factotum/libressl-portable
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Tweak changelog for 3.3.2.

Browse Source
This commit is contained in:
Joel Sing 2021-04-15 15:38:32 +10:00
parent 0d7d4ec226
commit d74cf44233
1 changed files with 38 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
ChangeLog
View File

@ -37,18 +37,19 @@ LibreSSL Portable Release Notes:
* Switch finish{,_peer}_md_len from an int to a size_t. * Switch finish{,_peer}_md_len from an int to a size_t.
* Fix SSL_get{,_peer}_finished() with TLSv1.3. * Make SSL_get{,_peer}_finished() work when used with TLSv1.3.
* Use EVP_MD_MAX_MD_SIZE instead of 2 * EVP_MD_MAX_MD_SIZE as size * Use EVP_MD_MAX_MD_SIZE instead of 2 * EVP_MD_MAX_MD_SIZE as size
for cert_verify_md[], finish_md[] and peer_finish_md[]. The factor 2 for cert_verify_md[], finish_md[] and peer_finish_md[]. The factor 2
was a historical artefact. was a historical artefact.
* Corrected the return value type from ERR_peek_error() to a long. * Correct the return value type from ERR_peek_error() to a long.
* Avoid use of uninitialized in ASN1_time_parse which could happen * Avoid use of uninitialized in ASN1_time_parse() which could happen
on parsing UTCTime if the caller didn't clear the passed struct tm. on parsing UTCTime if the caller did not initialise the passed
struct tm.
* Destroy mutex in a tls_config object on tls_config_free(). * Destroy the mutex in a tls_config object on tls_config_free().
* Free alert_data and phh_data in tls13_record_layer_free() * Free alert_data and phh_data in tls13_record_layer_free()
these could leak if SSL_shutdown() or tls_close() were called these could leak if SSL_shutdown() or tls_close() were called
@ -63,7 +64,7 @@ LibreSSL Portable Release Notes:
* Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in the new * Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE in the new
verifier. verifier.
* Use the legacy verifier when building auto chains. * Use the legacy verifier when building auto chains for TLS.
* Use consistent names in tls13_{client,server}_finished_{recv,send}(). * Use consistent names in tls13_{client,server}_finished_{recv,send}().
@ -77,18 +78,18 @@ LibreSSL Portable Release Notes:
* Search the intermediates only after searching the root certs in the * Search the intermediates only after searching the root certs in the
new verifier to avoid problems with the legacy callback. new verifier to avoid problems with the legacy callback.
* Bail out early after finding a single chain in the new verifier if * Bail out early after finding a single chain in the new verifier, if
we have been called from the legacy verifier API. we have been called via the legacy verifier API.
* Set (invalid and likely incomplete) chain on the xsc on chain build * Set (invalid and likely incomplete) chain on the xsc on chain build
failure prior to calling the callback. This is required by things failure prior to calling the callback. This is required by various
like auto chain. callers, including auto chain.
* Align SSL_get_shared_ciphers() with OpenSSL. This takes into account * Align SSL_get_shared_ciphers() with OpenSSL. This takes into account
that it never returned server ciphers, so now it will fail when that it never returned server ciphers, so now it will fail when
called from the client side. called from the client side.
* Added support for SSL_get_shared_ciphers() to TLSv1.3. * Add support for SSL_get_shared_ciphers() with TLSv1.3.
* Split the record protection from the TLSv1.2 record layer. * Split the record protection from the TLSv1.2 record layer.
@ -109,7 +110,7 @@ LibreSSL Portable Release Notes:
* Add code to handle change of cipher state in the new TLSv1.2 record * Add code to handle change of cipher state in the new TLSv1.2 record
layer. layer.
* Mop up unused dtls1_build_sequence_numbers() function. * Mop up now unused dtls1_build_sequence_numbers() function.
* Allow setting a keypair on a tls context without specifying the * Allow setting a keypair on a tls context without specifying the
private key, and fake it internally in libtls. This removes the private key, and fake it internally in libtls. This removes the
@ -133,7 +134,7 @@ LibreSSL Portable Release Notes:
draft-ietf-sidrops-rpki-rta, and draft-ietf-opsawg-finding-geofeeds. draft-ietf-sidrops-rpki-rta, and draft-ietf-opsawg-finding-geofeeds.
* Fail early in legacy exporter if the master secret is not available * Fail early in legacy exporter if the master secret is not available
to avoid a segfault if it is called if the handshake is not to avoid a segfault if it is called when the handshake is not
completed. completed.
* Factor out legacy stack version checks. * Factor out legacy stack version checks.
@ -149,7 +150,7 @@ LibreSSL Portable Release Notes:
* Enforce read ahead with DTLS. * Enforce read ahead with DTLS.
* Remove bogus DTLS checks to disable ECC and OCSP. * Remove bogus DTLS checks that disabled ECC and OCSP.
* Sync cert.pem with Mozilla NSS root CAs except "GeoTrust Global CA". * Sync cert.pem with Mozilla NSS root CAs except "GeoTrust Global CA".
@ -186,18 +187,18 @@ LibreSSL Portable Release Notes:
x509_vfy_check_chain_extension() for all untrusted certs in the x509_vfy_check_chain_extension() for all untrusted certs in the
chain. Take into account that the root is not necessarily trusted. chain. Take into account that the root is not necessarily trusted.
* Avoid passing last and depth to x509_verify_cert_error() on ENOMEM * Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.
* Rename depth to num_untrusted. * Rename depth to num_untrusted.
