ProHoster > Ibhulogi > iindaba ze-intanethi > I-OpenSSL 3.3.0 Ukukhutshwa kweThala leencwadi eliCryptographic

I-OpenSSL 3.3.0 Ukukhutshwa kweThala leencwadi eliCryptographic

Emva kweenyanga ezintlanu zophuhliso, ukukhutshwa kwethala leencwadi le-OpenSSL 3.3.0 kwasekwa ngokuphunyezwa kweeprothokholi ze-SSL/TLS kunye neendlela ezahlukeneyo zokubethela. I-OpenSSL 3.3 iya kuxhaswa kude kube ngu-Epreli 2026. Inkxaso yamasebe angaphambili e-OpenSSL 3.2, 3.1 kunye ne-3.0 LTS iya kuqhubeka kude kube nguNovemba 2025, Matshi 2025 kunye noSeptemba 2026, ngokulandelanayo. Ikhowudi yeprojekthi ihanjiswa phantsi kwelayisensi ye-Apache 2.0.

Iinguqulelo eziphambili ze-OpenSSL 3.3.0:

  • Ukuhlanganiswa kwenkxaso yeprotocol ye-QUIC (RFC 9000), eyongezelelweyo kwi-protocol ye-UDP esetyenziswa njengezothutho kwi-HTTP / 3 protocol, iyaqhubeka. Kukhupho olutsha:
    • Inkxaso eyongeziweyo yokulandela umdibaniso we-QUIC ngokungena ngokuxilonga kwifomathi ye-qlog.
    • Inkxaso eyongeziweyo yokuvota kwimodi engathinteliyo yoqhagamshelwano lwe-QUIC kunye nezinto zokuhamba.
    • Ukukwazi ukunyusa ukuveliswa kwezakhelo zokuphela kokuhamba koqhagamshelwano lwe-QUIC luphunyeziwe.
    • Ubonelele ngokukwazi ukukhubaza ukusetyenzwa kwesiganeko se-QUIC xa ufowuna ngee-API.
    • Inkxaso eyongeziweyo yokumisela ukungasebenzi kwexesha le-QUIC.
    • I-API eyongeziweyo kumbuzo wokubhala i-buffer ubukhulu kunye nokugcwala kwi-QUIC streams.
  • Izandiso eziphunyeziweyo kwi-CMP (iProtocol yoLawulo lweSatifikethi) iprotocol yolawulo lwesatifikethi, echazwe kwiinkcukacha ze-RFC 9480 (inkcazo ye-CMPv3 protocol) kunye ne-RFC 9483 (iprofayili ekhaphukhaphu kwizixhobo ezinamandla aphantsi).
  • Ukongezwa ukukwazi ukukhubaza ukusetyenziswa komsebenzi we-atexit kwinqanaba lokwakha.
  • Kongezwe umahluko we SSL_SESSION API ongachatshazelwanga ngumba ka-2038: yongezwe SSL_SESSION_get_time_ex() kunye SSL_SESSION_set_time_ex() imisebenzi esebenzisa i-64-bit time_t uhlobo kwiinkqubo ze-32-bit.
  • Umsebenzi we-EVP_PKEY_fromdata uphumeza ukukwazi ukufumana ngokuzenzekelayo iiparameters ze-Chinese Remander Theorem (CRT, i-Chinese Remander Theorem).
  • Kongezwe ukukwazi ukungahoyi amagama angaziwayo we-algorithm yotyikityo echazwe kwiTLS SignatureAlgorithms kunye neClientSignatureAlgorithms uqwalaselo iparameters.
  • Yongeza amandla okumisela ukusetyenziswa okuphambili kwezitshixo zePSK kwi umncedisi I-TLS 1.3 ngexesha lokubuyiselwa kweseshoni.
  • Yongezwe EVP_DigestSqueeze() umsebenzi wokunciphisa i-SHAKE yesayizi ye-hash usebenzisa uphindaphindo oluninzi kunye nobukhulu obahlukeneyo bemveliso.
  • Inkxaso eyongezelelweyo yokuthumela ngaphandle iifayile zokwakha ze-CMake kwiinkqubo ezifana ne-Unix kunye Windows (ukongeza kwi-pkg-config based export).
  • Ukulungiswa kokusebenza kwenziwe: Ukusebenza kwe-algorithm ye-AES-GCM kwizixhobo ezine-chips ze-Microsoft Azure Cobalt 100 ziye zaphuculwa. I-AES enikwe amandla kunye ne-SHA1 elungiselelwe iinkqubo ze-Apple ezineetshiphusi ze-M2. Imisebenzi eyahlukeneyo ye-cryptographic isebenzisa i-vector extensions ye-RISC-V. Ukuphunyezwa kokuhlanganiswa kwe-md3 kwi-CPU Loongarch3.

umthombo: opennet.ru

Thenga ukusingathwa okuthembekileyo kwiindawo ezinokhuseleko lweDDoS, iiseva zeVPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekileyo ngokhuseleko lwe-DDoS, iiseva zeVPS VDS | ProHoster