Navigation:
Browse pkgsrc
(this page)Log Message: gnutls: update to 3.6.4. * Version 3.6.4 (released 2018-09-24) ** libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol. ** libgnutls: Corrected regression since 3.6.3 in the callbacks set with gnutls_certificate_set_retrieve_function() which could not handle the case where no certificates were returned, or the callbacks were set to NULL (see #528). ** libgnutls: gnutls_handshake() on server returns early on handshake when no certificate is presented by client and the gnutls_init() flag \ GNUTLS_ENABLE_EARLY_START is specified. ** libgnutls: Added session ticket key rotation on server side with TOTP. The key set with gnutls_session_ticket_enable_server() is used as a master key to generate time-based keys for tickets. The rotation relates to the gnutls_db_set_cache_expiration() period. ** libgnutls: The 'record size limit' extension is added and preferred to the 'max record size' extension when possible. ** libgnutls: Provide a more flexible PKCS#11 search of trust store certificates. This addresses the problem where the CA certificate doesn't have a subject key identifier whereas the end certificates have an authority key identifier (#569) ** libgnutls: gnutls_privkey_export_gost_raw2(), gnutls_privkey_import_gost_raw(), gnutls_pubkey_export_gost_raw2(), gnutls_pubkey_import_gost_raw() import and export GOST parameters in the "native" little endian format \ used for these curves. This is an intentional incompatible change with 3.6.3. ** libgnutls: Added support for seperately negotiating client and server \ certificate types as defined in RFC7250. This mechanism must be explicitly enabled via the GNUTLS_ENABLE_CERT_TYPE_NEG flag in gnutls_init(). ** gnutls-cli: enable CRL validation on startup (#564) ** API and ABI modifications: GNUTLS_ENABLE_EARLY_START: Added GNUTLS_ENABLE_CERT_TYPE_NEG: Added GNUTLS_TL_FAIL_ON_INVALID_CRL: Added GNUTLS_CERTIFICATE_VERIFY_CRLS: Added gnutls_ctype_target_t: New enumeration gnutls_record_set_max_early_data_size: Added gnutls_certificate_type_get2: Added gnutls_priority_certificate_type_list2: Added gnutls_ffdhe_6144_group_prime: Added gnutls_ffdhe_6144_group_generator: Added gnutls_ffdhe_6144_key_bits: Added
New packages: