added in 2.11.0)
gnutls_x509_crq_sign2: DEPRECATED (use: gnutls_x509_crq_privkey_sign)
gnutls_x509_crq_sign: DEPRECATED (use: gnutls_x509_crq_privkey_sign)
gnutls_x509_crq_get_preferred_hash_algorithm: REMOVED (was added in 2.11.0)
gnutls_x509_crl_sign: DEPRECATED (use: gnutls_x509_crl_privkey_sign)
gnutls_x509_crl_sign2: DEPRECATED (use: gnutls_x509_crl_privkey_sign)
gnutls_x509_privkey_sign_data: DEPRECATED (use: gnutls_privkey_sign_data2)
gnutls_x509_privkey_sign_hash: DEPRECATED (use: gnutls_privkey_sign_hash2)
gnutls_x509_privkey_verify_data: DEPRECATED (use: gnutls_pubkey_verify_data)
gnutls_session_set_finished_function: DEPRECATED
gnutls_x509_crt_verify_hash: DEPRECATED (use: gnutls_pubkey_verify_hash)
gnutls_x509_crt_verify_data: DEPRECATED (use: gnutls_pubkey_verify_data)
gnutls_x509_crt_get_verify_algorithm: DEPRECATED (use: gnutls_pubkey_get_verify_algorithm)
gnutls_x509_crt_get_preferred_hash_algorithm: DEPRECATED (use: gnutls_pubkey_get_preferred_hash_algorithm)
gnutls_openpgp_privkey_sign_hash: DEPRECATED (use: gnutls_privkey_sign_hash2)
gnutls_pkcs11_privkey_sign_hash: REMOVED (was added in 2.11.0)
gnutls_pkcs11_privkey_decrypt_data: REMOVED (was added in 2.11.0)
gnutls_privkey_sign_hash: REMOVED (was added in 2.11.0)

* Version 2.11.6 (released 2010-12-06)

** libgnutls: Record version of Client Hellos is now set by default to
SSL 3.0. To restore the previous default behavior use %LATEST_RECORD_VERSION
priority string.

** libgnutls: Use ASN1_NULL when writing parameters for RSA signatures. 
This makes us comply with RFC3279. Reported by Michael Rommel.

** gnutls-serv: Corrected a buffer overflow. Reported and patch by Tomas Mraz.

** API and ABI modifications:
No changes since last version.

* Version 2.11.5 (released 2010-12-01)

** libgnutls: Reverted default behavior for verification and
introduced GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT. Thus by default
V1 trusted CAs are allowed, unless the new flag is specified.

** libgnutls: Correctly add leading zero to PKCS #8 encoded DSA key.
Reported by Jeffrey Walton.

** libgnutls: Added SIGN-ALL, CTYPE-ALL, COMP-ALL, and VERS-TLS-ALL
as priority strings. Those allow to set all the supported algorithms
at once.

** p11tool: Introduced. It allows manipulating pkcs 11 tokens.

** gnutls-cli: Print channel binding only in verbose mode.
Before it printed it after the 'Compression:' output, thus breaking
Emacs starttls.el string searches.

** API and ABI modifications:
gnutls_pkcs11_token_init: New function
gnutls_pkcs11_token_set_pin: New function

* Version 2.11.4 (released 2010-10-15)

** libgnutls: Add new API gnutls_session_channel_binding.
The function is used to get the channel binding data.  Currently only
the "tls-unique" (RFC 5929) channel binding type is supported, through
the GNUTLS_CB_TLS_UNIQUE type.  See new section "Channel Bindings" in
the manual.

** gnutls-cli, gnutls-serv: Print 'tls-unique' Channel Bindings.

** doc: Added pkcs11.h header file to GTK-DOC manual.

** build: Update gnulib files.

** i18n: Update translations.

** tests: Add self tests gendh.c.  Speed up Guile self checks.

** API and ABI modifications:
gnutls_session_channel_binding: New function.
gnutls_channel_binding_t: New enumeration.
GNUTLS_CB_TLS_UNIQUE: New gnutls_channel_binding_t enum member.
GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE: New error code.

* Version 2.11.3 (released 2010-10-14)

** Indent code to follow the GNU Coding Standard.
You should be able to unpack the 2.11.2 release and run 'make indent'
twice to get exactly the same content as 2.11.3 except for generated
files.  Using GNU Indent 2.2.11.

** API and ABI modifications:
No changes since last version.

* Version 2.11.2 (released 2010-10-08)

** libgnutls: Several bug fixes on session resumption
and session tickets support.

** libgnutls: Add new extended key usage ipsecIKE.

** certtool: Renamed PKCS #11 options to: --p11-provider,
--p11-export-url, --p11-list-certs, --p11-list-certs,
--p11-list-privkeys, --p11-list-trusted, --p11-list-all-certs,
--p11-list-all, --p11-list-tokens, --p11-login, --p11-write,
--p11-write-label, --p11-write-trusted, --p11-detailed-url,
--p11-delete-url

** libgnutls: Corrected bug that caused importing DSA keys as RSA,
introduced with the new nettle code.

** libgnutls: Corrected advertizing issue for session tickets.

** API and ABI modifications:
gnutls_x509_crt_get_subject_unique_id: ADDED.
gnutls_x509_crt_get_issuer_unique_id: ADDED.

* Version 2.11.1 (released 2010-09-14)

** libgnutls: Nettle is the default crypto back end. Use --with-libgcrypt
to use the libgcrypt back end.

** libgnutls: Depend on nettle 2.1. This makes nettle a fully working
backend crypto library.

** libgnutls: Added RSA_NULL_SHA1 and SHA256 ciphersuites.

** libgnutls: Several updates in the buffering internal interface.

** libgnutls: Is now more liberal in the PEM decoding. That is spaces and 
tabs are being skipped.

** libgnutls: Added support for draft-pechanec-pkcs11uri-02.

** libgnutls: The %COMPAT flag now allows larger records that violate the
TLS spec.

** libgnutls: by default lowat level has been set to zero to avoid unnecessary
system calls. Applications that depended on it being 1 should explicitly call
gnutls_transport_set_lowat().

** libgnutls: Updated documentation and gnutls_pk_params_t mappings
to ECRYPT II recommendations. Mappings were moved to a single location
and DSA keys are handled differently (since DSA2 allows for 1024,2048
and 3072 keys only).

** libgnutls: gnutls_x509_privkey_import() will fallback to
gnutls_x509_privkey_import_pkcs8() without a password, if it
is unable to decode the key.

** libgnutls: HMAC-MD5 no longer used by default.

** API and ABI modifications:
gnutls_openpgp_privkey_sec_param: ADDED
gnutls_x509_privkey_sec_param: ADDED

* Version 2.11.0 (released 2010-07-22)

** libgnutls: support scattered write using writev(). This takes
advantage of the new buffering layer and allows queuing of packets
and flushing them. This is currently used for handshake messages
only.

** libgnutls: Added gnutls_global_set_mutex() to allow setting
alternative locking procedures. By default the system available
locking is used. In *NIX pthreads are used and in windows the
critical section API. This follows a different approach than the
previous versions that depended on libgcrypt initialization. The
locks are now set by default in systems that support it. Programs
that used gcry_control() to set thread locks should insert it into
a block of
#if GNUTLS_VERSION_NUMBER <= 0x020b00
        gcry_control(...)
#endif

** libgnutls: Added support for reading DN from EV-certificates.
New DN values:
jurisdictionOfIncorporationLocalityName,
jurisdictionOfIncorporationStateOrProvinceName,
jurisdictionOfIncorporationCountryName

** libgnutls: Added support for DSA signing/verifying with bit 
length over 1024.

** libgnutls-extra: When in FIPS mode gnutls_global_init_extra()
has to be called to register any required md5 handlers.

** libgnutls: Internal buffering code was replaced by simpler
code contributed by Jonathan Bastien-Filiatrault.

** libgnutls: Internal API for extensions augmented to allow
safe storing and loading of data on resumption. This allows writing
self-contained extensions (when possible). As a side effect
the OPRFI extension was removed.

** libgnutls: Added support for DSA-SHA256 and DSA-SHA224

** libgnutls: Added PKCS #11 support and an API to access objects in
gnutls/pkcs11.h. Currently certificates and public keys can be
imported from tokens, and operations can be performed on private keys.

** libgnutls: Added abstract gnutls_privkey_t and gnutls_pubkey_t

** libgnutls: Added initial support for the nettle library. It uses
the system's random generator for seeding. That is /dev/urandom in Linux, 
system calls in Win32 and EGD on other systems.

** libgnutls: Corrected issue on the %SSL3_RECORD_VERSION priority string. It now
    works even when resuming a session.

** libgnutls: Added gnutls_certificate_set_retrieve_function() to replace the
similar gnutls_certificate_set_server_retrieve_function() and
gnutls_certificate_set_client_retrieve_function(). In addition it support
PKCS #11 private keys.

** libgnutls: Added  gnutls_pkcs11_copy_x509_crt(), gnutls_pkcs11_copy_x509_privkey(),
and gnutls_pkcs11_delete_url() to allow copying and deleting data in tokens.

** libgnutls: Added gnutls_sec_param_to_pk_bits() et al. to allow select bit
sizes for private keys using a human understandable scale.

** certtool: Added new options: --pkcs11-list-tokens, --pkcs11-list-all
--pkcs11-list-all-certs, --pkcs11-list-trusted, --pkcs11-list-certs,
--pkcs11-delete-url, --pkcs11-write

certtool: The --pkcs-cipher is taken into account when generating a
private key. The default cipher used now is aes-128. The old behavior can
be simulated by specifying "--pkcs-cipher 3des-pkcs12".

certtool: Added --certificate-pubkey to print the public key of the
certificate.

** gnutls-cli/gnutls-serv: --x509cafile, --x509certfile and --x509keyfile
can now accept a PKCS #11 URL in addition to a file. This will allow for
example to use the Gnome-keyring trusted certificate list to verify
connections using a url such as:
pkcs11:token=Root%20CA%20Certificates;serial=1%3AROOTS%3ADEFAULT;model=1%2E0;manufacturer=Gnome%20Keyring

