Upstream changes:
0.05 2015-11-14 NEILB
- Updated github repo URL after changing my github username
- Added [MetaJSON] to dist.ini so META.json is included in releases
- Doc: changed usage of "local $^W" to "no warnings 'redefine'"
- Fixed a couple of typos in the doc
- Dropped usage of "use vars"
- Module didn't have the required final "1;" or equivalent.
Was only by luck it had been.
------------------------------------------
2.034 2016/08/08
- move handling of global SSL arguments into creation of context, so that these
get also applied when creating a context only.
--------------------------------------
0.73 Jun 10, 2016
- Some old perl versions doesn't like Errno constant subs
being called without parents. Add them.
0.72 Jun 9, 2016
- Rerelease as stable.
0.71_03 Mar 16, 2016
- Improve shell detection code.
- Use a timeout to kill external commands not returning
control.
- improve ksh version checking in tests (bug report by jtzako
via PerlMonks)
0.71_02 Mar 11, 2016
- Lighten master socket checks in async mode in order to avoid
blocking and setting custom signal handlers which can
interfere with event-programming frameworks (bug report by
Doug Hoyte).
0.71_01 Jan 20, 2016
- Add entry on the documentation about how to integrate the
module with event-oriented programming frameworks (bug
report by Doug Hoyte, #gh17)
- Use an adaptative delaying algorithm while waiting for the
multiplexing socket to pop up (bug report by Doug Hoyte,
#gh17).
- Improve SIGCHLD handling and interoperability with other
modules setting custom handlers (bug report by Doug Hoyte,
#gh16).
- Drop patch-Makefile.PL, see below at 1.01 Feature item.
(Upsteam)
- Updated devel/p5-Net-DNS-SEC 0.22 to 1.02
-----------------------------------------
**** 1.02 September 16, 2015
Fix: Bug in t/10-keyset.t raises exception in Net::DNS
**** 1.01 August 3, 2015
Feature
The RRs previously implemented in Net::DNS::SEC are now
integrated with Net::DNS.
Fix: rt.cpan.org #105808
Version test for Pod::Test is broken
Fix: rt.cpan.org #105698
Net-DNS 1.01 conflicts with Net-DNS-SEC 0.22
--------------------------------
New in 0.16.0; 2016-05-15
* build
link OpenSSL in static
option: enable PKCS11 thread locking
* configuration
use one configuration file for all systems
* tools:
package revision as version
** pkcs11-tool
keygen mechanism in pkcs11 tools
write GOST public key
fix CKA_SENSITIVE attribute of public keys
** opensc-explorer:
added command find_tags
allow ASN.1 decoding if the file seems incomplete
** pkcs15-tool:
handle record-based files when doing file caching
option to prine raw data
** sc-hsm-tool:
status info support for SmartCard-HSM V2.0
** doc: some missing options are documented, added documentation
for gid tool
* minidriver:
support for ECC
Windows x509 enrollment
first implementation of CardDeleteContainer
MD logs controlled by register and environment variable
* reader-pcsc
fixed unreleased locks with pcsc-lite
honour PC/SC pt 10 dwMaxAPDUDataSize
added call back for getting vendor/product id
restrict access to card handles after fork
SCardGetAttrib is used to initialize reader's metadata
by default only short APDUs supported
* pkcs11
no slot reserved for hot plug
no more slot created 'per-applications'
atomic operation (TODO: expand)
export all C_* symbols
metadata initialized from package info
fix registering pkcs11 mechanisms multiple times
sloppy initialization for C_GetSlotInfo
* pkcs15
cache of on-card files extended to application paths
configuration option to enable/disable application
make file cache dir configurable
in key info data type introduced 'auxiliary data' -- container
for the non-pkc15 data.
* OpenPGP
support for Gnuk -- USB cryptographic token for GNU Privacy Guard
build without OpenSSL
implemented 'erase card'
additional manufacturers
* MyEID
support for 521 bit ECC keys
ATRs for the new cards
* sc-hsm
read/write support in minidriver
* rtecp
delete keys
* GemSafeV1
support for European Patent Office smart card
sign with SHA256
* Gids
first support for Gids smart card
* dnie
* Feitian PKI card
new ATRs
* IsoApplet
(fixes)
* starcos
initial support for STARCOS 3.4 (German D-Trust cards)
* macosx
install tokend to /Library/Security/ instead /System/Library/Security/
fixed locking issue in pcsc reader
* PIV
allow using of cards where default application in not PIV
support for the Yubikey NEO
* italian-CNS
italian-cns reg file for minidriver
1.77 2016-08-01
Fixed incorrect size to memset in tlsext_ticket_key_cb_invoke.
1.76 2016-07-31
Replaced bzero with memset. Bzero not present on windows.
1.75 2016-07-31
Compatibility with OpenSSL 1.1, tested with openssl-1.1.0-pre5:
- Conditionally remove threading locking code, not needed in 1.1
- Rewrite code that accesses inside X509_ATTRIBUTE struct.
- SSL_CTX_need_tmp_RSA, SSL_CTX_set_tmp_rsa,
SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback support
not available in 1.1.
- SSL_session_reused is now native
- SSL_get_keyblock_size modifed to use new API
- OCSP functions modified to use new API under 1.1
- SSL_set_state removed with 1.1
- SSL_get_state and SSL_state are now equivalent and available in all
versions
- SSL_CTX_v2_new removed
- SESSION_set_master_key removed with 1.1. Code that previously used
SESSION_set_master_key must now set $secret in the session_secret
callback set with SSL_set_session_secret_cb
- With 1.1, $secret in the session_secret
callback set with SSL_set_session_secret_cb can be changed to alter
the master key (required by EAP-FAST).
Added a function EC_KEY_generate_key similar to RSA_generate_key and a
function EVP_PKEY_assign_EC_KEY similar to EVP_PKEY_assign_RSA. Using
these functions it is easy to create and use EC keys in the same way as
RSA keys. Patch provided by Steffen Ullrich. Thanks Steffen.
Testing with LibreSSL 2.4.1, with compatibility patch from Steffen
Ullrich. Thanks Steffen.
Patch from Steffen Ulrich provides support for cross context (and cross process)
session sharing using the stateless TLS session tickets. It uses the
SSL_CTX_set_tlsext_ticket_key_cb function to manage the encryption and
decryption of the tickets but provides a more simplified
interface. Includes new function CTX_set_tlsext_ticket_getkey_cb.
To not conflict with the OpenSSL name in case the more complex interface
will be implemented ever the current simplified interface is called
slightly different: CTX_set_tlsext_ticket_*get*key_cb.
Added documentation about downloading latest version from SVN.
Added missing Module/install files to SVN.
Python-GSSAPI provides both low-level and high level wrappers around
the GSSAPI C libraries. While it focuses on the Kerberos mechanism,
it should also be useable with other GSSAPI mechanisms.
Python-GSSAPI is composed of two parts: a low-level C-style API which
thinly wraps the underlying RFC 2744 methods, and a high-level,
Pythonic API (which is itself a wrapper around the low-level API).
Examples may be found in the examples directory.
The low-level API lives in gssapi.raw. The methods contained therein
are designed to match closely with the original GSSAPI C methods. All
relevant methods and classes may be imported directly from gssapi.raw.
Extension methods will only be imported if they are present.
The high-level API lives directly under gssapi. The classes contained
in each file are designed to provide a more Pythonic, Object-Oriented
view of GSSAPI. The exceptions from the low-level API, plus several
additional exceptions, live in gssapi.exceptions. The rest of the
classes may be imported directly from gssapi. Only classes are
exported by gssapi - all functions are methods of classes in the
high-level API.
2.033 2016/07/15
- support for session ticket reuse over multiple contexts and processes
(if supported by Net::SSLeay)
- small optimizations, like saving various Net::SSLeay constants into variables
and access variables instead of calling the constant sub all the time
- make t/dhe.t work with openssl 1.1.0
2.032 2016/07/12
- Set session id context only on the server side. Even if the documentation for
SSL_CTX_set_session_id_context makes clear that this function is server side
only it actually affects hndling of session reuse on the client side too and
can result in error "SSL3_GET_SERVER_HELLO:attempt to reuse session in
different context" at the client.
2.031 2016/07/08
- fix for bug in session handling introduced in 2.031, RT#115975
Thanks to paul[AT]city-fan[DOT]org for reporting
2.030 2016/07/08
- Utils::CERT_create - don't add given extensions again if they were already
added. Firefox croaks with sec_error_extension_value_invalid if (specific?)
extensions are given twice.
- assume that Net::SSLeay::P_PKCS12_load_file will return the CA certificates
with the reverse order as in the PKCS12 file, because that's what it does.
- support for creating ECC keys in Utils once supported by Net::SSLeay
- remove internal sub session_cache and access cache directly (faster)
Patches have been applied upstream.
Release notes:
* fixed crashing bugs handling errors and handle scope in the SFTPClient class
* added the SftpPoller user module
* force socket disconnect in case of a timeout error when trying to
close a file descriptor
* socket performance instrumentation supported in the SFTPClient class
* user modules moved to top-level qore module directory from
version-specific module directory since they are valid for multiple
versions of qore
* fixed a bug where a crash would result when attempting a connection and
libssh2 would not return any user authentication methods
* implemented an automatic disconnection when timeouts occur to avoid
dead connections
* fixed crashing bugs in the SFTPClient class handling disconnect events
when an sftp handle was open; the handle must be closed before the
socket connection is closed or a crash will result
* implemented the SFTPClient::retrieveFile() and SFTPClient::transferFile()
methods
* ported the SFTPClient class tests to QUnit and added tests for the
new methods
* ported test/sftp-poller.q to QUnit
* fixed a bug in socket handling related to asyncronous socket event polling
and select(2) and lack of socket descriptor bounds checking
(issue 714)
* requires Qore 0.8.12+ to build (uses the new QoreValue API)
- PERL5_MODULE_TYPE= Module::Build::Tiny
- Following package added on BUILD_DEPENDS for make test
p5-Moo>=1.001:../../devel/p5-Moo
(upstream)
- Updated security/p5-Data-SimplePassword to 0.11
-----------------------------------------------
0.10 Tue Dec 3 07:10:44 UTC 2013
* switched to Moo.
0.08 Tue Jun 25 03:03:11 UTC 2013
* added is_available_provider() method.
* added new type 'alpha' to rndpassword.
* improved some tests to reduce test time.
* added zsh completion sample file. (see extra/)
* switched to Minilla.
installation:
* Log the zone before triggering the "part->soamin" assert.
We've seen this fire with older versions, but it's a while
since I saw it happen. This is to provide more debugging info
should it fire.
* If an .ixfr journal file is detected as "corrupted", rename it
to <zone>.ixfr-bad instead of unlinking it, which would leave
no trace of OpenDNSSEC's own wrongdoing.
* If the signer is exposed, avoid a potential DoS vector with a
crafted message.
Bump PKGREVISION.
Noteworthy changes in version 1.7.2 (2016-07-14) [C21/A1/R2]
------------------------------------------------
* Bug fixes:
- Fix setting of the ECC cofactor if parameters are specified.
- Fix memory leak in the ECC code.
- Remove debug message about unsupported getrandom syscall.
- Fix build problems related to AVX use.
- Fix bus errors on ARM for Poly1305, ChaCha20, AES, and SHA-512.
* Internal changes:
- Improved fatal error message for wrong use of gcry_md_read.
- Disallow symmetric encryption/decryption if key is not set.
Noteworthy changes in version 2.1.14 (2016-07-14)
-------------------------------------------------
* gpg: Removed options --print-dane-records and --print-pka-records.
The new export options "export-pka" and "export-dane" can instead
be used with the export command.
* gpg: New options --import-filter and --export-filter.
* gpg: New import options "import-show" and "import-export".
* gpg: New option --no-keyring.
* gpg: New command --quick-revuid.
* gpg: New options -f/--recipient-file and -F/--hidden-recipient-file
to directly specify encryption keys.
* gpg: New option --mimemode to indicate that the content is a MIME
part. Does only enable --textmode right now.
* gpg: New option --rfc4880bis to allow experiments with proposed
changes to the current OpenPGP specs.
* gpg: Fix regression in the "fetch" sub-command of --card-edit.
* gpg: Fix regression since 2.1 in option --try-all-secrets.
* gpgv: Change default options for extra security.
* gpgsm: No more root certificates are installed by default.
* agent: "updatestartuptty" does now affect more environment
variables.
* scd: The option --homedir does now work with scdaemon.
* scd: Support some more GEMPlus card readers.
* gpgtar: Fix handling of '-' as file name.
* gpgtar: New commands --create and --extract.
* gpgconf: Tweak for --list-dirs to better support shell scripts.
* tools: Add programs gpg-wks-client and gpg-wks-server to implement
a Web Key Service. The configure option --enable-wks-tools is
required to build them; they should be considered Beta software.
* tests: Complete rework of the openpgp part of the test suite. The
test scripts have been changed from Bourne shell scripts to Scheme
programs. A customized scheme interpreter (gpgscm) is included.
This change was triggered by the need to run the test suite on
non-Unix platforms.
* The rendering of the man pages has been improved.
Add TEST_TARGET.
Noteworthy changes in version 2.4.3 (2016-07-14) [C7/A7/R3]
------------------------------------------------
* Allow socket redirection with assuan_socket_connect.
* Speedup spawning programs on Linux
* Fix minor memory leaks
* Portability fixes for Solaris and AIX.
Noteworthy changes in version 1.24 (2016-07-14) [C19/A19/R1)
-----------------------------------------------
* Fixes a bug in es_fclose_snatch when used used after es_fseek.
* Fixes building without thread support.
* New configure option --disable-tests.
unusual build errors shown by old gcc versions (works fine for
gcc-5.2.1 on ubuntu and gcc-5.3.0 on NetBSD 7.99.32)
+ use ULL suffix on unsigned 64bit constants, not UL
+ don't typedef the public structs twice - second time just define it
without the typedef
Fixes PR pkg/51327
+ 20160705 introduced a bug whereby a key subid would match and verify
fine, but, if formatted, would not display the correct subkey
information. Fix to show the correct information in this case.
External API changes
====================
+ add a pgpv_cursor_close() function to free resources associated with
a cursor
Better memory management
========================
+ restructure the way dynamic arrays are used, to avoid memory
corruption issues and memory leaks - keep all dynamic arrays in the global
data structure, and use indices in the other data structures to index them.
Means lack of data localisation, but avoids stale pointers, and leaks.
+ make signer field of signature a uint8_t array, rather than a pointer
+ use our own version of strdup(3) - don't depend on it being
available in standard library
+ keep track of whether litdata filenames and userid were allocated or not,
and free memory in pgpv_close() if it was allocated
+ free up allocated resources which were allocated in pgpv_close()
+ get rid of redundant PGPV_ARRAY definition in libverify.c, brought in when
the definitions moved from verify.h
+ fix obuf_add_mem() to use a const void *, as any struct can be
dumped using it
+ remove redundant NO_SUBKEYS definition - unused
+ add an (unused as yet) ARRAY_FREE() macro
+ make the pgpv_t and pgpv_cursor_t structures opaque
+ add new accessor functions for fields in the pgpv_cursor_t struct
+ add new creation functions for the pgpv_t and pgpv_cursor_t structs
2.3.6 - Security fix
* Correct a problem that prevents the DSA signing algorithm from
running in constant time even if the flag BN_FLG_CONSTTIME is set.
This issue was reported by Cesar Pereida (Aalto University), Billy
Brumley (Tampere University of Technology), and Yuval Yarom (The
University of Adelaide and NICTA). The fix was developed by Cesar
Pereida. See OpenBSD 5.9 errata 11, June 6, 2016
2.3.5 - Reliability fix
* Fixed an error in libcrypto when parsing some ASN.1 elements > 16k.
2.3.4 - Security Update
* Fix multiple vulnerabilities in libcrypto relating to ASN.1 and encoding.
From OpenSSL.
* Minor build fixes
2.3.3 - OpenBSD 5.9 release branch tagged
* Reworked build scripts to better sync with OpenNTPD-portable
* Fixed broken manpage links
* Fixed an nginx compatibility issue by adding an 'install_sw' make alias
* Fixed HP-UX builds
* Changed the default configuration directory to c:\LibreSSL\ssl on Windows
binary builds
* cert.pem has been reorganized and synced with Mozilla's certificate store
2.3.2 - Compatibility and Reliability fixes
* Changed format of LIBRESSL_VERSION_NUMBER to match that of
OPENSSL_VERSION_NUMBER, see:
https://wiki.openssl.org/index.php/Manual:OPENSSL_VERSION_NUMBER(3)
* Added EVP_aead_chacha20_poly1305_ietf() which matches the AEAD
construction introduced in RFC 7539, which is different than that
already used in TLS with EVP_aead_chacha20_poly1305()
* Avoid a potential undefined C99+ behavior due to shift overflow in
AES_decrypt, reported by Pascal Cuoq <cuoq at trust-in-soft.com>
* More man pages converted from pod to mdoc format
* Added COMODO RSA Certification Authority and QuoVadis
root certificates to cert.pem
* Removed Remove "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification
Authority" (serial 3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be) root
certificate from cert.pem
* Added support for building nc(1) on Solaris
* Fixed GCC 5.x+ preprocessor checks, reported by Ruslan Babayev
* Improved console handling with openssl(1) on Windows
* Ensure the network stack is enabled on Windows when running
tls_init()
* Fixed incorrect TLS certificate loading by nc(1)
* Added support for Solaris 11.3's getentropy(2) system call
* Enabled support for using NetBSD 7.0's arc4random(3) implementation
* Deprecated the SSL_OP_SINGLE_DH_USE flag by disabling its effect
* Fixes from OpenSSL 1.0.1q
- CVE-2015-3194 - NULL pointer dereference in client side certificate
validation.
- CVE-2015-3195 - Memory leak in PKCS7 - not reachable from TLS/SSL
* The following OpenSSL CVEs did not apply to LibreSSL
- CVE-2015-3193 - Carry propagating bug in the x86_64 Montgomery
squaring procedure.
- CVE-2015-3196 - Double free race condition of the identify hint
data.
See https://marc.info/?l=openbsd-announce&m=144925068504102
2.3.1 - ASN.1 and time handling cleanups
* ASN.1 cleanups and RFC5280 compliance fixes.
* Time representations switched from 'unsigned long' to 'time_t'. LibreSSL
now checks if the host OS supports 64-bit time_t.
* Fixed a leak in SSL_new in the error path.
* Support always extracting the peer cipher and version with libtls.
* Added ability to check certificate validity times with libtls,
tls_peer_cert_notbefore and tls_peer_cert_notafter.
* Changed tls_connect_servername to use the first address that resolves with
getaddrinfo().
* Remove broken conditional EVP_CHECK_DES_KEY code (non-functional since
initial commit in 2004).
* Fixed a memory leak and out-of-bounds access in OBJ_obj2txt, reported
by Qualys Security.
* Fixed an up-to 7 byte overflow in RC4 when len is not a multiple of
sizeof(RC4_CHUNK), reported by Pascal Cuoq <cuoq at trust-in-soft.com>.
* Reject too small bits value in BN_generate_prime_ex(), so that it does
not risk becoming negative in probable_prime_dh_safe(), reported by
Franck Denis.
* Enable nc(1) builds on more platforms.
2.3.0 - SSLv3 removed, libtls API changes, portability improvements
* SSLv3 is now permanently removed from the tree.
* The libtls API is changed from the 2.2.x series.
The read/write functions work correctly with external event
libraries. See the tls_init man page for examples of using libtls
correctly in asynchronous mode.
Client-side verification is now supported, with the client supplying
the certificate to the server.
Also, when using tls_connect_fds, tls_connect_socket or
tls_accept_fds, libtls no longer implicitly closes the passed in
sockets. The caller is responsible for closing them in this case.
* When loading a DSA key from an raw (without DH parameters) ASN.1
serialization, perform some consistency checks on its `p' and `q'
values, and return an error if the checks failed.
Thanks for Georgi Guninski (guninski at guninski dot com) for
mentioning the possibility of a weak (non prime) q value and
providing a test case.
See
https://cpunks.org/pipermail/cypherpunks/2015-September/009007.html
for a longer discussion.
* Fixed a bug in ECDH_compute_key that can lead to silent truncation
of the result key without error. A coding error could cause software
to use much shorter keys than intended.
* Removed support for DTLS_BAD_VER. Pre-DTLSv1 implementations are no
longer supported.
* The engine command and parameters are removed from the openssl(1).
Previous releases removed dynamic and builtin engine support
already.
* SHA-0 is removed, which was withdrawn shortly after publication 20
years ago.
* Added Certplus CA root certificate to the default cert.pem file.
* New interface OPENSSL_cpu_caps is provided that does not allow
software to inadvertently modify cpu capability flags.
OPENSSL_ia32cap and OPENSSL_ia32cap_loc are removed.
* The out_len argument of AEAD changed from ssize_t to size_t.
* Deduplicated DTLS code, sharing bugfixes and improvements with
TLS.
* Converted 'nc' to use libtls for client and server operations; it is
included in the libressl-portable distribution as an example of how
to use the library.
+ Perform digest on correctly dash-escaped text, per RFC 4880.
Problem pointed out by Dimitri John Ledkov, fixed in a different way
(in case the last line is itself dash-escaped).
+ add test case
+ remove use of asprintf and vasprintf from libverify. Inspired
by work from Dimitri John Ledkov. Should allow building on Linux
without superfluous definitions.
+ also free the BIGNUM struct in PGPV_BN_clear() - from Dimitri
John Ledkov
2.029 2016/07/26
- fix del_session method in case a single item was in the cache
- use SSL_session_key as the real key for the cache and not some derivate of it,
so that it works to remove the entry using the same key
2.028 2016/07/26
- add del_session method to session cache
* Noteworthy changes in release 4.8 (released 2016-04-11) [stable]
- Fixes to avoid reliance on C undefined behavior.
- Fixes to avoid an infinite recursion when decoding without
the ASN1_DECODE_FLAG_STRICT_DER flag. Reported by Pascal Cuoq.
- Combined all the BER octet string decoding functions to a single
one based on asn1_decode_simple_ber().
* Noteworthy changes in release 4.7 (released 2015-09-14) [stable]
- Fixed regression introduced in the decoding of multi-byte tags
fix.
* Noteworthy changes in release 4.6 (released 2015-09-05) [stable]
- Allow decoding OCTET STRINGs with multi-byte tags.
- API and ABI changes since last version:
asn1_get_object_id_der: New function
-----------------------------------------------
0.29 2015-07-12
- Added a shuffle method available via the OO user interface.
- Added a SEE ALSO POD section that mentions Bytes::Random::Secure::Tiny
---------------------------------------------
changes from 0.06 to 0.07
=========================
* changed license to MIT for consistency with other module distributions
* removed MYMETA.yml and MYMETA.json from module distribution
per CPAN standards
* updated documentation to reflect new formatting standards
changes from 0.05 to 0.06
=========================
* fixed a bug when using defined on an array
* minor documentation fixup referencing incorrect package for response objects
Noteworthy changes in version 1.23 (2016-06-15) [C19/A19/R0)
-----------------------------------------------
* Fixes an assertion failure due to es_flush on read/write streams.
* Fixes a bug with a too short memory limit is es_fopenmen.
* Cross-build support for powerpc-unknown-linux-gnuspe and
tilegx-unknown-linux-gnu architectures.
* Interface changes relative to the 1.22 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GPG_ERR_SUBKEYS_EXP_OR_REV NEW.
Noteworthy changes in version 1.3.4 (2016-05-03) [C19/A11/R4]
------------------------------------------------
* Fixed two OOB read access bugs which could be used to force a DoS.
* Fixed a crash due to faulty curve OID lookup code.
* Synced the list of supported curves with those of Libgcrypt.
* New configure option --enable-build-timestamp; a build timestamp is
not anymore used by default.
Noteworthy changes in version 2.1.13 (2016-06-16)
-------------------------------------------------
* gpg: New command --quick-addkey. Extend the --quick-gen-key
command.
* gpg: New --keyid-format "none" which is now also the default.
* gpg: New option --with-subkey-fingerprint.
* gpg: Include Signer's UID subpacket in signatures if the secret key
has been specified using a mail address and the new option
--disable-signer-uid is not used.
* gpg: Allow unattended deletion of a secret key.
* gpg: Allow export of non-passphrase protected secret keys.
* gpg: New status lines KEY_CONSIDERED and NOTATION_FLAGS.
* gpg: Change status line TOFU_STATS_LONG to use '~' as
a non-breaking-space character.
* gpg: Speedup key listings in Tofu mode.
* gpg: Make sure that the current and total values of a PROGRESS
status line are small enough.
* gpgsm: Allow the use of AES192 and SERPENT ciphers.
* dirmngr: Adjust WKD lookup to current specs.
* dirmngr: Fallback to LDAP v3 if v2 is is not supported.
* gpgconf: New commands --create-socketdir and --remove-socketdir,
new option --homedir.
* If a /run/user/$UID directory exists, that directory is now used
for IPC sockets instead of the GNUPGHOME directory. This fixes
problems with NFS and too long socket names and thus avoids the
need for redirection files.
* The Speedo build systems now uses the new versions.gnupg.org server
to retrieve the default package versions.
* Fix detection of libusb on FreeBSD.
* Speedup fd closing after a fork.
Noteworthy changes in version 1.7.1 (2016-06-15) [C21/A1/R1]
------------------------------------------------
* Bug fixes:
- Fix ecc_verify for cofactor support.
- Fix portability bug when using gcc with Solaris 9 SPARC.
- Build fix for OpenBSD/amd64
- Add OIDs to the Serpent ciphers.
* Internal changes:
- Use getrandom system call on Linux if available.
- Blinding is now also used for RSA signature creation.
- Changed names of debug envvars
This breaks removes the legacy PolarSSL compatibility layer. For
software that needs it, please use security/mbedtls1 instead.
Change license to apache-2.0.
Upstream changelog since 1.3.11 follows.
= mbed TLS 2.2.1 released 2016-01-05
Security
- Fix potential double free when mbedtls_asn1_store_named_data() fails
to allocate memory. Only used for certificate generation, not
triggerable remotely in SSL/TLS.
