3 * gnutls: Improved the certificate verifying code to deal with the
4 case of a CA being reissued with the same key but a different
5 signature algorithm. (#681299, Stef)
7 * gnutls: Fixed an uninitialized variable in
8 g_tls_connection_gnutls_close(). (#681636)
10 * Updated translations:
11 Assamese, Portuguese, Telugu
15 * gnutls: If a GTlsConnection gets an error when handshaking, it
16 will now continue to return that error message on future I/O
17 attempts, rather than behaving in an undefined manner.
19 * gnutls: You can now read from a GTlsConnection's input stream and
20 write to its output stream at the same time (either in different
21 threads, or asynchronously in a single thread). (#660252)
23 * Updated translations:
24 Chinese (traditional), Galician, Greek, Hebrew, Lithuanian,
25 Norwegian bokmål, Russian, Serbian, Slovenian, Spanish
29 * Updated autogen.sh (in particular to support automake 1.12)
32 * gnutls: fix the use-system-certdb property on GTlsConnectionGnutls
33 (previously, setting it to FALSE was a no-op).
35 * Updated translations:
36 Dutch, Greek, Indonesian
40 * gnutls: simplify using new glib pollable stream methods
42 * proxy/gnome: fix a bug that made it impossible to use SOCKS
43 without also having a separate http proxy.
47 * gnutls: added /etc/ssl/ca-bundle.pem to the list of files to check
48 for to use as the default CA list. (This is what openSUSE uses.)
49 (#673944, Federico Mena Quintero)
51 * Updated translations:
52 Catalan (Valencian), Marathi, Odia, Persian
56 * New/updated translations:
57 Hindi, Japanese, Khmer, Latvian, Malayalam
61 * Updated translations:
62 British English, Catalan, Finnish, Lithuanian, Portuguese,
67 * gnutls: Fixed a linking problem on some platforms when PKCS#11 is
68 enabled. (#670956, Kalev Lember)
70 * Updated translations:
71 Assamese, Basque, Belarusian, Brazilian Portuguese, Danish,
72 Estonian, French, German, Hungarian, Italian, Korean, Polish,
77 * gnutls: Fixed a TLS handshaking bug that in particular caused lots
78 of crashes in epiphany. (#658771)
80 * tls/tests: Fixed a bug in the pkcs11-pin test that could cause it
83 * Updated translations:
84 Bulgarian, Chinese (traditional), Czech, Japanese,
85 Norwegian bokmål, Turkish, Vietnamese
90 * Support gnutls built against nettle instead of gcrypt
93 * Implement TLS session caching for GTlsServerConnection
96 * tls/tests: Explicitly request the memory GSettings backend, to
97 avoid warnings in partial jhbuild environments
99 * proxy/gnome: Update to use GInetAddressMask
101 * Updated translations:
102 Chinese (simplified), Hebrew, Norwegian bokmål, Slovenian,
108 * Added gnutls-pkcs11 backend, which uses gnutls 2.12.8 and
109 p11-kit (a new optional dependency) to provide access to
110 PKCS#11 tokens. At the moment, this is only enabled if you
111 set GIO_USE_TLS=gnutls-pkcs11 in the environment. (Stef,
114 * GTlsCertificateGnutls can now read unencrypted PKCS#8 keys
115 (which show "BEGIN PRIVATE KEY" in PEM form) in addition to
116 the previously-supported PKCS#1 keys ("BEGIN RSA PRIVATE
119 * Updated translations:
120 Galician, German, Lithuanian, Norwegian bokmål, Spanish,
126 * Bumped required GNUTLS version to 2.11.0 and updated
127 code for that (Stef, #656903)
129 * Fixed a crash when passing a NULL GCancellable to
130 g_tls_connection_close_async() (Dan, #659786) or a NULL
131 GError to g_tls_file_database_new().
133 * Fixed handling of self-signed CA certificates in
134 GTlsDatabaseGnutls (Dan, #660508)
136 * Added another G_TLS_ERROR_NOT_TLS (aka "dumb server, try
137 falling back from TLS to SSLv3") case, when the handshake
138 completes but then packets after that don't decrypt
139 correctly. (Dan, #662104)
141 * Made sure that GTlsConnection:peer-certificate and
142 :peer-certificate-errors get set even when the peer
143 certificate is rejected. (Dan)
146 * Fixed ignore_hosts handling (Dan, #655581)
148 * Fixed configure check so that "--without-gnome-proxy" works.
149 (Alexandre Rostovtsev, #662203)
151 * Fixed tests to only build the gnome proxy test if we're
152 building the gnome proxy. (Kalev Lember, #662085)
159 * Updated translation:
164 * New/updated translations:
165 Belarusian, Tamil, Japanese
167 * gnutls: Fixed a problem when linking against GNUTLS 3.0, where
168 connections would sometimes return the error "The TLS connection
169 was non-properly terminated". (Dan Winship, #659233)
171 * gnutls: Plugged a few memory leaks (Dan Winship)
175 * gnutls: fixed two rehandshaking bugs; one in which a client
176 would erroneously report an error after successfully rehandshaking
177 (Igor Makarov, #653645), and one where initiating an asynchronous
178 rehandshake on the server side would send illegal packets and
179 cause the client to disconnect (Dan Winship).
181 * gnutls: made GTlsDatabaseGnutls and GTlsFileDatabaseGnutls
182 properly cancellable (Stef Walter)
184 * gnutls: fixed the client-side session cache to not share session
185 IDs between different virtual hosts on the same IP address, which
186 caused problems with some servers. (Dan Winship, #581342)
188 * tls: Fixed up the tls test program so it can be run from "make
196 * gnutls: implement GTlsDatabase (Stef Walter, #636572)
198 * gnutls: override minimum key length, to allow connecting to HTTP
199 servers with very small keys (eg, on some embedded devices). (Dan
202 * gnutls: use %COMPAT mode, which makes GNUTLS behave more like
203 OpenSSL/NSS/Windows in a few ways, making it work with certain
204 broken HTTP servers. (Dan Winship, part of #581342)
206 * gnutls: fixed a crash when passed a NULL GError (Dan Winship)
210 * Optimized GDBus usage in PACRunner (davidz)
212 * Fixed a race condition in GProxyResolverGnome (davidz)
214 * Changed configure to --enable-maintainer-mode by default,
218 Belarusian, Catalan (Valencian), Esperanto, Finnish,
223 * Fixed some leaks in the gnutls backend
230 * New/updated translations:
231 Basque, Brazilian Portuguese, Chinese (Traditional), Danish,
232 Hindi, Kannada, Marathi, Uyghur
236 * Added a new proxy backend, GProxyResolverGnome, that uses
237 GSettings and the network proxy schemas from
238 gsettings-desktop-schemas to provide proxy information (and using
239 a new D-Bus service provided by the libproxy backend to provide
242 If you are building glib-networking in a GNOME 3.0 environment,
243 you should make sure that gsettings-desktop-schemas.pc is
244 available when building, so that this backend gets built.
247 Assamese, Latvian, Oriya, Serbian
251 * Fixed broken libtool check in autogen.sh that failed for libtool
254 * New/updated translations:
255 Bengali (India), Catalan, Chinese (Simplified), Chinese
256 (Traditional), Czech, Dutch, Estonian, Galician, German,
257 Greek, Gujarati, Hebrew, Indonesian, Italian, Korean,
258 Norwegian (Bokmål), Polish, Punjabi, Slovenian, Spanish,
259 Swedish, Uyghur, Ukranian
263 * Fixed configure script to actually error out if installed glib
264 version is too old (Emilio Pozuelo Monfort)
266 * gnutls: updated GTlsClientConnectionGnutls for :accepted-cas type
268 * gnutls: fixed an uninitialized variable (Dan Winship)
272 * gnutls: finish implementing GTlsRehandshakeMode, which was present
273 but non-functional in 2.27.4
274 * gnutls: updates for glib TLS API changes
275 * gnutls: fix some async bugs that caused the main loop to spin
276 * gnutls: implement a client-side session cache, to speed up
279 * Compile with gcc warnings by default
283 * GNUTLS-based implementation of GTlsBackend
288 * No changes, just a version bump
293 * Initial release, with libproxy-based GProxyResolver