blob: 19087bb9ebfbaba8887ba2ca672670a3cc5b3237 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
|
.. _mozilla_projects_nss_nss_3_12_6_release_notes:
NSS 3.12.6 release notes
========================
.. _nss_3.12.6_release_notes:
`NSS 3.12.6 release notes <#nss_3.12.6_release_notes>`__
--------------------------------------------------------
.. container::
.. container::
2010-03-03
*Newsgroup:*\ `mozilla.dev.tech.crypto <news://news.mozilla.org/mozilla.dev.tech.crypto>`__
.. container::
:name: section_1
.. rubric:: Introduction
:name: Introduction
Network Security Services (NSS) 3.12.6 is a patch release for NSS 3.12. The bug fixes in
NSS 3.12.6 are described in the "`Bugs
Fixed <http://mdn.beonex.com/en/NSS_3.12.6_release_notes.html#bugsfixed>`__" section below.
NSS 3.12.6 is tri-licensed under the MPL 1.1/GPL 2.0/LGPL 2.1.
.. container::
:name: section_2
.. rubric:: Distribution Information
:name: Distribution_Information
| The CVS tag for the NSS 3.12.6 release is ``NSS_3_12_6_RTM``. NSS 3.12.6 requires `NSPR
4.8.4 <https://www.mozilla.org/projects/nspr/release-notes/>`__.
| See the `Documentation <http://mdn.beonex.com/en/NSS_3.12.6_release_notes.html#docs>`__
section for the build instructions.
NSS 3.12.6 source and binary distributions are also available on ``ftp.mozilla.org`` for
secure HTTPS download:
- Source tarballs:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_6_RTM/src/.
| You also need to download the NSPR 4.8.4 binary distributions to get the NSPR 4.8.4
header files and shared libraries, which NSS 3.12.6 requires. NSPR 4.8.4 binary
distributions are in https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.8.4/.
|
.. container::
:name: section_3
.. rubric:: New in NSS 3.12.6
:name: New_in_NSS_3.12.6
.. container::
:name: section_4
.. rubric:: SSL3 & TLS Renegotiation Indication Extension (RFC 5746)
:name: SSL3_TLS_Renegotiation_Indication_Extension_(RFC_5746)
- By default, NSS 3.12.6 uses the new TLS Renegotiation Indication Extension for TLS
renegotiation but allows simple SSL/TLS connections (without renegotiation) with
peers that don't support the TLS Renegotiation Indication Extension.
The behavior of NSS for renegotiation can be changed through API function calls, or
with the following environment variables:
- NSS_SSL_ENABLE_RENEGOTIATION
- values:
- [0|n|N]: SSL_RENEGOTIATE_NEVER
- Never allow renegotiation - That was the default for 3.12.5 release.
- [1|u|U]: SSL_RENEGOTIATE_UNRESTRICTED
- Server and client are allowed to renegotiate without any restrictions.
This setting was the default prior 3.12.5 and makes products vulnerable.
- [2|r|R]: SSL_RENEGOTIATE_REQUIRES_XTN (default)
- Only allows renegotiation if the peer's hello bears the TLS
renegotiation_info extension. This is the safe renegotiation.
- [3|t|T]: SSL_RENEGOTIATE_TRANSITIONAL
- Disallows unsafe renegotiation in server sockets only, but allows clients
to continue to renegotiate with vulnerable servers. This value should
only be used during the transition period when few servers have been
upgraded.
- NSS_SSL_REQUIRE_SAFE_NEGOTIATION
- values:
- 1: requireSafeNegotiation = TRUE
- unset: requireSafeNegotiation = FALSE
Controls whether safe renegotiation indication is required for initial
handshake. If TRUE, a connection will be dropped at initial handshake if the
peer server or client does not support safe renegotiation. The default setting
for this option is FALSE.
These options can also be set with the following SSL options:
- sslOptions.enableRenegotiation
- sslOptions.requireSafeNegotiation
- New pseudo cipher suite value: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (cannot be
negotiated)
.. container::
:name: section_5
.. rubric:: TLS Server Name Indication for servers
:name: TLS_Server_Name_Indication_for_servers
- | TLS Server Name Indication (SNI) for servers is almost fully implemented in NSS
3.12.6.
| See `bug 360421 <https://bugzilla.mozilla.org/show_bug.cgi?id=360421>`__ for
details.
Note: The TLS Server Name Indication for clients is already fully implemented in NSS.