- Disable MD5 handshake signatures in TLS 1.2 by default
Bugfix
- Fix over-restrictive length limit in GCM.
- Fix bug in certificate validation that caused valid chains to be
rejected when the first intermediate certificate has
pathLenConstraint=0.
- Removed potential leak in mbedtls_rsa_rsassa_pkcs1_v15_sign()
- Fix suboptimal handling of unexpected records that caused interop
issues with some peers over unreliable links. Avoid dropping an
entire DTLS datagram if a single record in a datagram is unexpected,
instead only drop the record and look at subsequent records (if any
are present) in the same datagram.
= mbed TLS 2.2.0 released 2015-11-04
Security
- Fix potential double free if mbedtls_ssl_conf_psk() is called more
than once and some allocation fails. Cannot be forced remotely.
- Fix potential heap corruption on Windows when
mbedtls_x509_crt_parse_path() is passed a path longer than 2GB.
Cannot be triggered remotely.
- Fix potential buffer overflow in some asn1_write_xxx() functions.
Cannot be triggered remotely unless you create X.509 certificates
based on untrusted input or write keys of untrusted origin.
- The X509 max_pathlen constraint was not enforced on intermediate
certificates.
Features
- Experimental support for EC J-PAKE as defined in Thread 1.0.0.
Disabled by default as the specification might still change.
- Added a key extraction callback to accees the master secret and key
block. (Potential uses include EAP-TLS and Thread.)
Bugfix
- Self-signed certificates were not excluded from pathlen counting,
resulting in some valid X.509 being incorrectly rejected.
- Fix build error with configurations where ECDHE-PSK is the only key
exchange.
- Fix build error with configurations where RSA, RSA-PSK, ECDH-RSA or
ECHD-ECDSA if the only key exchange. Multiple reports.
- Fixed a bug causing some handshakes to fail due to some non-fatal
alerts not being properly ignored.
- mbedtls_x509_crt_verify(_with_profile)() now also checks the key
type and size/curve against the profile. Before that, there was no
way to set a minimum key size for end-entity certificates with
RSA keys.
- Fix failures in MPI on Sparc(64) due to use of bad assembly code.
- Fix typo in name of the extKeyUsage OID.
- Fix bug in ASN.1 encoding of booleans that caused generated CA
certificates to be rejected by some applications, including OS X
Keychain.
Changes
- Improved performance of mbedtls_ecp_muladd() when one of the scalars
is or -1.
= mbed TLS 2.1.2 released 2015-10-06
Security
- Added fix for CVE-2015-5291 to prevent heap corruption due to buffer
overflow of the hostname or session ticket.
- Fix potential double-free if mbedtls_ssl_set_hs_psk() is called more
than once in the same handhake and mbedtls_ssl_conf_psk() was used.
- Fix stack buffer overflow in pkcs12 decryption (used by
mbedtls_pk_parse_key(file)() when the password is > 129 bytes.
- Fix potential buffer overflow in mbedtls_mpi_read_string().
- Fix potential random memory allocation in mbedtls_pem_read_buffer()
on crafted PEM input data.
- Fix possible heap buffer overflow in base64_encoded() when the input
buffer is 512MB or larger on 32-bit platforms.
- Fix potential double-free if mbedtls_conf_psk() is called repeatedly
on the same mbedtls_ssl_config object and memory allocation fails.
- Fix potential heap buffer overflow in servers that perform client
authentication against a crafted CA cert. Cannot be triggered
remotely unless you allow third parties to pick trust CAs for
client auth.
Bugfix
- Fix compile error in net.c with musl libc.
- Fix macroization of 'inline' keyword when building as C++.
Changes
- Added checking of hostname length in mbedtls_ssl_set_hostname() to
ensure domain names are compliant with RFC 1035.
- Fixed paths for check_config.h in example config files.
= mbed TLS 2.1.1 released 2015-09-17
Security
- Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
signatures.
- Fix possible client-side NULL pointer dereference (read) when the
client tries to continue the handshake after it failed (a misuse
of the API).
Bugfix
- Fix warning when using a 64bit platform.
- Fix off-by-one error in parsing Supported Point Format extension
that caused some handshakes to fail.
Changes
- Made X509 profile pointer const in mbedtls_ssl_conf_cert_profile()
to allow use of mbedtls_x509_crt_profile_next.
- When a client initiates a reconnect from the same port as a live
connection, if cookie verification is available
(MBEDTLS_SSL_DTLS_HELLO_VERIFY defined in config.h, and usable
cookie callbacks set with mbedtls_ssl_conf_dtls_cookies()), this
will be detected and mbedtls_ssl_read() will return
MBEDTLS_ERR_SSL_CLIENT_RECONNECT - it is then possible to start a
new handshake with the same context. (See RFC 6347 section 4.2.8.)
= mbed TLS 2.1.0 released 2015-09-04
Features
- Added support for yotta as a build system.
- Primary open source license changed to Apache 2.0 license.
Bugfix
- Fix segfault in the benchmark program when benchmarking DHM.
- Fix build error with CMake and pre-4.5 versions of GCC
- Fix bug when parsing a ServerHello without extensions
- Fix bug in CMake lists that caused libmbedcrypto.a not to be
installed
- Fix bug in Makefile that caused libmbedcrypto and libmbedx509 not to
be installed
- Fix compile error with armcc 5 with --gnu option.
- Fix bug in Makefile that caused programs not to be installed
correctly
- Fix bug in Makefile that prevented from installing without building
the tests
- Fix missing -static-libgcc when building shared libraries for
Windows with make.
- Fix link error when building shared libraries for Windows with make.
- Fix error when loading libmbedtls.so.
- Fix bug in mbedtls_ssl_conf_default() that caused the default preset
to be always used
- Fix bug in mbedtls_rsa_public() and mbedtls_rsa_private() that could
result trying to unlock an unlocked mutex on invalid input
- Fix -Wshadow warnings
- Fix memory corruption on client with overlong PSK identity, around
SSL_MAX_CONTENT_LEN or higher - not triggerrable remotely
- Fix unused function warning when using MBEDTLS_MDx_ALT or
MBEDTLS_SHAxxx_ALT
- Fix memory corruption in pkey programs
Changes
- The PEM parser now accepts a trailing space at end of lines
- It is now possible to #include a user-provided configuration file at
the end of the default config.h by defining MBEDTLS_USER_CONFIG_FILE on
the compiler's command line.
- When verifying a certificate chain, if an intermediate certificate
is trusted, no later cert is checked.
- Prepend a "thread identifier" to debug messages
- Add mbedtls_ssl_get_max_frag_len() to query the current maximum
fragment length.
= mbed TLS 2.0.0 released 2015-07-13
Features
- Support for DTLS 1.0 and 1.2 (RFC 6347).
- Ability to override core functions from MDx, SHAx, AES and DES
modules with custom implementation (eg hardware accelerated),
complementing the ability to override the whole module.
- New server-side implementation of session tickets that rotate keys
to preserve forward secrecy, and allows sharing across multiple
contexts.
- Added a concept of X.509 cerificate verification profile that
controls which algorithms and key sizes (curves for ECDSA) are
acceptable.
- Expanded configurability of security parameters in the SSL module
with mbedtls_ssl_conf_dhm_min_bitlen() and mbedtls_ssl_conf_sig_hashes().
- Introduced a concept of presets for SSL security-relevant
configuration parameters.
API Changes
- The library has been split into libmbedcrypto, libmbedx509,
libmbedtls. You now need to link to all of them if you use TLS
for example.
- All public identifiers moved to the mbedtls_* or MBEDTLS_*
namespace. Some names have been further changed to make them more
consistent. Migration helpers scripts/rename.pl and
include/mbedlts/compat-1.3.h are provided. Full list of renamings
in scripts/data_files/rename-1.3-2.0.txt
- Renamings of fields inside structures, not covered by the previous
list:
mbedtls_cipher_info_t.key_length -> key_bitlen
mbedtls_cipher_context_t.key_length -> key_bitlen
mbedtls_ecp_curve_info.size -> bit_size
- Headers are now found in the 'mbedtls' directory (previously
'polarssl').
- The following _init() functions that could return errors have
been split into an _init() that returns void and another function
that should generally be the first function called on this context after
init:
mbedtls_ssl_init() -> mbedtls_ssl_setup()
mbedtls_ccm_init() -> mbedtls_ccm_setkey()
mbedtls_gcm_init() -> mbedtls_gcm_setkey()
mbedtls_hmac_drbg_init() -> mbedtls_hmac_drbg_seed(_buf)()
mbedtls_ctr_drbg_init() -> mbedtls_ctr_drbg_seed()
Note that for mbedtls_ssl_setup(), you need to be done setting up
the ssl_config structure before calling it.
- Most ssl_set_xxx() functions (all except ssl_set_bio(),
ssl_set_hostname(),
ssl_set_session() and ssl_set_client_transport_id(), plus
ssl_legacy_renegotiation()) have been renamed to
mbedtls_ssl_conf_xxx() (see rename.pl and compat-1.3.h above) and
their first argument's type changed from ssl_context to ssl_config.
- ssl_set_bio() changed signature (contexts merged, order switched,
one additional callback for read-with-timeout).
- The following functions have been introduced and must be used in
callback implementations (SNI, PSK) instead of their *conf
counterparts:
mbedtls_ssl_set_hs_own_cert()
mbedtls_ssl_set_hs_ca_chain()
mbedtls_ssl_set_hs_psk()
- mbedtls_ssl_conf_ca_chain() lost its last argument (peer_cn), now
set using mbedtls_ssl_set_hostname().
- mbedtls_ssl_conf_session_cache() changed prototype (only one context
pointer, parameters reordered).
- On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
place of mbedtls_ssl_conf_session_tickets() to enable session
tickets.
- The SSL debug callback gained two new arguments (file name, line
number).
- Debug modes were removed.
- mbedtls_ssl_conf_truncated_hmac() now returns void.
- mbedtls_memory_buffer_alloc_init() now returns void.
- X.509 verification flags are now an uint32_t. Affect the signature
of:
mbedtls_ssl_get_verify_result()
mbedtls_x509_ctr_verify_info()
mbedtls_x509_crt_verify() (flags, f_vrfy -> needs to be updated)
mbedtls_ssl_conf_verify() (f_vrfy -> needs to be updated)
- The following functions changed prototype to avoid an in-out length
parameter:
mbedtls_base64_encode()
mbedtls_base64_decode()
mbedtls_mpi_write_string()
mbedtls_dhm_calc_secret()
- In the NET module, all "int" and "int *" arguments for file
descriptors changed type to "mbedtls_net_context *".
- net_accept() gained new arguments for the size of the client_ip
buffer.
- In the threading layer, mbedtls_mutex_init() and
mbedtls_mutex_free() now return void.
- ecdsa_write_signature() gained an addtional md_alg argument and
ecdsa_write_signature_det() was deprecated.
- pk_sign() no longer accepts md_alg == POLARSSL_MD_NONE with ECDSA.
- Last argument of x509_crt_check_key_usage() and
mbedtls_x509write_crt_set_key_usage() changed from int to unsigned.
- test_ca_list (from certs.h) is renamed to test_cas_pem and is only
available if POLARSSL_PEM_PARSE_C is defined (it never worked
without).
- Test certificates in certs.c are no longer guaranteed to be
nul-terminated strings; use the new *_len variables instead of strlen().
- Functions mbedtls_x509_xxx_parse(), mbedtls_pk_parse_key(),
mbedtls_pk_parse_public_key() and mbedtls_dhm_parse_dhm() now expect
the length parameter to include the terminating null byte for PEM input.
- Signature of mpi_mul_mpi() changed to make the last argument
unsigned
- calloc() is now used instead of malloc() everywhere. API of platform
layer and the memory_buffer_alloc module changed accordingly.
- Change SSL_DISABLE_RENEGOTIATION config.h flag to SSL_RENEGOTIATION
(support for renegotiation now needs explicit enabling in config.h).
- Split MBEDTLS_HAVE_TIME into MBEDTLS_HAVE_TIME and
MBEDTLS_HAVE_TIME_DATE in config.h
- net_connect() and net_bind() have a new 'proto' argument to choose
between TCP and UDP, using the macros NET_PROTO_TCP or
NET_PROTO_UDP. Their 'port' argument type is changed to a string.
- Some constness fixes
Removals
- Removed mbedtls_ecp_group_read_string(). Only named groups are
supported.
- Removed mbedtls_ecp_sub() and mbedtls_ecp_add(), use
mbedtls_ecp_muladd().
- Removed individual mdX_hmac, shaX_hmac, mdX_file and shaX_file
functions (use generic functions from md.h)
- Removed mbedtls_timing_msleep(). Use mbedtls_net_usleep() or a
custom waiting function.
- Removed test DHM parameters from the test certs module.
- Removed the PBKDF2 module (use PKCS5).
- Removed POLARSSL_ERROR_STRERROR_BC (use mbedtls_strerror()).
- Removed compat-1.2.h (helper for migrating from 1.2 to 1.3).
- Removed openssl.h (very partial OpenSSL compatibility layer).
- Configuration options POLARSSL_HAVE_LONGLONG was removed (now always
on).
- Configuration options POLARSSL_HAVE_INT8 and POLARSSL_HAVE_INT16
have been removed (compiler is required to support 32-bit operations).
- Configuration option POLARSSL_HAVE_IPV6 was removed (always
enabled).
- Removed test program o_p_test, the script compat.sh does more.
- Removed test program ssl_test, superseded by ssl-opt.sh.
- Removed helper script active-config.pl
New deprecations
- md_init_ctx() is deprecated in favour of md_setup(), that adds a
third argument (allowing memory savings if HMAC is not used)
Semi-API changes (technically public, morally private)
- Renamed a few headers to include _internal in the name. Those
headers are not supposed to be included by users.
- Changed md_info_t into an opaque structure (use md_get_xxx()
accessors).
- Changed pk_info_t into an opaque structure.
- Changed cipher_base_t into an opaque structure.
- Removed sig_oid2 and rename sig_oid1 to sig_oid in x509_crt and
x509_crl.
- x509_crt.key_usage changed from unsigned char to unsigned int.
- Removed r and s from ecdsa_context
- Removed mode from des_context and des3_context
Default behavior changes
- The default minimum TLS version is now TLS 1.0.
- RC4 is now blacklisted by default in the SSL/TLS layer, and excluded
from the default ciphersuite list returned by ssl_list_ciphersuites()
- Support for receiving SSLv2 ClientHello is now disabled by default
at compile time.
- The default authmode for SSL/TLS clients is now REQUIRED.
- Support for RSA_ALT contexts in the PK layer is now optional. Since
is is enabled in the default configuration, this is only noticeable
if using a custom config.h
- Default DHM parameters server-side upgraded from 1024 to 2048 bits.
- A minimum RSA key size of 2048 bits is now enforced during
ceritificate chain verification.
- Negotiation of truncated HMAC is now disabled by default on server
too.
- The following functions are now case-sensitive:
mbedtls_cipher_info_from_string()
mbedtls_ecp_curve_info_from_name()
mbedtls_md_info_from_string()
mbedtls_ssl_ciphersuite_from_string()
mbedtls_version_check_feature()
Requirement changes
- The minimum MSVC version required is now 2010 (better C99 support).
- The NET layer now unconditionnaly relies on getaddrinfo() and
select().
- Compiler is required to support C99 types such as long long and
uint32_t.
API changes from the 1.4 preview branch
- ssl_set_bio_timeout() was removed, split into mbedtls_ssl_set_bio()
with new prototype, and mbedtls_ssl_set_read_timeout().
- The following functions now return void:
mbedtls_ssl_conf_transport()
mbedtls_ssl_conf_max_version()
mbedtls_ssl_conf_min_version()
- DTLS no longer hard-depends on TIMING_C, but uses a callback
interface instead, see mbedtls_ssl_set_timer_cb(), with the Timing
module providing an example implementation, see
mbedtls_timing_delay_context and mbedtls_timing_set/get_delay().
- With UDP sockets, it is no longer necessary to call net_bind() again
after a successful net_accept().
Changes
- mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now
thread-safe if MBEDTLS_THREADING_C is enabled.
- Reduced ROM fooprint of SHA-256 and added an option to reduce it
even more (at the expense of performance) MBEDTLS_SHA256_SMALLER.
This is based on security/mbedtls and only meant for compatibility
with software that doesn't support mbedtls>=2 yet (mainly requires
the PolarSSL compatibility layer).
No changelog provided, Github issues touched:
- Update the autos in response to 0.8.1 release
- Fix default detection
- Provide nonroot guidance when logging gets EACCES.
- Add additional warning with actual exception message during
renewal
- Interactive webroot values not stored in renewal config file
- Preserve common name during renewal
- Mageia Bootstrap
- Initialize Augeas in a different method to be able to react to
ImportError
- Renew changes common name
- Update letsencrypt-auto in response to Arch package rename
- On Mac OSX: "ValueError: Invalid header value"
- Strip "\n" from end of OS version string for OS X.
- Revert "Use --force-reinstall to fix bad virtualenv package"
- Exit if cannot bootstrap in certbot-auto
- Add --disable-hook-validation
- --post-hook validation too strict
- letsencrypt-auto gives "sudo" is not available
- mageia bootstrap [needs revision]
- Install/compile fails of letsencrypt-auto on Smartos/Illumos
+ bring over joerg's printflike change from the netpgpverify
version in src/crypto
+ add a test for cleartext signatures with version information
to complement the one with no version information
Simplify the method of finding the end of the versioning information
in the signature - back up to the "\n" character at the end of the
signature start:
"-----BEGIN PGP SIGNATURE-----\n"
and then find the "\n\n" character sequence to denote the start of the
signature itself. The previous version worked, but this is more efficient.
+ handle signatures created by gpg with "--no-emit-version", don't assume
there will always be a version string.
+ add a test for above
Fixes security PR/51240.
Thanks to xnox@ubuntu.com for reporting the error
A pure-Python implmentation of the AES block cipher algorithm and the common
modes of operation (CBC, CFB, CTR, ECB and OFB).
Features:
- Supports all AES key sizes
- Supports all AES common modes
- Pure-Python (no external dependancies)
- BlockFeeder API allows streams to easily be encrypted and decrypted
- Python 2.x and 3.x support (make sure you pass in bytes(), not strings for
Python 3)
on pkgsrc-users.
Changes from 0.99.1 to 0.99.2 are available only with ChangeLog and it
is too many to write here. Please refer ChangeLog file.
0.99.1
------
ClamAV 0.99.1 contains a new feature for parsing Hancom Office files
including extracting and scanning embedded objects. ClamAV 0.99.1
also contains important bug fixes. Please see ChangeLog for details.
Make a temporary hack for non-SunOS, not yet fully verified;
this somehow needs to mirror what the package's configure.py
figures out, and expressing that properly and portably in
pkgsrc seems hard.
This Python package is a high-level wrapper for Kerberos (GSSAPI)
operations. The goal is to avoid having to build a module that
wraps the entire Kerberos.framework, and instead offer a limited
set of functions that do what is needed for client/server Kerberos
authentication based on RFC 4559.
News:
This release fix targets stability issues which have had a history
and had been hard to reproduce. Stability should be improved,
running OpenDNSSEC as a long term service.
Changes in TTL in the input zone that seem not to be propagated,
notifies to slaves under load that where not handled properly and
could lead to assertions. NSEC3PARAM that would appear duplicate
in the resulting zone, and crashes in the signer daemon in seldom
race conditions or re-opening due to a HSM reset.
No migration steps needed when upgrading from OpenDNSSEC 1.4.9.
Also have a look at our OpenDNSSEC 2.0 beta release, its impending
release will help us forward with new development and signal phasing
out historic releases.
Fixes:
* SUPPORT-156 OPENDNSSEC-771: Multiple NSEC3PARAM records in signed
zone. After a resalt the signer would fail to remove the old
NSEC3PARAM RR until a manual resign or incoming transfer. Old
NSEC3PARAMS are removed when inserting a new record, even if
they look the same.
* OPENDNSSEC-725: Signer did not properly handle new update while
still distributing notifies to slaves. An AXFR disconnect looked
not to be handled gracefully.
* SUPPORT-171: Signer would sometimes hit an assertion using DNS
output adapter when .ixfr was missing or corrupt but .backup file
available. Above two issues also in part addresses problems
with seemingly corrected backup files (SOA serial). Also an
crash on badly configured DNS output adapters is averted.
* The signer daemon will now refuse to start when failed to open
a listen socket for DNS handling.
* OPENDNSSEC-478 OPENDNSSEC-750 OPENDNSSEC-581 OPENDNSSEC-582
SUPPORT-88: Segmentation fault in signer daemon when opening and
closing hsm multiple times. Also addresses other concurrency
access by avoiding a common context to the HSM (a.k.a. NULL
context).
* OPENDNSSEC-798: Improper use of key handles across hsm reopen,
causing keys not to be available after a re-open.
* SUPPORT-186: IXFR disregards TTL changes, when only TTL of an
RR is changed. TTL changes should be treated like any other
changes to records. When OpenDNSSEC now overrides a TTL value,
this is now reported in the log files.
the PLIST.x86* entries. The sse2 entries are however gone, but a few
new ones have appeared (md4_x86_32.h etc.) Installs cleanly now on
NetBSD/i386 6.1.5.
1.1.2 (2016-06-01)
------------------
* (Fix) Query strings should be able to include colons.
* (Fix) Cast body to a string to ensure that we can perform a regex substitution on it.
1.4 - 2016-06-04
~~~~~~~~~~~~~~~~
* Support for OpenSSL 0.9.8 has been removed. Users on older versions of
OpenSSL will need to upgrade.
* Added :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFHMAC`.
* Added support for ``OpenSSH`` public key serialization.
* Added support for SHA-2 in RSA
:class:`~cryptography.hazmat.primitives.asymmetric.padding.OAEP` when using
OpenSSL 1.0.2 or greater.
* Added "one shot"
:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey.sign`
and
:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey.verify`
methods to RSA keys.
Notable changes between 0.5 and 0.6:
Options from OpenSSL 1.0.2f
Use "any" protocol, but SSL.
Merge pull request #20 from Zash/zash/checkissued
Method for checking if one certificate issued another
Merge pull request #68 from ignacio/master
Enables building with LuaRocks and MS compilers
Enables building with LuaRocks and MS compilers
Merge pull request #56 from gleydsonsoares/Makefile-tweaks
Makefile tweaks
Keep 'sslv23' for compability, but deprected. (it will be removed in the next version)
Merge pull request #62 from gleydsonsoares/update_protocol_samples
add TLS_method / rename "sslv23" to "any" / update protocol samples.
update protocol samples(bring "tlsv1_2" to clients and "any" to servers)
for consistency and readability, rename "sslv23" to "any" since that it is related to {TLS, SSLv23}methods that handles all supported protocols.
add TLS_method(). for now, keep SSLv23_method() for compatibility.
Update samples (using 'tlsv1').
Merge pull request #55 from gleydsonsoares/ifndef-OPENSSL_NO_SSL3
guard SSLv3_method() with #ifndef OPENSSL_NO_SSL3
Add lsec_testcontext().
bump MACOSX_VERSION
fix typo; s,intall,install,
guard SSLv3_method() with #ifndef OPENSSL_NO_SSL3
Set flags to compile with internal inet_ntop() by default.
Tag "alpha" explicit.
MinGW progress.
Merge pull request #53 from hishamhm/master
Reuse tag in the LuaSec upstream repository.
Merge pull request #26 from Tieske/master
Update rockspec to fix Windows build
Alternative implementation to inet_ntop() for old versions of Windows.
Do not hardcode ar
added batch files to generate sample certs on Windows
Perform all validation before allocating structures
Validate signatures too.
API changes to root:issued([intermediate]*, cert)
Fix inet_ntop() on Windows.
Merge branch 'master' of https://github.com/brunoos/luasec
Merge branch 'moteus_rock'
added bindir to lib section, as mingw links against dll's to be found in bindir
updated defines in rockspec
Merge branch 'master' of github.com:Tieske/luasec into moteus_rock
use winsock 2
Don't set globals from C.
Fix unpack().
Stop using module().
Change to luaL_newlib().
Remove luaL_optint() and luaL_checkint().
BSD headers.
Merge pull request #21 from Zash/zash/iPAddress-fix
iPAddress encoding
Stop if we don't have a string.
Changed for strict compiles.
Fix for LibreSSL/OPENSSL_NO_COMP
Problem on Win64, since double does not represent SOCKET_INVALID exactly.
- Add a parameter to server:sni(), so that we can accept an unknown name, using the initial context.
- Add the method :getsniname() to retrieve the SNI hostname used.
Updated (and renamed) rockspec Windows
Encode iPAddress fields in human readable form
Don't try to encode IP addresses as UTF-8
Return early if ASN1 string is invalid
Push nil if unable to encode ASN1 string as UTF-8
Return human readable error message from cert:issued()
SNI support.
SNI support.
Merge pull request #17 from Zash/zash/checkkey
Verify that certificate and key belong together
Merge pull request #19 from Zash/zash/pubkey
Zash/pubkey
Add cert:pubkey() to methods registry
Add cert:issued(leafcert) for checking chains
Check if private key matches cert only if both key and cert are set
Check that certificate matches private key
Add method for extracting public key, type and size from x509 objects
Version 5.32, 2016.05.03, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 1.0.2h.
https://www.openssl.org/news/secadv_20160503.txt
* New features
- New "socket = a:IPV6_V6ONLY=yes" option to only bind IPv6.
- Memory leak detection.
- Improved compatibility with the current OpenSSL 1.1.0-dev tree.
- Added/fixed Red Hat scripts (thx to Andrew Colin Kissa).
* Bugfixes
- Workaround for a WinCE sockets quirk (thx to Richard Kraemer).
- Fixed data alignment on 64-bit MSVC (thx to Yuris W. Auzins).
Changes in 0.8.0
- The main new feature in this release is the register subcommand
which can be used to register an account with the Let's Encrypt
CA. Additionally, you can run certbot register
--update-registration to change the e-mail address associated
with your registration.
Full commit log since 0.7.0:
https://github.com/certbot/certbot/compare/v0.7.0...v0.8.0
Changes in 0.7.0:
- --must-staple to request certificates from Let's Encrypt with the
OCSP must staple extension
- automatic configuration of OSCP stapling for Apache
- requesting certificates for domains found in the common name
of a custom CSR
- a number of bug fixes
Full commit log since 0.6.0
https://github.com/certbot/certbot/compare/v0.6.0...v0.7.0
The changes include:
* Short-circuit evaluation for conditions
* New yr_rules_save_stream/yr_rules_load_stream APIs.
* load() and save() methods in yara-python accept file-like objects
* Improvements to the PE and ELF modules
* Some performance improvements
* New command-line option --print-module-data
* Multiple bug fixes.
The changes include:
* Short-circuit evaluation for conditions
* New yr_rules_save_stream/yr_rules_load_stream APIs.
* load() and save() methods in yara-python accept file-like objects
* Improvements to the PE and ELF modules
* Some performance improvements
* New command-line option --print-module-data
* Multiple bug fixes.
kauth - Abstraction to system policy and authentication features
kdesu - Integration with su for elevated privileges
kwallet - Secure and unified container for user passwords
GpgME++ is a C++ wrapper (or C++ bindings) for the GnuPG project's
gpgme (GnuPG Made Easy) library, version 0.4.4 and later.
It is fairly complete, with some minor things still missing (in
particular, the key edit interface). It is mostly tested using
external event loops, for which its design is optimised.
Polkit-Qt is a library that lets developers use the Polkit API through a
nice Qt-styled API. It is mainly a wrapper around QAction and
QAbstractButton that lets you integrate those two component easily with
Polkit.
This package provides Qt5 libraries.
Certbot, previously the Let's Encrypt Client, is EFF's tool to
obtain certs from Let's Encrypt, and (optionally) autoenable HTTPS
on your server. It can also act as a client for any other CA that
uses the ACME protocol.
PolicyKit-mate provides an Authentication Agent for PolicyKit that
integrates well with the MATE desktop environment
See http://www.freedesktop.org/wiki/Software/PolicyKit for lots of
documentation, mailing lists, etc. about PolicyKit.
See also the file HACKING for notes of interest to developers working
on PolicyKit-mate.
Report bugs against PolicyKit-mate at github
https://github.com/mate-desktop/mate-polkit/issues
MATE polkit is a fork of GNOME polkit.
- CVE-2016-2849: side channel attack against DSA and ECDSA
- CVE-2016-2850: failure to enforce TLS policies could lead to weaker
algorithms being choosen
- CVE-2016-2195: heap overflow in ECC point decoding
- CVE-2016-2196: heap overflow in P-521 reduction
- CVE-2016-2194: DOS against the modular reduction
- CVE-2015-7824: padding oracle attack against TLS CBC
- CVE-2015-7825: DOS due to certificate chains
- CVE-2015-7826: wildcard certifications verification failures
- CVE-2015-7827: protection against PKCS#1 side channel issues
- CVE-2015-5726: potential DOS with invalid zero-length BER
- CVE-2015-5727: unbound memory use with BER
- deprecation or removal of various insecure crypto primitives
- TLS heartbeat removed
- various other bugfixes and improvements.
for all pkgsrc dir/file ownership rules. Fixes unprivileged
user/group names from leaking into binary packages, manifest as
non-fatal chown/chgrp failure messages at pkg_add time.
Bump respective packages' PKGREVISION.
1.3.2 - 2016-05-04
~~~~~~~~~~~~~~~~~~
* Updated Windows and OS X wheels to be compiled against OpenSSL 1.0.2h.
* Fixed an issue preventing ``cryptography`` from compiling against
LibreSSL 2.3.x.
Upstream changes:
0.06 2015/02/06
- fix for #77911 Patch to add more functions
- new constructors: new, rand, pseudo_rand, rand_range
- new methods: ucmp, num_bits, num_bytes, rshift, lshift, swap
- improved pod documentation (added missing functions)
- XS code cleanup
0.05 2015/02/04
- fix for #84369 Win32 compatibility patch
- fix for #100993 Memory not reclaimed when CTX object goes out of scope
- fix for #86561 typo fixes
- fix for #82959 Error in synopsis: Crypt::OpenSSL::Bignum->new_from_hex("0x3e8") returns "0"
- fix for #81537 to_bin method returns garbage when value is zero
- Add all SHA-2 hash functions: SHA-224, SHA-384 and SHA-512
in addition to the existing SHA-256. (Closes: #1223)
- Add support for CTR (Counter) chaining mode.
- Fix compilation error with OCaml 4.03+dev.
- Avoid using some obsolete OCaml stdlib functions.
Vault is a tool for securely accessing secrets. A secret is
anything that you want to tightly control access to, such as API
keys, passwords, certificates, and more. Vault provides a unified
interface to any secret, while providing tight access control and
recording a detailed audit log.
Noteworthy changes in version 2.1.12 (2016-05-04)
-------------------------------------------------
* gpg: New --edit-key sub-command "change-usage" for testing
purposes.
* gpg: Out of order key-signatures are now systematically detected
and fixed by --edit-key.
* gpg: Improved detection of non-armored messages.
* gpg: Removed the extra prompt needed to create Curve25519 keys.
* gpg: Improved user ID selection for --quick-sign-key.
* gpg: Use the root CAs provided by the system with --fetch-key.
* gpg: Add support for the experimental Web Key Directory key
location service.
* gpg: Improve formatting of Tofu messages and emit new Tofu specific
status lines.
* gpgsm: Add option --pinentry-mode to support a loopback pinentry.
* gpgsm: A new pubring.kbx is now created with the header blob so
that gpg can detect that the keybox format needs to be used.
* agent: Add read support for the new private key protection format
openpgp-s2k-ocb-aes.
* agent: Add read support for the new extended private key format.
* agent: Default to --allow-loopback-pinentry and add option
--no-allow-loopback-pinentry.
* scd: Changed to use the new libusb 1.0 API for the internal CCID
driver.
* dirmngr: The dirmngr-client does now auto-detect the PEM format.
* g13: Add experimental support for dm-crypt.
* w32: Tofu support is now available with the Speedo build method.
* w32: Removed the need for libiconv.dll.
* The man pages for gpg and gpgv are now installed under the correct
name (gpg2 or gpg - depending on a configure option).
* Lots of internal cleanups and bug fixes.
Noteworthy changes in version 1.22 (2016-04-25) [C18/A18/R0)
-----------------------------------------------
* New functions and macros to to provide iconv(3) on Windows.
* Support for LeakSanitizer with the gpgrt_annotate_leaked_object
inline function.
* Interface changes relative to the 1.21 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GPG_ERR_DB_CORRUPTED NEW.
gpgrt_annotate_leaked_object NEW inline func.
GPGRT_ENABLE_W32_ICONV_MACROS NEW.
gpgrt_w32_iconv_open NEW.
gpgrt_w32_iconv_close NEW.
gpgrt_w32_iconv NEW.
Changes between 1.0.2g and 1.0.2h [3 May 2016]
*) Prevent padding oracle in AES-NI CBC MAC check
A MITM attacker can use a padding oracle attack to decrypt traffic
when the connection uses an AES CBC cipher and the server support
AES-NI.
This issue was introduced as part of the fix for Lucky 13 padding
attack (CVE-2013-0169). The padding check was rewritten to be in
constant time by making sure that always the same bytes are read and
compared against either the MAC or padding bytes. But it no longer
checked that there was enough data to have both the MAC and padding
bytes.
This issue was reported by Juraj Somorovsky using TLS-Attacker.
(CVE-2016-2107)
[Kurt Roeckx]
*) Fix EVP_EncodeUpdate overflow
An overflow can occur in the EVP_EncodeUpdate() function which is used for
Base64 encoding of binary data. If an attacker is able to supply very large
amounts of input data then a length check can overflow resulting in a heap
corruption.
Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by
the PEM_write_bio* family of functions. These are mainly used within the
OpenSSL command line applications, so any application which processes data
from an untrusted source and outputs it as a PEM file should be considered
vulnerable to this issue. User applications that call these APIs directly
with large amounts of untrusted data may also be vulnerable.
This issue was reported by Guido Vranken.
(CVE-2016-2105)
[Matt Caswell]
*) Fix EVP_EncryptUpdate overflow
An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
is able to supply very large amounts of input data after a previous call to
EVP_EncryptUpdate() with a partial block then a length check can overflow
resulting in a heap corruption. Following an analysis of all OpenSSL
internal usage of the EVP_EncryptUpdate() function all usage is one of two
forms. The first form is where the EVP_EncryptUpdate() call is known to be
the first called function after an EVP_EncryptInit(), and therefore that
specific call must be safe. The second form is where the length passed to
EVP_EncryptUpdate() can be seen from the code to be some small value and
therefore there is no possibility of an overflow. Since all instances are
one of these two forms, it is believed that there can be no overflows in
internal code due to this problem. It should be noted that
EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths.
Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances
of these calls have also been analysed too and it is believed there are no
instances in internal usage where an overflow could occur.
This issue was reported by Guido Vranken.
(CVE-2016-2106)
[Matt Caswell]
*) Prevent ASN.1 BIO excessive memory allocation
When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
a short invalid encoding can casuse allocation of large amounts of memory
potentially consuming excessive resources or exhausting memory.
Any application parsing untrusted data through d2i BIO functions is
affected. The memory based functions such as d2i_X509() are *not* affected.
Since the memory based functions are used by the TLS library, TLS
applications are not affected.
This issue was reported by Brian Carpenter.
(CVE-2016-2109)
[Stephen Henson]
*) EBCDIC overread
ASN1 Strings that are over 1024 bytes can cause an overread in applications
using the X509_NAME_oneline() function on EBCDIC systems. This could result
in arbitrary stack data being returned in the buffer.
This issue was reported by Guido Vranken.
(CVE-2016-2176)
[Matt Caswell]
*) Modify behavior of ALPN to invoke callback after SNI/servername
callback, such that updates to the SSL_CTX affect ALPN.
[Todd Short]
*) Remove LOW from the DEFAULT cipher list. This removes singles DES from the
default.
[Kurt Roeckx]
*) Only remove the SSLv2 methods with the no-ssl2-method option. When the
methods are enabled and ssl2 is disabled the methods return NULL.
[Kurt Roeckx]
codecrypt is a program like gnupg (or netpgp) that uses only
quantum-computer-resistant algorithms
This is a GnuPG-like unix program for encryption and signing that uses
only quantum-computer-resistant algorithms:
+ McEliece cryptosystem (compact QC-MDPC variant) for encryption
+ Hash-based Merkle tree algorithm (FMTSeq variant) for digital
signatures
Stream ciphers used: ChaCha20, XSynd stream cipher, RC4 (for initial
simplicity of implementation)
CRHFs used:
+ Cubehash variants were selected for implementation ease, really
clean design, quite good speed and flexibility of parameter choices.
KeyID's are CUBE256 hashes of serialized public key.
+ ripemd128 for small hashes
+ tiger192 is used as an alternative for Cubehash for 192bit hashes
+ There's always a variant with SHA-256, SHA-384 or SHA-512.
Signature algorithms:
+ FMTSeq with many possibilities and combinations of aforementioned CRHFs
Encryption:
MDPC McEliece on quasi-cyclic matrices - decoding is (slightly)
vulnerable to timing attacks.
Version 1.0.3
- Do not call internal erlang erl_exit function (Christophe Romain)
Version 1.0.2
- Add support for cafile option (Evgeny Khramtsov)
- Better error checks (Michael Santos)
Fast TLS is a native TLS / SSL driver for Erlang / Elixir. It is
based on OpenSSL, a proven and efficient TLS implementation. It
is designed for efficiency, speed and compliance.
2.027 2016/04/20
- only added Changes for 2.026
2.026 2016/04/20
- update default server and client ciphers based on recommendation of
Mozilla and what the current browsers use. Notably this finally disables
RC4 for the client (was disabled for server long ago) and adds CHACHA20.
Changes:
16.0.0 (2016-03-19)
-------------------
This is the first release under full stewardship of PyCA.
We have made *many* changes to make local development more pleasing.
The test suite now passes both on Linux and OS X with OpenSSL 0.9.8,
1.0.1, and 1.0.2. It has been moved to `py.test <https://pytest.org/>`_,
all CI test runs are part of `tox <https://testrun.org/tox/>`_ and
the source code has been made fully `flake8
<https://flake8.readthedocs.org/>`_ compliant.
We hope to have lowered the barrier for contributions significantly
but are open to hear about any remaining frustrations.
Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- Python 3.2 support has been dropped.
It never had significant real world usage and has been dropped
by our main dependency ``cryptography``. Affected users should
upgrade to Python 3.3 or later.
Deprecations:
^^^^^^^^^^^^^
- The support for EGD has been removed.
The only affected function ``OpenSSL.rand.egd()`` now uses
``os.urandom()`` to seed the internal PRNG instead. Please see
`pyca/cryptography#1636
<https://github.com/pyca/cryptography/pull/1636>`_ for more
background information on this decision. In accordance with our
backward compatibility policy ``OpenSSL.rand.egd()`` will be
*removed* no sooner than a year from the release of 16.0.0.
Please note that you should `use urandom
<http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/>`_
for all your secure random number needs.
- Python 2.6 support has been deprecated.
