diff options
Diffstat (limited to 'doc/relnotes/1_11_0.rst')
| -rw-r--r-- | doc/relnotes/1_11_0.rst | 65 |
1 files changed, 0 insertions, 65 deletions
diff --git a/doc/relnotes/1_11_0.rst b/doc/relnotes/1_11_0.rst deleted file mode 100644 index 9662afca9..000000000 --- a/doc/relnotes/1_11_0.rst +++ /dev/null @@ -1,65 +0,0 @@ -Version 1.11.0, 2012-07-19 -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -.. note:: - - In this release, many new features of C++11 are being used in the - library. Currently GCC 4.7 and Clang 3.1 are known to work well. - This version of the library cannot be compiled by or used with a - C++98 compiler. - -TLS and PKI Changes -"""""""""""""""""""""""""""""""""""""""" - -There have been many changes and improvements to TLS. The interface -is now purely event driven and does not directly interact with -sockets. New TLS features include TLS v1.2 support, client -certificate authentication, renegotiation, session tickets, and -session resumption. Session information can be saved in memory or to -an encrypted SQLite3 database. Newly supported TLS ciphersuite -algorithms include using SHA-2 for message authentication, pre shared -keys and SRP for authentication and key exchange, ECC algorithms for -key exchange and signatures, and anonymous DH/ECDH key exchange. - -Support for OCSP has been added. Currently only client-side support -exists. - -The API for X.509 path validation has changed, with -``x509_path_validate`` in x509path.h now handles path validation and -``Certificate_Store`` handles storage of certificates and CRLs. - -Memory Container Changes -"""""""""""""""""""""""""""""""""""""""" - -The memory container types have changed substantially. The -``MemoryVector`` and ``SecureVector`` container types have been -removed, and an alias of ``std::vector`` using an allocator that -clears memory named ``secure_vector`` is used for key material, with -plain ``std::vector`` being used for everything else. - -The technique used for mlock'ing memory on Linux and BSD systems is -much improved. Now a single page-aligned block of memory (the exact -limit of what we can mlock) is mmap'ed, with allocations being done -using a best-fit allocator and all metadata held outside the mmap'ed -range, in an effort to make best use of the very limited amount of -memory current Linux kernels allow unpriveledged users to lock. - -New LZMA Compression Filter -"""""""""""""""""""""""""""""""""""""""" - -A filter using LZMA was contributed by Vojtech Kral. It is available -if LZMA support was enabled at compilation time by passing -``--with-lzma`` to ``configure.py``. - -ECC Key Decoding Problem Resolved -"""""""""""""""""""""""""""""""""""""""" - -:rfc:`5915` adds some extended information which can be included in -ECC private keys which the ECC key decoder did not expect, causing an -exception when such a key was loaded. In particular, recent versions -of OpenSSL use these fields. Now these fields are decoded properly, -and if the public key value is included it is used, as otherwise the -public key needs to be rederived from the private key. However the -library does not include these fields on encoding keys for -compatability with software that does not expect them (including older -versions of botan). |