** API and ABI modifications:
gnutls_certificate_set_server_retrieve_function: DEPRECATED
gnutls_certificate_set_client_retrieve_function: DEPRECATED
gnutls_sign_callback_set: DEPRECATED
gnutls_global_set_mutex: ADDED
gnutls_pubkey_get_preferred_hash_algorithm: ADDED
gnutls_x509_crt_get_preferred_hash_algorithm: ADDED
gnutls_x509_privkey_export_rsa_raw2: ADDED
gnutls_rnd: ADDED
gnutls_sec_param_to_pk_bits: ADDED
gnutls_pk_bits_to_sec_param: ADDED
gnutls_sec_param_get_name: ADDED
gnutls_pkcs11_type_get_name: ADDED
gnutls_certificate_set_retrieve_function: ADDED
gnutls_pkcs11_init: ADDED
gnutls_pkcs11_deinit: ADDED
gnutls_pkcs11_set_pin_function: ADDED
gnutls_pkcs11_set_token_function: ADDED
gnutls_pkcs11_add_provider: ADDED
gnutls_pkcs11_obj_init: ADDED
gnutls_pkcs11_obj_import_url: ADDED
gnutls_pkcs11_obj_export_url: ADDED
gnutls_pkcs11_obj_deinit: ADDED
gnutls_pkcs11_obj_export: ADDED
gnutls_pkcs11_obj_list_import_url: ADDED
gnutls_pkcs11_obj_export: ADDED
gnutls_x509_crt_import_pkcs11: ADDED
gnutls_pkcs11_obj_get_type: ADDED
gnutls_x509_crt_list_import_pkcs11: ADDED
gnutls_x509_crt_import_pkcs11_url: ADDED
gnutls_pkcs11_obj_get_info: ADDED
gnutls_pkcs11_token_get_info: ADDED
gnutls_pkcs11_token_get_url: ADDED
gnutls_pkcs11_privkey_init: ADDED
gnutls_pkcs11_privkey_deinit: ADDED
gnutls_pkcs11_privkey_get_pk_algorithm: ADDED
gnutls_pkcs11_privkey_get_info: ADDED
gnutls_pkcs11_privkey_import_url: ADDED
gnutls_pkcs11_privkey_sign_data: ADDED
gnutls_pkcs11_privkey_sign_hash: ADDED
gnutls_pkcs11_privkey_decrypt_data: ADDED
gnutls_privkey_init: ADDED
gnutls_privkey_deinit: ADDED
gnutls_privkey_get_pk_algorithm: ADDED
gnutls_privkey_get_type: ADDED
gnutls_privkey_import_pkcs11: ADDED
gnutls_privkey_import_x509: ADDED
gnutls_privkey_import_openpgp: ADDED
gnutls_privkey_sign_data: ADDED
gnutls_privkey_sign_hash: ADDED
gnutls_privkey_decrypt_data: ADDED
gnutls_pkcs11_privkey_export_url: ADDED
gnutls_x509_crq_privkey_sign: ADDED
gnutls_x509_crl_privkey_sign: ADDED
gnutls_x509_crt_privkey_sign: ADDED
gnutls_pubkey_init: ADDED
gnutls_pubkey_deinit: ADDED
gnutls_pubkey_get_pk_algorithm: ADDED
gnutls_pubkey_import_x509: ADDED
gnutls_pubkey_import_openpgp: ADDED
gnutls_pubkey_get_pk_rsa_raw: ADDED
gnutls_pubkey_get_pk_dsa_raw: ADDED
gnutls_pubkey_export: ADDED
gnutls_pubkey_get_key_id: ADDED
gnutls_pubkey_get_key_usage: ADDED
gnutls_pubkey_verify_hash: ADDED
gnutls_pubkey_get_verify_algorithm: ADDED
gnutls_pkcs11_type_get_name: ADDED
gnutls_pubkey_import_pkcs11_url: ADDED
gnutls_pubkey_import: ADDED
gnutls_pubkey_import_pkcs11: ADDED
gnutls_pubkey_import_dsa_raw: ADDED
gnutls_pubkey_import_rsa_raw: ADDED
gnutls_x509_crt_set_pubkey: ADDED
gnutls_x509_crq_set_pubkey: ADDED
gnutls_pkcs11_copy_x509_crt: ADDED
gnutls_pkcs11_copy_x509_privkey: ADDED
gnutls_pkcs11_delete_url: ADDED

* Version 2.10.1 (released 2010-07-25)

** libgnutls: Added support for broken certificates that indicate RSA
with strange OIDs.

** gnutls-cli: Allow verification using V1 CAs.

** libgnutls: gnutls_x509_privkey_import() will fallback to
gnutls_x509_privkey_import_pkcs8() without a password, if it
is unable to decode the key.

** libgnutls: Correctly deinitialize crypto API functions to prevent
a memory leak.  Reported by Mads Kiilerich.

** certtool: If asked to generate DSA keys of size more than 1024 bits,
issue a warning, that the output key might not be working everywhere.

** certtool: The --pkcs-cipher is taken into account when generating a
private key. The default cipher used now is aes-128. The old behavior
can be simulated by specifying "--pkcs-cipher 3des-pkcs12".

** API and ABI modifications:
No changes since last version.

* Version 2.10.0 (released 2010-06-25)

** API and ABI modifications:
No changes since last version.

* Version 2.9.12 (released 2010-06-17)

** gnutls-cli: Make --starttls work again.
Problem introduced in patch to use read() instead of fgets() committed
on 2010-01-27.

** API and ABI modifications:
No changes since last version.

* Version 2.9.11 (released 2010-06-07)

** libgnutls: Removed two APIs related to safe renegotiation.
Use priority strings instead.  The APIs were
gnutls_safe_negotiation_set_initial and gnutls_safe_renegotiation_set.
(Remember that we don't promise ABI stability during development
series, so this doesn't cause an shared library ABI increment.)

** tests: More self testing of safe renegotiation extension.
See tests/safe-renegotiation/README for more information.

** doc: a PDF version of the API reference manual (GTK-DOC) is now built.

** doc: Terms 'GNUTLS' and 'GNU TLS' were changed to 'GnuTLS' for consistency.

** API and ABI modifications:
gnutls_safe_negotiation_set_initial: REMOVED.
gnutls_safe_renegotiation_set: REMOVED.

* Version 2.9.10 (released 2010-04-22)

** libgnutls: Time verification extended to trusted certificate list.
Unless new constant GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS flag is
specified.

** certtool: Display postalCode and Name X.509 DN attributes correctly.
Based on patch by Pavan Konjarla.  Adds new constant
GNUTLS_OID_X520_POSTALCODE and GNUTLS_OID_X520_NAME.

** libgnutls: Added Steve Dispensa's patch for safe renegotiation (RFC 5746)
Solves the issue discussed in:
<http://www.ietf.org/mail-archive/web/tls/current/msg03928.html> and
<http://www.ietf.org/mail-archive/web/tls/current/msg03948.html>.
Note that to allow connecting to unpatched servers the full protection
is only enabled if the priority string %SAFE_RENEGOTIATION is
specified. You can check whether protection is in place by querying
gnutls_safe_renegotiation_status().  New error codes
GNUTLS_E_SAFE_RENEGOTIATION_FAILED and
GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED added.

** libgnutls: When checking openpgp self signature also check the signatures
** of all subkeys.
Ilari Liusvaara noticed and reported the issue and provided test
vectors as well.

** libgnutls: Added cryptodev support (/dev/crypto).
Tested with http://www.logix.cz/michal/devel/cryptodev/.  Added
benchmark utility for AES.  Adds new error codes
GNUTLS_E_CRYPTODEV_IOCTL_ERROR and GNUTLS_E_CRYPTODEV_DEVICE_ERROR.

** libgnutls: Exported API to access encryption and hash algorithms.
The new API functions are gnutls_cipher_decrypt, gnutls_cipher_deinit,
gnutls_cipher_encrypt, gnutls_cipher_get_block_size,
gnutls_cipher_init, gnutls_hash, gnutls_hash_deinit, gnutls_hash_fast,
gnutls_hash_get_len, gnutls_hash_init, gnutls_hash_output,
gnutls_hmac, gnutls_hmac_deinit, gnutls_hmac_fast,
gnutls_hmac_get_len, gnutls_hmac_init, gnutls_hmac_output.  New API
constants are GNUTLS_MAC_SHA224 and GNUTLS_DIG_SHA224.

** libgnutls: Added gnutls_certificate_set_verify_function() to allow
verification of certificate upon receipt rather than waiting until the
end of the handshake.

** libgnutls: Don't send alerts during handshake.
Instead new error code GNUTLS_E_UNKNOWN_SRP_USERNAME is added.

** certtool: Corrected two issues that affected certificate request generation.
(1) Null padding is added on integers (found thanks to Wilankar Trupti),
(2) In optional SignatureAlgorithm parameters field for DSA keys the DSA
parameters were added. Those were rejected by Verisign. Gnutls no longer adds 
those parameters there since other implementations don't do either and having 
them does not seem to offer anything (anyway you need the signer's certificate
to verify thus public key will be available). Found thanks to Boyan Kasarov.
This however has the side-effect that public key IDs shown by certtool are
now different than previous gnutls releases.
(3) the option --pgp-certificate-info will verify self signatures

** certtool: Allow exporting of Certificate requests on DER format.

** certtool: New option --no-crq-extensions to avoid extensions in CSRs.

** gnutls-cli: Handle reading binary data from server.
Reported by and tiny patch from Vitaly Mayatskikh
<v.mayatskih@gmail.com> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4096>.

** minitasn1: Upgraded to libtasn1 version 2.6.

** i18n: Updated Czech, Dutch, French, Polish, Swedish translation.
** Added Italian and Simplified Chinese translation.
Thanks to Petr Pisar, Erwin Poeze, Nicolas Provost, Jakub Bogusz,
Daniel Nylander, Sergio Zanchetta, Tao Wei, and Aron Xu.

** doc: The GTK-DOC manual is significantly improved.

** API and ABI modifications:
%DISABLE_SAFE_RENEGOTIATION: Added to priority strings (do not use).
%INITIAL_SAFE_RENEGOTIATION: Added to priority strings.
%UNSAFE_RENEGOTIATION: Added to priority strings.
GNUTLS_DIG_SHA224: ADDED.
GNUTLS_E_CRYPTODEV_DEVICE_ERROR: ADDED.
GNUTLS_E_CRYPTODEV_IOCTL_ERROR: ADDED.
GNUTLS_E_SAFE_RENEGOTIATION_FAILED: ADDED.
GNUTLS_E_UNKNOWN_SRP_USERNAME: ADDED.
GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED: ADDED.
GNUTLS_MAC_SHA224: ADDED.
GNUTLS_OID_X520_NAME: ADDED.
GNUTLS_OID_X520_POSTALCODE: ADDED.
GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: ADDED.
GNUTLS_VERSION_MAX: ADDED.
gnutls_certificate_set_verify_function: ADDED.
gnutls_cipher_decrypt: ADDED.
gnutls_cipher_deinit: ADDED.
gnutls_cipher_encrypt: ADDED.
gnutls_cipher_get_block_size: ADDED.
gnutls_cipher_init: ADDED.
gnutls_hash: ADDED.
gnutls_hash_deinit: ADDED.
gnutls_hash_fast: ADDED.
gnutls_hash_get_len: ADDED.
gnutls_hash_init: ADDED.
gnutls_hash_output: ADDED.
gnutls_hmac: ADDED.
gnutls_hmac_deinit: ADDED.
gnutls_hmac_fast: ADDED.
gnutls_hmac_get_len: ADDED.
gnutls_hmac_init: ADDED.
gnutls_hmac_output: ADDED.
gnutls_safe_negotiation_set_initial: ADDED.
gnutls_safe_renegotiation_set: ADDED.
gnutls_safe_renegotiation_status: ADDED.

* Version 2.9.9 (released 2009-11-09)

** libgnutls: Cleanups and several bug fixes.
Found by Steve Grubb and Tomas Mraz.

** Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv.

** Fix --disable-valgrind-tests.
Reported by Ingmar Vanhassel in
<https://savannah.gnu.org/support/?107029>.

** API and ABI modifications:
No changes since last version.

* Version 2.9.8 (released 2009-11-05)

** libgnutls: Fix for memory leaks on interrupted handshake.
Reported by Tang Tong.

** libgnutls: Addition of support for TLS 1.2 signature algorithms
** extension and certificate verify field.
This requires changes for TLS 1.2 servers and clients that use
callbacks for certificate retrieval.  They are now required to check
with gnutls_sign_algorithm_get_requested() whether the certificate
they send complies with the peer's preferences in signature
algorithms.

** libgnutls: In server side when resuming a session do not overwrite the 
** initial session data with the resumed session data.

** libgnutls: Added support for AES-128, AES-192 and AES-256 in PKCS #8
** encryption.
This affects also PKCS #12 encoded files.  This adds the following new
enums: GNUTLS_CIPHER_AES_192_CBC, GNUTLS_PKCS_USE_PBES2_AES_128,
GNUTLS_PKCS_USE_PBES2_AES_192, GNUTLS_PKCS_USE_PBES2_AES_256.

** libgnutls: Fix PKCS#12 encoding.
The error you would get was "The OID is not supported.".  Problem
introduced for the v2.8.x branch in 2.7.6.

** certtool: Added the --pkcs-cipher option.
To explicitely specify the encryption algorithm to use.

** tests: Added "pkcs12_encode" self-test to check PKCS#12 functions.

** tests: Fix time bomb in chainverify self-test.
Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>.

** tests: Fix expired cert in chainverify self-test.

** i18n: Vietnamese translation updated.
Thanks to Clytie Siddall.

** API and ABI modifications:
GNUTLS_CIPHER_AES_192_CBC: ADDED to gnutls/gnutls.h.
GNUTLS_PKCS_USE_PBES2_AES_128: ADDED to gnutls/x509.h.
GNUTLS_PKCS_USE_PBES2_AES_192: ADDED to gnutls/x509.h.
GNUTLS_PKCS_USE_PBES2_AES_256: ADDED to gnutls/x509.h.
GNUTLS_BAG_SECRET: ADDED to gnutls/pkcs12.h.
GNUTLS_DIG_UNKNOWN: ADDED to gnutls/gnutls.h.
gnutls_sign_algorithm_get_requested: ADDED.

