News

GNUnet 0.13.0 released

We are pleased to announce the release of GNUnet 0.13.0.
This is a new major release. It breaks protocol compatibility with the 0.12.x versions. Please be aware that Git master is thus henceforth INCOMPATIBLE with the 0.12.x GNUnet network, and interactions between old and new peers will result in signature verification failures. 0.12.x peers will NOT be able to communicate with Git master or 0.13.x peers.
In terms of usability, users should be aware that there are still a large number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.13.0 release is still only suitable for early adopters with some reasonable pain tolerance.

Download links

The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A

Note that due to mirror synchronization, not all links might be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/

Noteworthy changes in 0.13.0 (since 0.12.2)

  • GNS:
    • Aligned with specification LSD001.
    • NSS plugin "block" fixed. #5782
    • Broken set NICK API removed.#6092
    • New record flags: SUPPLEMENTAL. Records which are not explicitly configured/published under a specific label but which are still informational are returned by the resolver and flagged accordingly. #6103
    • gnunet-namestore now complains when adding TLSA or SRV records outside of a BOX
  • CADET: Fixed tunnel establishment as well as an outstanding bug regarding tunnel destruction. #5822
  • GNS/REVOCATION: Revocation proof of work has function changed to argon2 and modified to reduce variance.
  • RECLAIM: Increased ticket length to 256 bit. #6047
  • TRANSPORT: UDP plugin moved to experimental as it is known to be unstable.
  • UTIL:
    • Serialization / file format of ECDSA private keys harmonized with other libraries. Old private keys will no longer work! #6070
    • Now using libsodium for EC cryptography.
    • Builds against cURL which is not linked against gnutls are now possible but still not recommended. Configure will warn that this will impede the GNS functionality. This change will make hostlist discovery work more reliable for some distributions.
    • GNUNET_free_non_null removed. GNUNET_free changed to not assert that the pointer is not NULL. For reference see the Taler security audit.
    • AGPL request handlers added GNUnet and extension templates.
  • (NEW) GANA Registry: We have established a registry to be used for names and numbers in GNUnet. This includes constants for protocols including GNS record types and GNUnet peer-to-peer messages. See GANA.
  • (NEW) Living Standards: LSD subdomain and LSD0001 website: LSD0001
  • (NEW) Continuous integration: Buildbot is back.
  • Buildsystem: A significant number of build system changes:
    • libmicrohttpd and libjansson are now required dependencies.
    • New dependency: libsodium.
    • Fixed an issue with libidn(2) detection.
A detailed list of changes can be found in the ChangeLog and the 0.13.0 bugtracker.

Known Issues

  • There are known major design issues in the TRANSPORT, ATS and CORE subsystems which will need to be addressed in the future to achieve acceptable usability, performance and security.
  • There are known moderate implementation limitations in CADET that negatively impact performance.
  • There are known moderate design issues in FS that also impact usability and performance.
  • There are minor implementation limitations in SET that create unnecessary attack surface for availability.
  • The RPS subsystem remains experimental.
  • Some high-level tests in the test-suite fail non-deterministically due to the low-level TRANSPORT issues.

In addition to this list, you may also want to consult our bug tracker at bugs.gnunet.org which lists about 190 more specific issues.

Thanks

This release was the work of many people. The following people contributed code and were thus easily identified: Christian Grothoff, Florian Dold, Jonathan Buchanan, t3sserakt, nikita and Martin Schanzenbach.