Our main dependency ``cryptography`` deprecated 2.6 in version
0.9 (2015-05-14) with no time table for actually dropping it.
pyOpenSSL will drop Python 2.6 support once ``cryptography``
does.
Changes:
^^^^^^^^
- Fixed ``OpenSSL.SSL.Context.set_session_id``,
``OpenSSL.SSL.Connection.renegotiate``,
``OpenSSL.SSL.Connection.renegotiate_pending``, and
``OpenSSL.SSL.Context.load_client_ca``.
They were lacking an implementation since 0.14. `#422
<https://github.com/pyca/pyopenssl/pull/422>`_
- Fixed segmentation fault when using keys larger than 4096-bit to sign data.
`#428 <https://github.com/pyca/pyopenssl/pull/428>`_
- Fixed ``AttributeError`` when ``OpenSSL.SSL.Connection.get_app_data()``
was called before setting any app data.
`#304 <https://github.com/pyca/pyopenssl/pull/304>`_
- Added ``OpenSSL.crypto.dump_publickey()`` to dump ``OpenSSL.crypto.PKey``
objects that represent public keys, and ``OpenSSL.crypto.load_publickey()``
to load such objects from serialized representations.
`#382 <https://github.com/pyca/pyopenssl/pull/382>`_
- Added ``OpenSSL.crypto.dump_crl()`` to dump a certificate revocation
list out to a string buffer.
`#368 <https://github.com/pyca/pyopenssl/pull/368>`_
- Added ``OpenSSL.SSL.Connection.get_state_string()`` using the
OpenSSL binding ``state_string_long``.
`#358 <https://github.com/pyca/pyopenssl/pull/358>`_
- Added support for the ``socket.MSG_PEEK`` flag to
``OpenSSL.SSL.Connection.recv()`` and
``OpenSSL.SSL.Connection.recv_into()``.
`#294 <https://github.com/pyca/pyopenssl/pull/294>`_
- Added ``OpenSSL.SSL.Connection.get_protocol_version()`` and
``OpenSSL.SSL.Connection.get_protocol_version_name()``.
`#244 <https://github.com/pyca/pyopenssl/pull/244>`_
- Switched to ``utf8string`` mask by default.
OpenSSL formerly defaulted to a ``T61String`` if there were UTF-8
characters present. This was changed to default to ``UTF8String``
in the config around 2005, but the actual code didn't change it
until late last year. This will default us to the setting that
actually works. To revert this you can call
``OpenSSL.crypto._lib.ASN1_STRING_set_default_mask_asc(b"default")``.
`#234 <https://github.com/pyca/pyopenssl/pull/234>`_
Noteworthy changes in version 1.7.0 (2016-04-15) [C21/A1/R0]
------------------------------------------------
* New algorithms and modes:
- SHA3-224, SHA3-256, SHA3-384, SHA3-512, and MD2 hash algorithms.
- SHAKE128 and SHAKE256 extendable-output hash algorithms.
- ChaCha20 stream cipher.
- Poly1305 message authentication algorithm
- ChaCha20-Poly1305 Authenticated Encryption with Associated Data
mode.
- OCB mode.
- HMAC-MD2 for use by legacy applications.
* New curves for ECC:
- Curve25519.
- sec256k1.
- GOST R 34.10-2001 and GOST R 34.10-2012.
* Performance:
- Improved performance of KDF functions.
- Assembler optimized implementations of Blowfish and Serpent on
ARM.
- Assembler optimized implementation of 3DES on x86.
- Improved AES using the SSSE3 based vector permutation method by
Mike Hamburg.
- AVX/BMI is used for SHA-1 and SHA-256 on x86. This is for SHA-1
about 20% faster than SSSE3 and more than 100% faster than the
generic C implementation.
- 40% speedup for SHA-512 and 72% for SHA-1 on ARM Cortex-A8.
- 60-90% speedup for Whirlpool on x86.
- 300% speedup for RIPE MD-160.
- Up to 11 times speedup for CRC functions on x86.
* Other features:
- Improved ECDSA and FIPS 186-4 compliance.
- Support for Montgomery curves.
- gcry_cipher_set_sbox to tweak S-boxes of the gost28147 cipher
algorithm.
- gcry_mpi_ec_sub to subtract two points on a curve.
- gcry_mpi_ec_decode_point to decode an MPI into a point object.
- Emulation for broken Whirlpool code prior to 1.6.0. [from 1.6.1]
- Flag "pkcs1-raw" to enable PCKS#1 padding with a user supplied
hash part.
- Parameter "saltlen" to set a non-default salt length for RSA PSS.
- A SP800-90A conforming DRNG replaces the former X9.31 alternative
random number generator.
- Map deprecated RSA algo number to the RSA algo number for better
backward compatibility. [from 1.6.2]
- Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
[from 1.6.3]
- Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical]. [from 1.6.3]
- Flag "no-keytest" for ECC key generation. Due to a bug in
the parser that flag will also be accepted but ignored by older
version of Libgcrypt. [from 1.6.4]
- Speed up the random number generator by requiring less extra
seeding. [from 1.6.4]
- Always verify a created RSA signature to avoid private key leaks
due to hardware failures. [from 1.6.4]
- Mitigate side-channel attack on ECDH with Weierstrass curves
[CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for
details. [from 1.6.5]
* Internal changes:
- Moved locking out to libgpg-error.
- Support of the SYSROOT envvar in the build system.
- Refactor some code.
- The availability of a 64 bit integer type is now mandatory.
* Bug fixes:
- Fixed message digest lookup by OID (regression in 1.6.0).
- Fixed a build problem on NetBSD
- Fixed memory leaks in ECC code.
- Fixed some asm build problems and feature detection bugs.
* Interface changes relative to the 1.6.0 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_cipher_final NEW macro.
GCRY_CIPHER_MODE_CFB8 NEW constant.
GCRY_CIPHER_MODE_OCB NEW.
GCRY_CIPHER_MODE_POLY1305 NEW.
gcry_cipher_set_sbox NEW macro.
gcry_mac_get_algo NEW.
GCRY_MAC_HMAC_MD2 NEW.
GCRY_MAC_HMAC_SHA3_224 NEW.
GCRY_MAC_HMAC_SHA3_256 NEW.
GCRY_MAC_HMAC_SHA3_384 NEW.
GCRY_MAC_HMAC_SHA3_512 NEW.
GCRY_MAC_POLY1305 NEW.
GCRY_MAC_POLY1305_AES NEW.
GCRY_MAC_POLY1305_CAMELLIA NEW.
GCRY_MAC_POLY1305_SEED NEW.
GCRY_MAC_POLY1305_SERPENT NEW.
GCRY_MAC_POLY1305_TWOFISH NEW.
gcry_md_extract NEW.
GCRY_MD_FLAG_BUGEMU1 NEW [from 1.6.1].
GCRY_MD_GOSTR3411_CP NEW.
GCRY_MD_SHA3_224 NEW.
GCRY_MD_SHA3_256 NEW.
GCRY_MD_SHA3_384 NEW.
GCRY_MD_SHA3_512 NEW.
GCRY_MD_SHAKE128 NEW.
GCRY_MD_SHAKE256 NEW.
gcry_mpi_ec_decode_point NEW.
gcry_mpi_ec_sub NEW.
GCRY_PK_EDDSA NEW constant.
GCRYCTL_GET_TAGLEN NEW.
GCRYCTL_SET_SBOX NEW.
GCRYCTL_SET_TAGLEN NEW.
The RTM_RESOLVE symbol has been removed after the following change in
src/sys/net/route.h:
revision 1.98
date: 2016-04-04 09:37:07 +0200; author: ozaki-r; state: Exp; lines: +8 -6; commitid: r0chxU5ZkTdAqh1z;
Separate nexthop caches from the routing table
Bump PKGREVISION to 1
1.12 2015-08-16 CPAN Day release
- Add NoVersion parameter to CO::Armour->armour (GH#26)
1.11 2015-07-20
- Check that Crypt::OpenPGP::Cipher->new succeeded, RT#14033.
- Fix GH#7, when false data was discarded (@Camspi).
1.10 2015-07-06
- Update GnuPG defaults (@bk2204).
- Fix error propagation on generating RSA key (@niner).
1.09 2015-07-02
- Require Digest::SHA instead of Digest::SHA1, RT#82316 (@bk2204).
1.08 2014-11-20
- Move distribution to Dist::Zilla.
- Require Alt::Crypt::RSA::BigInt instead of Crypt::RSA.
- Apply a patch from RT#82314 (@bk2204, @kmx).
- Add a test case from GH#7, yet to be fixed (@throughnothing).
1.07 2014-06-23
- Reformatted Changes as per CPAN::Changes::Spec.
- Fixed hash randomisation bug (RT#81442).
- Documentation now references most recent "OpenPGP Message Format" RFC.
- Fixed typo in Pod (@dsteinbrunner).
- Improved ASCII armor detection (@gwillen).
Upstream changes:
2016-01-07 Dirk Eddelbuettel <edd@debian.org>
* DESCRIPTION (Version): Version 0.6.9
* DESCRIPTION (Date): Bumped Date: to current date
2016-01-06 Dirk Eddelbuettel <edd@debian.org>
* vignettes/sha1.Rmd: Small edits
2016-01-06 Thierry Onkelinx <thierry.onkelinx@inbo.be>
* R/sha1.R: Add functions to calculate stable SHA1 with floating points
* man/sha1.Rd: Add helpfile for sha1()
* tests/num2hexTest.R: unit tests for num2hex() (non exported function)
* tests/sha1Test.R: unit tests for sha1()
* NAMESPACE: Export sha1 and its methods
* DESCRIPTION: Add Thierry Onkelinx as contributor, bump Version and Date
* README.md: Add Thierry Onkelinx as contributor
* vignette/sha1.Rmd: Added
* .travis.yml: Added 'sudo: required' per recent Travis changes
2015-10-14 Dirk Eddelbuettel <edd@debian.org>
* man/digest.Rd: Remove references to inaccessible web pages
* man/hmac.Rd: Ditto
2015-10-13 Dirk Eddelbuettel <edd@debian.org>
* src/digest.c: Use uint32_t instead of int for nchar
2015-10-12 Qiang Kou <qkou@umail.iu.edu>
* src/digest.c: Use XLENGTH instead of LENGTH (PR #17, issue #16)
2015-08-06 Dirk Eddelbuettel <edd@debian.org>
* DESCRIPTION (Title): Updated now stressing 'compact' over 'crypto'
2014-12-30 Dirk Eddelbuettel <edd@debian.org>
* DESCRIPTION (Version): Version 0.6.8
* DESCRIPTION (Date): Bumped Date: to current date
2014-12-29 Dirk Eddelbuettel <edd@debian.org>
* inst/include/pmurhashAPI.h: Added HOWTO comment to top of file
2014-12-26 Dirk Eddelbuettel <edd@debian.org>
* src/pmurhash.c: Protect against _BIG_ENDIAN defined but empty
* inst/include/pmurhash.h: Consistent four space indentation
2014-12-25 Dirk Eddelbuettel <edd@debian.org>
* DESCRIPTION: Bump Date: and Version:
* src/init.c: Minor edit and removal of unused headers
2014-12-25 Wush Wu <wush978@gmail.com>
* inst/include/pmurhash.h: Export function
* src/init.c: Register function for use by other packages
2014-12-20 Dirk Eddelbuettel <edd@debian.org>
* DESCRIPTION (Version): Version 0.6.7
* DESCRIPTION (Date): Bumped Date: to current date
2014-12-19 Dirk Eddelbuettel <edd@debian.org>
* cleanup: Also remove src/symbols.rds
* src/sha2.c: Apply (slightly edited) patch from
https://www.nlnetlabs.nl/bugs-script/attachment.cgi?id=220&action=diff
to overcome the strict-aliasing warning
* src/digest.c: Use inttypes.h macro PRIx64 only on Windows
2014-12-16 Dirk Eddelbuettel <edd@debian.org>
* src/xxhash.c: Remove two semicolons to make gcc -pedantic happy
* tests/digestTest.Rout.save: Updated reflecting murmurHash test
* src/pmurhash.c: Renamed from PMurHash.c for naming consistency
* src/pmurhash.h: Renamed from PMurHash.h for naming consistency
2014-12-16 Jim Hester <james.f.hester@gmail.com>
* src/digest.c: murmurHash implementation
* tests/digestTest.R: murmurHash implementation
* R/digest.R: murmurHash implementation
* src/PMurHash.c: murmurHash implementation
* src/PMurHash.h: murmurHash implementation
2014-12-10 Dirk Eddelbuettel <edd@debian.org>
* src/xxhash.c: Applied pull request #6 by Jim Hester with updated
upstream code and already corrected UBSAN issue identified by CRAN
2014-12-09 Dirk Eddelbuettel <edd@debian.org>
* DESCRIPTION (Version): Version 0.6.6
* DESCRIPTION (Date): Bumped Date: to current date
* src/digest.c: Applied pull request #5 by Jim Hester providing
portable integer printing inttypes.h header
2014-12-08 Dirk Eddelbuettel <edd@debian.org>
* DESCRIPTION (Version): Version 0.6.5
* DESCRIPTION (Date): Bumped Date: to current date
* NAMESPACE: Expanded useDynLib() declaring C level symbols, in
particular using digest_impl to for the C-level digest
* R/AES.R: Use R symbols from NAMESPACE declaration in .Call()
* R/digest.R: Use R symbol digest_impl to load C level digest
2014-12-07 Dirk Eddelbuettel <edd@debian.org>
* DESCRIPTION: Edited Title and Description
* R/digest.R: Added GPL copyright header, reindented to four spaces
* src/digest.c: Reindented to four spaces
* R/AES.R: Reindented to four spaces
* R/hmac.R: Reindented to four spaces
2014-12-06 Dirk Eddelbuettel <edd@debian.org>
* src/digest.c: Updated GPL copyright header
* src/xxhash.c: Removed two spurious ';'
* man/digest.Rd: Document 'seed' argument in \usage
* tests/digest.Rout.save: Updated for expanded tests
* DESCRIPTION: Add Jim Hester to list of Authors
2014-12-05 Dirk Eddelbuettel <edd@debian.org>
* R/digest.R: Applied pull request #3 by Jim Hester with support for
xxHash (https://code.google.com/p/xxhash/)
* src/digest.c: Ditto
* src/xxhash.c: xxHash implementation supplied as part of #3
* src/xxhash.h: xxHash implementation supplied as part of #3
* R/digest.R: Applied pull request #4 by Jim Hester with expanded
support for xxHash providing xxhash32 and xxhash64
* src/digest.c: Ditto
* man/digest.Rd: Added documentation for xxHash, corrected typos
* src/digest.R: New support for a seed parameter used by xxHash
* tests/digestTest.R: Added tests for xxHash
2014-08-15 Dirk Eddelbuettel <edd@debian.org>
* R/hmac.R: Applied (slightly edited) patch for crc32 computation of
hmac kindly supplied by Suchen Jin
1.74 2016-04-12
README.OSX was missing from the distribution
1.73 2016-04-11
Added X509_get_X509_PUBKEY. Patch supplied by GUILHEM. Thanks.
