Changelog:
* The TLS 1.3 implementation was updated to Draft 28.
* An issue where NSS erroneously accepted HRR requests was resolved.
* Added HACL* Poly1305 32-bit
* The code to support the NPN protocol has been fully removed.
* NSS allows servers now to register ALPN handling callbacks to
select a protocol.
* NSS supports opening SQL databases in read-only mode.
* On Linux, some build configurations can use glibc's function
getentropy(), which uses the kernel's getrandom() function.
* The CA list was updated to version 2.24, which removed the
following CA certificates:
- CN = S-TRUST Universal Root CA
- CN = TC TrustCenter Class 3 CA II
- CN = TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
No new functionality is introduced in this release. This is a patch release to fix regression bugs.
In NSS version 3.35 the iteration count in optimized builds, which is used for password based encryption algorithm related to encrypted PKCS#7 or PKCS#12 data, was increased to one million iterations. That change had caused an interoperability regression with operating systems that are limited to 600 K iterations. NSS 3.36.1 has been changed to use the same 600 K limit.
Certain smartcard operations could result in a deadlock
This Bugzilla query returns all the bugs fixed in NSS 3.36.1:
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&product=NSS&target_milestone=3.36.1
* Require devel/nspr-4.19
Changelog:
The NSS team has released Network Security Services (NSS) 3.36,
which is a minor release.
Summary of the major changes included in this release:
- Replaced existing vectorized ChaCha20 code with verified
HACL* implementation.
- Experimental APIs for TLS session cache handling.
Changelog:
The NSS team has released Network Security Services (NSS) 3.35,
which is a minor release.
Summary of the major changes included in this release:
- The default database storage format has been changed to SQL,
using filenames cert9.db, key4.db, pkcs11.txt.
- TLS 1.3 support has been updated to draft -23, along with
additional significant changes.
- Support for TLS compression was removed.
- Added formally verified implementations of non-vectorized Chacha20
and non-vectorized Poly1305 64-bit.
- When creating encrypted PKCS#7 or PKCS#12 data, NSS uses a
higher iteration count for stronger security.
- The CA trust list was updated to version 2.22.
The actual fix as been done by "pkglint -F */*/buildlink3.mk", and was
reviewed manually.
There are some .include lines that still are indented with zero spaces
although the surrounding .if is indented. This is existing practice.
Changelog:
The following CA certificate was Re-Added. It was removed in
NSS 3.34, but has been re-added with only the Email trust bit
set. (bug 1418678)
CN = Certum CA, O=Unizeto Sp. z o.o.
SHA-256 Fingerprint: D8:E0:FE:BC:1D:B2:E3:8D:00:94:0F:37:D2:7D:41:34:4D:99:3E:73:4B:99:D5:65:6D:97:78:D4:D8:14:36:24
Removed entries from certdata.txt for actively distrusted
certificates that have expired (bug 1409872).
The version of the CA list was set to 2.20.
