+2.72.alpha - January 6, 2022
+============================
+
+ - OpenSSL: fix unsafe error handling (!187, Patrick Griffis)
+ - Correctly load libsoup DLL on Windows (!190, Chun-wei Fan)
+ - OpenSSL: use system trust on Windows (!192, Francesco Conti)
+ - GnuTLS: fix TLS 1.3 ciphersuite names, should use underscores (!194)
+ - OpenSSL: fail when appropriate if Must-Staple extension is set (!197)
+ - Improve failure of tls-unique channel binding requests (!198, Ruslan Marchenko)
+ - Do not fill SNI extension with IP address (!200, Matteo Biggio)
+
+2.70.1 - December 6, 2021
+=========================
+
+ - Fix crashes when handshake is cancelled (#97, #176)
+ - OpenSSL: fix spurious certificate expired verification errors (#179)
+ - GnuTLS: Fix tests on 32-bit systems (!188, Simon McVittie)
+ - GnuTLS: Fix crash when invalid priority string is forced (!189)
+
+2.70.0 - September 16, 2021
+===========================
+
+ - Updated translations
+
+2.70.rc - September 3, 2021
+===========================
+
+ - gnutls: revert AuthorityInformationAccess implementation for now (#160)
+ - gnutls: fix use of non-default GTlsDatabases, Geary crash on startup (#169)
+ - openssl: remove openssl-util (!181)
+ - gnutls: fix leak in g_tls_certificate_gnutls_copy (!182, Patrick Griffis)
+ - gnutls: Unbreak GTLS_GNUTLS_CHECK_VERSION (!185)
+
+2.70.beta - August 12, 2021
+===========================
+
+ - gnutls: Ensure that PKCS #11 pins are NUL terminated (!178, Patrick Griffis)
+ - openssl: Restore OCSP support (!179, !180, Patrick Griffis)
+
+2.70.alpha - July 2, 2021
+=========================
+
+- Fix TLS channel bindings tests (#164)
+- Require OpenSSL 1.0.2 (#166)
+- Fix threadsafety issue in certificate verification (!148)
+- dlopen libsoup for performing HTTP requests (!149, Patrick Griffis)
+- Implement new get_negotiated_protocol vfunc (!150)
+- Implement new protocol version and ciphersuite name accessors (!151)
+- OpenSSL: use system keychain on macOS (!154)
+- OpenSSL: add DTLS support, plus many related improvements (!155, Ole André Vadla Ravnås)
+- Implement new GTlsCertificate details APIs (!156, !165, Ross Wollman)
+- GnuTLS: improve error handling for PIN failures (!158, Patrick Griffis)
+- GnuTLS: expose PIN type on PIN requests (!159, Patrick Griffis)
+- GnuTLS: check cancellable in pull timeout callback (!160)
+- Add support for Android (!162, Ole André Vadla Ravnås)
+- Improve automation of test certificate creation (!167, !168, !169, Patrick Griffis)
+- GnuTLS: use GnuTLS to implement all channel bindings (!172)
+- GnuTLS: rework certificate verification to use TLS session (!173)
+- GnuTLS: improve peer identity verification (!176)
+- Bring back automatic downloading of missing intermediate certificates (not fixed, may go away again)
+
+2.68.1 - April 22, 2021
+=======================
+
+ - Fix threadsafety issue in certificate verification (!148)
+ - Temporarily remove support for downloading missing intermediate certificates with GnuTLS 3.7 (#160)
+
+2.68.0 - March 19, 2021
+=======================
+
+ - Fix double free in GnuTLS client certificate request code (!147)
+
+2.68.rc - March 12, 2021
+========================
+
+ - Improve heuristic for returning G_TLS_ERROR_CERTIFICATE_REQUIRED
+ - Fix check for certain handshake failure conditions
+
+2.68.alpha - January 7, 2021
+============================
+
+ - Download and validate missing intermediate certificates (requires GnuTLS 3.7) (#96)
+ - OpenSSL backend now uses system crypto policy (#106)
+ - Remove use of g_assert in testsuite (#137)
+ - Restore support for old versions of OpenSSL (#156)
+ - Implement TLS channel bindings API (!139, Ruslan Marchenko)
+ - Implement PKCS#11 API (!140, Patrick Griffis)
+ - Update testsuite for Fedora 33 crypto policy (!141)
+ - Fix NULL dereference in g_tls_connection_base_read_message (!144, Vladimir D. Seleznev)
+ - Fix a couple code issues found by Coverity
+
+2.66.0 - September 11, 2020
+===========================
+
+- Updated translations
+
+2.65.90 - August 6, 2020
+========================
+
+ - Many fixes to OpenSSL backend (!128, Ruslan Marchenko)
+
+2.65.1 - July 2, 2020
+=====================
+
+ - Fix peer-certificate[-errors] props set too soon (#127)
+ - Implement ALPN for OpenSSL backend (!126, Ruslan Marchenko)
+ - Fix Windows build (!127, Cun-wei Fan)
+
+2.64.3 - May 28, 2020
+=====================
+
+- Revert warning when server-identity property is unset (#130)
+- Fix CVE-2020-13645, fail connections when server identity is unset (#135)
+
+2.64.2 - April 14, 2020
+=======================
+
+- Reenable TLS 1.0/1.1 protocols due to COVID-19.
