Hello, The GnuTLS 2.11.x branch is NOT what you want for your stable system. It is intended for developers and experienced users.
This is major update release that includes features such as PKCS #11 support for cryptographic objects, a PKCS #11 token manipulation tool (p11tool), support for local system thread locks, new message buffering layer, support for nettle library and more. Unless there are issues, this version contains the final version of the PKCS #11 support for 2.12.x. It has been mostly tested with opensc and Feitian smart cards, but I'd appreciate if you can test it with other tokens and pkcs11 modules you may have. Here are the compressed sources: ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-2.11.5.tar.bz2 ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.11.5.tar.bz2 Here is the OpenPGP signature: ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-2.11.5.tar.bz2.sig ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.11.5.tar.bz2.sig regards, Nikos * Version 2.11.5 (released 2010-12-01) ** libgnutls: Reverted default behavior for verification and introduced GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT. Thus by default V1 trusted CAs are allowed, unless the new flag is specified. ** libgnutls: Correctly add leading zero to PKCS #8 encoded DSA key. Reported by Jeffrey Walton. ** libgnutls: Added SIGN-ALL, CTYPE-ALL, COMP-ALL, and VERS-TLS-ALL as priority strings. Those allow to set all the supported algorithms at once. ** p11tool: Introduced. It allows manipulating pkcs 11 tokens. ** gnutls-cli: Print channel binding only in verbose mode. Before it printed it after the 'Compression:' output, thus breaking Emacs starttls.el string searches. ** API and ABI modifications: gnutls_pkcs11_token_init: New function gnutls_pkcs11_token_set_pin: New function _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
