3 * proxy/gnome: Fixed several bugs:
5 * Multithreaded usage could result in crashes
7 * In "automatic" mode, synchronous lookups would obey
8 ignore-hosts, but asynchronous lookups would not. (Now they
11 * lookup_async() would never notice if the proxy settings
12 switched from "automatic" to "manual" or "none" (and would
13 make a synchronous D-Bus call when switching in the other
16 * If given an invalid URI, lookup_async() would return a
17 successful result (and leak the GError that it was supposed
18 to have returned), and lookup() would return both the error
19 and the proxy (leaking one or the other, depending on how
22 * Updated translations:
23 Italian, Malayalam, Norwegian bokmål, Serbian, Uyghur
27 * proxy/gnome: The tests should now work correctly even if
28 run from a non-GNOME environment. (Robert Ancell)
30 * Updated translations:
31 Brazilian Portuguese, Bulgarian, Estonian, Galician, Greek,
36 * build: The TLS tests are now not built if you are building without
37 gnutls support. (Saleem Abdulrasool)
39 * gnutls: Several handshaking fixes:
41 * Fix a hang when doing a synchronous close() immediately
42 after cancelling an asynchronous handshake() (which would
43 happen in libsoup if you cancelled a message at the right
46 * Avoid an assertion when an implicit handshake fails
49 * Fixed GTlsServerConnection:authentication-mode to work
50 again, and added a regression test for this. (#689259, Stef)
52 * Return the appropriate error
53 (G_TLS_ERROR_CERTIFICATE_REQUIRED) when a handshake fails
54 because the server required a certificate but none was
55 provided, and added a test for this. (#689260, Stef)
57 * Make g_io_stream_close() finish successfully after a failed
58 handshake (#689260, Stef)
60 * Make g_io_stream_close() finish successfully before a
61 handshake (#689271, Stef)
63 * gnutls: Updated to be aware of G_IO_ERROR_BROKEN_PIPE in glib
64 2.35.3, which needs to be converted to G_TLS_ERROR_NOT_TLS in some
65 cases. (Previously this error showed up as just G_IO_ERROR_FAILED.)
68 * proxy/gnome: This is now only used in GNOME login sessions (as,
69 essentially, a more efficient version of the libproxy GNOME
70 backend); in non-GNOME sessions, gio will now fall back to the
71 libproxy plugin, allowing environment variables or other libproxy
72 settings backends to be used.
74 * New/Updated translations:
75 Czech, Hebrew, Lithuanian, Polish, Slovak, Spanish
79 * Update for glib 2.35.1; remove g_type_init() calls and port to
82 * Updated translations:
87 * Updated translations:
88 Arabic, Bulgarian, Catalan (Valencian), Catalan, Chinese
89 (Simplified), Hindi, Japanese, Thai
93 * Updated translations:
94 Brazilian Portuguese, British English, Czech, Danish, Finnish,
95 French, German, Korean, Punjabi
99 * gnutls: Revert the addition of the certificate-bytes and
100 private-key-bytes properties to GTlsCertificateGnutls, since they
101 were reverted in glib. (#682081, Stef)
103 * Updated translations:
104 Belarusian, Hungarian, Indonesian, Italian, Latvian, Polish,
109 * gnutls: Improved the certificate verifying code to deal with the
110 case of a CA being reissued with the same key but a different
111 signature algorithm. (#681299, Stef)
113 * gnutls: Fixed an uninitialized variable in
114 g_tls_connection_gnutls_close(). (#681636)
116 * Updated translations:
117 Assamese, Portuguese, Telugu
121 * gnutls: If a GTlsConnection gets an error when handshaking, it
122 will now continue to return that error message on future I/O
123 attempts, rather than behaving in an undefined manner.
125 * gnutls: You can now read from a GTlsConnection's input stream and
126 write to its output stream at the same time (either in different
127 threads, or asynchronously in a single thread). (#660252)
129 * Updated translations:
130 Chinese (traditional), Galician, Greek, Hebrew, Lithuanian,
131 Norwegian bokmål, Russian, Serbian, Slovenian, Spanish
135 * Updated autogen.sh (in particular to support automake 1.12)
138 * gnutls: fix the use-system-certdb property on GTlsConnectionGnutls
139 (previously, setting it to FALSE was a no-op).
141 * Updated translations:
142 Dutch, Greek, Indonesian
146 * gnutls: simplify using new glib pollable stream methods
148 * proxy/gnome: fix a bug that made it impossible to use SOCKS
149 without also having a separate http proxy.
153 * gnutls: added /etc/ssl/ca-bundle.pem to the list of files to check
154 for to use as the default CA list. (This is what openSUSE uses.)
