From a00615232c0fc04caea066cd25c33f9ffc5d3fd2 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Wed, 5 Apr 2023 10:56:35 -0400 Subject: [PATCH] Release ktls-utils 0.8 Signed-off-by: Chuck Lever --- ChangeLog | 6 ++++++ NEWS | 10 +++++----- README | 8 +------- README.md | 8 +------- configure.ac | 2 +- 5 files changed, 14 insertions(+), 20 deletions(-) diff --git a/ChangeLog b/ChangeLog index be8eb25..39043f3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ Change Log - In newest-release-first order +ktls-utils 0.8 - 2023-04-05 + * Replace the listen-based upcall mechanism with netlink + * Implement server-side handshake support + * Implement x.509 certificate verification + * Implement keyring-based exchange of authentication material + ktls-utils 0.7 - 2022-11-10 * Remove the -n command line option * Support client-side peer authentication diff --git a/NEWS b/NEWS index fed2d89..8f0a4d1 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,5 @@ -ktls-utils 0.7 - 2022-11-10 - * Remove the -n command line option - * Support client-side peer authentication - * Support upcall API changes in v6.0 prototype kernel - * Add /etc/tlshd.conf with support for default cert and private key +ktls-utils 0.8 - 2023-04-05 + * Replace the listen-based upcall mechanism with netlink + * Implement server-side handshake support + * Implement x.509 certificate verification + * Implement keyring-based exchange of authentication material diff --git a/README b/README index ee4b9d2..6449527 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -# Release Notes for ktls-utils 0.8-pre +# Release Notes for ktls-utils 0.8 Note well: This is experimental prototype software. It's purpose is purely as a demonstration and proof-of-concept. USE AT YOUR OWN RISK. @@ -49,14 +49,8 @@ Work that remains: * support for RPC-with-TLS certificate extended key usage * support for root device / filesystem with TLS * support for sharing TLS sessions across sockets -* support for multiple PSK identities * support for multiple trust chains for server verification -### Server-side work - -A server-side handshake mechanism is also needed but is not -yet part of this prototype. - ## Security Please consult the [security guide](./SECURITY.md) for our responsible security vulnerability disclosure process diff --git a/README.md b/README.md index ee4b9d2..6449527 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Release Notes for ktls-utils 0.8-pre +# Release Notes for ktls-utils 0.8 Note well: This is experimental prototype software. It's purpose is purely as a demonstration and proof-of-concept. USE AT YOUR OWN RISK. @@ -49,14 +49,8 @@ Work that remains: * support for RPC-with-TLS certificate extended key usage * support for root device / filesystem with TLS * support for sharing TLS sessions across sockets -* support for multiple PSK identities * support for multiple trust chains for server verification -### Server-side work - -A server-side handshake mechanism is also needed but is not -yet part of this prototype. - ## Security Please consult the [security guide](./SECURITY.md) for our responsible security vulnerability disclosure process diff --git a/configure.ac b/configure.ac index 0520ab5..f0fff9d 100644 --- a/configure.ac +++ b/configure.ac @@ -18,7 +18,7 @@ dnl 02110-1301, USA. dnl AC_PREREQ([2.69]) -AC_INIT([ktls-utils],[0.8-pre],[linux-nfs@vger.kernel.org]) +AC_INIT([ktls-utils],[0.8],[linux-nfs@vger.kernel.org]) AM_INIT_AUTOMAKE AM_SILENT_RULES([yes]) AC_CONFIG_SRCDIR([config.h.in])