Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , 4 reacties
Bron: OpenSSL

Het ontwikkelteam van OpenSSL, een bekend securityprogramma dat encryptiefuncties aanbiedt, heeft een nieuwe versie uitgebracht met 0.9.8g als het versienummer. OpenSSL bevat een implementatie van het tls- en het ssl-protocol waarmee data versleuteld kan worden verstuurd en ontvangen om bijvoorbeeld eavesdropping te voorkomen. Voor meer informatie verwijzen we jullie door naar deze pagina. De lijsten met veranderingen voor OpenSSL 0.9.8g ziet er als volgt uit:

Changes between 0.9.8f and 0.9.8g:
  • Fix various bugs:
    • Binary incompatibility of ssl_ctx_st structure
    • DTLS interoperation with non-compliant servers
    • Don't call get_session_cb() without proposed session
    • Fix ia64 assembler code
Changes between 0.9.8e and 0.9.8f:
  • DTLS Handshake overhaul. There were longstanding issues with OpenSSL DTLS implementation, which were making it impossible for RFC 4347 compliant client to communicate with OpenSSL server. Unfortunately just fixing these incompatibilities would "cut off" pre-0.9.8f clients. To allow for hassle free upgrade post-0.9.8e server keeps tolerating non RFC compliant syntax. The opposite is not true, 0.9.8f client can not communicate with earlier server. This update even addresses CVE-2007-4995.
  • Changes to avoid need for function casts in OpenSSL: some compilers (gcc 4.2 and later) reject their use.
  • Add RFC4507 support to OpenSSL. This includes the corrections in RFC4507bis. The encrypted ticket format is an encrypted encoded SSL_SESSION structure, that way new session features are automatically supported.
    If a client application caches session in an SSL_SESSION structure support is transparent because tickets are now stored in the encoded SSL_SESSION.
    The SSL_CTX structure automatically generates keys for ticket protection in servers so again support should be possible with no application modification.
    If a client or server wishes to disable RFC4507 support then the option SSL_OP_NO_TICKET can be set.
    Add a TLS extension debugging callback to allow the contents of any client or server extensions to be examined.
    This work was sponsored by Google.
  • Add initial support for TLS extensions, specifically for the server_name extension so far. The SSL_SESSION, SSL_CTX, and SSL data structures now have new members for a host name. The SSL data structure has an additional member SSL_CTX *initial_ctx so that new sessions can be stored in that context to allow for session resumption, even after the SSL has been switched to a new SSL_CTX in reaction to a client's server_name extension.
    New functions (subject to change):
      SSL_get_servername()
      SSL_get_servername_type()
      SSL_set_SSL_CTX()
    New CTRL codes and macros (subject to change):
      SSL_CTRL_SET_TLSEXT_SERVERNAME_CB - SSL_CTX_set_tlsext_servername_callback()
      SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG - SSL_CTX_set_tlsext_servername_arg()
      SSL_CTRL_SET_TLSEXT_HOSTNAME - SSL_set_tlsext_host_name()
    openssl s_client has a new '-servername ...' option.
    openssl s_server has new options '-servername_host ...', '-cert2 ...', '-key2 ...', '-servername_fatal' (subject to change). This allows testing the HostName extension for a specific single host name ('-cert' and '-key' remain fallbacks for handshakes without HostName negotiation). If the unrecogninzed_name alert has to be sent, this by default is a warning; it becomes fatal with the '-servername_fatal' option.
  • Add AES and SSE2 assembly language support to VC++ build.
  • Mitigate attack on final subtraction in Montgomery reduction.
  • Fix crypto/ec/ec_mult.c to work properly with scalars of value 0 (which previously caused an internal error).
  • Squeeze another 10% out of IGE mode when in != out.
  • AES IGE mode speedup.
  • Add the Korean symmetric 128-bit cipher SEED (see here) and add SEED ciphersuites from RFC 4162:
