=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/69.html,v retrieving revision 1.38 retrieving revision 1.39 diff -c -r1.38 -r1.39 *** www/69.html 2021/04/15 14:06:07 1.38 --- www/69.html 2021/04/15 15:46:01 1.39 *************** *** 1114,1126 **** !

LibreSSL 3.2.5

New Features
- Support for DTLSv1.2.
- Continued rewrite of the record layer for the legacy stack.
- Numerous bugs and interoperability issues were fixed in the new verifier.
- The OpenSSL 1.1 TLSv1.3 API is not yet available.
--- 1114,1128 ----

LibreSSL 3.3.3

New Features
- Support for DTLSv1.2.
- Continued rewrite of the record layer for the legacy stack.
- Numerous bugs and interoperability issues were fixed in the new verifier. + A few bugs and incompatibilities remain, so this release uses the old + verifier by default.
- The OpenSSL 1.1 TLSv1.3 API is not yet available.
*************** *** 1140,1214 ****
Add a number of RPKI OIDs from RFC 6482, 6484, 6493, 8182, 8360, draft-ietf-sidrops-rpki-rta, and draft-ietf-opsawg-finding-geofeeds. !
Add support for SSL_get_shared_ciphers() with TLSv1.3.
Add DTLSv1.2 methods. !
Implement SSL_is_dtls() and use it internally in place of the SSL_IS_DTLS macro. !
Provide EVP_PKEY_new_CMAC_KEY(3). !
Add missing prototype for d2i_DSAPrivateKey_fp(3) to x509.h. !
Add DTLSv1.2 to openssl(1) s_server and s_client protocol message ! logging. !
Provide SSL_use_certificate_chain_file(3). -
Provide SSL_set_hostflags(3) and SSL_get0_peername(3). -
Provide various DTLSv1.2 specific functions and defines.
Document meaning of '*' in the genrsa output. !
Updated documentation for SSL_get_shared_ciphers(3). !
Add documentation for SSL_get_finished(3). !
Document EVP_PKEY_new_CMAC_key(3) -
Document SSL_use_certificate_chain_file(3). !
Document SSL_set_hostflags(3) and SSL_get0_peername(3). !
Update SSL_get_version.3 manual for DTLSv.1.2 support.
Make supported protocols and options for DHE params more prominent ! in tls_config_set_protocols.3.
Various documentation improvements around TLS methods.

Compatibility Changes

Make openssl(1) s_server ignore -4 and -6 for compatibility with ! OpenSSL. !
Set SO_REUSEADDR on the server socket in the openssl(1) ocsp ! command. !
Send a host header with OCSP queries to make openssl(1) ocsp work with some widely used OCSP responders. !
Add ability to ocspcheck(8) to parse a port in the specified ! OCSP URL.
Implement auto chain for the TLSv1.3 server since some software relies on this.
Implement key exporter for TLSv1.3. !
Align SSL_get_shared_ciphers() with OpenSSL. This takes into account ! that it never returned server ciphers, so now it will fail when ! called from the client side.
Sync cert.pem with Mozilla NSS root CAs except "GeoTrust Global CA". !
Make SSL{_CTX,}_get_{min,max}_proto_version() return a version of ! zero if the minimum or maximum has been set to zero to match ! OpenSSL's behavior. !
Add DTLSv1.2 support to openssl s_client/s_server.

Testing and Proactive Security --- 1142,1239 ----

Add a number of RPKI OIDs from RFC 6482, 6484, 6493, 8182, 8360, draft-ietf-sidrops-rpki-rta, and draft-ietf-opsawg-finding-geofeeds. !

Add support for ! SSL_get_shared_ciphers(3) ! with TLSv1.3.

Add DTLSv1.2 methods. !

Implement SSL_is_dtls(3) and use it internally in place of the SSL_IS_DTLS macro. !

Provide ! EVP_PKEY_new_CMAC_KEY(3). !

Add missing prototype for ! d2i_DSAPrivateKey_fp(3) ! to x509.h. !

Add DTLSv1.2 to ! openssl(1) ! s_server and s_client protocol message logging. !

Provide ! SSL_use_certificate_chain_file(3). !

Provide ! SSL_set_hostflags(3) ! and ! SSL_get0_peername(3).

Provide various DTLSv1.2 specific functions and defines.

Document meaning of '*' in the genrsa output. !

Updated documentation for ! SSL_get_shared_ciphers(3). !

Add documentation for ! SSL_get_finished(3). !

Document ! EVP_PKEY_new_CMAC_key(3). !

Document ! SSL_use_certificate_chain_file(3). !

Document ! SSL_set_hostflags(3) ! and ! SSL_get0_peername(3). +

Update + SSL_get_version(3) + manual for DTLSv.1.2 support. +

Make supported protocols and options for DHE params more prominent ! in tls_config_set_protocols(3).

Various documentation improvements around TLS methods.

Compatibility Changes

Make openssl(1) s_server ! ignore -4 and -6 for compatibility with OpenSSL. !
Set SO_REUSEADDR on the server socket in the ! openssl(1) ocsp command. !
Send a host header with OCSP queries to make ! openssl(1) ocsp work with some widely used OCSP responders. !
Add ability to ! ocspcheck(8) ! to parse a port in the specified OCSP URL.
Implement auto chain for the TLSv1.3 server since some software relies on this.
Implement key exporter for TLSv1.3. !
Align SSL_get_shared_ciphers(3) ! with OpenSSL. This takes into account that it never returned server ! ciphers, so now it will fail when called from the client side.
Sync cert.pem with Mozilla NSS root CAs except "GeoTrust Global CA". !
Make ! SSL{_CTX,}_get_{min,max}_proto_version(3) ! return a version of zero if the minimum or maximum has been set to ! zero to match OpenSSL's behavior. !
Add DTLSv1.2 support to ! openssl(1) s_client/s_server.