The following CA certificates were Added:
CN = GDCA TrustAUTH R5 ROOT
SHA-256 Fingerprint: BF:FF:8F:D0:44:33:48:7D:6A:8A:A6:0C:1A:29:76:7A:9F:C2:BB:B0:5E:42:0F:71:3A:13:B9:92:89:1D:38:93
Trust Flags: Websites
CN = SSL.com Root Certification Authority RSA
SHA-256 Fingerprint: 85:66:6A:56:2E:E0:BE:5C:E9:25:C1:D8:89:0A:6F:76:A8:7E:C1:6D:4D:7D:5F:29:EA:74:19:CF:20:12:3B:69
Trust Flags: Websites, Email
CN = SSL.com Root Certification Authority ECC
SHA-256 Fingerprint: 34:17:BB:06:CC:60:07:DA:1B:96:1C:92:0B:8A:B4:CE:3F:AD:82:0E:4A:A3:0B:9A:CB:C4:A7:4E:BD:CE:BC:65
Trust Flags: Websites, Email
CN = SSL.com EV Root Certification Authority RSA R2
SHA-256 Fingerprint: 2E:7B:F1:6C:C2:24:85:A7:BB:E2:AA:86:96:75:07:61:B0:AE:39:BE:3B:2F:E9:D0:CC:6D:4E:F7:34:91:42:5C
Trust Flags: Websites
CN = SSL.com EV Root Certification Authority ECC
SHA-256 Fingerprint: 22:A2:C1:F7:BD:ED:70:4C:C1:E7:01:B5:F4:08:C3:10:88:0F:E9:56:B5:DE:2A:4A:44:F9:9C:87:3A:25:A7:C8
Trust Flags: Websites
CN = TrustCor RootCert CA-1
SHA-256 Fingerprint: D4:0E:9C:86:CD:8F:E4:68:C1:77:69:59:F4:9E:A7:74:FA:54:86:84:B6:C4:06:F3:90:92:61:F4:DC:E2:57:5C
Trust Flags: Websites, Email
CN = TrustCor RootCert CA-2
SHA-256 Fingerprint: 07:53:E9:40:37:8C:1B:D5:E3:83:6E:39:5D:AE:A5:CB:83:9E:50:46:F1:BD:0E:AE:19:51:CF:10:FE:C7:C9:65
Trust Flags: Websites, Email
CN = TrustCor ECA-1
SHA-256 Fingerprint: 5A:88:5D:B1:9C:01:D9:12:C5:75:93:88:93:8C:AF:BB:DF:03:1A:B2:D4:8E:91:EE:15:58:9B:42:97:1D:03:9C
Trust Flags: Websites, Email
The following CA certificates were Removed:
CN = Certum CA, O=Unizeto Sp. z o.o.
SHA-256 Fingerprint: D8:E0:FE:BC:1D:B2:E3:8D:00:94:0F:37:D2:7D:41:34:4D:99:3E:73:4B:99:D5:65:6D:97:78:D4:D8:14:36:24
CN = StartCom Certification Authority
SHA-256 Fingerprint: C7:66:A9:BE:F2:D4:07:1C:86:3A:31:AA:49:20:E8:13:B2:D1:98:60:8C:B7:B7:CF:E2:11:43:B8:36:DF:09:EA
CN = StartCom Certification Authority
SHA-256 Fingerprint: E1:78:90:EE:09:A3:FB:F4:F4:8B:9C:41:4A:17:D6:37:B7:A5:06:47:E9:BC:75:23:22:72:7F:CC:17:42:A9:11
CN = StartCom Certification Authority G2
SHA-256 Fingerprint: C7:BA:65:67:DE:93:A7:98:AE:1F:AA:79:1E:71:2D:37:8F:AE:1F:93:C4:39:7F:EA:44:1B:B7:CB:E6:FD:59:95
CN = TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3
SHA-256 Fingerprint: E4:C7:34:30:D7:A5:B5:09:25:DF:43:37:0A:0D:21:6E:9A:79:B9:D6:DB:83:73:A0:C6:9E:B1:CC:31:C7:C5:2A
CN = ACEDICOM Root
SHA-256 Fingerprint: 03:95:0F:B4:9A:53:1F:3E:19:91:94:23:98:DF:A9:E0:EA:32:D7:BA:1C:DD:9B:C8:5D:B5:7E:D9:40:0B:43:4A
CN = Certinomis - Autorité Racine
SHA-256 Fingerprint: FC:BF:E2:88:62:06:F7:2B:27:59:3C:8B:07:02:97:E1:2D:76:9E:D1:0E:D7:93:07:05:A8:09:8E:FF:C1:4D:17
CN = TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı
SHA-256 Fingerprint: 97:8C:D9:66:F2:FA:A0:7B:A7:AA:95:00:D9:C0:2E:9D:77:F2:CD:AD:A6:AD:6B:A7:4A:F4:B9:1C:66:59:3C:50
CN = PSCProcert
SHA-256 Fingerprint: 3C:FC:3C:14:D1:F6:84:FF:17:E3:8C:43:CA:44:0C:00:B9:67:EC:93:3E:8B:FE:06:4C:A1:D7:2C:90:F2:AD:B0
CN = CA 沃通根证书, O=WoSign CA Limited
SHA-256 Fingerprint: D6:F0:34:BD:94:AA:23:3F:02:97:EC:A4:24:5B:28:39:73:E4:47:AA:59:0F:31:0C:77:F4:8F:DF:83:11:22:54
CN = Certification Authority of WoSign
