LibreSSL 2.6.3 Released
6 November, 2017 by busterb@gmail.com | openbsd
We have released LibreSSL 2.6.3, based on OpenBSD 6.2, which will be the new stable release series. LibreSSL 2.4.x support has also ended. LibreSSL 2.6.3 contains the following changes from the previous stable release: * Added support for providing CRLs to libtls - once a CRL is provided via tls_config_set_crl_file(3) or tls_config_set_crl_mem(3), CRL checking is enabled and required for the full certificate chain. * Reworked TLS certificate name verification code to more strictly follow RFC 6125. * Cleaned up and simplified server key exchange EC point handling. * Removed inconsistent IPv6 handling from BIO_get_accept_socket(), simplified BIO_get_host_ip() and BIO_accept(). * Added definitions for three OIDs used in EV certificates. * Relaxed SNI validation to allow non-RFC-compliant clients using literal IP addresses with SNI to connect to a libtls-based TLS server. * Added tls_peer_cert_chain_pem() to libtls, useful in private certificate validation callbacks such as those in relayd. * Converted explicit clear/free sequences to use freezero(3). * Fixed the openssl(1) ca command so that it generates certificates with RFC 5280-conformant time. * Added ASN1_TIME_set_tm(3) to set an ASN.1 time from a struct tm *. * Added SSL{,_CTX}_set_{min,max}_proto_version(3) functions. * Imported HKDF (HMAC Key Derivation Function) from BoringSSL. * Provided a tls_unload_file(3) function that frees the memory returned from a tls_load_file(3) call, ensuring that the contents become inaccessible. * Implemented reference counting for libtls tls_config, allowing tls_config_free(3) to be called as soon as it has been passed to the final tls_configure(3) call, simplifying lifetime tracking for the application. * Dropped cipher suites using DSS authentication. * Removed support for DSS/DSA from libssl. * Distinguish between self-issued certificates and self-signed certificates. The certificate verification code has special cases for self-signed certificates and without this change, self-issued certificates (which it seems are common place with openvpn/easyrsa) were also being included in this category. * Added a new TLS extension handling framework and converted all TLS extensions to use it. * Improved and added many new manpages. Updated SSL_{CTX_,}check_private_key(3) manpages with additional cautions regarding their use. * Cleaned up and simplified EC key/curve configuration handling. * Added tls_config_set_ecdhecurves(3) to libtls, which allows the names of the elliptical curves that may be used during client and server key exchange to be specified. * Converted more code paths to use CBB/CBS. * Removed NPN support - NPN was never standardised and the last draft expired in October 2012. * Removed SSL_OP_CRYPTOPRO_TLSEXT_BUG workaround for old/broken CryptoPro clients. * Removed support for the TLS padding extension, which was added as a workaround for an old bug in F5's TLS termination. * Added ability to clamp notafter values in certificates for systems with 32-bit time_t. This is necessary to conform to RFC 5280 4.1.2.5. * Removed the original (pre-IETF) chacha20-poly1305 cipher suites. * Reclassified ECDHE-RSA-DES-CBC3-SHA from HIGH to MEDIUM. * Provide a useful error with libtls if there are no OCSP URLs in a peer certificate. * Keep track of which keypair is in use by a TLS context, fixing a bug where a TLS server with SNI would only return the OCSP staple for the default keypair. * If tls_config_parse_protocols(3) is called with a NULL pointer it now returns the default protocols. The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.