LibreSSL 3.1.4 - Interoperability and bug fixes for the TLSv1.3 client: - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2020-08-10 18:59:47 +0000
committer	tb <>	2020-08-10 18:59:47 +0000
commit	5a715e5d56517275cd64092796fb2595209eb962 (patch)
tree	e71b2891b8ce65ccefec5a7582a532ae6f33f7f4 /src/lib/libc
parent	a91baa573ac5ab1cbde7a2761d1d1da9501f45ec (diff)
download	openbsd-5a715e5d56517275cd64092796fb2595209eb962.tar.gz openbsd-5a715e5d56517275cd64092796fb2595209eb962.tar.bz2 openbsd-5a715e5d56517275cd64092796fb2595209eb962.zip

LibreSSL 3.1.4 - Interoperability and bug fixes for the TLSv1.3 client:

* Improve client certificate selection to allow EC certificates instead of only RSA certificates. * Do not error out if a TLSv1.3 server requests an OCSP response as part of a certificate request. * Fix SSL_shutdown behavior to match the legacy stack. The previous behaviour could cause a hang. * Fix a memory leak and add a missing error check in the handling of the key update message. * Fix a memory leak in tls13_record_layer_set_traffic_key. * Avoid calling freezero with a negative size if a server sends a malformed plaintext of all zeroes. * Ensure that only PSS may be used with RSA in TLSv1.3 in order to avoid using PKCS1-based signatures. * Add the P-521 curve to the list of curves supported by default in the client. This is errata/6.7/019_libssl.patch.sig

Diffstat (limited to 'src/lib/libc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: