ืคึผืจืึธื”ืึธืกื˜ืขืจ > ื‘ืœืึธื’ > ืื™ื ื˜ืขืจื ืขื˜ ื ื™ื™ึทืขืก > LibreSSL 3.2.0 ืงืจื™ืคึผื˜ืึธื’ืจืึทืคื™ืง ื‘ื™ื‘ืœื™ืึธื˜ืขืง ืžืขืœื“ื•ื ื’

LibreSSL 3.2.0 ืงืจื™ืคึผื˜ืึธื’ืจืึทืคื™ืง ื‘ื™ื‘ืœื™ืึธื˜ืขืง ืžืขืœื“ื•ื ื’

OpenBSD ืคึผืจืึธื™ืขืงื˜ ื“ืขื•ื•ืขืœืึธืคึผืขืจืก ื“ืขืจืœืื ื’ื˜ ืžืขืœื“ื•ื ื’ ืคื•ืŸ ืึท ืคึผืึธืจื˜ืึทื˜ื™ื•ื• ืึทื“ื™ืฉืึทืŸ ืคื•ืŸ ื“ืขื ืคึผืขืงืœ LibreSSL 3.2.0, ืื™ืŸ ื•ื•ืึธืก ืึท ื’ืึธืคึผืœ ืคื•ืŸ OpenSSL ืื™ื– ื“ืขื•ื•ืขืœืึธืคึผืขื“, ืึทื™ืžืขื“ ืฆื• ืฆื•ืฉื˜ืขืœืŸ ืึท ื”ืขื›ืขืจ ืžื“ืจื’ื” ืคื•ืŸ ื–ื™ื›ืขืจื”ื™ื™ื˜. ื“ื™ LibreSSL ืคึผืจื•ื™ืขืงื˜ ืื™ื– ืคืึธื•ืงื™ืกื˜ ืื•ื™ืฃ ื”ื•ื™ืš-ืงื•ื•ืึทืœื™ื˜ืขื˜ ืฉื˜ื™ืฆืŸ ืคึฟืึทืจ ื“ื™ SSL / TLS ืคึผืจืึธื˜ืึธืงืึธืœืก ื“ื•ืจืš ืจื™ืžื•ื•ื•ื™ื ื’ ื•ืžื ื™ื™ื˜ื™ืง ืคืึทื ื’ืงืฉืึทื ืึทืœื™ื˜ื™, ืึทื“ื™ื ื’ ื ืึธืš ื–ื™ื›ืขืจื”ื™ื™ื˜ ืคึฟืขื™ึดืงื™ื™ื˜ืŸ ืื•ืŸ ื‘ืื˜ื™ื™ื˜ื™ืง ืจื™ื™ื ื™ืงื•ื ื’ ืื•ืŸ ืจื™ื•ื•ืขืจืงื™ื ื’ ื“ื™ ืงืึธื“ ื‘ืึทื–ืข. ื“ื™ LibreSSL 3.2.0 ืžืขืœื“ื•ื ื’ ืื™ื– ื’ืขืจืขื›ื ื˜ ื•ื•ื™ ืึทืŸ ื™ืงืกืคึผืขืจืžืขื ืึทืœ ืžืขืœื“ื•ื ื’ ื•ื•ืึธืก ื“ืขื•ื•ืขืœืึธืคึผืก ืคึฟืขื™ึดืงื™ื™ื˜ืŸ ื•ื•ืึธืก ื•ื•ืขื˜ ื–ื™ื™ืŸ ืึทืจื™ื™ึทื ื’ืขืจืขื›ื ื˜ ืื™ืŸ OpenBSD 6.8.

ืคึฟืขื™ึดืงื™ื™ื˜ืŸ ืคื•ืŸ LibreSSL 3.2.0:

