Opened 9 months ago
Closed 8 months ago
#5475 closed enhancement (fixed)
openssl-3.3.0
Reported by: | Bruce Dubbs | Owned by: | lfs-book |
---|---|---|---|
Priority: | normal | Milestone: | 12.2 |
Component: | Book | Version: | git |
Severity: | normal | Keywords: | |
Cc: |
Description
New minor version.
Change History (2)
comment:1 by , 8 months ago
comment:2 by , 8 months ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Fixed at commit 185b763812:
Update to setuptools-69.5.1. Update to python3-3.12.3. Update to openssl-3.3.0. Update to ninja-1.12.0. Update to man-db-2.12.1. Update to linux-6.8.6. Update to iana-etc-20240412. Update to vim-9.1.0330.
Note:
See TracTickets
for help on using tickets.
OpenSSL 3.3
Changes between 3.2 and 3.3.0 [9 Apr 2024]
-verify
option to theopenssl crl
andopenssl req
will make the program exit with 1 on failure.?
character are ignored and the configuration will still be used.-set_issuer
and-set_subject
options toopenssl x509
to override the Issuer and Subject when creating a certificate. The-subj
option now is an alias for-set_subject
.openssl speed
, changed the default hash function used withhmac
frommd5
tosha256
.certProfile
request message header and respective-profile
CLI option.pc
files for pkg-config) cleaned up to be less hard coded in the build file templates, and to allow easier addition of more exporters. With that, an exporter for CMake is also added.SSL_OP_PREFER_NO_DHE_KEX
, which allows configuring a TLS1.3 server to prefer session resumption using PSK-only key exchange over PSK with DHE, if both are available.SSL_write_ex2
, which can be used to send an end-of-stream (FIN) condition in an optimised way when using QUIC.