      TLS_RSA_WITH_SEED_CBC_SHA = "SEED-SHA"
      TLS_DHE_DSS_WITH_SEED_CBC_SHA = "DHE-DSS-SEED-SHA"
      TLS_DHE_RSA_WITH_SEED_CBC_SHA = "DHE-RSA-SEED-SHA"
      TLS_DH_anon_WITH_SEED_CBC_SHA = "ADH-SEED-SHA"
    To minimize changes between patchlevels in the OpenSSL 0.9.8 series, SEED remains excluded from compilation unless OpenSSL is configured with 'enable-seed'.
  • Mitigate branch prediction attacks, which can be practical if a single processor is shared, allowing a spy process to extract information. For detailed background information, see here (O. Aciicmez, S. Gueron, J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures"). The core of the change are new versions BN_div_no_branch() and BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(), respectively, which are slower, but avoid the security-relevant conditional branches. These are automatically called by BN_div() and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one of the input BIGNUMs. Also, BN_is_bit_set() has been changed to remove a conditional branch.
    BN_FLG_CONSTTIME is the new name for the previous BN_FLG_EXP_CONSTTIME flag, since it now affects more than just modular exponentiation. (Since OpenSSL 0.9.7h, setting this flag in the exponent causes BN_mod_exp_mont() to use the alternative implementation in BN_mod_exp_mont_consttime().) The old name remains as a deprecated alias.
    Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses constant-time implementations for more than just exponentiation. Here too the old name is kept as a deprecated alias.
    BN_BLINDING_new() will now use BN_dup() for the modulus so that the BN_BLINDING structure gets an independent copy of the modulus. This means that the previous "BIGNUM *m" argument to BN_BLINDING_new() and to BN_BLINDING_create_param() now essentially becomes "const BIGNUM *m", although we can't actually change this in the header file before 0.9.9. It allows RSA_setup_blinding() to use BN_with_flags() on the modulus to enable BN_FLG_CONSTTIME.
  • In the SSL/TLS server implementation, be strict about session ID context matching (which matters if an application uses a single external cache for different purposes). Previously, out-of-context reuse was forbidden only if SSL_VERIFY_PEER was set. This did ensure strict client verification, but meant that, with applications using a single external cache for quite different requirements, clients could circumvent ciphersuite restrictions for a given session ID context by starting a session in a different context.
  • Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a ciphersuite string such as "DEFAULT:RSA" cannot enable authentication-only ciphersuites.
Versienummer:0.9.8g
Releasestatus:Final
Besturingssystemen:Windows 9x, Windows NT, Windows 2000, BSD, Windows XP, macOS, OS/2, Solaris, UNIX, Windows Server 2003, Windows Vista
Website:OpenSSL
Download:http://www.openssl.org/source/openssl-0.9.8g.tar.gz
Bestandsgrootte:3,20MB
Licentietype:Voorwaarden (GNU/BSD/etc.)
Moderatie-faq Wijzig weergave

Reacties (4)

"OpenSSL, een bekend securityprogramma"
Dat klopt niet. OpenSSL is een toolkit (libraries) die programma's kunnen gebruiken om SSL/TLS te implementeren
Dus de update van f naar g fixt 4 bugs.... waarom staan er daaronder de verbeteringen van e naar f (die al lang uit is en veel langer is)....

Ziet er wel imposanter uit though :P
0.9.8f staat niet in de Update-geschiedenis
Ook dat klopt niet, want OpenSSL kan veel meer dan alleen SSL/TLS. Denk aan CA-functies en vele vormen van certificates maken/checken en converteren ;)

Op dit item kan niet meer gereageerd worden.



Apple iOS 10 Google Pixel Apple iPhone 7 Sony PlayStation VR AMD Radeon RX 480 4GB Battlefield 1 Google Android Nougat Watch Dogs 2

© 1998 - 2016 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Carsom.nl de Persgroep Online Services B.V. Hosting door True