aboutsummaryrefslogtreecommitdiffstats
path: root/doc/relnotes
Commit message (Collapse)AuthorAgeFilesLines
* Avoid undefined operation in rotation operationslloyd2013-07-311-0/+11
|
* Update for 1.11.4 release1.11.4lloyd2013-07-251-1/+1
|
* Change default policy to prohibit DTLS to minimize surprise.lloyd2013-07-102-4/+20
| | | | | | | | | | Allow applications to send arbirary alert messages. Add a new optional parameter to Channel which specifies how large to make the IO buffers by default. Add Channel::reset_state, and reset the IO buffers and cipher specs after a fatal alert.
* Rename ARC4 to RC4lloyd2013-04-191-0/+2
|
* Initial notes for 1.11.4lloyd2013-04-181-0/+17
|
* Always include modules requiring ISA extensions as long as thelloyd2013-04-171-0/+3
| | | | | | | | | | | compiler and target platform might support it. For instance the AES SSSE3 code is now always in any x86 build, with just that specific file being compiled with -mssse3. Since we'll only call that code if cpuid confirms it works at runtime, we don't have portability issues, and it can be safely included in generic builds (eg for distributions). Tweak how machine specific compiler flags are generated to be a bit easier to maintain.
* Update for 1.11.3 release1.11.3lloyd2013-04-111-1/+1
|
* Add support for AEAD modes in TLS. Add GCM ciphersuites.lloyd2013-04-111-0/+2
|
* Basic docs for AEAD_Modelloyd2013-03-271-3/+5
|
* merge of '767ce7b733ad25a056a4609645dbb0418fed5c91'lloyd2013-03-211-0/+7
|\ | | | | | | and '8795500927af6dc6c8a74d6868d002712f971a2f'
| * Finish the note on removing Turing+WiderWAKElloyd2013-03-191-1/+2
| |
| * Remove the Turing and WiderWAKE4+1 stream cipher implementations.lloyd2013-03-191-0/+2
| | | | | | | | Both never saw much deployment or analysis.
| * Add an interface to Keyed_Filter returning a Key_Length_Specificationlloyd2013-03-171-0/+4
| | | | | | | | | | so the full details of what keylength(s) the filter supports are now available.
* | Move Monotone info to vcs.rstlloyd2013-03-212-2/+2
| | | | | | | | | | | | Fix some syntax errors in misc docs. Use mtn.randombit.net hostname
* | Add TLS::Policy::server_uses_own_ciphersuite_preferences()lloyd2013-03-211-0/+7
|/ | | | | | Previously the server always took its most-preferred cipher out of the client's list, but this policy allows telling a server to follow the client's preferences insetad.
* Relnote GCM supportlloyd2013-03-161-2/+2
|
* Relnote adding OCBlloyd2013-03-161-0/+4
|
* Add algorithm_kat_detailed which returns a string with info about the failurelloyd2013-03-161-0/+4
|
* Mention new cryptobox functionslloyd2013-03-041-0/+1
|
* Tick to 1.11.3 prelloyd2013-03-042-0/+4
|
* Update for 1.11.2 release1.11.2lloyd2013-03-031-1/+1
|
* Add 1.10.5 to indexlloyd2013-03-021-0/+1
|
* Update for 1.10.5 final releaselloyd2013-03-021-1/+5
|
* Blocking_Client fixes. Add relnotelloyd2013-02-281-11/+26
|
* Initial notes for 1.10.5lloyd2013-02-271-0/+9
|
* Correct RFC linkslloyd2013-02-061-7/+7
|
* Prefer RC4 over AES. Gak.lloyd2013-02-061-0/+4
|
* Add Threaded_Fork, which acts like a normal Fork filter except thatlloyd2013-02-021-0/+5
| | | | | | | | | | each subchain of filters will run in its own thread. Written and contributed by Joel Low. A thread on botan-devel contains the original patch and some discussion: http://lists.randombit.net/pipermail/botan-devel/2013-January/001699.html
* Initial 1.11.2 release noteslloyd2013-01-091-0/+21
|
* Update docs for 1.10.4 releaselloyd2013-01-092-0/+18
|
* Bump for 1.11.2lloyd2012-10-302-0/+3
|
* Update for 1.11.1 release1.11.1lloyd2012-10-301-1/+1
|
* Add TLS::Policy::negotiate_heartbeat_support which controls if thelloyd2012-10-131-3/+3
| | | | | | client will offer heartbeats (or if a server will negotiate them if the client offers). Defaults to false, which is probably the right behavior in terms of minimizing surprise and attack surface.
* Fix TLS doc formatting. Note removal of pref_versionlloyd2012-10-131-0/+4
|
* Use unaligned loads in AES-NI 192 key schedulelloyd2012-10-131-0/+7
|
* It seems other implementations define the secure renegotiation flag tolloyd2012-09-121-4/+8
| | | | | | | | be part of the connection rather than part of the session. That really does make more sense, so go with it. Changes the format of serialized sessions, but we already broke that with the crypto change.
* Clarify that this is an incompatible changelloyd2012-09-121-1/+4
|
* This note is accurate nowlloyd2012-09-091-4/+3
|
* Small doc tweakslloyd2012-09-071-6/+6
|
* Add support for key material exportlloyd2012-09-071-0/+3
|
* Reject SRP6 values which are negative or larger than p since these arelloyd2012-08-111-13/+23
| | | | likely totally bogus.
* Instead of using static salts in the KDF for generating the cipher andlloyd2012-08-091-10/+18
| | | | | | MAC keys for session encryption, randomly generate two 80-bit salt values which are included in the session blob and run the KDF over the master key and the random salts to create the keys.
* More 1.11.1 notes. Update TLS docslloyd2012-08-091-0/+28
|
* Remove BigInt::assignlloyd2012-08-011-3/+3
|
* Remove BigInt(NumberType type, size_t n) and replace it with a staticlloyd2012-08-011-0/+2
| | | | BigInt function power_of_2. (Power2 was the only available NumberType)
* Remove all support for octal BigInt conversions.lloyd2012-08-011-0/+10
|
* Add Public_Key::estimated_strength which gives an approximation of howlloyd2012-07-272-1/+15
| | | | | | | hard that key is to break. Use it in cert path validation, rejecting keys with estimated strength less than 80 bits.
* Update for 1.11.0 release1.11.0lloyd2012-07-191-1/+1
|
* Add 1.8.14 release noteslloyd2012-07-182-0/+18
|
* Make page wider. QNX build report. Link to 1.10.2 notes in 1.10.3.lloyd2012-07-131-3/+3
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 16:21:12 +0000