Version 0.2

bearssl-0.2.tar.gz, released on December 13th, 2016.

  • Support for ClientHello padding (RFC 7685).

  • Support for TLS_FALLBACK_SCSV (RFC 7507) (server-side; on the client, this is entirely under control of the caller).

  • New flag to prohibit renegotiations.

  • API for saving and restoring session parameters (controllable session resumption on the client side).

  • Client certificates: API to request a client certificate (on the server side), and to provide a client certificate (on the client side).

  • API for generic name extraction from X.509 certificates (from the subject DN and the SAN extension).

  • Improved T0 compilation (threaded code is about 10% shorter).

  • ChaCha20+Poly1305 support (RFC 7905).

  • Lots of fixes (including a couple of buffer overruns).

Version 0.1

bearssl-0.1.tar.gz, released on November 3rd, 2016.

  • Initial release.