SHA-256 Fingerprint: 4B:22:D5:A6:AE:C9:9F:3C:DB:79:AA:5E:C0:68:38:47:9C:D5:EC:BA:71:64:F7:F2:2D:C1:D6:5F:63:D8:57:08
CN = Certification Authority of WoSign G2
SHA-256 Fingerprint: D4:87:A5:6F:83:B0:74:82:E8:5E:96:33:94:C1:EC:C2:C9:E5:1D:09:03:EE:94:6B:02:C3:01:58:1E:D9:9E:16
CN = CA WoSign ECC Root
SHA-256 Fingerprint: 8B:45:DA:1C:06:F7:91:EB:0C:AB:F2:6B:E5:88:F5:FB:23:16:5C:2E:61:4B:F8:85:56:2D:0D:CE:50:B2:9B:02
libfreebl no longer requires SSE2 instructions.
New in NSS 3.34
New Functionality
When listing an NSS database using certutil -L, but the database
hasn't yet been initialized with any non-empty or empty password,
the text "Database needs user init" will be included in the listing.
When using certutil to set an inacceptable password in FIPS mode,
a correct explanation of acceptable passwords will be printed.
SSLKEYLOGFILE is now supported with TLS 1.3, see Bug 1287711 for details.
SSLChannelInfo has two new fields (Bug 1396525)
SSLNamedGroup originalKeaGroup holds the key exchange group of the
original handshake when the session was resumed.
PRBool resumed is PR_TRUE when the session is resumed and PR_FALSE
otherwise.
RSA-PSS signatures are now supported on certificates. Certificates
with RSA-PSS or RSA-PKCS#1v1.5 keys can be used to create an RSA-PSS
signature on a certificate using the --pss-sign argument to certutil.
New Functions
Compatibility
NSS 3.34 shared libraries are backward compatible with all older NSS 3.x
shared libraries. A program linked with older NSS 3.x shared libraries
will work with NSS 3.34 shared libraries without recompiling or relinking.
Furthermore, applications that restrict their use of NSS APIs to the
functions listed in NSS Public Functions will remain compatible with
future versions of the NSS shared libraries.
Changelog:
Notable Changes in NSS 3.33
TLS compression is no longer supported. API calls that attempt to enable compression are accepted without failure. However, TLS compression will remain disabled.
This version of NSS uses a formally verified implementation of Curve25519 on 64-bit systems.
The compile time flag DISABLE_ECC has been removed.
When NSS is compiled without NSS_FORCE_FIPS=1 startup checks are not performed anymore.
Various minor improvements and correctness fixes.
Changelog:
Notable Changes:
================
* Various minor improvements and correctness fixes.
* The Code Signing trust bit was turned off for all included root certificates.
* The Websites (TLS/SSL) trust bit was turned off for the following root
certificates:
- CN = AddTrust Class 1 CA Root
- CN = Swisscom Root CA 2
* The following CA certificates were Removed:
- CN = AddTrust Public CA Root
- CN = AddTrust Qualified CA Root
- CN = China Internet Network Information Center EV Certificates Root
- CN = CNNIC ROOT
- CN = ComSign Secured CA
- CN = GeoTrust Global CA 2
- CN = Secure Certificate Services
- CN = Swisscom Root CA 1
- CN = Swisscom Root EV CA 2
- CN = Trusted Certificate Services
- CN = UTN-USERFirst-Hardware
- CN = UTN-USERFirst-Object
Changelog:
New functionality:
==================
* Allow certificates to be specified by RFC7512 PKCS#11 URIs.