Added README.OSX with instructions on how to build for recent OS X.
Added info about using OPENSSL_PREFIX to README.Win32.
Added comments in POD about installation documentation.
Added '/usr/local/opt/openssl/bin/openssl' to Openssl search path for
latest version of OSX homebrew openssl. Patch from Shoichi Kaji.
Noteworthy changes in version 2.0.30 (2016-03-31)
-------------------------------------------------
* gpg: Avoid too early timeout during key generation with 2.1 cards.
* agent: Fixed printing of ssh fingerprints for 384 bit ECDSA keys.
* agent: Fixed an alignment bug related to the passphrase
confirmation.
* scdaemon: Fixed a "conflicting usage" bug.
* scdaemon: Fixed usb card reader removal problem on Windows 8 and
later.
* Fixed a problem on AIX due to peculiarity with RLIMIT_NOFILE.
* Updated the Japanese and Dutch translations.
* Fixed a few other bugs.
Version 3.4.1 - released 2006-03-26
----------------------------------------
- Included tests/private.pem in MANIFEST.in
- Included README.md and CHANGELOG.txt in MANIFEST.in
Upstream changes:
2016-03-09 Gisle Aas <gisle@ActiveState.com>
Release 2.55
Gordon Stanton (2):
Make use warnings work including test cases.
Initial Travis config
Gisle Aas (1):
Avoid warning: 'static' is not at beginning of declaration [RT#105646]
1.3.1 - 2016-03-21
~~~~~~~~~~~~~~~~~~
* Fixed a bug that caused an ``AttributeError`` when using ``mock`` to patch
some ``cryptography`` modules.
1.3 - 2016-03-18
~~~~~~~~~~~~~~~~
* Added support for padding ANSI X.923 with
:class:`~cryptography.hazmat.primitives.padding.ANSIX923`.
* Deprecated support for OpenSSL 0.9.8. Support will be removed in
``cryptography`` 1.4.
* Added support for the :class:`~cryptography.x509.PolicyConstraints`
X.509 extension including both parsing and generation using
:class:`~cryptography.x509.CertificateBuilder` and
:class:`~cryptography.x509.CertificateSigningRequestBuilder`.
* Added :attr:`~cryptography.x509.CertificateSigningRequest.is_signature_valid`
to :class:`~cryptography.x509.CertificateSigningRequest`.
* Fixed an intermittent ``AssertionError`` when performing an RSA decryption on
an invalid ciphertext, ``ValueError`` is now correctly raised in all cases.
* Added
:meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`.
2.025 2016/04/04
- Resolved memleak if SSL_crl_file was used: RT#113257, RT#113530
Thanks to avi[DOT]maslati[AT]forescout[DOT]com and
mark[DOT]kurman[AT]gmail[DOT]com for reporting the problem
1.22: Records created by Crypt::PWSafe3 (eg. the ones fetched
with getrecords) are now associated with the parent
object, so that you can modify them directly and call
$vault->save afterwards without using $vault->modifyrecord.
Erase passwd from memory using zeros instead of
random bytes. fixes github#9.
Fixed rt.cpan.org#112975: Crypt::ECB (which we use) have been
reworked and among other issues it fixed handline of padding.
PWSafe3.pm did not specify a padding scheme (because it doesn't
use it) and therefore Crypt::ECB enforced a default scheme
which lead to an invalid key size. Now we specify explicitly
padding:none, as suggested by Christoph Appel.
Upstream changes:
v2.15, 14.03.2016
- removing caching with v2.00 made Crypt::ECB ignorant of key changes
within the same Crypt::ECB object. Fixed, changing the key now
forces a new cipher object to be created.
- added some notes on upgrading from versions before v2.00 to the README
** Bug
* [CPPOST-91] - BOOST autoconf macros break with gcc5
Release Notes - OpenSAML 2 - C++ - Version 2.5.4
** Bug
* [CPPOST-87] - legacyOrgNames doesn't work as expected with empty
mdui:UIInfo
* [CPPOST-88] - Insufficient XML entity encoding in Metadata Status
generation
* [CPPOST-90] - Condition validation for empty element incorrectly
requires either a NotBefore or a NotOnOrAfter attribute
This is part of fixing PR pkg/50354
Changes since OpenSSH 7.2p1
===========================
This release fixes a security bug:
* sshd(8): sanitise X11 authentication credentials to avoid xauth
command injection when X11Forwarding is enabled.
Full details of the vulnerability are available at:
http://www.openssh.com/txt/x11fwd.adv
Changelog: 2016-03-05 PuTTY 0.67 released, fixing a SECURITY HOLE
PuTTY 0.67, released today, fixes a security hole in 0.66 and
before: vuln-pscp-sink-sscanf. It also contains a few other small
bug fixes.
Also, for the first time, the Windows executables in this release
(including the installer) are signed using an Authenticode certificate,
to help protect against tampering in transit from our website or
after downloading. You should find that they list "Simon Tatham"
as the verified publisher.
Changes since 2.4.1 from NEWS file:
2.5.1 - February 19th 2016
---------------------------
17 commits, 16 files changed, 1096 insertions, 42 deletions
- Add missing urn constants used in PAOS HTTP header
- Set NotBefore in SAML 2.0 login assertions
- tests: fix leak in test test16_test_get_issuer
- id-ff: fix leak of profile->private_data->message_id
- saml-2.0: fix leak of message_id in
lasso_profile_saml20_build_paos_request_msg
- tests: fix leaks in test_ecp
- xml: fix wrong termination of comment
- xml: fix leak in lasso_soap_envelope_new_full
- profile: fix leak of private idp_list field
- saml-2.0: fix leaks of url
- tests: fix leak
- tests: update valgrind suppressions
- perl: remove quotes from $PERL -V::ccflags: output (#9572)
- Fix wrong snippet type (fixes#9616). Thanks to Brett Gardner for the patch.
- tools.c: use correct NID and digest length when building RSA signature
using SHA-2 digest
(fixes#10019) Thanks to Brett Gardner for the patch.
- bindings/php5: fix enum getters and setters (fixes#10032). Thanks to
Brett Gardner for the bug report.
- fix warning about INCLUDES directive
2.5.0 - September 2nd 2015
--------------------------
151 commits, 180 files changed, 8391 insertions, 1339 deletions
- lots of bugfixes (reported by static analysis tools like clang,
coverity and manual inspection) thanks to Simo Sorce and John Dennis from
RedHat
- xsd:choices are now parsed correctly by implementing a real finite automata
for parsing XML documents. New flag for jumping forward and backward in
schema snippets have been added. It fixes parsing of message from third
party not following the ordre from the schema (they are entitled to do it but
most SAML implementations do not)
- added C CGI examples for SP and IdP side
- removed the _POSIX_SOURCE declaration
- added support for the SHA-2 family of hash functions
- fixed protocol profile selection when parsing AuthnRequest
- added support for Python 3, thanks to Houzefa Abbasbhay from
XCG Consulting
- fixed default value of WantAuthnRequestSigned in metadata parsing
- SAML 2.0 ECP is now functionnal, thanks to John Dennis from RedHat
- added two new API function to LassoProfile to extract the Issuer and
InResponseTo attribute of messages, allowing pre-treatment before parsing
the message, to load the metadata of the remote provider, or find the request
which the response matches.
- fixed segfault when parsing HTTP-Redirect marlformed base64 content
- added support for automake 1.15 (jdennis)
v2.10, 07.03.2016
- forgot another change in the v2.00 changelog...
- changed license from GPL to Artistic
- improved kwalitee:
- added license information to meta files
- removed test.pl
- added eg/ecb.pl (command line en- and decryption)
- added dummy cipher, so the test suite makes sense even if there are no block ciphers installed
- refactored test data from test scripts
Changelog:
0.22.1 (stable)
* Use SubjectKeyIdentifier for CKA_ID when available [#84761]
* Allow 'BEGIN PuBLIC KEY' PEM blocks in .p11-kit files
* Bump libtool library version
* Build fixes [#84665 ...]
0.22.0 (stable)
* Remove the 'isolated = yes' option due to unclear semantics
replacement forth coming in later versions.
* Use secure_getenv() where necessary
* Run separate binary for 'p11-kit remote' command
0.21.3 (unstable)
* New public pkcs11x.h header containing extensions [#83495]
* Export necessary defines to lookup attached extensions [#83495]
* Use term 'attached extensions' rather than 'stabled extensions'
* Make proxy module respect 'critical = no' [#83651]
* Show public-key-info in 'trust list --details'
* Build fixes [#75674 ...]
0.21.2 (unstable)
* Don't use invalid keys for looking up stapled extensions [#82328]
* Better error messages when invalid certificate extensions
* Fix parsing of some odd OpenSSL TRUSTED CERTIFICATE files
* Fix some leaks, and memory issues
* Silence some clang scanner warnings
* Fix build against older pthread implementations [#82617]
* Move to a non-recursive Makefile
* Can now specify which tests to run on command line
0.21.1 (unstable)
* Add new 'isolate' pkcs11 config option [#80472]
* Add 'p11-kit remote' command for isolating modules [#54105]
* Don't complain about C_Finalize after a fork
* Other minor fixes
0.20.3 (stable)
* Fix problems reinitializing managed modules after fork
* Fix bad bookeeping when fail initializing one of the modules
* Fix case where module would be unloaded while in use [#74919]
* Remove assertions when module used before initialized [#74919]
* Fix handling of mmap failure and mapping empty files [#74773]
* Stable p11_kit_be_quiet() and p11_kit_be_loud() functions
* Require automake 1.12 or later
* Build fixes for Windows [#76594#74149]
0.20.2 (stable)
* Fix bug where blacklist didn't affect extracted ca-anchors if the anchor
and blacklist were not in the same trust path (regression) [#73558]
* Check for race in BasicConstraints stapled extension [#69314]
* autogen.sh now runs configure as srcdir != builddir by default
* Build fixes and cleanup
0.20.1 (stable)
* Extract compat trust data after we've changes
* Skip compat extraction if running as non-root
* Better failure messages when removing anchors
* Build cleanup
0.20.0 (stable)
* Doc fixes
0.19.4 (unstable)
* 'trust anchor' now adds/removes certificate anchors
* 'trust list' lists trust policy stuff
* 'p11-kit extract' is now 'trust extract'
* 'p11-kit extract-trust' is now 'trust extract-compat'
* Workarounds for working on broken zfsonlinux.org [#68525]
* Add --with-module-config parameter to the configure script [#68122]
* Add support for removing stored PKCS#11 objects in trust module
* Various debugging tweaks
0.19.3 (unstable)
* Fix up problems with automake testing
* Fix a bunch of memory leaks in newly refactored code
* Don't use _GNU_SOURCE and the unportability it brings
* Testing fixes
0.19.2 (unstable)
* Add basic 'trust anchor' command to store a new anchor
* Support for writing out trust token objects
* Port to use CKA_PUBLIC_KEY_INFO and updated trust store spec
* Add option to use freebl for hashing
* Implement reloading of token data
* Fix warnings and possible minor bugs higlighted by code scanners
* Don't load configs in home directories when running setuid or setgid
* Support treating ~/.config as $XDG_CONFIG_HOME
* Use $XDG_DATA_HOME/pkcs11 as default user config directory
* Use $TMPDIR instead of $TEMP while testing
* Open files and fds with O_CLOEXEC
* Abort initialization if a critical module fails to load
* Don't use thread-unsafe functions: strerror, getpwuid
* Fix p11_kit_space_strlen() result when empty string
* Refactoring of where various components live
* Build fixes
0.19.1 (unstable)
* Refactor API to be able to handle managed modules
* Deprecate much of old p11-kit API
* Implement concept of managed modules
* Make C_CloseAllSessions function work for multiple callers
* New dependency on libffi
* Fix possible threading problems reported by hellgrind
* Add log-calls option
* Mark p11_kit_message() as a stable function
* Use our own unit testing framework
0.18.3 (stable)
* Fix reinitialization of trust module [#65401]
* Fix crash in trust module C_Initialize
* Mac OS fixes [#57714]
0.18.2 (stable)
* Build fixes [#64378 ...]