- New functions for SNI *(see ssl.h for more information)*:
- SSLSNISocketConfig
- Return values:
- SSL_SNI_CURRENT_CONFIG_IS_USED: libSSL must use the default cert and key.
- SSL_SNI_SEND_ALERT: libSSL must send the "unrecognized_name" alert.
- SSL_SNISocketConfigHook
- SSL_ReconfigFD
- SSL_ConfigServerSessionIDCacheWithOpt
- SSL_SetTrustAnchors
- SSL_GetNegotiatedHostInfo
- New enum for SNI:
- SSLSniNameType *(see sslt.h)*
.. container::
:name: section_6
.. rubric:: New functions
:name: New_functions
- *in cert.h*
- CERTDistNames: Duplicate distinguished name array.
- CERT_DistNamesFromCertList: Generate an array of Distinguished names from a list
of certs.
*in ocsp.h*
- CERT_CacheOCSPResponseFromSideChannel:
- This function is intended for use when OCSP responses are provided via a
side-channel, i.e. TLS OCSP stapling (a.k.a. the status_request extension).
*in ssl.h*
- SSL_GetImplementedCiphers
- SSL_GetNumImplementedCiphers
- SSL_HandshakeNegotiatedExtension
.. container::
:name: section_7
.. rubric:: New error codes
:name: New_error_codes
- *in sslerr.h*
- SSL_ERROR_UNSAFE_NEGOTIATION
- SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD
.. container::
:name: section_8
.. rubric:: New types
:name: New_types
- *in sslt.h*
- SSLExtensionType
.. container::
:name: section_9
.. rubric:: New environment variables
:name: New_environment_variables
- SQLITE_FORCE_PROXY_LOCKING
- 1 means force always use proxy, 0 means never use proxy, NULL means use proxy for
non-local files only.
- SSLKEYLOGFILE
- Key log file. If set, NSS logs RSA pre-master secrets to this file. This allows
packet sniffers to decrypt TLS connections.
See `documentation <http://mdn.beonex.com/en/NSS_Key_Log_Format.html>`__.
Note: The code must be built with TRACE defined to use this functionality.
.. container::
:name: section_10
.. rubric:: Bugs Fixed
:name: Bugs_Fixed
The following bugs have been fixed in NSS 3.12.6.
- `Bug 275744 <https://bugzilla.mozilla.org/show_bug.cgi?id=275744>`__: Support for TLS
compression RFC 3749
- `Bug 494603 <https://bugzilla.mozilla.org/show_bug.cgi?id=494603>`__: Update NSS's copy
of sqlite3 to 3.6.22 to get numerous bug fixes
- `Bug 496993 <https://bugzilla.mozilla.org/show_bug.cgi?id=496993>`__: Add accessor
functions for SSL_ImplementedCiphers
- `Bug 515279 <https://bugzilla.mozilla.org/show_bug.cgi?id=515279>`__:
CERT_PKIXVerifyCert considers a certificate revoked if cert_ProcessOCSPResponse fails
for any reason
- `Bug 515870 <https://bugzilla.mozilla.org/show_bug.cgi?id=515870>`__: GCC compiler
warnings in NSS 3.12.4
- `Bug 518255 <https://bugzilla.mozilla.org/show_bug.cgi?id=518255>`__: The input buffer
for SGN_Update should be declared const
- `Bug 519550 <https://bugzilla.mozilla.org/show_bug.cgi?id=519550>`__: Allow the
specification of an alternate library for SQLite
- `Bug 524167 <https://bugzilla.mozilla.org/show_bug.cgi?id=524167>`__: Crash in [[@
find_objects_by_template - nssToken_FindCertificateByIssuerAndSerialNumber]
- `Bug 526910 <https://bugzilla.mozilla.org/show_bug.cgi?id=526910>`__: maxResponseLength
(initialized to PKIX_DEFAULT_MAX_RESPONSE_LENGTH) is too small for downloading some
CRLs.
