version 1.57, 2022/04/17 17:02:12 |
version 1.58, 2022/04/17 17:16:25 |
|
|
found by the port to the Sortix operating system. |
found by the port to the Sortix operating system. |
<li>Add libmd as platform specific libraries for Solaris.<br> |
<li>Add libmd as platform specific libraries for Solaris.<br> |
<li>Set IA-64 compiler flag only if it is HP-UX with IA-64.<br> |
<li>Set IA-64 compiler flag only if it is HP-UX with IA-64.<br> |
<li>Enabled and scheduled Coverity scan.<br> |
<li>Enabled and scheduled Coverity scans.<br> |
</ul> |
</ul> |
|
|
<li>Compatibility Changes |
<li>Compatibility Changes |
|
|
<ul> |
<ul> |
<li>Avoid infinite loop for custom curves of order 1.<br> |
<li>Avoid infinite loop for custom curves of order 1.<br> |
<li>Avoid infinite loop on parsing DSA private keys.<br> |
<li>Avoid infinite loop on parsing DSA private keys.<br> |
<li>A malicious certificate can cause an infinite loop.<br> |
<li>Prevent a malicious certificate from causing an infinite loop.<br> |
<li>In some situations, the verifier would discard the error on an |
<li>In some situations, the verifier would discard the error on an |
unvalidated certificate chain.<br> |
unvalidated certificate chain.<br> |
This would happen when the verification callback was in use, |
This would happen when the verification callback was in use, |
instructing the verifier to continue unconditionally.<br> |
instructing the verifier to continue unconditionally.<br> |
This could lead to incorrect decisions being made in software. |
This could lead to incorrect decisions being made in software. |
<li>Avoid an infinite loop in SSL_shutdown() |
<li>Avoid an infinite loop in SSL_shutdown() |
<li>Fix another return 0 bug in SSL_shutdown() |
|
<li>Handle zero byte reads/writes that trigger handshakes in the |
<li>Handle zero byte reads/writes that trigger handshakes in the |
TLSv1.3 stack |
TLSv1.3 stack. |
<li>A long standing memleak in libtls CRL handling was fixed |
<li>A long standing memleak in libtls CRL handling was fixed |
<li>Avoid single byte overread in asn1_parse2(). |
|
<li>Allow name constraints with a leading dot. |
<li>Allow name constraints with a leading dot. |
<li>Relax a check in x509_constraints_dirname() to allow prefixes. |
|
<li>Fix NULL dereferences in openssl(1) cms option parsing. |
<li>Fix NULL dereferences in openssl(1) cms option parsing. |
<li>Do not zero the computed cofactor on ec_guess_cofactor() success. |
<li>Do not zero the computed cofactor on ec_guess_cofactor() success. |
<li>Bound cofactor in EC_GROUP_set_generator() to reduce the number of |
<li>Bound cofactor in EC_GROUP_set_generator() to reduce the number of |
bogus groups that can be described with nonsensical parameters. |
bogus groups that can be described with nonsensical parameters. |
<li>Avoid various potential segfaults in EVP_PKEY_CTX_free() in low |
<li>Avoid various potential segfaults in EVP_PKEY_CTX_free() in low |
memory conditions. |
memory conditions. |
<li>Plug leak in ASN1_TIME_adj_internal(). |
|
</ul> |
</ul> |
|
|
<li>Internal Improvements |
<li>Internal Improvements |
|
|
<li>Cache the SHA-512 hash instead of the SHA-1 hash and cache |
<li>Cache the SHA-512 hash instead of the SHA-1 hash and cache |
notBefore and notAfter times when X.509 certificates are parsed. |
notBefore and notAfter times when X.509 certificates are parsed. |
<li>The X.509 lookup code has been simplified and cleaned up. |
<li>The X.509 lookup code has been simplified and cleaned up. |
<li>Fixed numerous issues flagged by coverity and the cryptofuzz project |
<li>Fixed numerous issues flagged by coverity and the cryptofuzz project. |
