git: vendor/libressl: upgrade from 3.2.3 to 3.2.4

Daniel Fojt deef at crater.dragonflybsd.org
Fri Feb 19 03:02:10 PST 2021


commit 2eb7d3b81ae617871ac1158372b5f1e8dde4ffba
Author: Daniel Fojt <df at neosystem.org>
Date:   Wed Feb 17 19:29:12 2021 +0100

    vendor/libressl: upgrade from 3.2.3 to 3.2.4
    
    Bug and interoperability fixes:
    
     * Switch back to certificate verification code from LibreSSL 3.1.x. The
       new verifier is not bug compatible with the old verifier causing issues
       with applications expecting behavior of the old verifier.
    
     * Unbreak DTLS retransmissions for flights that include a CCS
    
     * Only check BIO_should_read() on read and BIO_should_write() on write
    
     * Implement autochain for the TLSv1.3 server
    
     * Use the legacy verifier for autochain
    
     * Implement exporter for TLSv1.3
    
     * Free alert_data and phh_data in tls13_record_layer_free()
    
     * Plug leak in x509_verify_chain_dup()
    
     * Free the policy tree in x509_vfy_check_policy()

Summary of changes:
 crypto/libressl/ChangeLog                  | 27 +++++++++++
 crypto/libressl/VERSION                    |  2 +-
 crypto/libressl/crypto/x509/x509_verify.c  |  4 +-
 crypto/libressl/crypto/x509/x509_vfy.c     |  7 ++-
 crypto/libressl/crypto/x509/x509_vpm.c     |  4 +-
 crypto/libressl/include/openssl/opensslv.h |  4 +-
 crypto/libressl/ssl/d1_both.c              | 15 +++---
 crypto/libressl/ssl/ssl_both.c             |  4 +-
 crypto/libressl/ssl/ssl_lib.c              | 15 ++++--
 crypto/libressl/ssl/tls13_internal.h       | 16 ++++++-
 crypto/libressl/ssl/tls13_key_schedule.c   | 24 ++++++++--
 crypto/libressl/ssl/tls13_legacy.c         |  6 +--
 crypto/libressl/ssl/tls13_lib.c            | 74 +++++++++++++++++++++++++++++-
 crypto/libressl/ssl/tls13_record_layer.c   |  5 +-
 crypto/libressl/ssl/tls13_server.c         | 26 ++++++++++-
 15 files changed, 202 insertions(+), 31 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2eb7d3b81ae617871ac1158372b5f1e8dde4ffba


-- 
DragonFly BSD source repository


More information about the Commits mailing list