Release Notes: This release fixes memory leaks in elliptic curves code and certificate handling. The RSA-EXPORT ciphersuite functionality is deprecated. Support has been added for generating keys in a PKCS #11 token. Support has been added for AES acceleration in VIA processors.
Release Notes: Several bug fixes and a few feature additions.
Release Notes: This release fixes known bugs and adds new features. The main bug fixes are alignment fixes in the AES-NI code and a fix for wrong PIN handling in PKCS #11. Server name indication is supported without the need for a callback. The order in X.509 certificate chains is checked for correctness. The crywrap application was added to the distribution.
Release Notes: This is a bugfix release that backports features from the new stable branch. The PKCS #11 back-end was replaced by p11-kit. There are compatibility fixes with libgcrypt 1.5.0, better handling of incomplete writes with writev(), strict verification of the order of certificate lists, and fixes in certificate request generation.
Release Notes: The main and most important changes since 2.12.x are support for Datagram TLS 1.0, support for Elliptic Curves (ECDHE and ECDSA), support for AES-GCM, optimizations for Intel CPUs with the AES-NI instruction set, and support for PKCS #11 via p11-kit.
Release Notes: Several bug fixes and minor updates were done.
Release Notes: New APIs were added for handling extensions in Certificate Requests and CRLs, for setting credentials from a PKCS#12 object stored in memory, and for verifying a hash against a certificate. The linker version script now lists all exported APIs explicitly, and no longer exports the majority of internal _gnutls* functions. There were many other fixes and improvements.
Release Notes: This release fixes minor crashes and a small memory leak. The included libtasn1 library has been updated to version 1.5.
Release Notes: This is a major stable release. External RSA/DSA signing for TLS client authentication is supported. Signing X.509 certificates using RSA with SHA-256/384/512 is supported. There is experimental support for TLS 1.2. X.509 Proxy Certificates (RFC 3820), Supplemental handshakes messages (RFC 4680), TLS authorization extension (draft-housley-tls-authz-extns-07), and the X.509 "otherName" Subject Altnerative Names (for XMPP) are supported. Guile bindings for GnuTLS were added. Several new APIs were added. Build improvements were made for Windows, Mac OS X, uClinux, etc.
Release Notes: New API functions were added to extract DER encoded X.509 Subject/Issuer DN. The PKCS8 parser now returns better error codes. A memory leak for sessions with client authentication via certificates was fixed. Building of a "tlsia" self test was fixed.