We have released LibreSSL 2.6.1, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. This is the second development release from the 2.6 series, which will eventually be part of OpenBSD 6.2. It includes the following changes:
* Added a "-T tlscompat" option to nc(1), which enables the use of all TLS protocols and "compat" ciphers. This allows for TLS connections to TLS servers that are using less than ideal cipher suites, without having to resort to "-T tlsall" which enables all known cipher suites. Diff from Kyle J. McKay. * Added a new TLS extension handling framework, somewhat analogous to BoringSSL, and converted all TLS extensions to use it. Added new TLS extension regression tests. * Improved and added many new manpages. Updated *check_private_key manpages with additional cautions regarding their use. * Cleaned up the EC key/curve configuration handling. * Added tls_config_set_ecdhecurves() to libtls, which allows the names of the eliptical curves that may be used during client and server key exchange to be specified. * Converted more code paths to use CBB/CBS. * Removed support for DSS/DSA, since we removed the cipher suites a while back. * Removed NPN support. NPN was never standardised and the last draft expired in October 2012. ALPN was standardised in July 2014 and has been supported in LibreSSL since December 2014. NPN has also been removed from Chromium in May 2016. * Removed SSL_OP_CRYPTOPRO_TLSEXT_BUG workaround for old/broken CryptoPro clients. * Removed support for the TLS padding extension, which was added as a workaround for an old bug in F5's TLS termination handling. * Worked around another bug in F5's TLS termination handling of the elliptical curves extension. RFC 4492 only defines elliptic_curves for ClientHello. However, F5 is sending it in ServerHello. We need to skip over it since our TLS extension parsing code is now more strict. Thanks to Armin Wolfermann and WJ Liu for reporting. * Added ability to clamp notafter valies in certificates for systems with 32-bit time_t. This is necessary to conform to RFC 5280 4.1.2.5. * Implemented the SSL_CTX_set_min_proto_version(3) API. * Removed the original (pre-IETF) chacha20-poly1305 cipher suites. * Reclassified ECDHE-RSA-DES-CBC3-SHA from HIGH to MEDIUM. The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.
