diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-03-01 12:51:47 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-03-02 16:03:27 +0100 |
commit | ed8810c4bbfec66f4ae7f144e291ce54c66e6a4d (patch) | |
tree | 79390d59b07a7af0a33396eeffe5011d5e76754b /NEWS | |
parent | a4c8d3e5577e0d0ac67f2b7ba1550d504f47ab11 (diff) | |
download | gnutls-ed8810c4bbfec66f4ae7f144e291ce54c66e6a4d.tar.gz |
doc update
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -23,12 +23,19 @@ See the end for copying conditions. list. It has to be explicitly enabled, e.g., with a string like "NORMAL:+3DES-CBC". +** libgnutls: PKIX certificates with unknown critical extensions are rejected + on verification with status GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS. This + behavior can be overriden by providing the flag GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS + to verification functions. Resolves gitlab issue #177. + ** certtool: the option '--load-ca-certificate' can now accept PKCS#11 URLs in addition to files. ** API and ABI modifications: gnutls_x509_crt_set_flags: Added GNUTLS_X509_CRT_FLAG_IGNORE_SANITY: Added +GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS: Added +GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS: Added * Version 3.5.7 (released 2016-12-8) |