@@ -28,153 +28,6 @@ history is also available from Git.
2828
2929LibreSSL Portable Release Notes:
3030
31- 3.6.1 - Stable release
32-
33- * Bug fixes
34- - Custom verification callbacks could cause the X.509 verifier to
35- fail to store errors resulting from leaf certificate verification.
36- Reported by Ilya Shipitsin.
37- - Unbreak ASN.1 indefinite length encoding.
38- Reported by Niklas Hallqvist.
39-
40- 3.6.0 - Development release
41-
42- * Internal improvements
43- - Avoid expensive RFC 3779 checks during cert verification.
44- - The templated ASN.1 decoder has been cleaned up, refactored,
45- modernized with parts rewritten using CBB and CBS.
46- - The ASN.1 time parser has been rewritten.
47- - Rewrite and fix ASN1_STRING_to_UTF8().
48- - Use asn1_abs_set_unused_bits() rather than inlining it.
49- - Simplify ec_asn1_group2curve().
50- - First pass at a clean up of ASN1_item_sign_ctx()
51- - ssl_txt.c was cleaned up.
52- - Internal function arguments and struct member have been changed
53- to size_t.
54- - Lots of missing error checks of EVP API were added.
55- - Clean up and clarify BN_kronecker().
56- - Simplify ASN1_INTEGER_cmp()
57- - Rewrite ASN1_INTEGER_{get,set}() using CBS and CBB and reuse
58- the ASN1_INTEGER functions for ASN1_ENUMERATED.
59- - Use ASN1_INTEGER to parse and build {Z,}LONG_it
60- - Refactored and cleaned up group (elliptic curve) handling in
61- t1_lib.c.
62- - Simplify certificate list handling code in the legacy server.
63- - Make CBB_finish() fail if *out_data is not NULL.
64- - Remove tls_buffer_set_data() and remove/revise callers.
65- - Rewrite SSL{_CTX,}_set_alpn_protos() using CBS.
66- - Simplify tlsext_supported_groups_server_parse().
67- - Remove redundant length checks in tlsext parse functions.
68- - Simplify tls13_server_encrypted_extensions_recv().
69- - Add read and write support to tls_buffer.
70- - Convert TLS transcript from BUF_MEM to tls_buffer.
71- - Clear key on exit in PKCS12_gen_mac().
72- - Minor fixes in PKCS12_parse().
73- - Provide and use a primitive clear function for BIGNUM_it.
74- - Use ASN1_INTEGER to encode/decode BIGNUM_it.
75- - Add stack frames to AES-NI x86_64 assembly.
76- - Use named initialisers for BIGNUMs.
77- - Tidy up some of BN_nist_mod_*.
78- - Expand BLOCK_CIPHER_* and related macros.
79- - Avoid shadowing the cbs function parameter in
80- tlsext_alpn_server_parse()
81- - Deduplicate peer certificate chain processing code.
82- - Make it possible to signal an error from an i2c_* function.
83- - Rewrite i2c_ASN1_INTEGER() using CBB/CBS.
84- - Remove UINT32_MAX limitation on ChaCha() and CRYPTO_chacha_20().
85- - Remove bogus length checks from EVP_aead_chacha20_poly1305().
86- - Reworked DSA_size() and ECDSA_size().
87- - Stop using CBIGNUM_it internal to libcrypto.
88- - Provide c2i_ASN1_ENUMERATED_cbs() and call it from
89- asn1_c2i_primitive().
90- - Ensure ASN.1 types are appropriately encoded.
91- - Avoid recycling ASN1_STRINGs when decoding ASN.1.
92- - Tidy up asn1_c2i_primitive() slightly.
93- - Mechanically expand IMPLEMENT_BLOCK_CIPHER, IMPLEMENT_CFBR,
94- BLOCK_CIPHER and the looney M_do_cipher macros.
95- - Use correct length for EVP CFB mode ciphers.
96- - Provide a version of ssl_msg_callback() that takes a CBS.
97- - Use CBS to parse TLS alerts in the legacy stack.
98- - Increment the input and output position for EVP AES CFB1.
99- - Ensure there is no trailing data for a CCS received by the
100- TLSv1.3 stack.
101- - Use CBS when procesing a CCS message in the legacy stack.
102- - Be stricter with middlebox compatibility mode in the TLSv1.3
103- server.
104- * Compatibility changes
105- - The ASN.1 time parser has been refactored and rewritten using CBS.
