Changes since previous version:
version 0.9.4
- fixed possible memory corrution in oauth_curl_get
thanks to Bruce Rosen for reporting this issue
version 0.9.3
- yet more build-system fixes:
- allow to override HASH_LIBS and CURL_LIBS using envoronment variables
- include them in .pc and tests/Makefile.am
version 0.9.2
- fixed typo in build-system (LDFLAGS, -Wl,--as-needed detection)
version 0.9.1
- fixed typo in API:
oauth_time_indepenent_equals[_n] is now deprecated in favor of
oauth_time_independent_equals[_n]
- added check for 'Wl,--as-needed' linker flag.
version 0.9.0
- fixed typo in pkg-config file.
With thanks to Brad Harder for the nudge.
Tarsnap is a secure online backup service for BSD, Linux, OS X,
Solaris, Cygwin, and can probably be compiled on many other UNIX-like
operating systems. The Tarsnap client code provides a flexible and
powerful command-line interface which can be used directly or via
shell scripts.
Package zlib was not found in the pkg-config search path.
... there is no zlib.pc, so comment out the part of the configure
script that adds that to the pkg-config file.
Bump PKGREVISION.
* libgnutls: Several minor bugfixes.
* libgnutls: Restored HMAC-MD5 for compatibility. Although considered weak,
several sites require it for connection. It is enabled for "NORMAL" and
"PERFORMANCE" priority strings.
* libgnutls: depend on libdl.
* libgnutls: gnutls_transport_set_global_errno() was deprecated. Use your
system's errno fascility or gnutls_transport_set_errno().
* gnutls-cli: Correction with usage of select to check for pending data in
gnutls sessions. It now uses gnutls_record_check_pending().
* tests: More fixes and updates for win32. Patches by LRN.
* libgnutls: Several files unnecessarily included <gcrypt.h>; this has been
fixed.
** API and ABI modifications: gnutls_transport_set_global_errno: DEPRECATED
Changes 2.12.2:
* libgnutls: Several updates and fixes for win32. Patches by LRN.
* libgnutls: Several bug and memory leak fixes.
* srptool: Accepts the -d option to enable debugging.
* libgnutls: Corrected bug in gnutls_srp_verifier() that prevented the
allocation of a verifier. Reported by Andrew Wiseman.
Changes 2.12.1:
* certtool: Generated certificate request with stricter permissions.
* libgnutls: Bug fixes in opencdk code. Reported by Vitaly Kruglikov.
* libgnutls: Corrected windows system_errno() function prototype.
* libgnutls: C++ compatibility fix for compat.h. Reported by Mark Brand.
* libgnutls: Fix size of gnutls_openpgp_keyid_t by using the
GNUTLS_OPENPGP_KEYID_SIZE definition. Reported by Andreas Metzler.
or less any context: In crypto toolkits for object-oriented languages
(C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in
kernel space. In most contexts, you need more than the basic
cryptographic algorithms, you also need some way to keep track of available
algorithms, their properties and variants. You often have some algorithm
selection process, often dictated by a protocol you want to implement.
And as the requirements of applications differ in subtle and not so
subtle ways, an API that fits one application well can be a pain to use
in a different context. And that is why there are so many different
cryptographic libraries around.
Nettle tries to avoid this problem by doing one thing, the low-level
crypto stuff, and providing a simple but general interface to it.
In particular, Nettle doesn't do algorithm selection. It doesn't do
memory allocation. It doesn't do any I/O.
The idea is that one can build several application and context specific
interfaces on top of Nettle, and share the code, test cases, benchmarks,
documentation, etc. Examples are the Nettle module for the Pike
language, and LSH, which both use an object-oriented abstraction on top
of the library.
This version comes with the following usability enhancements:
* Added checkbox to the Preferences dialog, this checkbox turns off some
tooltips that can be annoying for users who are sufficiently familiar with
the GUI.
* Added a tab "Policy Rule" to the "Objects" page of the global preferences
dialog; checkbox in this tab allows the user to choose whether new policy
rules should be created with logging turned on or off.
The major bug fixes in this release include:
* Fixed installer issue for Windows users that use Putty sessions. Built-in
policy installer can use putty session on Windows when it runs pscp.exe
utility to copy generated script to the firewall
* Fixed bug in the generated iptables script that made it to not configure
broadcast address when it added ip addresses to interfaces.
* Several bugs that affected cluster configurations were fixed.
* Preparations for 1.2.17 release
* Fixed security issue with libxslt (CVE-2011-1425, reported by Nicolas Gregoire)
* Fixed pkcs12 file loading (based on patch from Andre de Souza Pinto)
* Fixed comments (based on patch from Wolfgang Woehl)
* Fixed extra quotes in configure (bug #631258)
* Fixed configure issue with empty --with-libxml/libxsl and config scripts in /bin directory
* Fixed gcrypt init/shutdown (patch from Roumen)
so that we don't have any '#' chars in it.
Avoids the following:
% grep COMMENT Makefile
COMMENT= Cryptographic store accessible through a PKCS#11 interface
% pkg_info softhsm
Information for softhsm-1.2.0:
Comment:
Cryptographic store accessible through a PKCS
authentication protocol designed to provide strong authentication for
client/server applications by using secret-key cryptography. (Kerberos
5 is discussed in RFC 1510.)
This package provides MIT Kerberos applications and servers for telnet,
the r-services and ftp. These were recently split from the mit-krb5
package due to upstream making the same split.