155 (#673944, Federico Mena Quintero)
157 * Updated translations:
158 Catalan (Valencian), Marathi, Odia, Persian
162 * New/updated translations:
163 Hindi, Japanese, Khmer, Latvian, Malayalam
167 * Updated translations:
168 British English, Catalan, Finnish, Lithuanian, Portuguese,
173 * gnutls: Fixed a linking problem on some platforms when PKCS#11 is
174 enabled. (#670956, Kalev Lember)
176 * Updated translations:
177 Assamese, Basque, Belarusian, Brazilian Portuguese, Danish,
178 Estonian, French, German, Hungarian, Italian, Korean, Polish,
183 * gnutls: Fixed a TLS handshaking bug that in particular caused lots
184 of crashes in epiphany. (#658771)
186 * tls/tests: Fixed a bug in the pkcs11-pin test that could cause it
189 * Updated translations:
190 Bulgarian, Chinese (traditional), Czech, Japanese,
191 Norwegian bokmål, Turkish, Vietnamese
196 * Support gnutls built against nettle instead of gcrypt
199 * Implement TLS session caching for GTlsServerConnection
202 * tls/tests: Explicitly request the memory GSettings backend, to
203 avoid warnings in partial jhbuild environments
205 * proxy/gnome: Update to use GInetAddressMask
207 * Updated translations:
208 Chinese (simplified), Hebrew, Norwegian bokmål, Slovenian,
214 * Added gnutls-pkcs11 backend, which uses gnutls 2.12.8 and
215 p11-kit (a new optional dependency) to provide access to
216 PKCS#11 tokens. At the moment, this is only enabled if you
217 set GIO_USE_TLS=gnutls-pkcs11 in the environment. (Stef,
220 * GTlsCertificateGnutls can now read unencrypted PKCS#8 keys
221 (which show "BEGIN PRIVATE KEY" in PEM form) in addition to
222 the previously-supported PKCS#1 keys ("BEGIN RSA PRIVATE
225 * Updated translations:
226 Galician, German, Lithuanian, Norwegian bokmål, Spanish,
232 * Bumped required GNUTLS version to 2.11.0 and updated
233 code for that (Stef, #656903)
235 * Fixed a crash when passing a NULL GCancellable to
236 g_tls_connection_close_async() (Dan, #659786) or a NULL
237 GError to g_tls_file_database_new().
239 * Fixed handling of self-signed CA certificates in
240 GTlsDatabaseGnutls (Dan, #660508)
242 * Added another G_TLS_ERROR_NOT_TLS (aka "dumb server, try
243 falling back from TLS to SSLv3") case, when the handshake
244 completes but then packets after that don't decrypt
245 correctly. (Dan, #662104)
247 * Made sure that GTlsConnection:peer-certificate and
248 :peer-certificate-errors get set even when the peer
249 certificate is rejected. (Dan)
252 * Fixed ignore_hosts handling (Dan, #655581)
254 * Fixed configure check so that "--without-gnome-proxy" works.
255 (Alexandre Rostovtsev, #662203)
257 * Fixed tests to only build the gnome proxy test if we're
258 building the gnome proxy. (Kalev Lember, #662085)
265 * Updated translation:
270 * New/updated translations:
271 Belarusian, Tamil, Japanese
273 * gnutls: Fixed a problem when linking against GNUTLS 3.0, where
274 connections would sometimes return the error "The TLS connection
275 was non-properly terminated". (Dan Winship, #659233)
277 * gnutls: Plugged a few memory leaks (Dan Winship)
281 * gnutls: fixed two rehandshaking bugs; one in which a client
282 would erroneously report an error after successfully rehandshaking
283 (Igor Makarov, #653645), and one where initiating an asynchronous
284 rehandshake on the server side would send illegal packets and
285 cause the client to disconnect (Dan Winship).
287 * gnutls: made GTlsDatabaseGnutls and GTlsFileDatabaseGnutls
288 properly cancellable (Stef Walter)
290 * gnutls: fixed the client-side session cache to not share session
291 IDs between different virtual hosts on the same IP address, which
292 caused problems with some servers. (Dan Winship, #581342)
294 * tls: Fixed up the tls test program so it can be run from "make
302 * gnutls: implement GTlsDatabase (Stef Walter, #636572)
304 * gnutls: override minimum key length, to allow connecting to HTTP
305 servers with very small keys (eg, on some embedded devices). (Dan
308 * gnutls: use %COMPAT mode, which makes GNUTLS behave more like
309 OpenSSL/NSS/Windows in a few ways, making it work with certain
310 broken HTTP servers. (Dan Winship, part of #581342)
312 * gnutls: fixed a crash when passed a NULL GError (Dan Winship)
316 * Optimized GDBus usage in PACRunner (davidz)
318 * Fixed a race condition in GProxyResolverGnome (davidz)
320 * Changed configure to --enable-maintainer-mode by default,
324 Belarusian, Catalan (Valencian), Esperanto, Finnish,
329 * Fixed some leaks in the gnutls backend
336 * New/updated translations:
337 Basque, Brazilian Portuguese, Chinese (Traditional), Danish,
338 Hindi, Kannada, Marathi, Uyghur
342 * Added a new proxy backend, GProxyResolverGnome, that uses
343 GSettings and the network proxy schemas from
344 gsettings-desktop-schemas to provide proxy information (and using
345 a new D-Bus service provided by the libproxy backend to provide
348 If you are building glib-networking in a GNOME 3.0 environment,
349 you should make sure that gsettings-desktop-schemas.pc is
350 available when building, so that this backend gets built.
353 Assamese, Latvian, Oriya, Serbian
357 * Fixed broken libtool check in autogen.sh that failed for libtool
360 * New/updated translations:
361 Bengali (India), Catalan, Chinese (Simplified), Chinese
362 (Traditional), Czech, Dutch, Estonian, Galician, German,
363 Greek, Gujarati, Hebrew, Indonesian, Italian, Korean,
364 Norwegian (Bokmål), Polish, Punjabi, Slovenian, Spanish,
365 Swedish, Uyghur, Ukranian
369 * Fixed configure script to actually error out if installed glib
370 version is too old (Emilio Pozuelo Monfort)
372 * gnutls: updated GTlsClientConnectionGnutls for :accepted-cas type
374 * gnutls: fixed an uninitialized variable (Dan Winship)
378 * gnutls: finish implementing GTlsRehandshakeMode, which was present
379 but non-functional in 2.27.4
380 * gnutls: updates for glib TLS API changes
381 * gnutls: fix some async bugs that caused the main loop to spin
382 * gnutls: implement a client-side session cache, to speed up
385 * Compile with gcc warnings by default
389 * GNUTLS-based implementation of GTlsBackend
394 * No changes, just a version bump
399 * Initial release, with libproxy-based GProxyResolver