* Version 2.9.7 (released 2009-10-06)

** libgnutls: TLS 1.2 server mode fixes.
Now interoperates against Opera.  Contributed by Daiki Ueno.

** libgnutlsxx: Fix link problems.
Tiny patch from Boyan Kasarov <bkasarov@gmail.com>.

** guile: Compatibility with guile 2.x.
By Ludovic Courtes <ludovic.courtes@laas.fr>.

** API and ABI modifications:
No changes since last version.

* Version 2.9.6 (released 2009-09-22)

** libgnutls: Enable Camellia ciphers by default.

** API and ABI modifications:
No changes since last version.

* Version 2.9.5 (released 2009-09-10)

** libgnutls: Add new functions to extract X.509 Issuer Alternative Names.
The new functions are gnutls_x509_crt_get_issuer_alt_name2,
gnutls_x509_crt_get_issuer_alt_name, and
gnutls_x509_crt_get_issuer_alt_othername_oid.  Contributed by Brad
Hards <bradh@frogmouth.net>.

** API and ABI modifications:
gnutls_x509_crt_get_issuer_alt_name2: ADDED.
gnutls_x509_crt_get_issuer_alt_name: ADDED.
gnutls_x509_crt_get_issuer_alt_othername_oid: ADDED.

* Version 2.9.4 (released 2009-09-03)

** libgnutls: Client-side TLS 1.2 and SHA-256 ciphersuites now works.
The new supported ciphersuites are AES-128/256 in CBC mode with
ANON-DH/RSA/DHE-DSS/DHE-RSA.  Contributed by Daiki Ueno.  Further,
SHA-256 is now the preferred default MAC (however it is only used with
TLS 1.2).

** libgnutls: Make OpenPGP hostname checking work again.
The patch to resolve the X.509 CN/SAN issue accidentally broken
OpenPGP hostname comparison.

** libgnutls: When printing X.509 certificates, handle XMPP SANs better.
Reported by Howard Chu <hyc@symas.com> in
<https://savannah.gnu.org/support/?106975>.

** Fix use of deprecated types internally.
Use of deprecated types in GnuTLS from now on will lead to a compile
error, to prevent this from happening again.

** API and ABI modifications:
No changes since last version.

* Version 2.9.3 (released 2009-08-19)

** libgnutls: Support for TLS tickets was contributed by Daiki Ueno.
The new APIs are gnutls_session_ticket_enable_client,
gnutls_session_ticket_enable_server, and
gnutls_session_ticket_key_generate.

** gnutls-cli, gnutls-serv: New parameter --noticket to disable TLS tickets.

** API and ABI modifications:
gnutls_session_ticket_key_generate: ADDED.
gnutls_session_ticket_enable_client: ADDED.
gnutls_session_ticket_enable_server: ADDED.

* Version 2.9.2 (released 2009-08-14)

** libgnutls: Fix problem with NUL bytes in X.509 CN and SAN fields.
By using a NUL byte in CN/SAN fields, it was possible to fool GnuTLS
into 1) not printing the entire CN/SAN field value when printing a
certificate and 2) cause incorrect positive matches when matching a
hostname against a certificate.  Some CAs apparently have poor
checking of CN/SAN values and issue these (arguable invalid)
certificates.  Combined, this can be used by attackers to become a
MITM on server-authenticated TLS sessions.  The problem is mitigated
since attackers needs to get one certificate per site they want to
attack, and the attacker reveals his tracks by applying for a
certificate at the CA.  It does not apply to client authenticated TLS
sessions.  Research presented independently by Dan Kaminsky and Moxie
Marlinspike at BlackHat09.  Thanks to Tomas Hoger <thoger@redhat.com>
for providing one part of the patch.  [GNUTLS-SA-2009-4] [CVE-2009-2730].

** libgnutls: Fix rare failure in gnutls_x509_crt_import.
The function may fail incorrectly when an earlier certificate was
imported to the same gnutls_x509_crt_t structure.

** minitasn1: Internal copy updated to libtasn1 v2.3.

** libgnutls: Fix return value of gnutls_certificate_client_get_request_status.
Before it always returned false.  Reported by Peter Hendrickson
<pdh@wiredyne.com> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3668>.

** libgnutls: Fix off-by-one size computation error in unknown DN printing.
The error resulted in truncated strings when printing unknown OIDs in
X.509 certificate DNs.  Reported by Tim Kosse
<tim.kosse@filezilla-project.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3651>.

** libgnutls: Fix PKCS#12 decryption from password.
The encryption key derived from the password was incorrect for (on
average) 1 in every 128 input for random inputs.  Reported by "Kukosa,
Tomas" <tomas.kukosa@siemens-enterprise.com> in
<http://permalink.gmane.org/gmane.network.gnutls.general/1663>.

** libgnutls: Return correct bit lengths of some MPIs.
gnutls_dh_get_prime_bits, gnutls_rsa_export_get_modulus_bits, and
gnutls_dh_get_peers_public_bits.  Before the reported value was
overestimated.  Reported by Peter Hendrickson <pdh@wiredyne.com> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3607>.

** libgnutls: Avoid internal error when invoked after GNUTLS_E_AGAIN.
Report and patch by Tim Kosse <tim.kosse@filezilla-project.org> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3671>
and
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3670>.

** libgnutls: Relax checking of required libtasn1/libgcrypt versions.
Before we required that the runtime library used the same (or more
recent) libgcrypt/libtasn1 as it was compiled with.  Now we just check
that the runtime usage is above the minimum required.  Reported by
Marco d'Itri <md@linux.it> via Andreas Metzler
<ametzler@downhill.at.eu.org> in <http://bugs.debian.org/540449>.

** tests: Added new self-test pkcs12_s2k_pem to detect MPI bit length error.

** tests: Improved test vectors in self-test pkcs12_s2k.

** tests: Added new self-test dn2 to detect off-by-one size error.

** tests: Fix failure in "chainverify" because a certificate have expired.

** API and ABI modifications:
No changes since last version.

* Version 2.9.1 (released 2009-06-08)

** libgnutls: Fix crash in gnutls_global_init after earlier init/deinit cycle.
Forwarded by Martin von Gagern <Martin.vGagern@gmx.net> from
<http://bugs.gentoo.org/272388>.

** tests: Added new self-tests init_roundtrip.c to detect previous problem.

** Reduce stack usage for some CRQ functions.

** Doc fixes for CRQ functions.

** API and ABI modifications:
No changes since last version.

* Version 2.9.0 (released 2009-05-28)

** Doc fixes.

** API and ABI modifications:
No changes since last version.

* Version 2.8.6 (released 2010-03-15)

** libgnutls: For CSRs, don't null pad integers for RSA/DSA value.
VeriSign rejected CSRs with this padding.  Reported by Wilankar Trupti
<trupti.wilankar@hp.com> and Boyan Kasarov <bkasarov@gmail.com>.

Note: As a side effect of this change, the "public key identifier"
value computed for a certificate using this version of GnuTLS will be
different from values computed using earlier versions of GnuTLS.

** libgnutls: For CSRs on DSA keys, don't add DSA parameters to the
** optional SignatureAlgorithm parameter field.
VeriSign rejected these CSRs.  They are stricly speaking not needed
since you need the signer's certificate to verify the certificate
signature anyway.  Reported by Wilankar Trupti
<trupti.wilankar@hp.com> and Boyan Kasarov <bkasarov@gmail.com>.

** libgnutls: When checking openpgp self signature also check the signatures
** of all subkeys.
Ilari Liusvaara noticed and reported the issue and provided test
vectors as well.

** libgnutls: Cleanups and several bug fixes.
Found by Steve Grubb and Tomas Mraz.

** Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv.

** Fix --disable-valgrind-tests.
Reported by Ingmar Vanhassel in
<https://savannah.gnu.org/support/?107029>.

** examples: Use the new APIs for printing X.509 certificate information.

** Fix build failures on Solaris.
Thanks to Dagobert Michelsen <dam@opencsw.org>.

** i18n: Updated Czech, Dutch, French, Polish, Swedish and Vietnamese
** translations.  Added Simplified Chinese translation.

** API and ABI modifications:
No changes since last version.

* Version 2.8.5 (released 2009-11-02)

** libgnutls: In server side when resuming a session do not overwrite the 
** initial session data with the resumed session data.

** libgnutls: Fix PKCS#12 encoding.
The error you would get was "The OID is not supported.".  Problem
introduced for the v2.8.x branch in 2.7.6.

** guile: Compatibility with guile 2.x.
By Ludovic Courtes <ludovic.courtes@laas.fr>.

** tests: Fix expired cert in chainverify self-test.

** tests: Fix time bomb in chainverify self-test.
Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>.

** API and ABI modifications:
No changes since last version.

* Version 2.8.4 (released 2009-09-18)

** libgnutls: Enable Camellia ciphers by default.

** libgnutls: Make OpenPGP hostname checking work again.
The patch to resolve the X.509 CN/SAN issue accidentally broken
OpenPGP hostname comparison.

** libgnutls: When printing X.509 certificates, handle XMPP SANs better.
Reported by Howard Chu <hyc@symas.com> in
<https://savannah.gnu.org/support/?106975>.

** API and ABI modifications:
No changes since last version.

* Version 2.8.3 (released 2009-08-13)

** libgnutls: Fix patch for NUL in CN/SAN in last release.
Code intended to be removed would lead to an read-out-bound error in
some situations.  Reported by Tomas Hoger <thoger@redhat.com>.  A CVE
code have been allocated for the vulnerability: [CVE-2009-2730].

** libgnutls: Fix rare failure in gnutls_x509_crt_import.
The function may fail incorrectly when an earlier certificate was
imported to the same gnutls_x509_crt_t structure.

** libgnutls-extra, libgnutls-openssl: Fix MinGW cross-compiling build error.

** tests: Made self-test mini-eagain take less time.

** doc: Typo fixes.

** API and ABI modifications:
No changes since last version.

* Version 2.8.2 (released 2009-08-10)

** libgnutls: Fix problem with NUL bytes in X.509 CN and SAN fields.
By using a NUL byte in CN/SAN fields, it was possible to fool GnuTLS
into 1) not printing the entire CN/SAN field value when printing a
certificate and 2) cause incorrect positive matches when matching a
hostname against a certificate.  Some CAs apparently have poor
checking of CN/SAN values and issue these (arguable invalid)
certificates.  Combined, this can be used by attackers to become a
MITM on server-authenticated TLS sessions.  The problem is mitigated
since attackers needs to get one certificate per site they want to
attack, and the attacker reveals his tracks by applying for a
certificate at the CA.  It does not apply to client authenticated TLS
sessions.  Research presented independently by Dan Kaminsky and Moxie
Marlinspike at BlackHat09.  Thanks to Tomas Hoger <thoger@redhat.com>
for providing one part of the patch.  [GNUTLS-SA-2009-4].

** libgnutls: Fix return value of gnutls_certificate_client_get_request_status.
Before it always returned false.  Reported by Peter Hendrickson
<pdh@wiredyne.com> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3668>.

** libgnutls: Fix off-by-one size computation error in unknown DN printing.
The error resulted in truncated strings when printing unknown OIDs in
X.509 certificate DNs.  Reported by Tim Kosse
<tim.kosse@filezilla-project.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3651>.

** libgnutls: Return correct bit lengths of some MPIs.
gnutls_dh_get_prime_bits, gnutls_rsa_export_get_modulus_bits, and
gnutls_dh_get_peers_public_bits.  Before the reported value was
overestimated.  Reported by Peter Hendrickson <pdh@wiredyne.com> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3607>.

** libgnutls: Avoid internal error when invoked after GNUTLS_E_AGAIN.
Report and patch by Tim Kosse <tim.kosse@filezilla-project.org> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3671>
and
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3670>.

** libgnutls: Relax checking of required libtasn1/libgcrypt versions.
Before we required that the runtime library used the same (or more
recent) libgcrypt/libtasn1 as it was compiled with.  Now we just check
that the runtime usage is above the minimum required.  Reported by
Marco d'Itri <md@linux.it> via Andreas Metzler
<ametzler@downhill.at.eu.org> in <http://bugs.debian.org/540449>.

