Version 1.11.2, 2013-03-02 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * A bug in the release script caused the `botan_version.py` included in :doc:`1.11.1 <1_11_1>` to be invalid, which required a manual edit to fix (:pr:`226`) Memory Zeroization Changes """""""""""""""""""""""""""""""""""""""" * Previously `clear_mem` was implemented by an inlined call to `std::memset`. However an optimizing compiler might notice cases where the memset could be skipped in cases allowed by the standard. Now `clear_mem` calls `zero_mem` which is compiled separately and which zeros out the array through a volatile pointer. It is possible some compiler with some optimization setting (especially with something like LTO) might still skip the writes. It would be nice if there was an automated way to test this. New Parallel Filter """""""""""""""""""""""""""""""""""""""" * The new filter :cpp:class:`Threaded_Fork` acts like a normal :cpp:class:`Fork,` sending its input to a number of different filters, but each subchain of filters in the fork runs in its own thread. Contributed by Joel Low. TLS Enhancements and Bug Fixes """""""""""""""""""""""""""""""""""""""" * The default TLS policy formerly preferred AES over RC4, and allowed 3DES by default. Now the default policy is to negotiate only either AES or RC4, and to prefer RC4. * New TLS :cpp:class:`Blocking_Client` provides a thread per connection style API similar to that provided in 1.10 Other API Changes """""""""""""""""""""""""""""""""""""""" * The API of `Credentials_Manager::trusted_certificate_authorities` has changed to return a vector of `Certificate_Store*` instead of `X509_Certificate`. This allows the list of trusted CAs to be more easily updated dynamically or loaded lazily. * The `asn1_int.h` header was split into `asn1_alt_name.h`, `asn1_attribute.h` and `asn1_time.h`.