pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/security/gnutls



Module Name:    pkgsrc
Committed By:   wiz
Date:           Fri Nov 29 22:55:29 UTC 2013

Modified Files:
        pkgsrc/security/gnutls: Makefile PLIST distinfo
        pkgsrc/security/gnutls/patches: patch-lib_Makefile.in
            patch-lib_nettle_egd.c
Added Files:
        pkgsrc/security/gnutls/patches: patch-configure patch-lib_nettle_rnd.c

Log Message:
Update to 3.2.7:

* Version 3.2.7 (released 2013-11-23)

** libgnutls: gnutls_cipher_get_iv_size() now returns the correct IV size in
GCM ciphers (previously it returned the implicit IV used in TLS).

** libgnutls: gnutls_certificate_set_x509_key_file() et al when provided
with a PKCS #11 URL pointing to a certificate, will attempt to load the whole
chain.

** libgnutls: When traversing PKCS #11 tokens looking for an object, avoid
looking in unrelated to the object tokens.

** libgnutls: Added an experimental %DUMBFW option in priority strings. This
avoids a black hole behavior in some firewalls by sending a large client hello.
See http://www.ietf.org/mail-archive/web/tls/current/msg10423.html

** libgnutls: The GNUTLS_DEBUG_LEVEL variable if set to a log level number
will force output of debug messages to stderr.

** libgnutls: Fixed the setting of the ciphersuite when gnutls_premaster_set()
is used with another protocol than the GNUTLS_DTLS0_9 protocol.

** libgnutls: gnutls_x509_crt_set_expiration_time() will set the no well defined
expiration date when (time_t)-1 is specified as date.

** libgnutls: Session tickets are encrypted using AES-GCM.

** libgnutls: Corrected issue in record decompression. Issue pinpointed
by Frank Zschockel.

** libgnutls: Forbid all compression methods in DTLS.

** gnutls-serv: Fixed issue with IPv6 address in UDP mode.

** certtool: When exporting an encrypted PEM private key do not output the key
parameters.

** certtool: Expiration days template option allows for a -1 value which
will set to the no well defined expiration date (RFC5280), and no longer
chokes on integer overflows. Suggested by Stefan Buehler.

** certtool: Added new template options: 'activation_date', and
'expiration_date'.

** tools: The environment variable GNUTLS_PIN can be used to read any PIN
requested from tokens.

** tools: The installed version of libopts is used if the autogen tool is
present.

** API and ABI modifications:
gnutls_pkcs11_obj_export3: Added
gnutls_pkcs11_get_raw_issuer: Added
gnutls_est_record_overhead_size: Exported


To generate a diff of this commit:
cvs rdiff -u -r1.134 -r1.135 pkgsrc/security/gnutls/Makefile
cvs rdiff -u -r1.48 -r1.49 pkgsrc/security/gnutls/PLIST
cvs rdiff -u -r1.99 -r1.100 pkgsrc/security/gnutls/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/gnutls/patches/patch-configure \
    pkgsrc/security/gnutls/patches/patch-lib_nettle_rnd.c
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/gnutls/patches/patch-lib_Makefile.in
cvs rdiff -u -r1.1 -r1.2 \
    pkgsrc/security/gnutls/patches/patch-lib_nettle_egd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index