[180e49f] | 1 | ** Version 0.6.0 |
---|
| 2 | - GnuTLSCache none is now an allowed option. |
---|
| 3 | |
---|
[17eb1a1] | 4 | ** Version 0.5.9 (2010-09-24) |
---|
| 5 | - Corrected behavior in Keep-Alive connections (do not |
---|
| 6 | terminate the connection prematurely) |
---|
| 7 | |
---|
| 8 | - The GnuTLSCache variable now can be given the specific |
---|
| 9 | option "gdbm" instead of "dbm". "dbm" will use the berkeley |
---|
| 10 | db type of libapr while gdbm will force gdbm to be used. |
---|
| 11 | sdbm is no longer being used due to serious limitations. |
---|
| 12 | |
---|
[5508683] | 13 | ** Version 0.5.8 (2010-08-18) |
---|
| 14 | - Session tickets are enabled by default. |
---|
| 15 | |
---|
| 16 | - Fixes some segmentation faults noticed in some |
---|
| 17 | configurations. |
---|
| 18 | |
---|
[bbb9bb1] | 19 | ** Version 0.5.7 (2010-07-01) |
---|
| 20 | - Force usage of SDBM. For some reason the default in |
---|
| 21 | my system had issues after reaching a limit of entries. |
---|
| 22 | SDBM seems stable so force it. |
---|
| 23 | |
---|
| 24 | - Optimizations in session caching. |
---|
| 25 | |
---|
| 26 | - Added support for session tickets. This allows a |
---|
| 27 | server to avoid using a session cache and still support |
---|
| 28 | session resumption. This is at the cost of transporting |
---|
| 29 | session data during handshake. New option |
---|
| 30 | GnuTLSSessionTickets [on|off] |
---|
| 31 | |
---|
| 32 | - Depend on gnutls 2.10.0 to force support for safe |
---|
| 33 | renegotiation. |
---|
| 34 | |
---|
[66b608e] | 35 | ** Version 0.5.6 (2010-03-24) |
---|
| 36 | - Corrected issue with firefox and long POST data (by |
---|
| 37 | handling EINTR and EAGAIN errors in read). |
---|
| 38 | |
---|
| 39 | - Added support for chained client certificates |
---|
| 40 | |
---|
| 41 | - Corrected more issues related to double frees |
---|
| 42 | http://issues.outoforder.cc/view.php?id=102 |
---|
| 43 | |
---|
[52b649e] | 44 | ** Version 0.5.5 (2009-06-13) |
---|
| 45 | |
---|
| 46 | - Removed limits on CA certificate loading. Reported by |
---|
| 47 | Sander Marechal and Jack Bates. |
---|
| 48 | |
---|
| 49 | - Do not allow sending empty TLS packets even when instructed to. |
---|
| 50 | This had the side effect of clients closing connection. |
---|
| 51 | |
---|
| 52 | ** Version 0.5.4 (2009-01-04) |
---|
[4ecf14f] | 53 | |
---|
| 54 | - mod_gnutls.h: modified definition to extern to avoid compilation |
---|
| 55 | errors in darwin. |
---|
| 56 | |
---|
| 57 | - Added patch to fix issue with mod_proxy. Investigation and patch by Alain |
---|
| 58 | Knaff. |
---|
| 59 | |
---|
| 60 | - libgnutls detection uses pkg-config. |
---|
| 61 | |
---|
[f8ffc43] | 62 | ** Version 0.5.3 (2008-10-16) |
---|
| 63 | |
---|
| 64 | - Corrected bug to allow having an OpenPGP-only web site. |
---|
| 65 | |
---|
| 66 | - Increased Max handshake tries due to interrupted system calls. |
---|
| 67 | |
---|
[8ce897a] | 68 | ** Version 0.5.2 (2008-06-29) |
---|
| 69 | |
---|
| 70 | - Depend on gnutls 2.4 which has openpgp support in main library. |
---|
| 71 | |
---|
[9d9b093] | 72 | ** Version 0.5.1 (2008-03-05) |
---|
[8df5b25] | 73 | |
---|
| 74 | - Added --disable-srp configure option |
---|
| 75 | |
---|
| 76 | - Better check for memcache (patch by Guillaume Rousse) |
---|
| 77 | |
---|
[9d9b093] | 78 | - Corrected possible memory leak in DBM support for resuming sessions. |
---|
| 79 | |
---|
| 80 | ** Version 0.5.0-alpha (2008-01-24) |
---|
| 81 | |
---|
| 82 | - Added support for OpenPGP keys. The new directives are: |
---|
| 83 | GnuTLSPGPKeyringFile, GnuTLSPGPCertificateFile, GnuTLSPGPKeyFile |
---|
[8df5b25] | 84 | |
---|
[2a2272d] | 85 | ** Version 0.4.2 (2007-12-10) |
---|
| 86 | |
---|
| 87 | - Added support for sending a certificate chain. |
---|
| 88 | |
---|
| 89 | - Corrected bug which did not allow the TLS session cache to be used. |
---|
| 90 | |
---|
| 91 | - Do not allow resuming sessions on different servers. |
---|
| 92 | |
---|
[a4839ae] | 93 | ** Version 0.4.1 (2007-12-03) |
---|
| 94 | |
---|
| 95 | - Added support for subject alternative names in certificates. |
---|
| 96 | Only one per certificate is supported. |
---|
| 97 | |
---|
| 98 | - New enviroment variables: SSL_CLIENT_M_VERSION, SSL_CLIENT_S_SAN%, |
---|
| 99 | SSL_CLIENT_S_TYPE, SSL_SERVER_M_VERSION, SSL_SERVER_S_SAN%, SSL_SERVER_S_TYPE |
---|
| 100 | |
---|
| 101 | - The compatibility mode can now be enabled explicitely with the |
---|
| 102 | %COMPAT keyword at the GnuTLSPriorities string. It is no longer the default. |
---|
| 103 | |
---|
| 104 | - Check for GnuTLSPriorities directive. This corrects a segfault. Thanks |
---|
| 105 | to David Hrbáč. |
---|
| 106 | |
---|
| 107 | - Better handling of GnuTLSDHFile and GnuTLSRSAFile. |
---|
| 108 | |
---|
| 109 | - No longer default paths for RSA and DH parameter files. |
---|