** minitasn1: Internal copy updated to libtasn1 v2.3.

** tests: Fix failure in "chainverify" because a certificate have expired.

** API and ABI modifications:
No changes since last version.

* Version 2.8.1 (released 2009-06-10)

** libgnutls: Fix crash in gnutls_global_init after earlier init/deinit cycle.
Forwarded by Martin von Gagern <Martin.vGagern@gmx.net> from
<http://bugs.gentoo.org/272388>.

** libgnutls: Fix PKCS#12 decryption from password.
The encryption key derived from the password was incorrect for (on
average) 1 in every 128 input for random inputs.  Reported by "Kukosa,
Tomas" <tomas.kukosa@siemens-enterprise.com> in
<http://permalink.gmane.org/gmane.network.gnutls.general/1663>.

** API and ABI modifications:
No changes since last version.

* Version 2.8.0 (released 2009-05-27)

** doc: Fix gnutls_dh_get_prime_bits.  Fix error codes and algorithm lists.

** Major changes compared to the v2.4 branch:

*** lib: Linker version scripts reduces number of exported symbols.

*** lib: Limit exported symbols on systems without LD linker scripts.

*** libgnutls: Fix namespace issue with version symbols.

*** libgnutls: Add functions to verify a hash against a certificate.
gnutls_x509_crt_verify_hash: ADDED
gnutls_x509_crt_get_verify_algorithm: ADDED

*** gnutls-serv: Listen on all interfaces, including both IPv4 and IPv6.

*** i18n: The GnuTLS gettext domain is now 'libgnutls' instead of 'gnutls'.

*** certtool: Query for multiple dnsName subjectAltName in interactive mode.

*** gnutls-cli: No longer accepts V1 CAs by default during X.509 chain verify.

*** gnutls-serv: No longer disable MAC padding by default.

*** gnutls-cli: Certificate information output format changed.

*** libgnutls: New priority strings %VERIFY_ALLOW_SIGN_RSA_MD5
*** and %VERIFY_ALLOW_X509_V1_CA_CRT.

*** libgnutls: gnutls_x509_crt_print prints signature algorithm in oneline mode.

*** libgnutls: gnutls_openpgp_crt_print supports oneline mode.

*** libgnutls: gnutls_handshake when sending client hello during a
rehandshake, will not offer a version number larger than the current.

*** libgnutls: New interface to get key id for certificate requests.
gnutls_x509_crq_get_key_id: ADDED.

*** libgnutls: gnutls_x509_crq_print will now also print public key id.

*** certtool: --verify-chain now prints results of using library verification.

*** libgnutls: Libgcrypt initialization changed.

*** libgnutls: Small byte reads via gnutls_record_recv() optimized.

*** gnutls-cli: Return non-zero exit code on error conditions.

*** gnutls-cli: Corrected bug which caused a rehandshake request to be ignored.

*** certtool: allow setting arbitrary key purpose object identifiers.

*** libgnutls: Change detection of when to use a linker version script.
Use --enable-ld-version-script or --disable-ld-version-script to
override auto-detection logic.

*** Fix warnings and build GnuTLS with more warnings enabled.

*** New API to set X.509 credentials from PKCS#12 memory structure.
gnutls_certificate_set_x509_simple_pkcs12_mem: ADDED

*** Old libgnutls.m4 and libgnutls-config scripts removed.
Please use pkg-config instead.

*** libgnutls: Added functions to handle CRL extensions.
gnutls_x509_crl_get_authority_key_id: ADDED
gnutls_x509_crl_get_number: ADDED
gnutls_x509_crl_get_extension_oid: ADDED
gnutls_x509_crl_get_extension_info: ADDED
gnutls_x509_crl_get_extension_data: ADDED
gnutls_x509_crl_set_authority_key_id: ADDED
gnutls_x509_crl_set_number: ADDED

*** libgnutls: Added functions to handle X.509 extensions in Certificate
Requests.
gnutls_x509_crq_get_key_rsa_raw: ADDED
gnutls_x509_crq_get_attribute_info: ADDED
gnutls_x509_crq_get_attribute_data: ADDED
gnutls_x509_crq_get_extension_info: ADDED
gnutls_x509_crq_get_extension_data: ADDED
gnutls_x509_crq_get_key_usage: ADDED
gnutls_x509_crq_get_basic_constraints: ADDED
gnutls_x509_crq_get_subject_alt_name: ADDED
gnutls_x509_crq_get_subject_alt_othername_oid: ADDED
gnutls_x509_crq_get_extension_by_oid: ADDED
gnutls_x509_crq_set_subject_alt_name: ADDED
gnutls_x509_crq_set_basic_constraints: ADDED
gnutls_x509_crq_set_key_usage: ADDED
gnutls_x509_crq_get_key_purpose_oid: ADDED
gnutls_x509_crq_set_key_purpose_oid: ADDED
gnutls_x509_crq_print: ADDED
gnutls_x509_crt_set_crq_extensions: ADDED

*** certtool: Print and set CRL and CRQ extensions.

*** minitasn1: Internal copy updated to libtasn1 v2.1.

*** examples: Now released into the public domain.

*** The Texinfo and GTK-DOC manuals were improved.

*** Several self-tests were added and others improved.

*** API/ABI changes in GnuTLS 2.8 compared to GnuTLS 2.6.x
No offically supported interfaces have been modified or removed.  The
library should be completely backwards compatible on both the source
and binary level.

The shared library no longer exports some symbols that have never been
officially supported, i.e., not mentioned in any of the header files.
The symbols are:

  _gnutls*
  gnutls_asn1_tab
  
Normally when symbols are removed, the shared library version has to
be incremented.  This leads to a significant cost for everyone using
the library.  Because none of the above symbols have ever been
intended for use by well-behaved applications, we decided that the it
would be better for those applications to pay the price rather than
incurring problems on the majority of applications.

If it turns out that applications have been using unofficial
interfaces, we will need to release a follow-on release on the v2.8
branch to exports additional interfaces.  However, initial testing
suggests that few if any applications have been using any of the
internal symbols.

Although not a new change compared to 2.6.x, we'd like to remind you
interfaces have been modified so that X.509 chain verification now
also checks activation/expiration times on certificates.  The affected
functions are:

gnutls_x509_crt_list_verify: CHANGED, checks activation/expiration times.
gnutls_certificate_verify_peers: Likewise.
gnutls_certificate_verify_peers2: Likewise.
GNUTLS_CERT_NOT_ACTIVATED: ADDED.
GNUTLS_CERT_EXPIRED: ADDED.
GNUTLS_VERIFY_DISABLE_TIME_CHECKS: ADDED.

This change in behaviour was made during the GnuTLS 2.6.x cycle, and
we gave our rationale for it in earlier release notes.

The following symbols have been added to the library:

gnutls_certificate_set_x509_simple_pkcs12_mem: ADDED
gnutls_x509_crl_get_authority_key_id: ADDED
gnutls_x509_crl_get_extension_data: ADDED
gnutls_x509_crl_get_extension_info: ADDED
gnutls_x509_crl_get_extension_oid: ADDED
gnutls_x509_crl_get_number: ADDED
gnutls_x509_crl_set_authority_key_id: ADDED
gnutls_x509_crl_set_number: ADDED
gnutls_x509_crq_get_attribute_data: ADDED
gnutls_x509_crq_get_attribute_info: ADDED
gnutls_x509_crq_get_basic_constraints: ADDED
gnutls_x509_crq_get_extension_by_oid: ADDED
gnutls_x509_crq_get_extension_data: ADDED
gnutls_x509_crq_get_extension_info: ADDED
gnutls_x509_crq_get_key_id: ADDED.
gnutls_x509_crq_get_key_purpose_oid: ADDED
gnutls_x509_crq_get_key_rsa_raw: ADDED
gnutls_x509_crq_get_key_usage: ADDED
gnutls_x509_crq_get_subject_alt_name: ADDED
gnutls_x509_crq_get_subject_alt_othername_oid: ADDED
gnutls_x509_crq_print: ADDED
gnutls_x509_crq_set_basic_constraints: ADDED
gnutls_x509_crq_set_key_purpose_oid: ADDED
gnutls_x509_crq_set_key_usage: ADDED
gnutls_x509_crq_set_subject_alt_name: ADDED
gnutls_x509_crt_get_verify_algorithm: ADDED
gnutls_x509_crt_set_crq_extensions: ADDED
gnutls_x509_crt_verify_hash: ADDED

The following interfaces have been added to the header files:

GNUTLS_VERSION: ADDED, replaces LIBGNUTLS_VERSION.
GNUTLS_VERSION_MAJOR: ADDED, replaces LIBGNUTLS_VERSION_MAJOR.
GNUTLS_VERSION_MINOR: ADDED, replaces LIBGNUTLS_VERSION_MINOR.
GNUTLS_VERSION_PATCH: ADDED, replaces LIBGNUTLS_VERSION_PATCH.
GNUTLS_VERSION_NUMBER: ADDED, replaces LIBGNUTLS_VERSION_NUMBER.
GNUTLS_EXTRA_VERSION: ADDED, replaces LIBGNUTLS_EXTRA_VERSION.

The following interfaces have been deprecated:

LIBGNUTLS_VERSION: DEPRECATED.
LIBGNUTLS_VERSION_MAJOR: DEPRECATED.
LIBGNUTLS_VERSION_MINOR: DEPRECATED.
LIBGNUTLS_VERSION_PATCH: DEPRECATED.
LIBGNUTLS_VERSION_NUMBER: DEPRECATED.
LIBGNUTLS_EXTRA_VERSION: DEPRECATED.

* Version 2.7.14 (released 2009-05-26)

** libgnutls: Fix namespace issue with version symbol for libgnutls-extra.
The symbol LIBGNUTLS_EXTRA_VERSION were renamed to
GNUTLS_EXTRA_VERSION.  The old symbol will continue to work but is
deprecated.

** Doc: Several typo fixes in documentation.
Reported by Peter Hendrickson <pdh@wiredyne.com>.

** API and ABI modifications:
GNUTLS_VERSION: ADDED, replaces LIBGNUTLS_EXTRA_VERSION.
LIBGNUTLS_EXTRA_VERSION: DEPRECATED.

* Version 2.7.13 (released 2009-05-25)

** libgnutls: Fix version of some exported symbols in the shared library.
Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3576>.

** tests: Handle recently expired certificates in chainverify self-test.
Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3580>.

** API and ABI modifications:
No changes since last version.

* Version 2.7.12 (released 2009-05-20)

** gnutls-serv, gnutls-cli-debug: Make them work on Windows.

** tests/crq_key_id: Don't read entropy from /dev/random in self-test.
Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3570>.

** Fix build failures.
Missing sa_family_t and vsnprintf on IRIX.  Reported by "Tom
G. Christensen" <tgc@jupiterrise.com> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3571>.

** minitasn1: Internal copy updated to libtasn1 v2.2.
GnuTLS should work fine with libtasn1 v1.x and that is still
supported.

** API and ABI modifications:
No changes since last version.

* Version 2.7.11 (released 2009-05-18)

** minitasn1: Fix build failure when using internal libtasn1.
Reported by "Tom G. Christensen" <tgc@jupiterrise.com> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3548>.

** libgnutls: Fix build failure with --disable-cxx.
Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3557>.

** gnutls-serv: Fix build failure for unportable NI_MAXHOST/NI_MAXSERV.
Reported by "Tom G. Christensen" <tgc@jupiterrise.com> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3560>

** Building with many warning flags now requires --enable-gcc-warnings.
This avoids crying wolf for normal compiles.

** API and ABI modifications:
No changes since last version.

* Version 2.7.10 (released 2009-05-13)

** examples: Now released into the public domain.
This makes the license of the example code compatible with more
licenses, including the (L)GPL.

** minitasn1: Internal copy updated to libtasn1 v2.1.
GnuTLS should work fine with libtasn1 v1.x and that is still
supported.

** libgnutls: Fix crash in signature verification
The fix for the CVE-2009-1415 problem wasn't merged completely.

** doc: Fixes for GTK-DOC output.

** API and ABI modifications:
No changes since last version.

* Version 2.7.9 (released 2009-05-11)

** doc: Fix strings in man page of gnutls_priority_init.

** doc: Fix tables of error codes and supported algorithms.

** Fix build failure when cross-compiled using MinGW.

** Fix build failure when LZO is enabled.
Reported by Arfrever Frehtes Taifersar Arahesis
<arfrever.fta@gmail.com> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3522>.

** Fix build failure on systems without AF_INET6, e.g., Solaris 2.6.
Reported by "Tom G. Christensen" <tgc@jupiterrise.com> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3524>.

** Fix warnings in self-tests.

** API and ABI modifications:
No changes since last version.

* Version 2.7.8 (released 2009-05-03)

** libgnutls: Fix DSA key generation.
Merged from stable branch.  [GNUTLS-SA-2009-2] [CVE-2009-1416]

** libgnutls: Check expiration/activation time on untrusted certificates.
Merged from stable branch.  Reported by Romain Francoise
<romain@orebokech.com>.  This changes the semantics of
gnutls_x509_crt_list_verify, which in turn is used by
gnutls_certificate_verify_peers and gnutls_certificate_verify_peers2.
We add two new gnutls_certificate_status_t codes for reporting the new
error condition, GNUTLS_CERT_NOT_ACTIVATED and GNUTLS_CERT_EXPIRED.
We also add a new gnutls_certificate_verify_flags flag,
GNUTLS_VERIFY_DISABLE_TIME_CHECKS, that can be used to disable the new
behaviour.  [GNUTLS-SA-2009-3] [CVE-2009-1417]

** lib: Linker version scripts reduces number of exported symbols.
The linker version script now lists all exported ABIs explicitly, to
avoid accidentally exporting unintended functions.  Compared to
before, most symbols beginning with _gnutls* are no longer exported.
These functions have never been intended for use by applications, and
there were no prototypes for these function in the public header
files.  Thus we believe it is possible to do this without incrementing
the library ABI version which normally has to be done when removing an
interface.

** lib: Limit exported symbols on systems without LD linker scripts.
Before all symbols were exported.  Now we limit the exported symbols
to (for libgnutls and libgnutls-extra) gnutls* and (for libgnutls)
_gnutls*.  This is a superset of the actual supported ABI, but still
an improvement compared to before.  This is implemented using Libtool
-export-symbols-regex.  It is more portable than linker version
scripts.

** libgnutls: Incremented CURRENT/AGE libtool version to reflect new symbols.
This should have been done in the last release.

** gnutls-serv: Listen on all interfaces, including both IPv4 and IPv6.
Reported by Peter Hendrickson <pdh@wiredyne.com> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3476>.

** doc: Improved sections for the info manual.
We now follow the advice given by the texinfo manual on which
directory categories to use.  In particular, libgnutls moved from the
'GNU Libraries' section to the 'Software libraries' and the command
line tools moved from 'Network Applications' to 'System
Administration'.

** API and ABI modifications:
gnutls_x509_crt_list_verify: CHANGED, checks activation/expiration times.
gnutls_certificate_verify_peers: Likewise.
gnutls_certificate_verify_peers2: Likewise.
GNUTLS_CERT_NOT_ACTIVATED: ADDED.
GNUTLS_CERT_EXPIRED: ADDED.
GNUTLS_VERIFY_DISABLE_TIME_CHECKS: ADDED.

* Version 2.7.7 (released 2009-04-20)

** libgnutls: Applied patch by Cedric Bail to add functions
gnutls_x509_crt_verify_hash() and gnutls_x509_crt_get_verify_algorithm().

** gnutls.pc: Add -ltasn1 to 'pkg-config --libs --static gnutls' output.
Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3467>.

** minitasn1: Internal copy updated to libtasn1 v1.8.
GnuTLS is also internally ready to be used with libtasn1 v2.0.

** doc: Fix build failure of errcodes/printlist.
Reported by Roman Bogorodskiy <novel@FreeBSD.org> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3435>.

** i18n: The GnuTLS gettext domain is now 'libgnutls' instead of 'gnutls'.
It is currently only used by the core library.  This will enable a new
domain 'gnutls' for translations of the command line tools.

** Corrected possible memory corruption on signature verification failure. 
Reported by Miroslav Kratochvil <exa.exa@gmail.com>

** API and ABI modifications:
gnutls_x509_crt_verify_hash: ADDED
gnutls_x509_crt_get_verify_algorithm: ADDED

* Version 2.7.6 (released 2009-02-27)

** certtool: Query for multiple dnsName subjectAltName in interactive mode.
This applies both to generating certificates and certificate requests.

** pkix.asn: Removed unneeded definitions to reduce memory usage.

** gnutls-cli: No longer accepts V1 CAs by default during X.509 chain verify.
Use --priority NORMAL:%VERIFY_ALLOW_X509_V1_CA_CRT to permit V1 CAs to
be used for chain verification.

** gnutls-serv: No longer disable MAC padding by default.
Use --priority NORMAL:%COMPAT to disable MAC padding again.

** gnutls-cli: Certificate information output format changed.
The tool now uses libgnutls' functions to print certificate
information.  This avoids code duplication.

** libgnutls: New priority strings %VERIFY_ALLOW_SIGN_RSA_MD5
** and %VERIFY_ALLOW_X509_V1_CA_CRT.
They can be used to override the default certificate chain validation
behaviour.

** libgnutls: Added %SSL3_RECORD_VERSION priority string that allows to 
specify the client hello message record version. Used to overcome buggy 
TLS servers. Report by Martin von Gagern.

** libgnutls: gnutls_x509_crt_print prints signature algorithm in oneline mode.

** libgnutls: gnutls_openpgp_crt_print supports oneline mode.

** doc: Update gnutls-cli and gnutls-serv --help output descriptions.

** API and ABI modifications:
No changes since last version.

* Version 2.7.5 (released 2009-02-06)

** libgnutls: Accept chains where intermediary certs are trusted.
Before GnuTLS needed to validate the entire chain back to a
self-signed certificate.  GnuTLS will now stop looking when it has
found an intermediary trusted certificate.  The new behaviour is
useful when chains, for example, contains a top-level CA, an
intermediary CA signed using RSA-MD5, and an end-entity certificate.
To avoid chain validation errors due to the RSA-MD5 cert, you can
explicitly add the intermediary RSA-MD5 cert to your trusted certs.
The signature on trusted certificates are not checked, so the chain
has a chance to validate correctly.  Reported by "Douglas E. Engert"
<deengert@anl.gov> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.

** libgnutls: result_size in gnutls_hex_encode now holds
the size of the result. Report by John Brooks <special@dereferenced.net>.

** libgnutls: gnutls_handshake when sending client hello during a
rehandshake, will not offer a version number larger than the current.
Reported by Tristan Hill <stan@saticed.me.uk>.

** libgnutls: Permit V1 Certificate Authorities properly.
Before they were mistakenly rejected even though
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied.  Reported by
"Douglas E. Engert" <deengert@anl.gov> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.

** API and ABI modifications:
No changes since last version.

* Version 2.7.4 (released 2009-01-07)

** libgnutls: deprecate X.509 validation chains using MD5 and MD2 signatures.
This is a bugfix -- the previous attempt to do this from internal x509
certificate verification procedures did not return the correct value
for certificates using a weak hash.  Reported by Daniel Kahn Gillmor
<dkg@fifthhorseman.net> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3332>,
debugged and patch by Tomas Mraz <tmraz@redhat.com> and Daniel Kahn
Gillmor <dkg@fifthhorseman.net>.

** libgnutls: New interface to get key id for certificate requests.
Patch from David Marín Carreño <davefx@gmail.com> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3321>.

** libgnutls: gnutls_x509_crq_print will now also print public key id.

** certtool: --verify-chain now prints results of using library verification.
Earlier, certtool --verify-chain used its own validation algorithm
which wasn't guaranteed to give the same result as the libgnutls
internal validation algorithm.  Now this command print a new final
line with header 'Chain verification output:' that contains the result
from using the internal verification algorithm on the same chain.

** tests: Add crq_key_id self-test of gnutls_x509_crq_get_key_id.

** API and ABI modifications:
gnutls_x509_crq_get_key_id: ADDED.

* Version 2.7.3 (released 2008-12-10)

** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
Reported by Michael Kiefer <Michael-Kiefer@web.de> in
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.

** libgnutls: Libgcrypt initialization changed.
If libgcrypt has not already been initialized, GnuTLS will now
initialize libgcrypt with disabled secure memory.  Initialize
libgcrypt explicitly in your application if you want to enable secure
memory.  Before GnuTLS initialized libgcrypt to use GnuTLS's memory
allocation functions, which doesn't use secure memory, so there is no
real change in behaviour.

** libgnutls: Fix memory leak in PSK authentication.
Reported by Michael Weiser <michael@weiser.dinsnail.net> in
<http://permalink.gmane.org/gmane.network.gnutls.general/1465>.

** libgnutls: Small byte reads via gnutls_record_recv() optimized.

** certtool: Move gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0) call earlier.
It needs to be invoked before libgcrypt is initialized.

** gnutls-cli: Return non-zero exit code on error conditions.

** gnutls-cli: Corrected bug which caused a rehandshake request to be ignored.

** tests: Added chainverify self-test that tests X.509 chain verifications.

** API and ABI modifications:
No changes since last version.

* Version 2.7.2 (released 2008-11-18)

** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3]
The flaw makes it possible for man in the middle attackers (i.e.,
active attackers) to assume any name and trick GnuTLS clients into
trusting that name.  Thanks for report and analysis from Martin von
Gagern <Martin.vGagern@gmx.net>.  [CVE-2008-4989]

Any updates with more details about this vulnerability will be added
to <http://www.gnu.org/software/gnutls/security.html>

** libgnutls: Fix namespace issue with version symbols.
The symbols LIBGNUTLS_VERSION, LIBGNUTLS_VERSION_MAJOR,
LIBGNUTLS_VERSION_MINOR, LIBGNUTLS_VERSION_PATCH, and
LIBGNUTLS_VERSION_NUMBER were renamed to GNUTLS_VERSION_NUMBER,
GNUTLS_VERSION_MAJOR, GNUTLS_VERSION_MINOR, GNUTLS_VERSION_PATCH, and
GNUTLS_VERSION_NUMBER respectively.  The old symbols will continue to
work but are deprecated.

** certtool: allow setting arbitrary key purpose object identifiers.

** libgnutls: Fix detection of C99 macros, to make debug logging work again.

** libgnutls: Add missing prototype for gnutls_srp_set_prime_bits.
Reported by Kevin Quick <quick@sparq.org> in
<https://savannah.gnu.org/support/index.php?106454>.

** libgnutls-extra: Make building with LZO compression work again.
Build failure reported by Arfrever Frehtes Taifersar Arahesis
<arfrever.fta@gmail.com> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3194>.

** libgnutls: Change detection of when to use a linker version script.
Use --enable-ld-version-script or --disable-ld-version-script to
override auto-detection logic.

** doc: Change license on the manual to GFDLv1.3+.

** doc: GTK-DOC fixes for new splitted configuration system.

** doc: Texinfo stylesheet uses white background.

** tests: Add cve-2008-4989.c self-test.
Tests regressions of the GNUTLS-SA-2008-3 security problem, and the
follow-on problem with crashes on length 1 certificate chains.

** gnulib: Deprecated modules removed.
Modules include memchr and memcmp.

** Fix warnings and build GnuTLS with more warnings enabled.

** minitasn1: Internal copy updated to libtasn1 v1.7.

** API and ABI modifications:
gnutls_certificate_set_x509_simple_pkcs12_mem: ADDED
GNUTLS_VERSION: ADDED, replaces LIBGNUTLS_VERSION.
GNUTLS_VERSION_MAJOR: ADDED, replaces LIBGNUTLS_VERSION_MAJOR.
GNUTLS_VERSION_MINOR: ADDED, replaces LIBGNUTLS_VERSION_MINOR.
GNUTLS_VERSION_PATCH: ADDED, replaces LIBGNUTLS_VERSION_PATCH.
GNUTLS_VERSION_NUMBER: ADDED, replaces LIBGNUTLS_VERSION_NUMBER.
LIBGNUTLS_VERSION: DEPRECATED.
LIBGNUTLS_VERSION_MAJOR: DEPRECATED.
LIBGNUTLS_VERSION_MINOR: DEPRECATED.
LIBGNUTLS_VERSION_PATCH: DEPRECATED.
LIBGNUTLS_VERSION_NUMBER: DEPRECATED.