<li>Increased the number of Miller-Rabin checks in DH and DSA |
<li>Increased the number of Miller-Rabin checks in DH and DSA |
key/parameter generation |
key/parameter generation. |
<li>Started using the bytestring API in libcrypto for cleaner and |
<li>Started using the bytestring API in libcrypto for cleaner and |
safer code |
safer code. |
<li>Convert {i2d,d2i}_{,EC_,DSA_,RSA_}PUBKEY{,_bio,_fp}() to templated |
|
ASN1 |
|
<li>Convert ASN1_OBJECT_new(), ASN1_STRING_type_new(), ASN1_PCTX_new(), |
|
X509_CRL_METHOD_new(), and pkey_hmac_init() to using calloc() instead |
|
of malloc() |
|
<li>Rewrite ASN1_STRING_cmp() |
|
<li>Replace asn1_tlc_clear and asn1_tlc_clear_nc macros with a function |
|
<li>Consolidate {d2i,i2d}_{pr,pu}.c |
|
<li>Remove handling of a NULL BUF_MEM from asn1_collect() |
|
<li>Pull the recursion depth check up to the top of asn1_collect() |
|
<li>Inline collect_data() in asn1_collect() |
|
<li>Convert asn1_d2i_ex_primitive()/asn1_collect() from BUF_MEM to CBB |
<li>Convert asn1_d2i_ex_primitive()/asn1_collect() from BUF_MEM to CBB |
<li>Clean up d2i_ASN1_BOOLEAN() and i2d_ASN1_BOOLEAN() |
<li>Clean up d2i_ASN1_BOOLEAN() and i2d_ASN1_BOOLEAN() |
<li>Consolidate ASN.1 universal tag type data |
<li>Consolidate ASN.1 universal tag type data |
<li>Rewrite ASN.1 identifier/length parsing in CBS |
<li>Rewrite ASN.1 identifier/length parsing in CBS |
<li>Make OBJ_obj2nid() work correctly with NID_undef |
<li>Make OBJ_obj2nid() work correctly with NID_undef |
<li>tlsext_tick_lifetime_hint is now an uint32_t |
|
<li>Untangle ssl3_get_message() return values |
<li>Untangle ssl3_get_message() return values |
<li>Rename tls13_buffer to tls_buffer |
|
<li>Fold DTLS_STATE_INTERNAL into DTLS1_STATE |
|
<li>Provide a way to determine our maximum legacy version |
<li>Provide a way to determine our maximum legacy version |
<li>Mop up enc_read_ctx and read_hash |
|
<li>Fold SSL_SESSION_INTERNAL into SSL_SESSION |
|
<li>Use ssl_force_want_read in the DTLS code |
|
<li>Add record processing limit to DTLS code |
|
<li>Add explicit CBS_contains_zero_byte() check in CBS_strdup() |
<li>Add explicit CBS_contains_zero_byte() check in CBS_strdup() |
<li>Improve SNI hostname validation |
<li>Improve SNI hostname validation |
<li>Ensure SSL_set_tlsext_host_name() is given a valid hostname |
<li>Ensure SSL_set_tlsext_host_name() is given a valid hostname |
<li>Fix a strange check in the auto DH codepath |
|
<li>Factor out/rewrite DHE key exchange |
<li>Factor out/rewrite DHE key exchange |
<li>Convert server serialisation of DHE parameters/public key to new |
<li>Convert server serialisation of DHE parameters/public key to new |
functions |
functions |
<li>Check DH public key in ssl_kex_peer_public_dhe() |
|
<li>Move the minimum DHE key size check into ssl_kex_peer_params_dhe() |
|
<li>Clean up and refactor server side DHE key exchange |
|
<li>Provide CBS_get_last_u8(), CBS_get_u64(), CBS_add_u64() and various |
<li>Provide CBS_get_last_u8(), CBS_get_u64(), CBS_add_u64() and various |
CBS_peek_* functions. |
CBS_peek_* functions. |
<li>Use CBS_get_last_u8() to find the content type in TLSv1.3 records |
<li>Use CBS_get_last_u8() to find the content type in TLSv1.3 records |
<li>unifdef TLS13_USE_LEGACY_CLIENT_AUTH |
|
<li>Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack |
<li>Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack |
<li>Only allow zero length key shares when we know we're doing HRR |
<li>Only allow zero length key shares when we know we're doing HRR |
<li>Pull key share group/length CBB code up from |