* Only use TLS versions internally rather than both TLS and DTLS * Only use TLS versions internally rather than both TLS and DTLS
versions since the latter are the one's complement of the human versions since the latter are the one's complement of the human
readable version numbers, which means that newer versions decrease readable version numbers, which means that newer versions decrease
in values. in value.
* Fix two bugs in the legacy verifier due to incorrect refactoring of * Fix two bugs in the legacy verifier that resulted from refactoring
X509_verify_cert() for the new verifier: a return value was treated of X509_verify_cert() for the new verifier: a return value was
as Boolean when it wasn't and thus it was not enough to decide incorrectly treated as boolean, making it insufficient to decide
whether validation should carry on or not. whether validation should carry on or not.
* Identify DTLS based on the version major value. * Identify DTLS based on the version major value.
@ -220,13 +221,13 @@ LibreSSL Portable Release Notes:
* Guard against future internal use of TLS1_get_{client,}_version() * Guard against future internal use of TLS1_get_{client,}_version()
macros. macros.
* Remove the internal ssl_downgrade_max_version() which is no longer * Remove the internal ssl_downgrade_max_version() function which is no
needed. longer needed.
* Fix checks for memory caps of constraints names. There are internal * Fix checks for memory caps of constraints names. There are internal
caps on the number of name constraints and other names that the new caps on the number of name constraints and other names, that the new
name constraints code allocates per cert chain. These checks were name constraints code allocates per cert chain. These checks were
checked too late, making these caps only partially effective. checked too late, making these limits only partially effective.
* Use EXFLAG_INVALID to handle out of memory and parse errors in * Use EXFLAG_INVALID to handle out of memory and parse errors in
x509v3_cache_extensions(). x509v3_cache_extensions().
@ -240,15 +241,14 @@ LibreSSL Portable Release Notes:
* Remove no longer needed read ahead workarounds in the s_client and * Remove no longer needed read ahead workarounds in the s_client and
s_server. s_server.
* Fix a copy-paste error a skid was confused with an akid when * Fix a copy-paste error - skid was confused with an akid when
checking for EXFLAG_INVALID. This broke OCSP validation with checking for EXFLAG_INVALID. This broke OCSP validation with
certain mirrors. certain mirrors.
* Made supported protocols and list of DHE more prominent in * Made supported protocols and options for DHE params more prominent
tls_config_set_protocols.3. Various mdoc improvements for that in tls_config_set_protocols.3.
manual.
* Avoid a use-after-scope in tls13_cert_add() * Avoid a use-after-scope in tls13_cert_add().
* Split TLSv1.3 record protection from record layer. * Split TLSv1.3 record protection from record layer.
@ -256,7 +256,7 @@ LibreSSL Portable Release Notes:
struct. struct.
* Fully initialize rrec in tls12_record_layer_open_record_protected() * Fully initialize rrec in tls12_record_layer_open_record_protected()
to avoid confusing certain static analyzers. to avoid confusing some static analyzers.
* Use tls_set_errorx() on OCSP_basic_verify() failure since the latter * Use tls_set_errorx() on OCSP_basic_verify() failure since the latter
does not set errno. does not set errno.
@ -271,18 +271,15 @@ LibreSSL Portable Release Notes:
* Avoid mangled output in BIO_debug_callback(). * Avoid mangled output in BIO_debug_callback().
* Fix client side renegotiation by replacing use of s->internal-type * Fix client initiated renegotiation by replacing use of s->internal-type
with s->server. with s->server.
* Avoid a symbol collision with SSL_is_dtls() between libssl and
openssl(1) in static builds.
* Move the TLSv1.2 record number increment into the new record layer. * Move the TLSv1.2 record number increment into the new record layer.
* Move finished and peer finished into the handshake struct. * Move finished and peer finished into the handshake struct.
* Avoid transcript initialization when sending a TLS HelloRequest * Avoid transcript initialization when sending a TLS HelloRequest,
to fix server side renegotiation. fixing server initiated renegotiation.
* Remove pointless assignment in SSL_get0_alpn_selected(). * Remove pointless assignment in SSL_get0_alpn_selected().
@ -290,18 +287,19 @@ LibreSSL Portable Release Notes:
* Add missing prototype for d2i_DSAPrivateKey_fp(3) to x509.h. * Add missing prototype for d2i_DSAPrivateKey_fp(3) to x509.h.
* Show DTLSv1.2 message with openssl(1) s_server and s_client. * Add DTLSv1.2 to openssl(1) s_server and s_client protocol message
logging.
* Avoid leaking param->name in x509_verify_param_zero(). * Avoid leaking param->name in x509_verify_param_zero().
* Avoid a leak in an error path in openssl x509. * Avoid a leak in an error path in openssl(1) x509.
* Add some error checking to openssl x509. * Add some error checking to openssl(1) x509.
* When sending an alert in TLSv1.3, only set its error code when no * When sending an alert in TLSv1.3, only set its error code when no
other error was set previously. Certain clients rely on specific other error was set previously. Certain clients rely on specific
SSL_R_ error codes to determine that they deal with a self signed SSL_R_ error codes to identify that they are dealing with a self
cert. signed cert.
* Provide SSL_use_certificate_chain_file(3). * Provide SSL_use_certificate_chain_file(3).
@ -309,8 +307,6 @@ LibreSSL Portable Release Notes:
* Provide various DTLSv1.2 specific functions and defines. * Provide various DTLSv1.2 specific functions and defines.
* Remove workarounds for SSL_is_dtls() in openssl(1).
* Document meaning of '*' in the genrsa output. * Document meaning of '*' in the genrsa output.
* Updated documentation for SSL_get_shared_ciphers(3). * Updated documentation for SSL_get_shared_ciphers(3).