* Version 2.7.1 (released 2008-10-31)

** certtool: print a PKCS #8 key even if it is not encrypted.

** Old libgnutls.m4 and libgnutls-config scripts removed.
Please use pkg-config instead.

** Configuration system modified.
There is now a configure script in lib/ and libextra/ as well, because
gnulib works better with a config.h per gnulib directory.

** API and ABI modifications:
No changes since last version.

* Version 2.7.0 (released 2008-10-16)

** libgnutls: Added functions to handle CRL extensions.

** libgnutls: Added functions to handle X.509 extensions in Certificate
Requests.

** libgnutls: Improved error string for GNUTLS_E_AGAIN.
Suggested by "Lavrentiev, Anton (NIH/NLM/NCBI) [C]" <lavr@ncbi.nlm.nih.gov>.

** certtool: Print and set CRL and CRQ extensions.

** libgnutls-extra: Protect internal symbols with static.
Fixes problem when linking certtool statically.  Tiny patch from Aaron
Ucko <ucko@ncbi.nlm.nih.gov>.

** libgnutls-openssl: fix out of bounds access.
Problem in X509_get_subject_name and X509_get_issuer_name.  Tiny patch
from Thomas Viehmann <tv@beamnet.de>.

** libgnutlsxx: Define server_session::get_srp_username even if no SRP.

** tests: Make tests compile when using internal libtasn1.
Patch by ludo@gnu.org (Ludovic Courtès).

** Changed detection of libtasn1 and libgcrypt to avoid depending on *-config.
We now require a libgcrypt that has Camellia constants declared in
gcrypt.h, which means v1.3.0 or later.

** API and ABI modifications:
gnutls_x509_crl_get_authority_key_id: ADDED
gnutls_x509_crl_get_number: ADDED
gnutls_x509_crl_get_extension_oid: ADDED
gnutls_x509_crl_get_extension_info: ADDED
gnutls_x509_crl_get_extension_data: ADDED
gnutls_x509_crl_set_authority_key_id: ADDED
gnutls_x509_crl_set_number: ADDED
gnutls_x509_crq_get_key_rsa_raw: ADDED
gnutls_x509_crq_get_attribute_info: ADDED
gnutls_x509_crq_get_attribute_data: ADDED
gnutls_x509_crq_get_extension_info: ADDED
gnutls_x509_crq_get_extension_data: ADDED
gnutls_x509_crq_get_key_usage: ADDED
gnutls_x509_crq_get_basic_constraints: ADDED
gnutls_x509_crq_get_subject_alt_name: ADDED
gnutls_x509_crq_get_subject_alt_othername_oid: ADDED
gnutls_x509_crq_get_extension_by_oid: ADDED
gnutls_x509_crq_set_subject_alt_name: ADDED
gnutls_x509_crq_set_basic_constraints: ADDED
gnutls_x509_crq_set_key_usage: ADDED
gnutls_x509_crq_get_key_purpose_oid: ADDED
gnutls_x509_crq_set_key_purpose_oid: ADDED
gnutls_x509_crq_print: ADDED
gnutls_x509_crt_set_crq_extensions: ADDED

* Version 2.6.6 (released 2009-04-30)

** libgnutls: Corrected double free on signature verification failure.
Reported by Miroslav Kratochvil <exa.exa@gmail.com>.  See the advisory
for more details.  [GNUTLS-SA-2009-1] [CVE-2009-1415]

** libgnutls: Fix DSA key generation.
Noticed when investigating the previous GNUTLS-SA-2009-1 problem.  All
DSA keys generated using GnuTLS 2.6.x are corrupt.  See the advisory
for more details.  [GNUTLS-SA-2009-2] [CVE-2009-1416]

** libgnutls: Check expiration/activation time on untrusted certificates.
Reported by Romain Francoise <romain@orebokech.com>.  Before the
library did not check activation/expiration times on certificates, and
was documented as not doing so.  We have realized that many
applications that use libgnutls, including gnutls-cli, fail to perform
proper checks.  Implementing similar logic in all applications leads
to code duplication.  Hence, we decided to check whether the current
time (as reported by the time function) is within the
activation/expiration period of certificates when verifying untrusted
certificates.

This changes the semantics of gnutls_x509_crt_list_verify, which in
turn is used by gnutls_certificate_verify_peers and
gnutls_certificate_verify_peers2.  We add two new
gnutls_certificate_status_t codes for reporting the new error
condition, GNUTLS_CERT_NOT_ACTIVATED and GNUTLS_CERT_EXPIRED.  We also
add a new gnutls_certificate_verify_flags flag,
GNUTLS_VERIFY_DISABLE_TIME_CHECKS, that can be used to disable the new
behaviour.

More details about the vulnerabilities will be posted at
<http://www.gnu.org/software/gnutls/security.html>.

** gnutls-cli, gnutls-cli-debug: Fix AIX build problem.
Reported by LAUPRETRE François (P) <francois.laupretre@ratp.fr> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3468>.

** tests: Fix linking of tests/openpgp/keyring self-test.
Reported by Daniel Black in <https://savannah.gnu.org/support/?106543>.

** API and ABI modifications:
gnutls_x509_crt_list_verify: CHANGED, checks activation/expiration times.
gnutls_certificate_verify_peers: Likewise.
gnutls_certificate_verify_peers2: Likewise.
GNUTLS_CERT_NOT_ACTIVATED: ADDED.
GNUTLS_CERT_EXPIRED: ADDED.
GNUTLS_VERIFY_DISABLE_TIME_CHECKS: ADDED.

* Version 2.6.5 (released 2009-04-11)

** libgnutls: Added %SSL3_RECORD_VERSION priority string that allows to
specify the client hello message record version. Used to overcome buggy
TLS servers. Report by Martin von Gagern.

** GnuTLS no longer uses the libtasn1-config script to find libtasn1.
Libtasn1 0.3.4 or later is required.  This is to align with the
upcoming libtasn1 v2.0 release that doesn't have a libtasn1-script.

** API and ABI modifications:
No changes since last version.

* Version 2.6.4 (released 2009-02-06)

** libgnutls: Accept chains where intermediary certs are trusted.
Before GnuTLS needed to validate the entire chain back to a
self-signed certificate.  GnuTLS will now stop looking when it has
found an intermediary trusted certificate.  The new behaviour is
useful when chains, for example, contains a top-level CA, an
intermediary CA signed using RSA-MD5, and an end-entity certificate.
To avoid chain validation errors due to the RSA-MD5 cert, you can
explicitly add the intermediary RSA-MD5 cert to your trusted certs.
The signature on trusted certificates are not checked, so the chain
has a chance to validate correctly.  Reported by "Douglas E. Engert"
<deengert@anl.gov> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.

** libgnutls: result_size in gnutls_hex_encode now holds
the size of the result. Report by John Brooks <special@dereferenced.net>.

** libgnutls: gnutls_handshake when sending client hello during a
rehandshake, will not offer a version number larger than the current.
Reported by Tristan Hill <stan@saticed.me.uk>.

** libgnutls: Permit V1 Certificate Authorities properly.
Before they were mistakenly rejected even though
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied.  Reported by
"Douglas E. Engert" <deengert@anl.gov> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.

** libgnutls: deprecate X.509 validation chains using MD5 and MD2 signatures.
This is a bugfix -- the previous attempt to do this from internal x509
certificate verification procedures did not return the correct value
for certificates using a weak hash.  Reported by Daniel Kahn Gillmor
<dkg@fifthhorseman.net> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3332>,
debugged and patch by Tomas Mraz <tmraz@redhat.com> and Daniel Kahn
Gillmor <dkg@fifthhorseman.net>.

** libgnutls: Fix compile error with Sun CC.
Reported by Jeff Cai <jeff.cai@sun.com> in
<https://savannah.gnu.org/support/?106549>.

** API and ABI modifications:
No changes since last version.

* Version 2.6.3 (released 2008-12-12)

** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
Reported by Michael Kiefer <Michael-Kiefer@web.de> in
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.

** libgnutls: Fix memory leak in PSK authentication.
Reported by Michael Weiser <michael@weiser.dinsnail.net> in
<http://permalink.gmane.org/gmane.network.gnutls.general/1465>.

** certtool: Move gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0) call earlier.
It needs to be invoked before libgcrypt is initialized.

** gnutls-cli: Return non-zero exit code on error conditions.

** gnutls-cli: Corrected bug which caused a rehandshake request to be ignored.

** API and ABI modifications:
No changes since last version.

* Version 2.6.2 (released 2008-11-12)

** libgnutls: Fix crash in X.509 validation code for self-signed certificates.
The patch to fix the security problem GNUTLS-SA-2008-3 introduced a
problem for certificate chains that contained just one self-signed
certificate.  Reported by Michael Meskes <meskes@debian.org> in
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.

** API and ABI modifications:
No changes since last version.

* Version 2.6.1 (released 2008-11-10)

** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3]
The flaw makes it possible for man in the middle attackers (i.e.,
active attackers) to assume any name and trick GnuTLS clients into
trusting that name.  Thanks for report and analysis from Martin von
Gagern <Martin.vGagern@gmx.net>.  [CVE-2008-4989]

Any updates with more details about this vulnerability will be added
to <http://www.gnu.org/software/gnutls/security.html>

** libgnutls: Add missing prototype for gnutls_srp_set_prime_bits.
Reported by Kevin Quick <quick@sparq.org> in
<https://savannah.gnu.org/support/index.php?106454>.

** libgnutls-extra: Protect internal symbols with static.
Fixes problem when linking certtool statically.  Tiny patch from Aaron
Ucko <ucko@ncbi.nlm.nih.gov>.

** libgnutls-openssl: Fix patch against X509_get_issuer_name.
It incorrectly returned the subject DN instead of issuer DN in v2.6.0.
Thanks to Thomas Viehmann <tv@beamnet.de> for report.

** certtool: Print a PKCS #8 key even if it is not encrypted.

** tests: Make tests compile when using internal libtasn1.
Patch by ludo@gnu.org (Ludovic Courtès).

** API and ABI modifications:
No changes since last version.

* Version 2.6.0 (released 2008-10-06)

** libgnutls: Correct printing and parsing of IPv6 addresses.

** libgnutls-openssl: fix out of bounds access.
Problem in X509_get_subject_name and X509_get_issuer_name.  Tiny patch
from Thomas Viehmann <tv@beamnet.de>.

** certtool: Use inet_pton for parsing IPv6 addresses.

** Major changes compared to the v2.4 branch:

*** Added API to replace and update the crypto backend.

*** certtool: can add several subject alternative names via template file.

*** opencdk: Parse (but not decrypt) encrypted secret keys.

*** libgnutls: gnutls_x509_crt_set_subject_alt_name() was added that can
either set or append alternative names. It can also handle binary structures
such as IP addresses.

*** libgnutls: New function to set minimum acceptable SRP bits.
The function is gnutls_srp_set_prime_bits.

*** libgnutls: Add interface to deal with public key and signature algorithms.
The functions are called gnutls_pk_list, gnutls_pk_get_id,
gnutls_sign_list, and gnutls_sign_get_id.

*** libgnutls: New interfaces to get name of public key and signing algorithms.
The functions are gnutls_sign_get_name and gnutls_pk_get_name.

*** libgnutls: New API to get a string corresponding to a error symbol.
The function is gnutls_strerror_name.

*** libgnutls: New API to set the public parameters in a certificate request
*** from a private key.
The function is gnutls_x509_crq_set_key_rsa_raw.

*** libgnutls: New API to set a callback to extract TLS Finished data.
The function to register is gnutls_session_set_finished_function and
it takes a callback of the gnutls_finished_callback_func type.

