Overview
Request 688499 accepted
- Update to version 2.60.0.1:
+ Fix build with OpenSSL pkg-config unavailable.
- Update to version 2.60.0:
+ This is the first stable release featuring the new OpenSSL
backend. Please be advised that this new backend is still
experimental and known to not work on some systems, including
Debian. Linux distributions are encouraged to stick to the
default build options, where OpenSSL is not yet enabled.
+ Fix build with GnuTLS disabled.
- Update to version 2.59.92:
+ GnuTLS: reject sync operations during handshake to avoid
deadlocks.
+ Temporarily disable DTLS and OpenSSL tests due to bugs.
- Update to version 2.59.91:
+ Update OpenSSL SSL struct when certificate is changed.
+ Fix tests build when GnuTLS is disabled.
+ Remove Fedora-specific PROFILE=SYSTEM default cipher list.
+ Fix some problems with the connection tests.
- Update to version 2.59.90:
+ This release adds an OpenSSL backend, obsoleting the
glib-openssl project.
+ The OpenSSL backend seems to be mature, though it is less
well-tested for desktop usage than the GnuTLS backend. It will
remain disabled by default at build time due to the
GPL-incompatible nature of the OpenSSL license -- and the
GPLv2-incompatible nature of the Apache license that will be
used by future versions of OpenSSL -- and because the GnuTLS
backend is sufficient for Linux distros.
+ Use the OpenSSL backend if you are building an embedded system
where (GPLv2+ or LGPLv3+) dependencies are unacceptable (e.g.
nettle or GMP, both dependencies of GnuTLS) and you are OK with
the GPL-incompatible OpenSSL license. If the OpenSSL backend is
enabled at build time, you should probably disable build of the
GnuTLS backend, or it will take precedence over the OpenSSL
backend at runtime.
- Update to version 2.59.2:
+ Add support for application layer protocol negotiation.
- Update to version 2.59.1:
+ This release removes the gnutls-pkcs11 backend, which was
disabled in 2.57.2, due to lack of any feedback whatsoever
regarding its disablement. If you think it is still useful to
you, given that the normal gnutls backend now supports PKCS#11,
speak up now.
+ This release also includes several changes to properly support
TLS 1.3.
+ Other changes:
- Perform certificate verification during, not after, TLS
handshake.
- Dramatically improve the reliability of the non-DTLS tests.
(DTLS is still having problems).
- Regenerate test certificates to prepare for OpenSSL support.
- Several meson build system improvements to prepare for
OpenSSL support.
Request History
iznogood created request
- Update to version 2.60.0.1:
+ Fix build with OpenSSL pkg-config unavailable.
- Update to version 2.60.0:
+ This is the first stable release featuring the new OpenSSL
backend. Please be advised that this new backend is still
experimental and known to not work on some systems, including
Debian. Linux distributions are encouraged to stick to the
default build options, where OpenSSL is not yet enabled.
+ Fix build with GnuTLS disabled.
- Update to version 2.59.92:
+ GnuTLS: reject sync operations during handshake to avoid
deadlocks.
+ Temporarily disable DTLS and OpenSSL tests due to bugs.
- Update to version 2.59.91:
+ Update OpenSSL SSL struct when certificate is changed.
+ Fix tests build when GnuTLS is disabled.
+ Remove Fedora-specific PROFILE=SYSTEM default cipher list.
+ Fix some problems with the connection tests.
- Update to version 2.59.90:
+ This release adds an OpenSSL backend, obsoleting the
glib-openssl project.
+ The OpenSSL backend seems to be mature, though it is less
well-tested for desktop usage than the GnuTLS backend. It will
remain disabled by default at build time due to the
GPL-incompatible nature of the OpenSSL license -- and the
GPLv2-incompatible nature of the Apache license that will be
used by future versions of OpenSSL -- and because the GnuTLS
backend is sufficient for Linux distros.
+ Use the OpenSSL backend if you are building an embedded system
where (GPLv2+ or LGPLv3+) dependencies are unacceptable (e.g.
nettle or GMP, both dependencies of GnuTLS) and you are OK with
the GPL-incompatible OpenSSL license. If the OpenSSL backend is
enabled at build time, you should probably disable build of the
GnuTLS backend, or it will take precedence over the OpenSSL
backend at runtime.
- Update to version 2.59.2:
+ Add support for application layer protocol negotiation.
- Update to version 2.59.1:
+ This release removes the gnutls-pkcs11 backend, which was
disabled in 2.57.2, due to lack of any feedback whatsoever
regarding its disablement. If you think it is still useful to
you, given that the normal gnutls backend now supports PKCS#11,
speak up now.
+ This release also includes several changes to properly support
TLS 1.3.
+ Other changes:
- Perform certificate verification during, not after, TLS
handshake.
- Dramatically improve the reliability of the non-DTLS tests.
(DTLS is still having problems).
- Regenerate test certificates to prepare for OpenSSL support.
- Several meson build system improvements to prepare for
OpenSSL support.
gnome-review-bot accepted review
Check script succeeded
dimstar accepted review
dimstar approved review
iznogood accepted request
xinfwd