+- Fix build warning on Windows.
+
+2.64.1 - March 27, 2020
+=======================
+
+- Warn when server-identity property is missing (#130)
+- Fix crashes in debug logs (#131)
+- Fix write loop in OpenSSL backend (!117)
+
+2.64.0 - March 6, 2020
+======================
+
+- Fix OpenSSL backend on RHEL 6 (!116)
+
+2.63.92 - February 27, 2020
+===========================
+
+- Revert fix for #127, which broke libsoup (#129)
+
+2.63.91 - February 14, 2020
+===========================
+
+- Fix peer-certificate properties changing too soon (#127)
+- GnuTLS backend: reduce session resumption cache lifetime (!113)
+- GnuTLS backend: restore TLS 1.2 support for copy session state (!114)
+
+2.63.90 - February 1, 2020
+==========================
+
+- Remove PKCS#11 support, deferred until next cycle (#104)
+- Remove OpenSSL backend's OCSP support (#124)
+
+2.63.3 - January 3, 2019
+========================
+
+- Fix OpenSSL backend regressions and reenable OpenSSL testsuite (#54)
+- Temporarily disable cancellation of sync handshakes (#97)
+- Disable flaky test (#104) and resolve testsuite flakiness (#105)
+- Fix leak of base iostream (or base datagram socket), 2.62 regression
+- Fix duplicate notifies of peer-certificate and peer-certificate-errors
+- Fix regression where GnuTLS connection init could theoretically fail without error
+- Fix obscure corner case where SNI might not work
+- Fix various build warnings on Windows
+- Fix multiple build failures on Windows (Chun-wei Fan)
+- Fix installed tests (Iain Lane)
+
+2.63.2 - November 22, 2019
+==========================
+
+- Fix crash when handshake context is reset too late (#97)
+- Require GnuTLS 3.6.5 (#100)
+- Build mock PKCS #11 module only for GnuTLS backend (#101)
+- Rework session resumption support for TLS 1.3 (!69)
+- Run GnuTLS tests under TLS 1.2 in addition to TLS 1.3 (!69)
+- Support OpenSSL 1.0.1 (!81)
+- Drop rehandshake mode and protocol version fallback support (!83)
+- Add logging functions (!89, MARTINSONS Frederic)
+- Fix PKCS #11 tests with TLS 1.2 (!91, Patrick Griffis)
+- Add more debug logging for PKCS #11 (!92, Patrick Griffis)
+- Fix leak in GTlsCertificateGnutls finalizer (!93, Patrick Griffis)
+
+2.63.1 - October 11, 2019
+=========================
+
+- Add support for new PKCS#11 APIs to facilitate use with smartcards (Patrick Griffis)
+- Disable TLS 1.0 and TLS 1.1 when using GnuTLS
+- Fix threadsafety issue (#95)
+
+2.62.1 - October 4, 2019
+========================
+
+- Fix two memory leaks (!71, !72, Claudio Saavedra)
+
+2.62.0 - September 7, 2019
+==========================
+
+- Revert broken queued data fix for #15
+
+2.61.92 - September 2, 2019
+===========================
+
+- Discard queued data after interrupted writes (#15)
+- Verify socket timeouts are respected (#18)
+- Fix a couple broken error messages
+
+2.61.90 - August 5, 2019
+========================
+
+- Fix translations of certain error messages
+
+2.61.2 - July 22, 2019
+======================
+
+- Improve certain handshake error messages (#13)
+- Fix regressions introduced in 2.61.1 (#91, #92)
+
+2.61.1 - June 9, 2019
+=====================
+
+This release contains a major refactoring of the TLS codebase. The GnuTLS
+backend now shares the same base classes as the OpenSSL backend, to avoid
+duplicating as much code as possible. The base classes, previously used only by
+the OpenSSL backend and originally forked from glib-networking several years
+ago, have been enhanced to achieve feature-parity with the current state of the
+GnuTLS backend.
+
+Please note that the OpenSSL backend remains experimental. Further planned work
+is required before this backend will be production-ready.
+
+2.60.3 - June 9, 2019
+=====================
+
+- Fix clobbering of the thread-default main context after certificate
+ verification failure during async handshakes since 2.60.1 (#85)
+- Fix GTlsDatabase initialization failures in OpenSSL backend due to
+ uninitialized memory use
+- Fix minor leak of ALPN protocols
+
+2.60.2 - May 2, 2019
+====================
+
+- OpenSSL backend now defaults to system trust store (#62)
+- Fix client auth failure error with GnuTLS 3.6.7 (#70)
+
2.60.1 - April 1, 2019
======================
projects / platform / upstream / glib-networking.git / blobdiff