*** libgnutls: Fix namespace problem with TLS_MASTER_SIZE and TLS_RANDOM_SIZE.

*** libgnutls: New interface to register a new TLS extension handler.
The new function gnutls_ext_register can be used to register handlers
for specific TLS extension types.  The callback functions have the new
types gnutls_ext_recv_func and gnutls_ext_send_func.  A type to
classify TLS extensions, gnutls_ext_parse_type_t, has been added as
well.

*** libgnutls-extra: Add function to work with Libgcrypt in FIPS mode.
The function is gnutls_register_md5_handler.  When libgcrypt is in
FIPS mode, MD5 is disabled, but TLS normally requires use of MD5 in
the PRF.

*** API/ABI changes in GnuTLS 2.6
No functions have been removed or modified.  The library should be
fully backwards compatible on both the source and binary level.

A new header file <gnutls/crypto.h> have been added.  It contains
definitions related to replacing the internal crypto functionality.
All definitions and the header itself is experimental but supported.

We have realized that the symbols TLS_MASTER_SIZE and TLS_RANDOM_SIZE
does not use the normal namespace.  We have added GNUTLS_MASTER_SIZE
and GNUTLS_RANDOM_SIZE, but the old symbols are still defined.

The following functions have been added to libgnutls:

GNUTLS_MASTER_SIZE
GNUTLS_RANDOM_SIZE
gnutls_crypto_bigint_register2
gnutls_crypto_cipher_register2
gnutls_crypto_digest_register2
gnutls_crypto_mac_register2
gnutls_crypto_pk_register2
gnutls_crypto_rnd_register2
gnutls_crypto_single_cipher_register2
gnutls_crypto_single_digest_register2
gnutls_crypto_single_mac_register2
gnutls_ext_register
gnutls_pk_get_id
gnutls_pk_get_name
gnutls_pk_list
gnutls_session_set_finished_function
gnutls_sign_get_id
gnutls_sign_get_name
gnutls_sign_list
gnutls_srp_set_prime_bits:
gnutls_strerror_name
gnutls_x509_crq_set_key_rsa_raw
gnutls_x509_crt_set_crl_dist_points2
gnutls_x509_crt_set_subject_alt_name

The following functions have been added to libgnutls-extra:

gnutls_register_md5_handler

** API and ABI modifications:
No changes since last version.

* Version 2.5.9 (released 2008-09-29)

** libgnutls: Fix several memory leaks.
Reported by Sam Varshavchik <mrsam@courier-mta.com>.

** libgnutls: Fix buffer overrun in gnutls_x509_crt_list_import.
Report and patch by Jonathan Manktelow.

** libgnutls: crypto.h gnutls_pk_params_st changes allocation strategy.
The parameters are now allocated in the structure itself.

** doc: Texinfo HTML manual uses a stylesheet to improve readability.

** tests: Scripts now use EXEEXT properly.
Modern libtool doesn't create wrapper script, so the self tests need
to invoke certtool.exe under MinGW32+Wine.

** Uses autoconf 2.63, automake 1.10.1, libtool 2.2.6a.
Automake warnings are now also enabled.

** API and ABI modifications:
gnutls_pk_params_st: MODIFIED

* Version 2.5.8 (released 2008-09-21)

** certtool: updated so it can add several subject alternative names using
the template file.

** libgnutls: gnutls_x509_crt_set_subject_alt_name() was added that can
either set or append alternative names. It can also handle binary structures
such as IP addresses.

** libgnutls: Fix crash in hashing code when using non-libgcrypt handlers.

** libgnutls: New function to set minimum acceptable SRP bits.
The function is gnutls_srp_set_prime_bits.  Tiny patch by Kevin Quick
<quick@sparq.org> in <https://savannah.gnu.org/support/index.php?106454>.

** libgnutls: Check for overflows in gnutls_calloc and gnutls_secure_calloc.
Also fix overflows in calls to those functions.  Reported by Werner
Koch <wk@gnupg.org>.

** libgnutls-extra: Add function to work with Libgcrypt in FIPS mode.
The function is gnutls_register_md5_handler.  When libgcrypt is in
FIPS mode, MD5 is disabled, but TLS normally requires use of MD5 in
the PRF.

** Opencdk: Add calls to gnutls_assert to ease debugging.

** Indent code.

** API and ABI modifications:
gnutls_srp_set_prime_bits: ADDED
gnutls_register_md5_handler: ADDED
gnutls_x509_crt_set_crl_dist_points2: ADDED
gnutls_x509_crt_set_subject_alt_name: ADDED

* Version 2.5.7 (released 2008-09-16)

** libgnutls: New interfaces to get name of public key and signing algorithms.
The functions are gnutls_sign_get_name and gnutls_pk_get_name.

** libgnutls: Don't crash when gnutls_credentials_set is called twice.

** libgnutls: Fix libgnutls shared library version.
It wasn't properly incremented after adding symbols in the last
release.

** manual: Now mention supported public key and public key signing algorithms.

** tests/openssl: initialize gnutls before use.

** tests/setcredcrash: New test to catch regressions of gnutls_credentials_set.

** GTK-DOC manual: mention new symbols in 2.6.x.  Mention crypto.h functions.

** API and ABI modifications:
gnutls_sign_get_name: ADDED
gnutls_pk_get_name: ADDED

* Version 2.5.6 (released 2008-09-08)

** libgnutls: Add interface to deal with public key and signature algorithms.
The functions are called gnutls_pk_list, gnutls_pk_get_id,
gnutls_sign_list, and gnutls_sign_get_id.  Suggested by Sam
Varshavchik <mrsam@courier-mta.com>.

** libgnutls: Refactor and clean up some code.

** libgnutls: Fix compile error with Sun CC.

** gnutls-cli: Improve --list output to include public key and signature algs.

** gnutls-cli, gnutls-serv: Remove --copyright parameter.
Use standard --version to get license info.

** gnutls-cli.1: Document all new parameters.
Thanks to James Westby <jw+debian@jameswestby.net>.

** tests: New self-test pgps2kgnu to test parsing of encrypted secrets.
Contributed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.

** API and ABI modifications:
gnutls_pk_list: ADDED
gnutls_pk_get_id: ADDED
gnutls_sign_list: ADDED
gnutls_sign_get_id: ADDED

* Version 2.5.5 (released 2008-08-29)

** libgnutls: New API to get a string corresponding to a error symbol.
The function is gnutls_strerror_name.

** libgnutls: Fix include paths so that building with internal libtasn1 works.
Reported by "jth.net ApS" <info@jth.net>.

** libgnutls: Fix segmentation fault when generating private keys.
Reported by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.

** libgnutls: Remove code to import certificate chains in PKCS#7 format.
The code has not worked since v0.9.0 and apparently nobody has missed
it, so we decided to remove the code rather than fix it.  If you have
old certificate chains stored in PKCS#7 format, you can convert them
to a list of PEM certificates by using 'certtool --p7-info'.  Reported
by Christian Grothoff <christian@grothoff.org>.

** opencdk: Parse (but not decrypt) encrypted secret keys.
Contributed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.

** libgnutls: Fix many warnings.

** Included copy of libtasn1 is upgraded to version 1.5.

** Add French translation, thanks to Nicolas Provost.

** API and ABI modifications:
gnutls_strerror_name: ADDED

* Version 2.5.4 (released 2008-08-19)

** Fix secure memory initialization of libgcrypt.
Reported by Joe Orton <joe@manyfish.co.uk> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2992>.

** Doc fixes.
Reference to NIST SP 800-57 in the manual on key size recommendations.
Added 'Since:' tags to new APIs for gtk-doc.

** API and ABI modifications:
No changes since last version.

* Version 2.5.3 (released 2008-08-14)

** libgnutls: New API to set the public parameters in a certificate request
** from a private key.
The function is gnutls_x509_crq_set_key_rsa_raw.  Inspired by
discussion with "Zach C." <fxchip@gmail.com>.

** libgnutls: New API to set a callback to extract TLS Finished data.
The function to register is gnutls_session_set_finished_function and
it takes a callback of the gnutls_finished_callback_func type.

** libgnutls: Drop final comma after GNUTLS_CRT_PRINT_UNSIGNED_FULL in enum.
Reported in <https://savannah.gnu.org/support/?106453>.

** libgnutls: Fix namespace problem with TLS_MASTER_SIZE and TLS_RANDOM_SIZE.
The new names are GNUTLS_MASTER_SIZE and GNUTLS_RANDOM_SIZE.  The old
names are mapped to the new names in compat.h.  These mappings will
likely be removed more quickly than other mappings in that file due to
the namespace violation.

** libgnutlsxx: Make it build when SRP is disabled.

** doc: Add doxygen files in doc/doxygen/.

** API and ABI modifications:
gnutls_x509_crq_set_key_rsa_raw: ADDED
gnutls_session_set_finished_function: ADDED
gnutls_finished_callback_func: ADDED
GNUTLS_MASTER_SIZE: ADDED
GNUTLS_RANDOM_SIZE: ADDED
TLS_MASTER_SIZE: DEPRECATED
TLS_RANDOM_SIZE: DEPRECATED

* Version 2.5.2 (released 2008-07-08)

** libgnutls: Fix bug in gnutls_dh_params_generate2.
The prime and generator was swapped.

** libgnutls: New interface to register a new TLS extension handler.
The new function gnutls_ext_register can be used to register handlers
for specific TLS extension types.  The callback functions have the new
types gnutls_ext_recv_func and gnutls_ext_send_func.  A type to
classify TLS extensions, gnutls_ext_parse_type_t, has been added as
well.

** Move more code for TLS/IA extension from libgnutls to libgnutls-extra.
This was made possible by using the new gnutls_ext_register interface.
The TLS/IA functionality has only been supported through the
libgnutls-extra library, so it makes sense for the code to belong
there too.

** API and ABI modifications:
gnutls_ext_recv_func: ADDED
gnutls_ext_send_func: ADDED
gnutls_ext_parse_type_t: ADDED
gnutls_ext_register: ADDED

* Version 2.5.1 (released 2008-07-02)

** Indent code.

** API and ABI modifications:
No changes since last version.

* Version 2.5.0 (released 2008-07-02)

** Port fixes from v2.4.1 release, see below.

** Added API to replace and update the crypto backend.
The header gnutls/crypto.h is now officially supported, and declares
the symbols below.

** Rewritten opencdk crypto backend, to use the gnutls internal one.

** Update gnulib and translations.
The gnulib gc crypto code has been removed since it was never finished
and is no longer even used.  An internal non-libgcrypt crypto
implementation may be added in the future, but we'll decide that later
on.

** API and ABI modifications:
gnutls_crypto_bigint_register2: ADDED.
gnutls_crypto_cipher_register2: ADDED.
gnutls_crypto_digest_register2: ADDED.
gnutls_crypto_mac_register2: ADDED.
gnutls_crypto_pk_register2: ADDED.
gnutls_crypto_rnd_register2: ADDED.
gnutls_crypto_single_cipher_register2: ADDED.
gnutls_crypto_single_digest_register2: ADDED.
gnutls_crypto_single_mac_register2: ADDED.

* Version 2.4.3 (released 2009-02-06)

** libgnutls: Accept chains where intermediary certs are trusted.
Before GnuTLS needed to validate the entire chain back to a
self-signed certificate.  GnuTLS will now stop looking when it has
found an intermediary trusted certificate.  The new behaviour is
useful when chains, for example, contains a top-level CA, an
intermediary CA signed using RSA-MD5, and an end-entity certificate.
To avoid chain validation errors due to the RSA-MD5 cert, you can
explicitly add the intermediary RSA-MD5 cert to your trusted certs.
The signature on trusted certificates are not checked, so the chain
has a chance to validate correctly.  Reported by "Douglas E. Engert"
<deengert@anl.gov> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.

** libgnutls: Permit V1 Certificate Authorities properly.
Before they were mistakenly rejected even though
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied.  Reported by
"Douglas E. Engert" <deengert@anl.gov> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.

