2.48.0
======
* New stable release. (No changes since 2.47.90)
2.47.90
=======
* gnutls: The non-PKCS#11 TLS plugin now uses gnutls's certificate
validation code directly, rather than attempting to build a
certificate chain itself first. [#753260 and others, Dan Winship]
* gnutls: Fixed a leak when closing a connection during an implicit
handshake [#736809, Philip Withnall]
* gnutls: Fixed "make check" without PKCS#11 support [#728977,
Gilles Dartiguelongue]
* gnutls: Various changes in preparation for DTLS support (but not
the actual DTLS support itself) [#697908, #735754, Philip
Withnall, Olivier Crête]
* Updated translations: Occitan
2.47.1
======
* Fixed a certificate chain validation problem that affected
Facebook in Epiphany. [#750457, Carlos Garcia Campos]
* Added a systemd service file for glib-pacrunner [#755740, Simon
McVittie]
2.46.0
======
* Various minor cleanups and small memory leak fixes
* Added a new test case for client certificate chain handling
[#754129, Michael Catanzaro]
* New/updated translations:
Japanese, Occitan, Portuguese
2.45.1
======
* tls/gnutls: Implement g_tls_client_connection_copy_session_state(),
to allow implementing FTP-over-TLS in gvfs. (#745255, Ross
Lagerwall)
2.44.0
======
* New stable release. (No changes since 2.43.92)
2.43.92
=======
* Fix TLS session caching when using session tickets (#745099, Ross
Lagerwall)
* Updated translations:
Bosnian
2.43.91
=======
* tls/gnutls: Removed a workaround for connecting to servers with
weak DH parameters, which was apparently only needed because
gnutls was prioritizing DHE over RSA. (Michael Catanzaro)
(https://bugzilla.redhat.com/show_bug.cgi?id=1177964#c8)
* tls/gnutls: We now require gnutls 3.x again. (In fact, 2.42.1
and 2.43.1 accidentally used a 3.x-only function, so we already
required it, we were just failing to declare that fact.)
* tls/tests: Skip certain tests when running against old gnutls or
GLib releases. (glib-networking 2.43.91 itself does not require
GLib 2.43, but one of the test cases does.)
* Updated translations:
Friulian
2.43.1
======
* The GTlsClientConnection "use-ssl3" property now falls back to TLS
1.0 if SSL 3.0 has been disabled, rather than just failing. Also,
we now use the gnutls %LATEST_RECORD_VERSION option by default (to
allow connecting to certain servers that were incorrectly patched
for the POODLE attack), but also make sure to remove that option
in the fallback ("use-ssl3") mode (to allow connecting to other
servers that are differently broken). (#738633, #740087, Dan
Winship)
* tls/gnutls: Miscellaneous warning, debugging, and leak fixes
(#736757, #736809, #737106, Philip Withnall)
* New/updated translations:
Kazakh
2.42.0
======
* New stable release. (No changes since 2.41.92)
2.41.92
=======
* tls/gnutls: Incorrectly-ordered certificate chains are now
accepted (#683266, Michael Catanzaro)
* tls/gnutls: Closing an already-closed GTlsConnection now correctly
returns TRUE rather than G_IO_ERROR_CLOSED (#735754, Olivier
Crête)
2.41.4
======
* tls/gnutls: certificates with IP address subject altnames are now
supported (#726596, Aleix Conchillo Flaqué)
* tls/tests: added a script to re-generate the certificates, and
regenerated them (since the key for the existing CA certificate
had been lost, so it wasn't possible to add new test certificates,
eg, for IP SAN). (#733365, Aleix Conchillo Flaqué)
* Updated translations:
Greek
2.41.3
======
* tls/gnutls: g_tls_backend_get_default_database() should never
return %NULL; if glib-networking was built without a
ca-certificates file, then the default GTlsDatabase should just be
empty. (#727282, Olivier Crête)
* tls/gnutls: If a server's certificate includes an issuer chain, we
now send the entire chain to the client. (#724708, Aleix Conchillo
Flaqué)
* Updated translations:
Swedish
2.40.0
======
* New stable release. (No changes since 2.39.90)
2.39.90
=======
* tls/gnutls: Avoid trying to update a destroyed GSource (#723774,
Philip Withnall)
* tls/tests: Fix another flaky test (#722336)
* tests: use the TAP driver
* Updated translations:
Chinese, Czech
2.39.3
======
* tls/tests: Fix one sporadic bug in the connection test (#720081)
and make it properly fail rather than hanging forever when another
sporadic bug happens (which I don't actually know the cause of)
(#719727)
* tls/gnutls: Fix for -Werror=format-nonliteral (#720081, Ryan
Lortie)
2.39.1
======
* tls/gnutls: Use g_tls_interaction_invoke_request_certificate()
when processing a certificate request. (#637257, Stef Walter)
* tls/gnutls: Handle G_IO_ERROR_TIMED_OUT on a GTlsConnection
correctly rather than reporting "The specified session has
been invalidated for some reason". (#710700, Aleix Concillo
Flaque)
* tls/tests: Fix to previous installed-tests fix, which resulted
in some files getting installed even when installed tests weren't
enabled. (#710197)
* tls/tests: add a test for a fix made in glib (#710691, Aleix
Conchillo Flaque).
2.38.1
======
* glibpacrunner: Don't crash if there is an internal libproxy error.
(rhbz #866927)
* tls/tests: Fix installed tests to not accidentally depend on
having the source tree still exist. (#709628)
* Updated translations:
Tajik
2.38.0
======
* New stable release. (No changes since 2.37.5)
2.37.5
======
* gnutls: minimum version is now 2.12.8 (with 3.x preferred...)
* glib-networking now supports the --enable-installed-tests flag, to
install its test programs to run at other times (ie, after
updating glib)
2.37.4
======
* proxy/gnome: further improve GNOME session detection (#701377)
* gnutls: don't crash if $G_TLS_GNUTS_PRIORITY is invalid (#701693)
2.37.2
======
* proxy/gnome: Improve session-type detection to include
gnome-classic and anything else starting with "gnome" (#700607,
Giovanni Campagna)
* proxy/libproxy: make SOCKS work when using the async API (#699359,
Dan)
* proxy/tests: make the libproxy test program use the just-built
plugin rather than the installed one. Oops (#700286, Iain Lane)
* proxy/tests: fix to not error out if neither proxy module is built
(#700628, Dan)
* tls/tests: fix a sporadic crash (Dan)
2.37.1
======
* gnutls: Fixed a bug that could cause hangs and/or bursts of CPU
usage in some cases. (#696881, Olivier Crête)
* gnutls: Fixed CFLAGS when building with gnutls in a different
prefix. (#696519, Emmanuel Pacaud)
* gnutls: Fixed a hang while rehandshaking with gnutls 3.x (#695062,
Dan)
* gnutls: Fixed a handshaking crash in multithreaded use (#697754,
Olivier Crête)
* proxy/gnome: Fix "automatic" mode, which was mistakenly being
treated as "none" (Dan)
* proxy/gnome: Use this in Unity sessions as well as GNOME ones.
(#698936, Iain Lane)
* New/Updated translations:
Friulian, Indonesian, Turkish
======
* proxy/gnome: Fix "automatic" mode, which was mistakenly being
treated as "none" (Dan)
* proxy/gnome: Use this in Unity sessions as well as GNOME ones.
(#698936, Iain Lane)
* proxy/libproxy: Fix handling of SOCKS proxies (#699359, Dan)
