Abathuthukisi bephrojekthi ye-OpenBSD bethule ukukhishwa kohlelo oluphathwayo lwephakheji ye-LibreSSL 3.6.0, lapho kuthuthukiswa khona imfoloko ye-OpenSSL, okuhloswe ngayo ukuhlinzeka ngezinga eliphezulu lokuphepha. Iphrojekthi ye-LibreSSL igxile ekusekelweni kwekhwalithi ephezulu kwezivumelwano ze-SSL/TLS ngokususa ukusebenza okungadingekile, ukwengeza izici zokuphepha ezengeziwe, nokuhlanza ngokuphawulekayo nokusebenza kabusha isisekelo sekhodi. I-LibreSSL 3.6.0 ithathwa njengokukhishwa kokuhlola okuthuthukisa izici ezizofakwa ku-OpenBSD 7.2.
Izici ze-LibreSSL 3.6.0:
- I-EVP API yomsebenzi wokhiye wokukhiqiza we-HKDF (HMAC Key Derivation Function) ithuthwe isuka ku-OpenSSL.
- I-API eyengeziwe yokusetha nokuthola amaleveli okuphepha - SSL_{,CTX}_{get,set}_security_level().
- Kwengezwe usekelo lokuhlola lwe-API lwephrothokholi ye-QUIC, ekuqaleni esetshenziswe ku-BoringSSL.
- Kwengezwe usekelo lokuqala lokuqinisekiswa kwe-TS ESSCertIDv2.
- Kusetshenziswa ukuhlolwa kokuqala kwe-Bailey-Pomerantz-Selfridge-Wagstaff (Baillie-PSW) esikhundleni sokuhlolwa kwe-Miller-Rabin.
- Sekwenziwe kabusha okubalulekile kwangaphakathi. Kukhishwe amasheke e-RFC 3779 asebenzisa insiza lapho kuqinisekiswa izitifiketi. Idikhoda kanye nesihlaluli sesikhathi se-ASN.1 siklanywe kabusha. Ukusetshenziswa kwe-ASN1_STRING_to_UTF8() kubhalwe kabusha.
- Kwengezwe -βsβ inketho yokusetshenziswa kwe-openssl ukubonisa kuphela ama-ciphers asekelwa umthetho olandelwayo oshiwo.
Source: opennet.ru