0.18.1 (stable)
* Put the external tools in $libdir/p11-kit
* Documentation build fixes
0.18.0 (stable)
* Fix use of trust module with gcr and empathy [#62896]
* Further tweaks to trust module date parsing
* Fix unaligned memory reads [#62819]
* Win32 fixes [#63062, #63046]
* Debug and logging tweaks [#62874]
* Other build fixes
0.17.5 (unstable)
* Don't try to guess at overflowing time values on 32-bit systems [#62825]
* Test fixes [#927394]
0.17.4 (unstable)
* Check for duplicate certificates in a token, warn and discard [#62548]
* Implement a proper index so we have decent load performance
0.17.3 (unstable)
* Use descriptive labels for the trust module tokens [#62534]
* Remove the temporary built in distrust objects
* Make extracted output directories and files read-only [#61898]
* Don't export unneccessary ABI
* Build fixes [#62479]
0.17.2 (unstable)
* Fix build on 32-bit linux
* Fix several crashers
0.17.1 (unstable)
* Support a p11-kit specific PKCS#11 attribute persistance format [#62156]
* Use the SHA1 hash of SPKI as the CKA_ID in the trust module by default [#62329]
* Refactor a trust builder which builds objects out of parsed data [#62329]
* Combine trust policy when extracting certificates [#61497]
* The extract --comment option adds comments to PEM bundles [#62029]
* A new 'priority' config option for ordering modules [#61978]
* Make each configured path its own trust module token [#61499]
* Use --with-trust-paths to configure trust module [#62327]
* Fix bug decoding some PEM files
* Better debug output for trust module lookups
* Work around bug in NSS when doing serial number lookups
* Work around broken strndup() function in firefox
* Fix the nickname for the distrusted attribute
* Build fixes
0.16.4 (stable)
* Display per command help again [#62153]
* Don't always print tools debug output [#62152]
0.16.3 (stable)
* When iterating don't skip tokens without the CKF_TOKEN_INITIALIZED flag
* Hardcode some distrust records for NSS temporarily
* Parse global options better in the p11-kit command
* Better debugging
0.16.2 (stable)
* Fix regression in 'p11-kit extract --purpose' option [#62009]
* Documentation updates
* Build fixes [#62001, ...]
0.16.1 (stable)
* Don't break when cA field of BasicConstraints is missing [#61975]
* Documentation fixes and updates
* p11-kit extract-trust is a placeholder script now
0.16.0 (stable)
* Update the pkcs11.h header for new mechanisms
* Fix build and tests on mingw64 (ie: win32)
* Relicense LGPL code to BSD license
* Documentation tweaks
* Pull translations from Transifex [#60792]
* Build fixes [#61739, #60894, #61740]
0.15.2 (unstable)
* Add German and Finish translations
* Better define the libtasn1 dependency
* Crasher and bug fixes
* Build fixes
0.15.1 (unstable)
* Fix some memory leaks
* Add a location for packages to drop module configs
* Documentation updates and fixes
* Add command line tool manual page
* Remove unused err() function and friends
* Move more code into common/ directory and refactor
* Add a system trust policy module
* Refactor how the p11-kit command line tool works
* Add p11-kit extract and extract-trust commands
* Don't complain if we cannot access ~/.pkcs11/pkcs11.conf
* Refuse to load the p11-kit-proxy.so as a registered module
* Don't fail initialization if last initialized module fails
0.14
* Change default for user-config to merge
* Always URI-encode the 'id' attribute in PKCS#11 URIs
* Expect a .module extension on module configs
* Windows compatibility fixes
* Testing fixes
* Build fixes
0.13
* Don't allow reading of PIN files larger than 4096 bytes
* If a module is not marked as critical then ignore init failure
* Use preconditions to check for input problems and out of memory
* Add enable-in and disable-in options to module config
* Fix the flags in pin.h
* Use gcc extensions to check varargs during compile
* Fix crasher when a duplicate module is present
* Fix broken hashmap behavior
* Testing fixes
* Win32 build fixes
* 'p11-kit -h' now works
* Documentation fixes
0.12
* Build fix
0.11
* Remove automatic reinitialization of PKCS#11 after fork
OAuth is an authorization protocol built on top of HTTP which allows
applications to securely access data without having to store usernames
and passwords.
v2.05, 04.03.2016
- make Crypt:ECB work under perl-5.8.* again
- some changes actually made in v2.00 haven't been mentioned in the changelog
- add some more block ciphers to the test suite
- minor changes in test.pl
- minor documentation update
Changelog:
Version 5.31, 2016.03.01, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 1.0.2g.
https://www.openssl.org/news/secadv_20160301.txt
* New features
- Added logging the list of client CAs requested by the server.
- Improved compatibility with the current OpenSSL 1.1.0-dev tree.
* Bugfixes
- Only reset the watchdog if some data was actually transferred.
- A workaround implemented for the unexpected exceptfds set by
select() on WinCE 6.0 (thx to Richard Kraemer).
v2.00, 19.02.2016
- better compatibility with current Crypt::CBC:
- allow passing options like Crypt::CBC does (new and old styles)
- allow passing an existing cipher object (RT bug 112020)
- added padding styles, including custom padding
- added methods for accessing keysize and blocksize of a cipher
- remove caching; the feature did finally not seem to make much sense
- use Test::More (thanks to Xavier Guimard for providing a patch, RT bug 82301)
- changed internal attribute names (foo -> _foo and Foo -> foo)
- much more internal code cleanup
- updated documentation
## v2.0.0
* Add django_util (#332)
* Avoid OAuth2Credentials `id_token` going out of sync after a token
refresh (#337)
* Move to a `contrib` sub-package code not considered a core part of
the library (#346, #353, #370, #375, #376, #382)
* Add `token_expiry` to `devshell` credentials (#372)
* Move `Storage` locking into a base class (#379)
* Added dictionary storage (#380)
* Added `to_json` and `from_json` methods to all `Credentials`
classes (#385)
* Fall back to read-only credentials on EACCES errors (#389)
* Coalesced the two `ServiceAccountCredentials`
classes (#395, #396, #397, #398, #400)
### Special Note About `ServiceAccountCredentials`:
-------------------------------------------------
For JSON keys, you can create a credential via
```py
from oauth2client.service_account import ServiceAccountCredentials
credentials = ServiceAccountCredentials.from_json_keyfile_name(
key_file_name, scopes=[...])
```
You can still rely on
```py
from oauth2client.client import GoogleCredentials
credentials = GoogleCredentials.get_application_default()
```
returning these credentials when you set the `GOOGLE_APPLICATION_CREDENTIALS`
environment variable.
For `.p12` keys, construct via
```py
credentials = ServiceAccountCredentials.from_p12_keyfil(
service_account_email, key_file_name, scopes=[...])
```
though we urge you to use JSON keys (rather than `.p12` keys) if you can.
This is equivalent to the previous method
```py
# PRE-oauth2client 2.0.0 EXAMPLE CODE!
from oauth2client.client import SignedJwtAssertionCredentials
with open(key_file_name, 'rb') as key_file:
private_key = key_file.read()
credentials = SignedJwtAssertionCredentials(
service_account_email, private_key, scope=[...])
```
Changes between 1.0.2f and 1.0.2g [1 Mar 2016]
* Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
Builds that are not configured with "enable-weak-ssl-ciphers" will not
provide any "EXPORT" or "LOW" strength ciphers.
[Viktor Dukhovni]
* Disable SSLv2 default build, default negotiation and weak ciphers. SSLv2
is by default disabled at build-time. Builds that are not configured with
"enable-ssl2" will not support SSLv2. Even if "enable-ssl2" is used,
users who want to negotiate SSLv2 via the version-flexible SSLv23_method()
will need to explicitly call either of:
SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
or
SSL_clear_options(ssl, SSL_OP_NO_SSLv2);
as appropriate. Even if either of those is used, or the application
explicitly uses the version-specific SSLv2_method() or its client and
server variants, SSLv2 ciphers vulnerable to exhaustive search key
recovery have been removed. Specifically, the SSLv2 40-bit EXPORT
ciphers, and SSLv2 56-bit DES are no longer available.
(CVE-2016-0800)
[Viktor Dukhovni]
*) Fix a double-free in DSA code
A double free bug was discovered when OpenSSL parses malformed DSA private
keys and could lead to a DoS attack or memory corruption for applications
that receive DSA private keys from untrusted sources. This scenario is
considered rare.
This issue was reported to OpenSSL by Adam Langley(Google/BoringSSL) using
libFuzzer.
(CVE-2016-0705)
[Stephen Henson]
*) Disable SRP fake user seed to address a server memory leak.
Add a new method SRP_VBASE_get1_by_user that handles the seed properly.
SRP_VBASE_get_by_user had inconsistent memory management behaviour.
In order to fix an unavoidable memory leak, SRP_VBASE_get_by_user
was changed to ignore the "fake user" SRP seed, even if the seed
is configured.
Users should use SRP_VBASE_get1_by_user instead. Note that in
SRP_VBASE_get1_by_user, caller must free the returned value. Note
also that even though configuring the SRP seed attempts to hide
invalid usernames by continuing the handshake with fake
credentials, this behaviour is not constant time and no strong
guarantees are made that the handshake is indistinguishable from
that of a valid user.
(CVE-2016-0798)
[Emilia Käsper]
*) Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
In the BN_hex2bn function the number of hex digits is calculated using an
int value |i|. Later |bn_expand| is called with a value of |i * 4|. For
large values of |i| this can result in |bn_expand| not allocating any
memory because |i * 4| is negative. This can leave the internal BIGNUM data
field as NULL leading to a subsequent NULL ptr deref. For very large values
of |i|, the calculation |i * 4| could be a positive value smaller than |i|.
In this case memory is allocated to the internal BIGNUM data field, but it
is insufficiently sized leading to heap corruption. A similar issue exists
in BN_dec2bn. This could have security consequences if BN_hex2bn/BN_dec2bn
is ever called by user applications with very large untrusted hex/dec data.
This is anticipated to be a rare occurrence.
All OpenSSL internal usage of these functions use data that is not expected
to be untrusted, e.g. config file data or application command line
arguments. If user developed applications generate config file data based
on untrusted data then it is possible that this could also lead to security
consequences. This is also anticipated to be rare.
This issue was reported to OpenSSL by Guido Vranken.
(CVE-2016-0797)
[Matt Caswell]
*) Fix memory issues in BIO_*printf functions
The internal |fmtstr| function used in processing a "%s" format string in
the BIO_*printf functions could overflow while calculating the length of a
string and cause an OOB read when printing very long strings.
Additionally the internal |doapr_outch| function can attempt to write to an
OOB memory location (at an offset from the NULL pointer) in the event of a
memory allocation failure. In 1.0.2 and below this could be caused where
the size of a buffer to be allocated is greater than INT_MAX. E.g. this
could be in processing a very long "%s" format string. Memory leaks can
also occur.
The first issue may mask the second issue dependent on compiler behaviour.
These problems could enable attacks where large amounts of untrusted data
is passed to the BIO_*printf functions. If applications use these functions
in this way then they could be vulnerable. OpenSSL itself uses these
functions when printing out human-readable dumps of ASN.1 data. Therefore
applications that print this data could be vulnerable if the data is from
untrusted sources. OpenSSL command line applications could also be
vulnerable where they print out ASN.1 data, or if untrusted data is passed
as command line arguments.
Libssl is not considered directly vulnerable. Additionally certificates etc
received via remote connections via libssl are also unlikely to be able to
trigger these issues because of message size limits enforced within libssl.
This issue was reported to OpenSSL Guido Vranken.
(CVE-2016-0799)
[Matt Caswell]
*) Side channel attack on modular exponentiation
A side-channel attack was found which makes use of cache-bank conflicts on
the Intel Sandy-Bridge microarchitecture which could lead to the recovery
of RSA keys. The ability to exploit this issue is limited as it relies on
an attacker who has control of code in a thread running on the same
hyper-threaded core as the victim thread which is performing decryptions.
This issue was reported to OpenSSL by Yuval Yarom, The University of
Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and
Nadia Heninger, University of Pennsylvania with more information at
http://cachebleed.info.
(CVE-2016-0702)
[Andy Polyakov]
*) Change the req app to generate a 2048-bit RSA/DSA key by default,
if no keysize is specified with default_bits. This fixes an
omission in an earlier change that changed all RSA/DSA key generation
apps to use 2048 bits by default.
[Emilia Käsper]
