轻量级SSL库PolarSSL发布1.2.8.2013-06-22。上个版本是2013-04-13的1.2.7 一些安全bug修正的小版本。越来越多重量级的应用已经支持PolarSSL如hiawatha,OpenVPN
完全改进:
PolarSSL 1.2.8 released
Description
Features
This release adds parsing of PKCS#8 encrypted private key files (-----BEGIN ENCRYPTED PRIVATE KEY-----) with Password Based Encryption (PBE) functions as defined in PKCS#5 v2 (3-key Triple DES) and in PKCS#12 (3-key Triple DES, 2-key Triple DES, RC4-128).
The user-changeable value configuration defines in the module headers can now also be controlled centrally from config.h.
Changes
The HAVEGE random generator is now disabled by default. Although it provides (limited) entropy on most systems, it should in our opinion never be the primary entropy source for the system.
A mechanism was added in config.h to allow overriding of the base PolarSSL implementations of the core symmetric cipher and hash algorithm functions. E.g. by defining POLARSSL_AES_ALT in config.h, aes_alt.h is included in PolarSSL to allow a self-provided implementation of the core AES functions.
The PBKDF2 module has been moved to a PKCS#5-specific module.
Bug fixes
Secure renegotiation extension is now only sent in case the client supports secure renegotiation. Improves compatibility with older clients.
Fixed support for Thumb2 and LLVM compiler (thanks to James Yonan from OpenVPN)
Other smaller fixes, see the ChangeLog for more details.
Security
A possible DoS during the SSL Handshake has been found by Jack Lloyd and fixed in this release. More details can be found in Security Advisory 2013-03.
下载:https://polarssl.org/download/polarssl-1.2.8-gpl.tgz
来自:开源中国社区