106- It has been made stricter in that it now enforces the rules from
107- RFC 5280.
108- - ASN1_AFLG_BROKEN was removed.
109- - Error check tls_session_secret_cb() like OpenSSL.
110- - Added ASN1_INTEGER_{get,set}_{u,}int64()
111- - Move leaf certificate checks to the last thing after chain
112- validation.
113- - Added -s option to openssl(1) ciphers that only shows the ciphers
114- supported by the specified protocol.
115- - Use TLS_client_method() instead of TLSv1_client_method() in
116- the openssl(1) ciphers command.
117- - Validate the protocols in SSL{_CTX,}_set_alpn_protos().
118- - Made TS and PKCS12 opaque.
119- - Per RFC 7292, safeContentsBag is a SEQUENCE OF, not a SET OF.
120- - Align PKCS12_key_gen_uni() with OpenSSL
121- - Various PKCS12 and TS accessors were added. In particular, the
122- TS_RESP_CTX_set_time_cb() function was added back.
123- - Allow a NULL header in PEM_write{,_bio}()
124- - Allow empty attribute sets in CSRs.
125- - Adjust signatures of BIO_ctrl functions.
126- - Provide additional defines for EVP AEAD.
127- - Provide OPENSSL_cleanup().
128- - Make BIO_info_cb() identical to bio_info_cb().
129- * Bug fixes
130- - Avoid use of uninitialized in BN_mod_exp_recp().
131- - Fix X509_get_extension_flags() by ensuring that EXFLAG_INVALID is
132- set on X509_get_purpose() failure.
133- - Fix HMAC() with NULL key.
134- - Add ERR_load_{COMP,CT,KDF}_strings() to ERR_load_crypto_strings().
135- - Avoid strict aliasing violations in BN_nist_mod_*().
136- - Do not return X509_V_ERR_UNSPECIFIED from X509_check_ca().
137- No return value of X509_check_ca() indicates failure. Application
138- code should therefore issue a checked call to X509_check_purpose()
139- before calling X509_check_ca().
140- - Rewrite and fix X509v3_asid_subset() to avoid segfaults on some
141- valid input.
142- - Call the ASN1_OP_D2I_PRE callback after ASN1_item_ex_new().
143- - Fix d2i_ASN1_OBJECT to advance the *der_in pointer correctly.
144- - Avoid use of uninitialized in ASN1_STRING_to_UTF8().
145- - Do not pass uninitialized pointer to ASN1_STRING_to_UTF8().
146- - Do not refuse valid IPv6 addresses in nc(1)'s HTTP CONNECT proxy.
147- - Do not reject primes in trial divisions.
148- - Error out on negative shifts in BN_{r,l}shift() instead of
149- accessing arrays out of bounds.
150- - Fix URI name constraints, allow for URI's with no host part.
151- - Fix the legacy verifier callback behaviour for untrusted certs.
152- - Correct serfver-side handling of TLSv1.3 key updates.
153- - Plug leak in PKCS12_setup_mac().
154- - Plug leak in X509V3_add1_i2d().
155- - Only print X.509 versions we know about.
156- - Avoid signed integer overflow due to unary negation
157- - Initialize readbytes in BIO_gets().
158- - Plug memory leak in CMS_add_simple_smimecap().
159- - Plug memory leak in X509_REQ_print_ex().
160- - Check HMAC() return value to avoid a later use of uninitialized.
161- - Avoid potential NULL dereference in ssl_set_pkey().
162- - Check return values in ssl_print_tmp_key().
163- - Switch loop bounds from size_t to int in check_hosts().
164- - Avoid division by zero if no connection was made in s_time.c.
165- - Check sk_SSL_CIPHER_push() return value
166- - Avoid out-of-bounds read in ssl_cipher_process_rulestr().
167- - Use LONG_MAX as the limit for ciphers with long based APIs.
168- * New features
169- - EVP API for HKDF ported from OpenSSL and subsequently cleaned up.
170- - The security level API (SSL_{,CTX}_{get,set}_security_level()) is
171- now available. Callbacks and ex_data are not supported. Sane
172- software will not be using this.
173- - Experimental support for the BoringSSL QUIC API.
174- - Add initial support for TS ESSCertIDv2 verification.
175- - LibreSSL now uses the Baillie-PSW primality test instead of
176- Miller-Rabin .
177-
178313.5.3 - Reliability fix
17932
18033 * Fix d2i_ASN1_OBJECT(). A confusion of two CBS resulted in advancing
0 commit comments