<li>Pull key share group/length CBB code up from |
tls13_key_share_public() |
tls13_key_share_public() |
<li>Refactor ssl3_get_server_kex_ecdhe() to separate parsing and |
<li>Refactor ssl3_get_server_kex_ecdhe() to separate parsing and |
validation |
validation. |
<li>Return 0 on failure from send/get kex functions in the legacy |
|
stack |
|
<li>Rename tls13_key_share to tls_key_share |
|
<li>Allocate and free the EVP_AEAD_CTX struct in |
<li>Allocate and free the EVP_AEAD_CTX struct in |
tls13_record_protection |
tls13_record_protection. |
<li>Convert legacy TLS client and server to tls_key_share |
<li>Convert legacy TLS client and server to tls_key_share |
<li>Stop attempting to duplicate the public and private key of dh_tmp |
|
<li>Rename dh_tmp to dhe_params |
|
<li>Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY |
|
<li>Clean up pkey handling in ssl3_get_server_key_exchange() |
<li>Clean up pkey handling in ssl3_get_server_key_exchange() |
<li>Fix GOST skip certificate verify handling |
<li>Fix GOST skip certificate verify handling |
<li>Simplify tlsext_keyshare_server_parse() |
|
<li>Plumb decode errors through key share parsing code |
|
<li>Simplify SSL_get_peer_certificate() |
<li>Simplify SSL_get_peer_certificate() |
<li>Cleanup/simplify ssl_cert_type() |
<li>Cleanup/simplify ssl_cert_type() |
<li>The S3I macro was removed |
|
<li>The openssl(1) cms, smime and ts subcommands option handling was |
<li>The openssl(1) cms, smime and ts subcommands option handling was |
converted and the C source was cleaned up. |
converted and the C source was cleaned up. |
<li>Limit OID text conversion to 64 bits per arc. |
<li>Limit OID text conversion to 64 bits per arc. |
|
|
<li>Add sanity checks on p and q in old_dsa_priv_decode() |
<li>Add sanity checks on p and q in old_dsa_priv_decode() |
<li>Cache the SHA-512 hash instead of the SHA-1 for CRLs. |
<li>Cache the SHA-512 hash instead of the SHA-1 for CRLs. |
<li>Suppress various compiler warnings for old gcc versions. |
<li>Suppress various compiler warnings for old gcc versions. |
<li>Remove free_cont from asn1_d2i_ex_primitive()/asn1_ex_c2i(). |
|
<li>Rework ownership handling in x509_constraints_validate(). |
|
<li>Rework ASN1_STRING_set(). |
<li>Rework ASN1_STRING_set(). |
<li>Remove const from tls1_transcript_hash_value(). |
|
<li>Clean up and simplify ssl3_renegotiate{,_check}(). |
<li>Clean up and simplify ssl3_renegotiate{,_check}(). |
<li>Rewrite legacy TLS and DTLS unexpected handshake message handling. |
<li>Rewrite legacy TLS and DTLS unexpected handshake message handling. |
<li>Simplify SSL_do_handshake(). |
<li>Simplify SSL_do_handshake(). |
<li>Rewrite ASCII/text to ASN.1 object conversion. |
<li>Rewrite ASCII/text to ASN.1 object conversion. |
<li>Provide t2i_ASN1_OBJECT_internal() and use it for OBJ_txt2obj(). |
|
<li>Split armv7 and aarch64 code into separate locations. |
|
<li>Provide asn1_get_primitive(). |
|
<li>Convert {c2i,d2i}_ASN1_OBJECT() to CBS. |
<li>Convert {c2i,d2i}_ASN1_OBJECT() to CBS. |
<li>Remove the minimum record length checks from dtls1_read_bytes(). |
|
<li>Clean up {dtls1,ssl3}_read_bytes(). |
<li>Clean up {dtls1,ssl3}_read_bytes(). |
<li>Be more careful with embedded and terminating NULs in the new |
<li>Be more careful with embedded and terminating NULs in the new |
name constraints code. |
name constraints code. |
<li>Various minor code cleanup in openssl(1) pkcs12. |
<li>Various minor code cleanup in openssl(1) pkcs12. |
<li>Simplify priv_key handling in d2i_ECPrivateKey(). |
<li>Simplify priv_key handling in d2i_ECPrivateKey(). |
</ul> |
</ul> |