- Timestamp:
- Feb 21, 2014, 12:15:56 AM (7 years ago)
- Branches:
- debian/master, debian/stretch-backports, jessie-backports, upstream
- Children:
- 4addf74, 62f781c
- Parents:
- 180e49f (diff), 1a99240 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the(diff)
links above to see all the changes relative to each parent. - File:
-
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
CHANGELOG
r180e49f rae29683 1 ** Version 0.6.0 2 - GnuTLSCache none is now an allowed option. 1 **TODO: 2 - Fix support for proxy termination 3 - Handle Unclean Shutdowns 4 - make session cache use generic apache caches 5 6 ** Version 0.6 (2014-02-17) 7 - Generating DH Params instead of using static ones. 8 - Now considering ServerAlias Directives. 9 - Major Legacy Code Cleanup. 10 - html and pdf and manual documentation generated from markdown sources 11 - support monkeysphere validation agent (MSVA) client-certificate verification 12 - wider test suite 13 - GnuTLSExportCertificates off by default 14 15 ** Version 0.5.10 (2011-07-12) 16 - Patched a bug responsible for excessive memory consumption by mod_gnutls. 17 - Support for proxying from SSL to plain HTTP was added (ie. proxy termination). 3 18 4 19 ** Version 0.5.9 (2010-09-24) 20 - GnuTLSCache none is now an allowed option. 5 21 - Corrected behavior in Keep-Alive connections (do not 6 22 terminate the connection prematurely) 7 8 23 - The GnuTLSCache variable now can be given the specific 9 24 option "gdbm" instead of "dbm". "dbm" will use the berkeley … … 13 28 ** Version 0.5.8 (2010-08-18) 14 29 - Session tickets are enabled by default. 15 16 30 - Fixes some segmentation faults noticed in some 17 31 configurations. … … 21 35 my system had issues after reaching a limit of entries. 22 36 SDBM seems stable so force it. 23 24 37 - Optimizations in session caching. 25 26 38 - Added support for session tickets. This allows a 27 39 server to avoid using a session cache and still support … … 29 41 session data during handshake. New option 30 42 GnuTLSSessionTickets [on|off] 31 32 43 - Depend on gnutls 2.10.0 to force support for safe 33 44 renegotiation. … … 36 47 - Corrected issue with firefox and long POST data (by 37 48 handling EINTR and EAGAIN errors in read). 38 39 49 - Added support for chained client certificates 40 41 50 - Corrected more issues related to double frees 42 51 http://issues.outoforder.cc/view.php?id=102 43 52 44 53 ** Version 0.5.5 (2009-06-13) 45 46 54 - Removed limits on CA certificate loading. Reported by 47 55 Sander Marechal and Jack Bates. 48 49 56 - Do not allow sending empty TLS packets even when instructed to. 50 57 This had the side effect of clients closing connection. 51 58 52 59 ** Version 0.5.4 (2009-01-04) 53 54 60 - mod_gnutls.h: modified definition to extern to avoid compilation 55 61 errors in darwin. 56 57 62 - Added patch to fix issue with mod_proxy. Investigation and patch by Alain 58 63 Knaff. 59 60 64 - libgnutls detection uses pkg-config. 61 65 62 66 ** Version 0.5.3 (2008-10-16) 63 64 67 - Corrected bug to allow having an OpenPGP-only web site. 65 66 68 - Increased Max handshake tries due to interrupted system calls. 67 69 68 70 ** Version 0.5.2 (2008-06-29) 69 70 71 - Depend on gnutls 2.4 which has openpgp support in main library. 71 72 72 73 ** Version 0.5.1 (2008-03-05) 73 74 74 - Added --disable-srp configure option 75 76 75 - Better check for memcache (patch by Guillaume Rousse) 77 78 76 - Corrected possible memory leak in DBM support for resuming sessions. 79 77 80 78 ** Version 0.5.0-alpha (2008-01-24) 81 82 79 - Added support for OpenPGP keys. The new directives are: 83 80 GnuTLSPGPKeyringFile, GnuTLSPGPCertificateFile, GnuTLSPGPKeyFile 84 81 85 82 ** Version 0.4.2 (2007-12-10) 86 87 83 - Added support for sending a certificate chain. 88 89 84 - Corrected bug which did not allow the TLS session cache to be used. 90 91 85 - Do not allow resuming sessions on different servers. 92 86 93 87 ** Version 0.4.1 (2007-12-03) 94 95 88 - Added support for subject alternative names in certificates. 96 89 Only one per certificate is supported. 97 98 90 - New enviroment variables: SSL_CLIENT_M_VERSION, SSL_CLIENT_S_SAN%, 99 91 SSL_CLIENT_S_TYPE, SSL_SERVER_M_VERSION, SSL_SERVER_S_SAN%, SSL_SERVER_S_TYPE 100 101 92 - The compatibility mode can now be enabled explicitely with the 102 93 %COMPAT keyword at the GnuTLSPriorities string. It is no longer the default. 103 104 94 - Check for GnuTLSPriorities directive. This corrects a segfault. Thanks 105 95 to David Hrbáč. 106 107 96 - Better handling of GnuTLSDHFile and GnuTLSRSAFile. 108 109 97 - No longer default paths for RSA and DH parameter files.
Note: See TracChangeset
for help on using the changeset viewer.