Testing and Proactive Security *************** *** 1216,1227 ****

Malformed ASN.1 in a certificate revocation list or a timestamp response token can lead to a NULL pointer dereference. !

Pull in fix for EVP_CipherUpdate() overflow from OpenSSL.

Use EXFLAG_INVALID to handle out of memory and parse errors in x509v3_cache_extensions(). !

Refactor and clean up ocspcheck(8) and add regression tests.

Internal Improvements --- 1241,1256 ----

Malformed ASN.1 in a certificate revocation list or a timestamp response token can lead to a NULL pointer dereference. !

Pull in fix for ! EVP_CipherUpdate(3) ! overflow from OpenSSL.

Use EXFLAG_INVALID to handle out of memory and parse errors in x509v3_cache_extensions(). !

Refactor and clean up ! ocspcheck(8) ! and add regression tests.

Internal Improvements *************** *** 1356,1362 ****

Add tls12_record_protection_unused() and call it from CCS functions.

Move key/IV length checks closer to usage sites. Also add explicit ! checks against EVP_CIPHER_{iv,key}_length().

Replace two handrolled tls12_record_protection_engaged(). --- 1385,1392 ----

Add tls12_record_protection_unused() and call it from CCS functions.

Move key/IV length checks closer to usage sites. Also add explicit ! checks against ! EVP_CIPHER_{iv,key}_length().

Replace two handrolled tls12_record_protection_engaged(). *************** *** 1409,1416 ****

Move point-on-curve check to set_affine_coordinates to avoid verifying ECDSA signatures with unchecked public keys. !

Fix SSL_is_server() to behave as documented by re-introducing the ! client-specific methods.

Avoid undefined behavior due to memcpy(NULL, NULL, 0). --- 1439,1448 ----

Move point-on-curve check to set_affine_coordinates to avoid verifying ECDSA signatures with unchecked public keys. !

Fix ! SSL_is_server(3) ! to behave as documented by re-introducing the client-specific ! methods.

Avoid undefined behavior due to memcpy(NULL, NULL, 0). *************** *** 1425,1432 ****

Destroy the mutex in a tls_config object on tls_config_free().

Free alert_data and phh_data in tls13_record_layer_free() ! these could leak if SSL_shutdown() or tls_close() were called ! after closing the underlying socket().

Gracefully handle root certificates being both trusted and untrusted. --- 1457,1466 ----

Destroy the mutex in a tls_config object on tls_config_free().

Free alert_data and phh_data in tls13_record_layer_free() ! these could leak if ! SSL_shutdown(3) ! or tls_close(3) ! were called after closing the underlying socket().

Gracefully handle root certificates being both trusted and untrusted. *************** *** 1462,1470 ****

Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.

Fix two bugs in the legacy verifier that resulted from refactoring ! of X509_verify_cert() for the new verifier: a return value was ! incorrectly treated as boolean, making it insufficient to decide ! whether validation should carry on or not.

Fix checks for memory caps of constraints names. There are internal caps on the number of name constraints and other names, that the new --- 1496,1506 ----

Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.

Fix two bugs in the legacy verifier that resulted from refactoring ! of ! X509_verify_cert(3) ! for the new verifier: a return value was incorrectly treated as ! boolean, making it insufficient to decide whether validation should ! carry on or not.

Fix checks for memory caps of constraints names. There are internal caps on the number of name constraints and other names, that the new *************** *** 1514,1527 ****

Use the X509_STORE_CTX get_issuer() callback from the new X.509 verifier to fix hashed certificate directories. !

Only check BIO_should_read() on read and BIO_should_write() on ! write. Previously, BIO_should_write() was also checked after read ! and BIO_should_read() after write which could cause stalls in ! software that uses the same BIO for read and write. !

In openssl(1) verify, also check for error on the store context ! since the return value of X509_verify_cert() is unreliable in ! presence of a callback that returns 1 too often.

Handle additional certificate error cases in the new X.509 verifier. Keep track of the errors encountered if a verify callback tells the --- 1550,1571 ----

Use the X509_STORE_CTX get_issuer() callback from the new X.509 verifier to fix hashed certificate directories. !

Only check ! BIO_should_read(3) ! on read and ! BIO_should_write(3) ! on write. Previously, ! BIO_should_write(3) ! was also checked after read and ! BIO_should_read(3) ! after write which could cause stalls in software that uses the same ! BIO for read and write. !

In openssl(1) ! verify, also check for error on the store context since the return ! value of ! X509_verify_cert(3) ! is unreliable in presence of a callback that returns 1 too often.

Handle additional certificate error cases in the new X.509 verifier. Keep track of the errors encountered if a verify callback tells the *************** *** 1534,1540 **** error code.

Plug a large memory leak in the new verifier caused by calling ! X509_policy_check() repeatedly.

Avoid leaking memory in x509_verify_chain_dup(). --- 1578,1584 ---- error code.

Plug a large memory leak in the new verifier caused by calling ! X509_policy_check(3) repeatedly.

Avoid leaking memory in x509_verify_chain_dup().