* Allow querying a certificate object for its temporary or permanent storage
status in a thread safe way.
New Functions:
==============
* CERT_GetCertIsPerm - retrieve the permanent storage status attribute of a
certificate in a thread safe way.
* CERT_GetCertIsTemp - retrieve the temporary storage status attribute of a
certificate in a thread safe way.
* PK11_FindCertFromURI - find a certificate identified by the given URI.
* PK11_FindCertsFromURI - find a list of certificates identified by the given
URI.
* PK11_GetModuleURI - retrieve the URI of the given module.
* PK11_GetTokenURI - retrieve the URI of a token based on the given slot
information.
* PK11URI_CreateURI - create a new PK11URI object from a set of attributes.
* PK11URI_DestroyURI - destroy a PK11URI object.
* PK11URI_FormatURI - format a PK11URI object to a string.
* PK11URI_GetPathAttribute - retrieve a path attribute with the given name.
* PK11URI_GetQueryAttribute - retrieve a query attribute with the given name.
* PK11URI_ParseURI - parse PKCS#11 URI and return a new PK11URI object.
New Macros:
===========
* Several new macros that start with PK11URI_PATTR_ for path attributes defined
in RFC7512.
* Several new macros that start with PK11URI_QATTR_ for query attributes defined
in RFC7512.
Notable Changes:
================
* The APIs that set a TLS version range have been changed to trim the requested
range to the overlap with a systemwide crypto policy, if configured.
SSL_VersionRangeGetSupported can be used to query the overlap between the
library's supported range of TLS versions and the systemwide policy.
* Previously, SSL_VersionRangeSet and SSL_VersionRangeSetDefault returned a
failure if the requested version range wasn't fully allowed by the systemwide
crypto policy. They have been changed to return success, if at least one TLS
version overlaps between the requested range and the systemwide policy. An
application may call SSL_VersionRangeGet and SSL_VersionRangeGetDefault to
query the TLS version range that was effectively activated.
* Corrected the encoding of Domain Name Constraints extensions created by
certutil.
* NSS supports a clean seeding mechanism for *NIX systems now using only
/dev/urandom. This is used only when SEED_ONLY_DEV_URANDOM is set at compile
time.
* CERT_AsciiToName can handle OIDs in dotted decimal form now.
The HG tag is NSS_3_31_RTM. NSS 3.31 requires NSPR 4.15 or newer.
Changelog:
The NSS team has released Network Security Services (NSS) 3.30.2,
which is a patch release to update the list of root CA certificates.
Below is a summary of the changes.
Please refer to the full release notes for additional details,
including the SHA256 fingerprints of the changed CA certificates.
Notable Changes:
* The following CA certificates were Removed
- O = Japanese Government, OU = ApplicationCA
- CN = WellsSecure Public Root Certificate Authority
- CN = TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6
- CN = Microsec e-Szigno Root
* The following CA certificates were Added
- CN = D-TRUST Root CA 3 2013
- CN = TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
* The version number of the updated root CA list has been set to 2.14
(Bug 1350859)
* Domain name constraints for one of the new CAs have been added to the
NSS code (Bug 1349705)
Changelog:
New in NSS 3.30:
================
* In the PKCS#11 root CA module (nssckbi), CAs with positive trust are
marked with a new boolean attribute, CKA_NSS_MOZILLA_CA_POLICY, set to
true. Applications that need to distinguish them from other other root CAs
may use the exported function PK11_HasAttributeSet.
* Support for callback functions that can be used to monitor SSL/TLS alerts
that are sent or received.
Notable Changes:
================
* The TLS server code has been enhanced to support session tickets when no
RSA certificate is configured.
* RSA-PSS signatures produced by key pairs with a modulus bit length that
is not a multiple of 8 are now supported.
* The pk12util tool now supports importing and exporting data encrypted in
the AES based schemes defined in PKCS#5 v2.1.
Changelog:
The NSS team has released Network Security Services (NSS) 3.29.3
No new functionality is introduced in this release.
This is a patch release to fix a rare crash when initializing an SSL socket
fails.
