| 1 | ** Version 0.5.8 (unreleased) |
|---|
| 2 | - Session tickets are enabled by default. |
|---|
| 3 | |
|---|
| 4 | ** Version 0.5.7 (2010-07-01) |
|---|
| 5 | - Force usage of SDBM. For some reason the default in |
|---|
| 6 | my system had issues after reaching a limit of entries. |
|---|
| 7 | SDBM seems stable so force it. |
|---|
| 8 | |
|---|
| 9 | - Optimizations in session caching. |
|---|
| 10 | |
|---|
| 11 | - Added support for session tickets. This allows a |
|---|
| 12 | server to avoid using a session cache and still support |
|---|
| 13 | session resumption. This is at the cost of transporting |
|---|
| 14 | session data during handshake. New option |
|---|
| 15 | GnuTLSSessionTickets [on|off] |
|---|
| 16 | |
|---|
| 17 | - Depend on gnutls 2.10.0 to force support for safe |
|---|
| 18 | renegotiation. |
|---|
| 19 | |
|---|
| 20 | ** Version 0.5.6 (2010-03-24) |
|---|
| 21 | - Corrected issue with firefox and long POST data (by |
|---|
| 22 | handling EINTR and EAGAIN errors in read). |
|---|
| 23 | |
|---|
| 24 | - Added support for chained client certificates |
|---|
| 25 | |
|---|
| 26 | - Corrected more issues related to double frees |
|---|
| 27 | http://issues.outoforder.cc/view.php?id=102 |
|---|
| 28 | |
|---|
| 29 | ** Version 0.5.5 (2009-06-13) |
|---|
| 30 | |
|---|
| 31 | - Removed limits on CA certificate loading. Reported by |
|---|
| 32 | Sander Marechal and Jack Bates. |
|---|
| 33 | |
|---|
| 34 | - Do not allow sending empty TLS packets even when instructed to. |
|---|
| 35 | This had the side effect of clients closing connection. |
|---|
| 36 | |
|---|
| 37 | ** Version 0.5.4 (2009-01-04) |
|---|
| 38 | |
|---|
| 39 | - mod_gnutls.h: modified definition to extern to avoid compilation |
|---|
| 40 | errors in darwin. |
|---|
| 41 | |
|---|
| 42 | - Added patch to fix issue with mod_proxy. Investigation and patch by Alain |
|---|
| 43 | Knaff. |
|---|
| 44 | |
|---|
| 45 | - libgnutls detection uses pkg-config. |
|---|
| 46 | |
|---|
| 47 | ** Version 0.5.3 (2008-10-16) |
|---|
| 48 | |
|---|
| 49 | - Corrected bug to allow having an OpenPGP-only web site. |
|---|
| 50 | |
|---|
| 51 | - Increased Max handshake tries due to interrupted system calls. |
|---|
| 52 | |
|---|
| 53 | ** Version 0.5.2 (2008-06-29) |
|---|
| 54 | |
|---|
| 55 | - Depend on gnutls 2.4 which has openpgp support in main library. |
|---|
| 56 | |
|---|
| 57 | ** Version 0.5.1 (2008-03-05) |
|---|
| 58 | |
|---|
| 59 | - Added --disable-srp configure option |
|---|
| 60 | |
|---|
| 61 | - Better check for memcache (patch by Guillaume Rousse) |
|---|
| 62 | |
|---|
| 63 | - Corrected possible memory leak in DBM support for resuming sessions. |
|---|
| 64 | |
|---|
| 65 | ** Version 0.5.0-alpha (2008-01-24) |
|---|
| 66 | |
|---|
| 67 | - Added support for OpenPGP keys. The new directives are: |
|---|
| 68 | GnuTLSPGPKeyringFile, GnuTLSPGPCertificateFile, GnuTLSPGPKeyFile |
|---|
| 69 | |
|---|
| 70 | ** Version 0.4.2 (2007-12-10) |
|---|
| 71 | |
|---|
| 72 | - Added support for sending a certificate chain. |
|---|
| 73 | |
|---|
| 74 | - Corrected bug which did not allow the TLS session cache to be used. |
|---|
| 75 | |
|---|
| 76 | - Do not allow resuming sessions on different servers. |
|---|
| 77 | |
|---|
| 78 | ** Version 0.4.1 (2007-12-03) |
|---|
| 79 | |
|---|
| 80 | - Added support for subject alternative names in certificates. |
|---|
| 81 | Only one per certificate is supported. |
|---|
| 82 | |
|---|
| 83 | - New enviroment variables: SSL_CLIENT_M_VERSION, SSL_CLIENT_S_SAN%, |
|---|
| 84 | SSL_CLIENT_S_TYPE, SSL_SERVER_M_VERSION, SSL_SERVER_S_SAN%, SSL_SERVER_S_TYPE |
|---|
| 85 | |
|---|
| 86 | - The compatibility mode can now be enabled explicitely with the |
|---|
| 87 | %COMPAT keyword at the GnuTLSPriorities string. It is no longer the default. |
|---|
| 88 | |
|---|
| 89 | - Check for GnuTLSPriorities directive. This corrects a segfault. Thanks |
|---|
| 90 | to David Hrbáč. |
|---|
| 91 | |
|---|
| 92 | - Better handling of GnuTLSDHFile and GnuTLSRSAFile. |
|---|
| 93 | |
|---|
| 94 | - No longer default paths for RSA and DH parameter files. |
|---|
