NEWS
====
+0.X
+---
+
+- Important: The file proxy-dh.pem is now required. tlsproxy-setup creates it,
+ but running it will overwrite the existing proxy-*.pem files (which will
+ invalidate all certificate-*-proxy.pem files). To create only proxy-dh.pem
+ use:
+
+ certtool --generate-dh-params --sec-param high --outfile proxy-dh.pem
+
+- Use "SECURE" as GnuTLS priority string which disallows insecure algorithms.
+- Add -a option, authentication for tlsproxy via basic digest authentication.
+- Add new debug level (-d 3) for even more debug output, including information
+ about the current TLS session.
+- Allow rehandshakes for server connections (%SAFE_RENEGOTIATION is forced to
+ prevent issues).
+- Use pre-generated Diffie-Hellman parameters in proxy-dh.pem.
+- Code cleanup.
+- Better error handling.
+- Fix compile with recent GnuTLS (e.g. 3.2.3).
+- Improve (error) logging; log to stderr.
+- Add (basic) man pages.
+- Improve test suite.
+- tlsproxy-setup: Increase expiry-date and use larger private key, generate
+ proxy-dh.pem.
+
+
+0.2
+---
+
+- Add -u option, passthrough TLS connections to unknown hostnames.
+- Add ./configure --disable-ipv6 for IPv4 only machines.
+- Send HTML with error messages (not only headers).
+
+
0.1
---
-- first release
+
+- First release.