[Botan-announce] Botan 1.7.3 released

Jack Lloyd lloyd at randombit.net
Thu Jan 24 10:12:22 EST 2008


I have released a new development release of Botan (1.7.3). Notable
changes include:

 - configure/build system changes:

   There is a new invocation syntax for configure.pl for overriding
   the guessed system parameters. Rather than specifying them in a
   triplet like 'gcc-linux-sparc64' or 'msvc-windows-i686', there are
   three independent arguments (--cc, --arch, and --os). Specifying
   all three of them has the same effect as giving the corresponding
   triplet in earlier versions. However you can also choose to only
   specify some of them, with the other values being guessed by the
   previous auto-configuration logic. For instance
      $ ./configure.pl --cc icc
   will configure Botan to build with the Intel C++ compiler, with the
   other parameters being guessed.

   There are some other new options including:
     --endian=(little|big|none) [override default endian settings]
     --unaligned-mem=(yes|no) [hint that unaligned load/stores are OK]

   These options toggle the generation of macros in build.h which are
   currently unused but may be used in the future. Notably if
   unaligned memory load/stores are allowed by the CPU, such as on
   x86/x86-64 machines, it is possible to significantly optimize some
   algorithms (this was initially suggested and implemented by Yves
   Jerschow last year, with the first portion released in 1.7.1).

 - The default malloc()-based allocator now avoids the pool
   abstraction code and directly allocates from and frees to the
   malloc heap. This may be slightly faster and/or avoid pathological
   cases (though the exact effect will depend on the quality of your
   systems' malloc implementation).

 - IPv4 addresses are supported in X.509 certificate
   SubjectAlternativeNames. This was contributed by Yves Jerschow.

 - Entropy source changes:

     The es_file module (the only built in entropy source) has been
     removed, replaced by a new POSIX-specific module es_dev. Advantages
     of this module over es_file include:
       - It will not block for an unbounded length of time if directed to
         read from /dev/random or other blocking device
       - Using unbuffered I/O prevents wasting entropy in the system pool

     This has the important effect that if Botan is built without any
     modules, there will be no configured entropy sources. Previously,
     it was possible to build Botan without any extra modules and on
     systems with /dev/*random everything would just work (though it
     would still fail on systems without it, like Windows or older
     Solaris).

     The fast poll in the es_unix module has been changed, it now only
     calls fast/simplistic functions like getrusage, stat, etc (only
     the slow poll will invoke external programs).



More information about the botan-announce mailing list