[ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
Appendix A Upgrading from previous versions
The GnuTLS library typically maintains binary and source code compatibility across versions. The releases that have the major version increased break binary compatibility but source compatibility is provided. This section lists exceptional cases where changes to existing code are required due to library changes.
Upgrading to 2.12.x from previous versions
GnuTLS 2.12.x is binary compatible with previous versions but changes the
semantics of gnutls_transport_set_lowat
, which might cause breakage
in applications that relied on its default value be 1. Two fixes
are proposed:
- Quick fix. Explicitly call
gnutls_transport_set_lowat (session, 1);
after gnutls_init. - Long term fix. Because later versions of gnutls abolish the functionality
of using the system call
select
to check for gnutls pending data, the function gnutls_record_check_pending has to be used to achieve the same functionality as described in Asynchronous operation.
Upgrading to 3.0.x from 2.12.x
GnuTLS 3.0.x is source compatible with previous versions except for the functions listed below.
Old function | Replacement |
---|---|
gnutls_transport_set_lowat | To replace its functionality the function gnutls_record_check_pending has to be used, as described in Asynchronous operation |
gnutls_session_get_server_random ,
gnutls_session_get_client_random | They are replaced by the safer function gnutls_session_get_random |
gnutls_session_get_master_secret | Replaced by the keying material exporters discussed in Deriving keys for other applications/protocols |
gnutls_transport_set_global_errno | Replaced by using the system’s errno fascility or gnutls_transport_set_errno. |
gnutls_x509_privkey_verify_data | Replaced by gnutls_pubkey_verify_data. |
gnutls_certificate_verify_peers | Replaced by gnutls_certificate_verify_peers2. |
gnutls_psk_netconf_derive_key | Removed. The key derivation function was never standardized. |
gnutls_session_set_finished_function | Removed. |
gnutls_ext_register | Removed. Extension registration API is now internal to allow easier changes in the API. |
gnutls_certificate_get_x509_crls , gnutls_certificate_get_x509_cas | Removed to allow updating the internal structures. Replaced by gnutls_certificate_get_issuer. |
gnutls_certificate_get_openpgp_keyring | Removed. |
gnutls_ia_* | Removed. The inner application extensions were completely removed (they failed to be standardized). |
Upgrading to 3.1.x from 3.0.x
GnuTLS 3.1.x is source and binary compatible with GnuTLS 3.0.x releases. Few functions have been deprecated and are listed below.
Old function | Replacement |
---|---|
gnutls_pubkey_verify_hash | The function gnutls_pubkey_verify_hash2 is provided and is functionally equivalent and safer to use. |
gnutls_pubkey_verify_data | The function gnutls_pubkey_verify_data2 is provided and is functionally equivalent and safer to use. |
Upgrading to 3.2.x from 3.1.x
GnuTLS 3.2.x is source and binary compatible with GnuTLS 3.1.x releases. Few functions have been deprecated and are listed below.
Old function | Replacement |
---|---|
gnutls_privkey_sign_raw_data | The function gnutls_privkey_sign_hash is equivalent
when the flag GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA is specified. |
[ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
This document was generated on May 31, 2014 using texi2html 5.0.