The NSS team has released Network Security Services (NSS) 3.29.2
No new functionality is introduced in this release.
This is a patch release to fix an issue with TLS session tickets.
Changelog:
Notable Changes:
================
* Fixed a NSS 3.28 regression in the signature scheme flexibility that
causes connectivity issues between iOS 8 clients and NSS servers with ECDSA
certificates (bug1334114
<https://bugzilla.mozilla.org/show_bug.cgi?id=1334114>).
* Bump nspr requirement
Changelog:
3.28.1:
The NSS team has released Network Security Services (NSS) 3.28.1,
which is a patch release.
Below is a summary of the changes.
Please refer to the full release notes for additional details,
including the SHA256 fingerprints of the changed CA certificates.
No new functionality is introduced in this release. This is a patch release to
update the list of root CA certificates and address a minor TLS compatibility
issue that some applications experienced with NSS 3.28.
Notable Changes:
* The following CA certificates were Removed
- CN = Buypass Class 2 CA 1
- CN = Root CA Generalitat Valenciana
- OU = RSA Security 2048 V3
* The following CA certificates were Added
- OU = AC RAIZ FNMT-RCM
- CN = Amazon Root CA 1
- CN = Amazon Root CA 2
- CN = Amazon Root CA 3
- CN = Amazon Root CA 4
- CN = LuxTrust Global Root 2
- CN = Symantec Class 1 Public Primary Certification Authority - G4
- CN = Symantec Class 1 Public Primary Certification Authority - G6
- CN = Symantec Class 2 Public Primary Certification Authority - G4
- CN = Symantec Class 2 Public Primary Certification Authority - G6
* The version number of the updated root CA list has been set to 2.11
* A misleading assertion/alert has been removed when NSS tries to flush data
to the peer but the connection was already reset.
3.28:
The NSS team has released Network Security Services (NSS) 3.28,
which is a minor release.
Below is a summary of the changes.
Please refer to the full release notes for additional details:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28_release_notes
Request to test and prepare for TLS 1.3 (draft):
================================================
To prepare for a change of default build options, which is
planned for
the future NSS 3.29 release, we'd like to encourage all users of NSS
3.28
to override the standard NSS build configuration to enable support for
(draft
) TLS 1.3 by defining NSS_ENABLE_TLS_1_3=1 at build time.
We'd like to ask you to
please give feedback to the NSS developers for any
compatibility issues that you
might encounter in your tests.
For providing feedback, you may send a message to this mailing list, see:
https://lists.mozilla.org/listinfo/dev-tech-crypto
or please report a bug here:
https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS
New functionality:
==================
* NSS includes support for TLS 1.3 draft -18. This includes a number
of
improvements to TLS 1.3:
- The signed certificate timestamp, used in
certificate transparency,
is supported in TLS 1.3.
- Key exporters for TLS
1.3 are supported. This includes the early key
exporter, which can be used if
0-RTT is enabled. Note that there is a
difference between TLS 1.3 and key
exporters in older versions of TLS.
TLS 1.3 does not distinguish between an
empty context and no context.
- The TLS 1.3 (draft) protocol can be enabled, by
defining
NSS_ENABLE_TLS_1_3=1 when building NSS.
* NSS includes support for
the X25519 key exchange algorithm, which is
supported and enabled by default in
all versions of TLS.
New Functions:
==============
* SSL_ExportEarlyKeyingMaterial
* SSL_SendAdditionalKeyShares
* SSL_SignatureSchemePrefSet
* SSL_SignatureSchemePrefGet
Notable Changes:
================
* NSS can no longer be compiled with support for additional elliptic curves.
This was previously possible by replacing certain NSS source files.
* NSS will now detect the presence of tokens that support additional
elliptic curves and enable those curves for use in TLS.
Note that this detection has a one-off performance cost, which can be
avoided by using the SSL_NamedGroupConfig function to limit supported
groups to those that NSS provides.
* PKCS#11 bypass for TLS is no longer supported and has been removed.
