blob: 3bde2cd1270a2a00bbe078085380025efdfadcec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
** Version 0.5.8 (unreleased)
- Session tickets are enabled by default.
** Version 0.5.7 (2010-07-01)
- Force usage of SDBM. For some reason the default in
my system had issues after reaching a limit of entries.
SDBM seems stable so force it.
- Optimizations in session caching.
- Added support for session tickets. This allows a
server to avoid using a session cache and still support
session resumption. This is at the cost of transporting
session data during handshake. New option
GnuTLSSessionTickets [on|off]
- Depend on gnutls 2.10.0 to force support for safe
renegotiation.
** Version 0.5.6 (2010-03-24)
- Corrected issue with firefox and long POST data (by
handling EINTR and EAGAIN errors in read).
- Added support for chained client certificates
- Corrected more issues related to double frees
http://issues.outoforder.cc/view.php?id=102
** Version 0.5.5 (2009-06-13)
- Removed limits on CA certificate loading. Reported by
Sander Marechal and Jack Bates.
- Do not allow sending empty TLS packets even when instructed to.
This had the side effect of clients closing connection.
** Version 0.5.4 (2009-01-04)
- mod_gnutls.h: modified definition to extern to avoid compilation
errors in darwin.
- Added patch to fix issue with mod_proxy. Investigation and patch by Alain
Knaff.
- libgnutls detection uses pkg-config.
** Version 0.5.3 (2008-10-16)
- Corrected bug to allow having an OpenPGP-only web site.
- Increased Max handshake tries due to interrupted system calls.
** Version 0.5.2 (2008-06-29)
- Depend on gnutls 2.4 which has openpgp support in main library.
** Version 0.5.1 (2008-03-05)
- Added --disable-srp configure option
- Better check for memcache (patch by Guillaume Rousse)
- Corrected possible memory leak in DBM support for resuming sessions.
** Version 0.5.0-alpha (2008-01-24)
- Added support for OpenPGP keys. The new directives are:
GnuTLSPGPKeyringFile, GnuTLSPGPCertificateFile, GnuTLSPGPKeyFile
** Version 0.4.2 (2007-12-10)
- Added support for sending a certificate chain.
- Corrected bug which did not allow the TLS session cache to be used.
- Do not allow resuming sessions on different servers.
** Version 0.4.1 (2007-12-03)
- Added support for subject alternative names in certificates.
Only one per certificate is supported.
- New enviroment variables: SSL_CLIENT_M_VERSION, SSL_CLIENT_S_SAN%,
SSL_CLIENT_S_TYPE, SSL_SERVER_M_VERSION, SSL_SERVER_S_SAN%, SSL_SERVER_S_TYPE
- The compatibility mode can now be enabled explicitely with the
%COMPAT keyword at the GnuTLSPriorities string. It is no longer the default.
- Check for GnuTLSPriorities directive. This corrects a segfault. Thanks
to David Hrbáč.
- Better handling of GnuTLSDHFile and GnuTLSRSAFile.
- No longer default paths for RSA and DH parameter files.
|
