blob: a635531a7c6180bb30cacf4a4c0d807f7b65ed3a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
Version 1.11.4, 2013-07-25
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* CPU specific extensions are now always compiled if support for the
operations is available at build time, and flags enabling use of
extra operations (such as SSE2) are only included when compiling
files which specifically request support. This means, for instance,
that the SSSE3 and AES-NI implementations of AES are always included
in x86 builds, relying on runtime cpuid checking to prevent their
use on CPUs that do not support those operations.
* The default TLS policy now only accepts TLS, to minimize surprise
for servers which might not expect to negotiate DTLS. Previously a
server would by default negotiate either protocol type (clients
would only accept the same protocol type as they
offered). Applications which use DTLS or combined TLS/DTLS need to
override :cpp:func:`Policy::acceptable_protocol_version`.
* The TLS channels now accept a new parameter specifying how many
bytes to preallocate for the record handling buffers, which allows
an application some control over how much memory is used at runtime
for a particular connection.
* Applications can now send arbitrary TLS alert messages using
:cpp:func:`TLS::Channel::send_alert`
* A new TLS policy :cpp:class:`NSA_Suite_B_128` is available, which
will negotiate only the 128-bit security NSA Suite B. See
:rfc:`6460` for more information about Suite B.
* Adds a new interface for benchmarking, :cpp:func:`time_algorithm_ops`,
which returns a map of operations to operations per second. For
instance now both encrypt and decrypt speed of a block cipher can be
checked, as well as the key schedule of all keyed algorithms. It
additionally supports AEAD modes.
* Rename ARC4 to RC4
|