* Support for "export" grade SSL/TLS cipher suites has been removed.
* NSS now uses the signature schemes definition in TLS 1.3.
This also affects TLS 1.2. NSS will now only generate signatures with the
combinations of hash and signature scheme that are defined in TLS 1.3,
even when negotiating TLS 1.2.
- This means that SHA-256 will only be used with P-256 ECDSA certificates,
SHA-384 with P-384 certificates, and SHA-512 with P-521 certificates.
SHA-1 is permitted (in TLS 1.2 only) with any certificate for backward
compatibility reasons.
- New functions to configure signature schemes are provided:
SSL_SignatureSchemePrefSet, SSL_SignatureSchemePrefGet.
The old SSL_SignaturePrefSet and SSL_SignaturePrefSet functions are
now deprecated.
- NSS will now no longer assume that default signature schemes are
supported by a peer if there was no commonly supported signature scheme.
* NSS will now check if RSA-PSS signing is supported by the token that holds
the private key prior to using it for TLS.
* The certificate validation code contains checks to no longer trust
certificates that are issued by old WoSign and StartCom CAs after
October 21, 2016. This is equivalent to the behavior that Mozilla will
release with Firefox 51.
Changelog:
The NSS Development Team announces the release of NSS 3.27.2, which is a
patch release to address a memory leak in the TLS implementation.
No new functionality is introduced in this release.
Notable Changes:
* Bug 1318561 - SSL_SetTrustAnchors leaks
Changelog:
The NSS team has released Network Security Services (NSS) 3.27.1.
This is a patch release to address a TLS compatibility issue
that some applications experienced with NSS 3.27.
Notable Changes:
Availability of the TLS 1.3 (draft) implementation has been re-disabled
in the default build.
Previous versions of NSS made TLS 1.3 (draft) available only when compiled
with NSS_ENABLE_TLS_1_3. NSS 3.27 set this value on by default, allowing
TLS 1.3 (draft) to be disabled using NSS_DISABLE_TLS_1_3, although the
maximum version used by default remained TLS 1.2.
However, some applications query the list of protocol versions that are
supported by the NSS library, and enable all supported TLS protocol versions.
Because NSS 3.27 enabled compilation of TLS 1.3 (draft) by default, it caused
those applications to enable TLS 1.3 (draft). This resulted in connectivity
failures, as some TLS servers are version 1.3 intolerant, and failed to
negotiate an earlier TLS version with NSS 3.27 clients.
fixes build for 32bit when passing USE_64 (which is questionable)...
in pkgsrc we declare all mips64* platforms as 64bit, and use USE_64.
However, netbsd/mips64 is using a 32bit ABI, so it is akin to passing
USE_64=1 for 32bit.
perhaps not declaring it a 64bit platform is correct, but this package
is one of the only few using this logic, and it's unfeasible to have
correct logic for 32bit/64bit.
this package has considerably more logic for USE_64 than for USE_NSS_64,
so to avoid inadvertent damage to other platforms, retain the USE_64=1
logic.
feel free to object to this option in the discussion on tech-pkg.
Changelog:
The NSS team has released Network Security Services (NSS) 3.27,
which is a minor release.
Below is a summary of the changes.
Please refer to the full release notes for additional details,
including the SHA256 fingerprints of the changed CA certificates.
New functionality:
* Allow custom named group priorities for TLS key exchange handshake
(SSL_NamedGroupConfig).
* Added support for RSA-PSS signatures in TLS 1.2 and TLS 1.3
New Functions:
* SSL_NamedGroupConfig
Notable Changes:
* NPN can not be enabled anymore.
* Hard limits on the maximum number of TLS records encrypted with the same
key are enforced.
* Disabled renegotiation in DTLS.