** libgnutls: deprecate X.509 validation chains using MD5 and MD2 signatures.
This is a bugfix -- the previous attempt to do this from internal x509
certificate verification procedures did not return the correct value
for certificates using a weak hash.  Reported by Daniel Kahn Gillmor
<dkg@fifthhorseman.net> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3332>,
debugged and patch by Tomas Mraz <tmraz@redhat.com> and Daniel Kahn
Gillmor <dkg@fifthhorseman.net>.

** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
Reported by Michael Kiefer <Michael-Kiefer@web.de> in
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.

** libgnutls: Fix crash in X.509 validation code for self-signed certificates.
The patch to fix the security problem GNUTLS-SA-2008-3 introduced a
problem for certificate chains that contained just one self-signed
certificate.  Reported by Michael Meskes <meskes@debian.org> in
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.

** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3]
The flaw makes it possible for man in the middle attackers (i.e.,
active attackers) to assume any name and trick GnuTLS clients into
trusting that name.  Thanks for report and analysis from Martin von
Gagern <Martin.vGagern@gmx.net>.  [CVE-2008-4989]

Any updates with more details about this vulnerability will be added
to <http://www.gnu.org/software/gnutls/security.html>

** libgnutls: Fix buffer overrun in gnutls_x509_crt_list_import.
Report and patch by Jonathan Manktelow.

** libgnutls: Avoid use of non-thread safe strerror.

** API and ABI modifications:
No changes since last version.

* Version 2.4.2 (released 2008-09-15)

** libgnutls: Don't crash when gnutls_credentials_set is called twice.

** libgnutls: Corrected memory leak in X.509 functions.
Thanks to Colin Leroy <colin@colino.net>.

** libgnutls: Fix compile error with Sun CC.

** gnutls-cli.1: Document all new parameters.
Thanks to James Westby <jw+debian@jameswestby.net>.

** tests/openssl: initialize gnutls before use.
Fixes crash with libgcrypt 1.4.2.  Reported by Ludovic Courtes
<ludovic.courtes@laas.fr>.

** doc/: Fix texinfo markup for old texinfo versions.

** Included copy of libtasn1 is upgraded to version 1.5.

** API and ABI modifications:
No changes since last version.

* Version 2.4.1 (released 2008-06-30)

** libgnutls: Fix local crash in gnutls_handshake.  [GNUTLS-SA-2008-2]
If the gnutls_handshake function is called for a normal session, which
can happen for re-handshakes, the library would crash because it tried
to hash some data using a libgcrypt handle that had been deallocated.
Report and tiny patch from Tomas Mraz <tmraz@redhat.com>.  Any updates
with more details about this vulnerability will be added to
<http://www.gnu.org/software/gnutls/security.html>

** libgnutls: Fix memory leaks when doing a re-handshake.
Reported by Sam Varshavchik <mrsam@courier-mta.com> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2928>.

** Fix compiler warnings.
Reported by Massimo Gaspari <massimo.gaspari@alice.it> in
<http://thread.gmane.org/gmane.network.gnutls.general/1281>.

** Fix ordering of -I's to avoid opencdk.h conflict with system headers.
Reported by Roman Bogorodskiy <novel@FreeBSD.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2930>.

** srptool: Fix a problem where --verify check does not succeed.
Report and tiny patch by Matthias Koenig <mkoenig@suse.de> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2944>.

** API and ABI modifications:
No changes since last version.

* Version 2.4.0 (released 2008-06-19)

** Major changes compared to the v2.2 branch:

*** The OpenPGP sub-system has been improved and now supports subkeys.

*** The PSK sub-system has been improved and now supports password
*** derivation and PSK identity hints.
The password derivation algorithms support is documented in
draft-ietf-netconf-tls-02.txt.

*** The certtool --inder and --outder has been replaced by --inraw and --outraw.
This aligns terminology with OpenPGP, which doesn't use DER encoding.
The old parameters will continue to work for some time.

*** Certtool now confirm passwords and changes permissions of private key files.

*** The default handshake size limit has been increased to 48kb.
It appears as if some valid handshakes are large due to sending many
CA certificates.  (The earlier limit was 16kb.)

*** LZO compression is now disabled by default.
The main reason is that LZO compression in TLS is not standardized,
but license compatiblity issues with minilzo triggered us to make this
decision now.

*** Improvements for cross-compilation to Windows and OpenWRT.

*** The look of the GTK-DOC manual has been improved.
Major developer visible changes compared to the v2.2 branch:

*** Full OpenPGP support is part of libgnutls, licensed under the LGPL.

*** New APIs to access the raw X.509 Subject and Issuer DN's and
*** elements from the certificate credentials structure.
Thanks to Joe Orton.

*** New APIs to improve working with username/passwords and PSK.

*** Names of constants to affect certificate printing changed.
The constants are used for OpenPGP too, which the names didn't
reflect, so the following name change has been made:

            Old name                         New name
     GNUTLS_X509_CRT_FULL            GNUTLS_CRT_PRINT_FULL
     GNUTLS_X509_CRT_ONELINE         GNUTLS_CRT_PRINT_ONELINE
     GNUTLS_X509_CRT_UNSIGNED_FULL   GNUTLS_CRT_PRINT_UNSIGNED_FULL

The old names will be mapped to the new names for some time.

*** The function gnutls_openpgp_privkey_get_id has been renamed to
*** gnutls_openpgp_privkey_get_key_id.
A compatibility mapping exists to avoid breaking API backwards
compatibility.

*** Replaced all uses of alloca with malloc and free.

*** We no longer build with -D_REENTRANT -D_THREAD_SAFE.
We have been unable to find a documented rationale for this practice.

*** Of course, many smaller fixes have been made, see the ChangeLog file.

*** API/ABI changes in GnuTLS 2.4
All OpenPGP related functions have been moved from libgnutls-extra to
libgnutls, and several new functions have been added (see below).
Before making the release, we discussed whether moving functions from
libgnutls-extra to libgnutls would require us to increment the ABI
version, but the general opinion was that this would not be required.
All older functions continue to work the same.  We are open to the
possibility that this decision will lead to problem on some platform,
and if it turns out that the Right Thing should have been to increment
the shared library version, we would need to release an update within
the 2.4.x branch that increments the shared library version.

This release adds the following functions:

  gnutls_psk_client_get_hint
  gnutls_psk_set_server_credentials_hint
  gnutls_psk_netconf_derive_key

    Used to get/set the PSK identity hint, and derive PSK keys from
    passwords a'la netconf.

  gnutls_x509_dn_deinit
  gnutls_x509_dn_export
  gnutls_x509_dn_import
  gnutls_x509_dn_init

    Used to handle X.509 Certificate DN's directly.

  gnutls_hex2bin

    Converts a data buffer to hex.  Useful for handling PSK/SRP shared
    secrets.

  gnutls_certificate_get_x509_cas
  gnutls_certificate_get_x509_crls
  gnutls_certificate_get_openpgp_keyring

    Functions for direct access to credential elements.

  gnutls_openpgp_crt_get_auth_subkey
  gnutls_openpgp_crt_get_key_id
  gnutls_openpgp_crt_get_pk_dsa_raw
  gnutls_openpgp_crt_get_pk_rsa_raw
  gnutls_openpgp_crt_get_preferred_key_id
  gnutls_openpgp_crt_get_revoked_status
  gnutls_openpgp_crt_get_subkey_count
  gnutls_openpgp_crt_get_subkey_creation_time
  gnutls_openpgp_crt_get_subkey_expiration_time
  gnutls_openpgp_crt_get_subkey_fingerprint
  gnutls_openpgp_crt_get_subkey_id
  gnutls_openpgp_crt_get_subkey_idx
  gnutls_openpgp_crt_get_subkey_pk_algorithm
  gnutls_openpgp_crt_get_subkey_pk_dsa_raw
  gnutls_openpgp_crt_get_subkey_pk_rsa_raw
  gnutls_openpgp_crt_get_subkey_revoked_status
  gnutls_openpgp_crt_get_subkey_usage
  gnutls_openpgp_crt_print
  gnutls_openpgp_crt_set_preferred_key_id
  gnutls_openpgp_keyring_get_crt
  gnutls_openpgp_keyring_get_crt_count
  gnutls_openpgp_privkey_export
  gnutls_openpgp_privkey_export_dsa_raw
  gnutls_openpgp_privkey_export_rsa_raw
  gnutls_openpgp_privkey_export_subkey_dsa_raw
  gnutls_openpgp_privkey_export_subkey_rsa_raw
  gnutls_openpgp_privkey_get_fingerprint
  gnutls_openpgp_privkey_get_key_id
  gnutls_openpgp_privkey_get_pk_algorithm
  gnutls_openpgp_privkey_get_preferred_key_id
  gnutls_openpgp_privkey_get_revoked_status
  gnutls_openpgp_privkey_get_subkey_count
  gnutls_openpgp_privkey_get_subkey_creation_time
  gnutls_openpgp_privkey_get_subkey_expiration_time
  gnutls_openpgp_privkey_get_subkey_fingerprint
  gnutls_openpgp_privkey_get_subkey_id
  gnutls_openpgp_privkey_get_subkey_idx
  gnutls_openpgp_privkey_get_subkey_pk_algorithm
  gnutls_openpgp_privkey_get_subkey_revoked_status
  gnutls_openpgp_privkey_set_preferred_key_id

    New OpenPGP related functions.

    The function gnutls_openpgp_crt_get_key_id is the same as the old
    from gnutls_openpgp_crt_get_id, see above.

The release also adds a new header file 'gnutls/crypto.h', however it
is currently not used.

** libgnutls [OpenPGP]: New APIs to retrieve fingerprint from OpenPGP subkeys.
Contributed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.

** API and ABI modifications:
gnutls_openpgp_crt_get_subkey_fingerprint: ADDED.
gnutls_openpgp_privkey_get_subkey_fingerprint: ADDED.

* Version 2.3.15 (released 2008-06-15)

** Disable the openpgp-certs self-tests.
It results in failure under Wine and doesn't work on Debian buildds.

** API and ABI modifications:
No changes since last version.

* Version 2.3.14 (released 2008-06-11)

** libgnutls [OpenPGP]: Changed OpenPGP verification behaviour.
An OpenPGP certificate is now only considered verified if all the user
IDs are verified.

** Examples: Make C++ example compile.
Earlier it may have failed with an unresolved reference to strlen.

** Documentation: Doc fix for gnutls_x509_crt_get_extension_oid.
Reported by Sam Varshavchik <mrsam@courier-mta.com>.

** API and ABI modifications:
No changes since last version.

* Version 2.3.13 (released 2008-06-07)

** libgnutls [OpenPGP]: Make OpenPGP handshakes work again.

** doc/: Add psktool to info index.  Some minor cleanups.

** tests/: Added non-forking TLS handshake test, see tests/mini.c.

** tests/: Added libgcrypt.supp which can be used with valgrind.
The file suppresses the known libgcrypt memory leaks, so they aren't
printed when you run valgrind on the gnutls self-tests.  Use it as
follows: valgrind --suppressions=libgcrypt.supp ./x509self or add
'--suppressions=/home/you/src/gnutls/tests/libgcrypt.supp' to your
~/.valgrindrc file.

** tests/: Reduce amount of debugging output by default.
Use --verbose for each test to get the full output.

** tests/: Fix memory leaks in several self-tests.
None of the self tests should be leaking memory when running valgrind
or similar tools.  (Known exceptions are dhepskself, pskself, and
set_pkcs12_cred, which appear likely to be due to memory leaks in the
library.)

** API and ABI modifications:
No changes since last version.

* Version 2.3.12 (released 2008-06-04)

** Merge gnutls_with_netconf branch.

*** libgnutls [PSK]: New API to retrieve PSK identity hint in client.
The function is gnutls_psk_client_get_hint.

*** libgnutls [PSK]: New API to set PSK identity hint in server.
The function is gnutls_psk_set_server_credentials_hint.

*** libgnutls [PSK]: Support server key exchange with PSK identity hint.
In the client, the message is parsed and the application can use
gnutls_psk_client_get_hint to retrieve the hint.  In the server, the
message is sent if the application has specified a PSK identity hint
using gnutls_psk_set_server_credentials_hint.

*** libgnutls [PSK]: Support Netconf PSK key derivation.
The function gnutls_psk_netconf_derive_key supports the PSK key