PolarSSL 1.3.9 has been released!
On the security front this release fixes a mistake in the negotiation introduced in PolarSSL 1.3.8. The mistake resulted in servers negotiating a weaker signature algorithm than available. In addition two remotely-triggerable memory leaks were found by the Codenomicon Defensics tool and fixed in this release.
No new features are introduced in this release. A number of changes in behaviour and bug fixes are included.
Important changes in this release include:
- Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no standard defining how to use SHA-2 with SSL 3.0).
- Ciphersuites using RSA-PSK key exchange now require TLS 1.x (the spec is ambiguous on how to encode some packets with SSL 3.0).
- Made buffer size in
pk_write_(pub)key_pem()more dynamic, e.g. smaller if RSA is disabled, larger if POLARSSL_MPI_MAX_SIZE is larger.
ssl_read()now returns POLARSSL_ERR_NET_WANT_READ rather than POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts.
- POLARSSL_MPI_MAX_SIZE now defaults to 1024 in order to allow 8192 bits RSA keys.
- Accept spaces at end of line or end of buffer in
- X.509 certificates with more than one AttributeTypeAndValue per RelativeDistinguishedName are not accepted any more.
- Support escaping of commas in
- Fix compile error in ssl_pthread_server (found by Julian Ospald).
net_accept()regarding non-blocking sockets (found by Luca Pesce).
- Don't print uninitialised buffer in ssl_mail_client (found by Marc Abel).
- Fix warnings from Clang's scan-build (contributed by Alfred Klomp).
- Fix compile error in timing.c when POLARSSL_NET_C and POLARSSL_SELFTEST are defined but not POLARSSL_HAVE_TIME (found by Stephane Di Vito).
- Remove non-existent file from VS projects (found by Peter Vaskovic).
ssl_read()could return non-application data records on server while renegotation was pending, and on client when a HelloRequest was received.
- Server-initiated renegotiation would fail with non-blocking I/O if the write callback returned POLARSSL_ERR_NET_WANT_WRITE when requesting renegotiation.
ssl_close_notify()could send more than one message in some circumstances with non-blocking I/O.
- Fix compiler warnings on iOS (found by Sander Niemeijer).
x509_crt_parse()did not increase
total_failedon PEM error
- Fix compile error with armcc in
- Fix potential bad read in parsing ServerHello (found by Adrien Vialletelle).
More details can be found in the ChangeLog.
Who should update
We advise users of PolarSSL to update if they:
- use the SSL server functionality from PolarSSL 1.3.8
- are affected by one of the bugs fixed in this release
Get your copy here: polarssl-1.3.9-gpl.tgz
The hashes for polarssl-1.3.9-gpl.tgz are:
SHA-1 : 3462b4455e1443ac1a1007fbd69861ebfb5c5506 SHA-256: d3605afc28ed4b7d1d9e3142d72e42855e4a23c07c951bbb0299556b02d36755