* The following CA certificates were Removed
- CN = IGC/A, O = PM/SGDN, OU = DCSSI
- CN = Juur-SK, O = AS Sertifitseerimiskeskus
- CN = EBG Elektronik Sertifika Hizmet Sağlayıcısı
- CN = S-TRUST Authentication and Encryption Root CA 2005:PN
- O = VeriSign, Inc., OU = Class 1 Public Primary Certification Authority
- O = VeriSign, Inc., OU = Class 2 Public Primary Certification Authority - G2
- O = VeriSign, Inc., OU = Class 3 Public Primary Certification Authority
- O = Equifax, OU = Equifax Secure Certificate Authority
- CN = Equifax Secure eBusiness CA-1
- CN = Equifax Secure Global eBusiness CA-1
The full release notes are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.27_release_notes
Changelog:
The NSS team has released Network Security Services (NSS) 3.25, which is a minor
release.
Below is a short summary of the changes.
Please refer to the full release notes for additional details.
New functionality:
* Implemented DHE key agreement for TLS 1.3
* Added support for ChaCha with TLS 1.3
* Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF
* In previous versions, when using client authentication with TLS 1.2,
NSS only supported certificate_verify messages that used the same
signature hash algorithm as used by the PRF.
This limitation has been removed.
* Several functions have been added to the public API of the NSS
Cryptoki Framework.
New Functions:
* NSSCKFWSlot_GetSlotID
* NSSCKFWSession_GetFWSlot
* NSSCKFWInstance_DestroySessionHandle
* NSSCKFWInstance_FindSessionHandle
Notable Changes:
* An SSL socket can no longer be configured to allow both TLS 1.3 and SSL v3
* Regression fix: NSS no longer reports a failure if an application attempts
to disable the SSL v2 protocol.
* The list of trusted CA certificates has been updated to version 2.8
* The following CA certificate was Removed
- CN = Sonera Class1 CA
* The following CA certificates were Added
- CN = Hellenic Academic and Research Institutions RootCA 2015
- CN = Hellenic Academic and Research Institutions ECC RootCA 2015
- CN = Certplus Root CA G1
- CN = Certplus Root CA G2
- CN = OpenTrust Root CA G1
- CN = OpenTrust Root CA G2
- CN = OpenTrust Root CA G3
* Require nspr 4.12 or later, from he@. Thank you.
Changelog:
The NSS team has released Network Security Services (NSS) 3.24, which is
a minor release.
Below is a short summary of the changes.
Please refer to the full release notes for additional details.
New functionality:
* NSS softoken has been updated with the latest NIST guidance (as of 2015)
* NSS softoken has also been updated to allow NSS to run in FIPS level-1
(no password).
* SSL_ConfigServerCert function has been added for configuring SSL/TLS
server sockets with a certificate and private key. This method should be
used in preference to SSL_ConfigSecureServer,
SSL_ConfigSecureServerWithCertChain, SSL_SetStapledOCSPResponses, and
SSL_SetSignedCertTimestamps.
* Added PORTCheapArena for temporary arenas allocated on the stack.
New Functions:
* SSL_ConfigServerCert - Configures an SSL/TLS socket with a certificate,
private key and other information.
* PORT_InitCheapArena - This initializes an arena that was created on
the stack. See PORTCheapArenaPool.
* PORT_DestroyCheapArena - This destroys an arena that was created on
the stack. See PORTCheapArenaPool.
New Types
* SSLExtraServerCertData - This struct is optionally passed as an argument
to SSL_ConfigServerCert. It contains supplementary information about a
certificate, such as the intended type of the certificate, stapled OCSP
responses, or signed certificate timestamps (used for certificate
transparency).
* PORTCheapArenaPool - A stack-allocated arena pool, to be used for
temporary arena allocations.
New Macros
* CKM_TLS12_MAC
* SEC_OID_TLS_ECDHE_PSK - This OID is used to govern use of the
TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 cipher suite, which is only
used for session resumption in TLS 1.3.
Notable Changes:
* The following functions have been deprecated (applications should use the
new SSL_ConfigServerCert function instead):
* SSL_SetStapledOCSPResponses
* SSL_SetSignedCertTimestamps
* SSL_ConfigSecureServer
* SSL_ConfigSecureServerWithCertChain
* Function NSS_FindCertKEAType is now deprecated, as it reports a misleading
value for certificates that might be used for signing rather than key
exchange.
