GnuTLS 3.5.0 released

We are proud to announce a new GnuTLS release: Version 3.5.0.

GnuTLS is a modern C library that implements the standard network
security protocol Transport Layer Security (TLS), for use by network
applications.  GnuTLS is developed for GNU/Linux, but works on many
Unix-like systems and as well as Windows.

The GnuTLS library is distributed under the terms of the GNU Lesser
General Public License version 2 (or later).  The OpenSSL compatibility
library, the self tests and the command line tools are all distributed
under the GNU General Public License version 3.0 (or later).  The
manual is distributed under the GNU Free Documentation License version
1.3 (or later).

The project pages of the library are available at:
http://www.gnutls.org/



What's New
==========

Version 3.5.0 is the first stable release on the 3.5.x branch and is
the result of a year of planning and work [0] on the git master branch.
The GnuTLS 3.5.x branch is marked as stable-next, meaning it is
considered of stable quality but does not yet replace the current
stable releases based on 3.4.0, which will continue to be supported.

An extended summary of the most important changes is available at:
http://nmav.gnutls.org/2016/05/gnutls-3-5-0.html



[0]. https://gitlab.com/gnutls/gnutls/milestones/4




* Version 3.5.0 (released 2016-05-09)

** libgnutls: Added SHA3 based signing algorithms for DSA, RSA and
   ECDSA.

** libgnutls: Added support for curve X25519 (RFC 7748, 
   draft-ietf-tls-rfc4492bis-07). This curve is disabled by default as
   it is still on specification status. It can be enabled using the
   priority string modifier +CURVE-X25519.

** libgnutls: Added support for TLS false start 
   (draft-ietf-tls-falsestart-01) by introducing gnutls_init() flag
   GNUTLS_ENABLE_FALSE_START (#73).

** libgnutls: Added new APIs to access the FIPS186-4 (Shawe-Taylor
   based) provable RSA and DSA parameter generation from a seed.

** libgnutls: The CHACHA20-POLY1305 ciphersuite is enabled by default.
   This cipher is prioritized after AES-GCM.

** libgnutls: On a rehandshake ensure that the certificate of the peer
   or its username remains the same as in previous handshakes. That is
   to protect applications which do not check user credentials on
   rehandshakes. The threat to address depends on the application
   protocol. Primarily it protects against applications which
   authenticate the peer initially and perform accounting using the
   session's information, from being misled by a rehandshake which
   switches the peer's identity. Applications can disable this
   protection by using the %GNUTLS_ALLOW_ID_CHANGE flag in
   gnutls_init().

** libgnutls: Be strict in TLS extension decoding. That is, do not
   tolerate parsing errors in the extensions field and treat it as a
   typical Hello message structure. Reported by Hubert Kario (#40).

** libgnutls: Old and unsupported version numbers in client hellos are
   rejected with a "protocol_version" alert message. Reported by Hubert
   Kario (#42).

** libgnutls: Lifted the limitation of calling the
   gnutls_session_get_data*() functions, only on non-resumed sessions. 
   This brings the API in par with its usage (#79).

** libgnutls: Follow RFC5280 strictly in name constraints computation.
   The permitted subtrees is intersected with any previous values. 
   Report and patch by Daiki Ueno.

** libgnutls: Enforce the RFC 7627 (extended master secret)
   requirements on session resumption. Reported by Hubert Kario (#69).

** libgnutls: Consider the max-record TLS extension even when under
   DTLS. Reported by Peter Dettman (#61).

** libgnutls: Replaced writev() system call with sendmsg().

** libgnutls: Replaced select() system call with poll() on POSIX
   systems.

** libgnutls: Preload the system priority file on library load. This
   allows applications that chroot() to also use the system priorities.

** libgnutls: Applications are allowed to override the built-in key and
   certificate URLs.

** libgnutls: The gnutls.h header marks constant and pure functions
   explictly.

** certtool: Added the ability to sign certificates using SHA3.

** certtool: Added the --provable and --verify-allow-broken options.

** gnutls-cli: The --dane option will cause verification failure if
   gnutls is not compiled with DANE support.

** crywrap: The tool was unbundled from gnutls' distribution. It can be
   found at https://github.com/nmav/crywrap


** guile: .go files are now built and installed

** guile: Fix compatibility issue of the test suite with Guile 2.1

** guile: When --with-guile-site-dir is passed, modules are installed
   in a versioned directory, typically $(datadir)/guile/site/2.0

** guile: Tests no longer leave zombie processes behind

** API and ABI modifications:
GNUTLS_FORCE_CLIENT_CERT: Added
GNUTLS_ENABLE_FALSE_START: Added
GNUTLS_INDEFINITE_TIMEOUT: Added
GNUTLS_ALPN_SERVER_PRECEDENCE: Added
GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING: Added
GNUTLS_E_HANDSHAKE_DURING_FALSE_START: Added
gnutls_check_version_numeric: Added
gnutls_x509_crt_equals: Added
gnutls_x509_crt_equals2: Added
gnutls_x509_crt_set_subject_alt_othername: Added
gnutls_x509_crt_set_issuer_alt_othername: Added
gnutls_x509_crt_get_signature_oid: Added
gnutls_x509_crt_get_pk_oid: Added
gnutls_x509_crq_set_subject_alt_othername: Added
gnutls_x509_crq_get_pk_oid: Added
gnutls_x509_crq_get_signature_oid: Added
gnutls_x509_crl_get_signature_oid: Added
gnutls_x509_privkey_generate2: Added
gnutls_x509_privkey_get_seed: Added
gnutls_x509_privkey_verify_seed: Added
gnutls_privkey_generate2: Added
gnutls_privkey_get_seed: Added
gnutls_privkey_verify_seed: Added
gnutls_decode_ber_digest_info: Added
gnutls_encode_ber_digest_info: Added
gnutls_dh_params_import_dsa: Added
gnutls_session_get_master_secret: Added


Community
=========

If you need help to use GnuTLS, or want to help others, you are invited
to join our help-gnutls mailing list, see:

  http://lists.gnutls.org/mailman/listinfo/gnutls-help


If you wish to participate in the development of GnuTLS, you are
invited
to join our gnutls-dev mailing list, see:

  http://lists.gnutls.org/mailman/listinfo/gnutls-dev


Internationalization
====================

The GnuTLS library messages have been translated into Czech, Dutch,
French, German, Italian, Malay, Polish, Simplified Chinese, Swedish,
and Vietnamese.  We welcome the addition of more translations.


Getting the Software
====================

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ and LZIP compressed sources:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-3.5.0.tar.xz


Here are OpenPGP detached signatures signed using key 0x96865171:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-3.5.0.tar....

Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
gmail.com>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]

regards,
Nikos