  • ืกืขืจื•ื•ื™ืจืขืจ ื–ื™ื™ึทื˜ ืขื ื™ื™ื‘ืึทืœื“ ื“ื•ืจืš ืคืขืœื™ืงื™ื™ึทื˜ TLS 1.3 ืื™ืŸ ื“ืขืจืฆื• ืฆื• ื“ื™ ืคืจื™ืขืจ ืคืืจื’ืขืœื™ื™ื’ื˜ ืงืœื™ืขื ื˜ ื˜ื™ื™ืœ. ื“ื™ ื™ืžืคึผืœืึทืžืขื ื˜ื™ื™ืฉืึทืŸ ืคื•ืŸ TLS 1.3 ืื™ื– ื’ืขื‘ื•ื™ื˜ ืื•ื™ืฃ ื“ื™ ื™ืงืขืจ ืคื•ืŸ ืึท ื ื™ื™ึท ืฉื˜ืึทื˜ ืžืึทืฉื™ืŸ ืื•ืŸ ืึท ืกืึทื‘ืกื™ืกื˜ืึทื ืคึฟืึทืจ ืืจื‘ืขื˜ืŸ ืžื™ื˜ ืจืขืงืึธืจื“ืก. ืึทืŸ OpenSSL TLS 1.3 ืงืึทืžืคึผืึทื˜ืึทื‘ืึทืœ ืึทืคึผื™ ืื™ื– ื ืึธืš ื ื™ืฉื˜ ื‘ื ื™ืžืฆื, ืึธื‘ืขืจ TLS 1.3 ืคึฟืึทืจื‘ื•ื ื“ืขื ืข ืึธืคึผืฆื™ืขืก ื–ืขื ืขืŸ ืฆื•ื’ืขื’ืขื‘ืŸ ืฆื• ื“ื™ ืึธืคึผืขื ืกืกืœ ื‘ืึทืคึฟืขืœ.
  • ืื™ืŸ ื“ื™ ืจืขืงืึธืจื“ ืคึผืจืึทืกืขืกื™ื ื’ ืกืึทื‘ืกื™ืกื˜ืึทื, TLS 1.3 ืคืขืœื“ ื’ืจื™ื™ืก ืงืึธื ื˜ืจืึธืœื™ืจื•ื ื’ ืื™ื– ื™ืžืคึผืจื•ื•ื•ื“ ืื•ืŸ ืึท ื•ื•ืืจืขื ื•ื ื’ ืื™ื– ื’ืขื•ื•ื™ื–ืŸ ืื•ื™ื‘ ืœื™ืžืึทืฅ ื–ืขื ืขืŸ ื™ืงืกื™ื“ื™ื“.
  • ื“ืขืจ TLS ืกืขืจื•ื•ืขืจ ื™ื ืฉื•ืจื– ืึทื– ื‘ืœื•ื™ื– ื’ื™ืœื˜ื™ืง ื‘ืึทืœืขื‘ืึธืก ื ืขืžืขืŸ ืื™ืŸ SNI ื•ื•ืึธืก ื ืึธื›ืงื•ืžืขืŸ ืžื™ื˜ ื“ื™ ืจืขืงื•ื•ื™ืจืขืžืขื ืฅ ืคื•ืŸ RFC 5890 ืื•ืŸ RFC 6066 ื–ืขื ืขืŸ ืคึผืจืึทืกืขืกื˜.
  • ื“ื™ ื™ืžืคึผืœืึทืžืขื ื˜ื™ื™ืฉืึทืŸ ืคื•ืŸ TLS 1.3 ื”ืึธื˜ ืฆื•ื’ืขื’ืขื‘ืŸ ืฉื˜ื™ืฆืŸ ืคึฟืึทืจ ื“ื™ SSL_MODE_AUTO_RETRY ืžืึธื“ืข ืฆื• ืื•ื™ื˜ืึธืžืึทื˜ื™ืฉ ืจืขืกืขื ื“ ืึทืจื˜ื™ืงืœืขืŸ ืคึฟืึทืจ ืงืฉืจ ืคืึทืจื”ืึทื ื“ืœื•ื ื’.
  • ื“ื™ TLS 1.3 ืกืขืจื•ื•ืขืจ ืื•ืŸ ืงืœื™ืขื ื˜ ืฆื•ื’ืขื’ืขื‘ืŸ ืฉื˜ื™ืฆืŸ ืคึฟืึทืจ ืฉื™ืงืŸ ื‘ืึทื•ื•ื™ื™ึทื–ืŸ ืกื˜ืึทื˜ื•ืก ื˜ืฉืขืง ืจื™ืงื•ื•ืขืก ื ื™ืฆืŸ ื“ื™ ืคืึทืจืœืขื ื’ืขืจื•ื ื’ OCSP ืกื˜ืึทืคึผื™ื ื’ (ืึทืŸ OCSP ืขื ื˜ืคืขืจ ืกืขืจื˜ืึทืคื™ื™ื“ ื“ื•ืจืš ืึท ืกืขืจื˜ืึทืคืึทืงื™ื™ืฉืึทืŸ ืื•ื™ื˜ืึธืจื™ื˜ืขื˜ ืื™ื– ื˜ืจืึทื ืกืžื™ื˜ื˜ืขื“ ื“ื•ืจืš ื“ื™ ืกืขืจื•ื•ืขืจ ืกืขืจื•ื•ื™ื ื’ ื“ืขื ืคึผืœืึทืฅ ื•ื•ืขืŸ ื ื™ื’ืึธื•ืฉื™ื™ื™ื˜ื™ื ื’ ืึท TLS ืคึฟืึทืจื‘ื™ื ื“ื•ื ื’).
  • ื•ื•ืขืŸ ืื™ืš / ืึธ ืื™ื– ืขื ื™ื™ื‘ืึทืœื“ ื“ื•ืจืš ืคืขืœื™ืงื™ื™ึทื˜, SSL_MODE_AUTO_RETRY ืื™ื– ืขื ื™ื™ื‘ืึทืœื“, ืขื ืœืขืš ืฆื• ื ื™ื™ึทืข ืจื™ืœื™ืกื™ื– ืคื•ืŸ OpenSSL.
  • ืฆื•ื’ืขื’ืขื‘ืŸ ืจืึทื’ืจืขืฉืึทืŸ ื˜ืขืกืฅ ื‘ืื–ื™ืจื˜ ืื•ื™ืฃ tlsfuzzer.
  • ื“ื™ "openssl x509" ื‘ืึทืคึฟืขืœ ื’ื™ื˜ ืึทืŸ ืึธื ื•ื•ื™ื™ึทื– ืคื•ืŸ ืึท ืคืึทืœืฉ ืขืงืกืคึผืขืจื™ื™ืฉืึทืŸ ื˜ืึธื’ ืคื•ืŸ ื‘ืึทื•ื•ื™ื™ึทื–ืŸ.
  • TLS 1.3 ืžื™ื˜ RSA ืึทืœืึทื•ื– ื‘ืœื•ื™ื– PSS ื“ื™ื’ื™ื˜ืึทืœ ืกื™ื’ื ืึทื˜ืฉืขืจื–.

ืžืงื•ืจ: opennet.ru

ืœื™ื™ื’ืŸ ืึท ื‘ืึทืžืขืจืงื•ื ื’