* SSLAuthType has been updated to define a larger number of authentication
key types.
* The member attribute authAlgorithm of type SSLCipherSuiteInfo has been
deprecated. Instead, applications should use the newly added attribute
authType.
* ssl_auth_rsa has been renamed to ssl_auth_rsa_decrypt.
* On Linux platforms that define FREEBL_LOWHASH, a shared library has been
added: libfreeblpriv3
* Most code related to the SSL v2 has been removed, including the ability to
actively send a SSL v2 compatible client hello.
However, the server side implementation of the SSL/TLS protocol continues to
support processing of received v2 compatible client hello messages.
* NSS supports a mechanism to log SSL/TLS key material to a logfile if the
environment variable named SSLKEYLOGFILE is set. NSS has been changed to
disable this functionality in optimized builds by default. In order to enable
the functionality in optimized builds, the symbol NSS_ALLOW_SSLKEYLOGFILE
must be defined when building NSS.
* NSS has been updated to be protected against the Cachebleed attack.
* Support for DTLS compression has been disabled.
* Support for TLS 1.3 has been improved. This includes support for DTLS 1.3.
Note that TLS 1.3 support is experimental and is not suitable for production
use.
Changelog:
The NSS team has released Network Security Services (NSS) 3.23, which is a minor
release.
The following security-relevant bug has been resolved in NSS 3.23.
Users are encouraged to upgrade immediately.
* Bug 1245528 (CVE-2016-1950):
Fixed a heap-based buffer overflow related to the parsing of certain ASN.1
structures. An attacker could create a specially-crafted certificate which,
when parsed by NSS, would cause a crash or execution of arbitrary code with
the permissions of the user.
New functionality:
* ChaCha20/Poly1305 cipher and TLS cipher suites now supported
(bug 917571, bug 1227905)
* Experimental-only support TLS 1.3 1-RTT mode (draft-11).
This code is not ready for production use.
New Functions:
* SSL_SetDowngradeCheckVersion - Set maximum version for new ServerRandom
anti-downgrade mechanism
Notable Changes:
* The copy of SQLite shipped with NSS has been updated to version 3.10.2
(bug 1234698)
* The list of TLS extensions sent in the TLS handshake has been reordered
to improve compatibility of the Extended Master Secret feature
with servers (bug 1243641)
* The build time environment variable NSS_ENABLE_ZLIB has been renamed
to NSS_SSL_ENABLE_ZLIB (Bug 1243872).
* The build time environment variable NSS_DISABLE_CHACHAPOLY was added,
which can be used to prevent compilation of the ChaCha20/Poly1305 code.
* The following CA certificates were Removed
- Staat der Nederlanden Root CA
- NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado
- NetLock Kozjegyzoi (Class A) Tanusitvanykiado
- NetLock Uzleti (Class B) Tanusitvanykiado
- NetLock Expressz (Class C) Tanusitvanykiado
- VeriSign Class 1 Public PCA – G2
- VeriSign Class 3 Public PCA
- VeriSign Class 3 Public PCA – G2
- CA Disig
* The following CA certificates were Added
- SZAFIR ROOT CA2
- Certum Trusted Network CA 2
* The following CA certificate had the Email trust bit turned on
- Actalis Authentication Root CA
The full release notes, including the SHA256 fingerprints of the changed
CA certificates, are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.23_release_notes
Changelog:
The NSS Development Team announces the release of NSS 3.22.3,
which is a patch release for NSS 3.22.
No new functionality is introduced in this release.
The following bugs have been resolved in NSS 3.22.3
* Bug 1243641 - Increase compatibility of TLS extended master secret,
don't send an empty TLS extension last in the handshake
We do include zlib.buildlink3.mk, so make sure we always use that zlib.
Remove manual do-build target and set BUILD_DIRS instead.
Set MAKE_JOBS_SAFE=no. The previous do-build target didn't respect MAKE_JOBS.
Bump PKGREVISON.