- `Bug 527759 <https://bugzilla.mozilla.org/show_bug.cgi?id=527759>`__: Add multiple roots
to NSS (single patch)
- `Bug 528741 <https://bugzilla.mozilla.org/show_bug.cgi?id=528741>`__: pkix_hash throws a
null-argument exception on empty strings
- `Bug 530907 <https://bugzilla.mozilla.org/show_bug.cgi?id=530907>`__: The peerID
argument to SSL_SetSockPeerID should be declared const
- `Bug 531188 <https://bugzilla.mozilla.org/show_bug.cgi?id=531188>`__: Decompression
failure with https://livechat.merlin.pl/
- `Bug 532417 <https://bugzilla.mozilla.org/show_bug.cgi?id=532417>`__: Build problem with
spaces in path names
- `Bug 534943 <https://bugzilla.mozilla.org/show_bug.cgi?id=534943>`__: Clean up the
makefiles in lib/ckfw/builtins
- `Bug 534945 <https://bugzilla.mozilla.org/show_bug.cgi?id=534945>`__: lib/dev does not
need to include headers from lib/ckfw
- `Bug 535669 <https://bugzilla.mozilla.org/show_bug.cgi?id=535669>`__: Move common
makefile code in if and else to the outside
- `Bug 536023 <https://bugzilla.mozilla.org/show_bug.cgi?id=536023>`__: DER_UTCTimeToTime
and DER_GeneralizedTimeToTime ignore all bytes after an embedded null
- `Bug 536474 <https://bugzilla.mozilla.org/show_bug.cgi?id=536474>`__: Add support for
logging pre-master secrets
- `Bug 537356 <https://bugzilla.mozilla.org/show_bug.cgi?id=537356>`__: Implement new safe
SSL3 & TLS renegotiation
- `Bug 537795 <https://bugzilla.mozilla.org/show_bug.cgi?id=537795>`__: NSS_InitContext
does not work with NSS_RegisterShutdown
- `Bug 537829 <https://bugzilla.mozilla.org/show_bug.cgi?id=537829>`__: Allow NSS to build
for Android
- `Bug 540304 <https://bugzilla.mozilla.org/show_bug.cgi?id=540304>`__: Implement
SSL_HandshakeNegotiatedExtension
- `Bug 541228 <https://bugzilla.mozilla.org/show_bug.cgi?id=541228>`__: Remove an obsolete
NSPR version check in lib/util/secport.c
- `Bug 541231 <https://bugzilla.mozilla.org/show_bug.cgi?id=541231>`__: nssinit.c doesn't
need to include ssl.h and sslproto.h.
- `Bug 542538 <https://bugzilla.mozilla.org/show_bug.cgi?id=542538>`__: NSS: Add function
for recording OCSP stapled replies
- `Bug 544191 <https://bugzilla.mozilla.org/show_bug.cgi?id=544191>`__: Use system zlib on
Mac OS X
- `Bug 544584 <https://bugzilla.mozilla.org/show_bug.cgi?id=544584>`__: segmentation fault
when enumerating the nss database
- `Bug 544586 <https://bugzilla.mozilla.org/show_bug.cgi?id=544586>`__: Various
nss-sys-init patches from Fedora
- `Bug 545273 <https://bugzilla.mozilla.org/show_bug.cgi?id=545273>`__: Remove unused
function SEC_Init
- `Bug 546389 <https://bugzilla.mozilla.org/show_bug.cgi?id=546389>`__: nsssysinit binary
built inside source tree
.. container::
:name: section_11
.. rubric:: Documentation
:name: Documentation
For a list of the primary NSS documentation pages on mozilla.org, see `NSS
Documentation <https://www.mozilla.org/projects/security/pki/nss/#documentation>`__. New
and revised documents available since the release of NSS 3.11 include the following:
- `Build
Instructions <http://mdn.beonex.com/en/NSS_reference/Building_and_installing_NSS/Build_instructions.html>`__
- `NSS Shared DB <http://wiki.mozilla.org/NSS_Shared_DB>`__
.. container::
:name: section_12
.. rubric:: Compatibility
:name: Compatibility
NSS 3.12.6 shared libraries are backward compatible with all older NSS 3.x shared
libraries. A program linked with older NSS 3.x shared libraries will work with NSS 3.12.6
shared libraries without recompiling or relinking. Furthermore, applications that restrict
their use of NSS APIs to the functions listed in `NSS Public
Functions <https://www.mozilla.org/projects/security/pki/nss/ref/nssfunctions.html>`__ will
remain compatible with future versions of the NSS shared libraries.
.. container::
:name: section_13
.. rubric:: Feedback
:name: Feedback
Bugs discovered should be reported by filing a bug report with `mozilla.org
Bugzilla <https://bugzilla.mozilla.org/>`__ (product NSS).
|