pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
PR/50455 CVS commit: pkgsrc/security/libsodium
The following reply was made to PR pkg/50455; it has been noted by GNATS.
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc:
Subject: PR/50455 CVS commit: pkgsrc/security/libsodium
Date: Sat, 21 Nov 2015 09:21:40 +0000
Module Name: pkgsrc
Committed By: wiz
Date: Sat Nov 21 09:21:40 UTC 2015
Modified Files:
pkgsrc/security/libsodium: Makefile PLIST distinfo
Log Message:
Update libsodium to 1.0.6.
Provided by csosstudy in PR 50455.
Version 1.0.6
Optimized implementations of Blake2 have been added for modern Intel platforms. crypto_generichash() is now faster than MD5 and SHA1 implementations while being far more secure.
Functions for which the return value should be checked have been tagged with __attribute__ ((warn_unused_result)). This will intentionally break code compiled with -Werror that didn't bother checking critical return values.
The crypto_sign_edwards25519sha512batch_*() functions have been tagged as deprecated.
Undocumented symbols that were exported, but were only useful for internal purposes have been removed or made private: sodium_runtime_get_cpu_features(), the implementation-specific crypto_onetimeauth_poly1305_donna() symbols, crypto_onetimeauth_poly1305_set_implementation(), crypto_onetimeauth_poly1305_implementation_name() and crypto_onetimeauth_pick_best_implementation().
sodium_compare() now works as documented, and compares numbers in little-endian format instead of behaving like memcmp().
The previous changes should not break actual applications, but to be safe, the library version major was incremented.
sodium_runtime_has_ssse3() and sodium_runtime_has_sse41() have been added.
The library can now be compiled with the CompCert compiler.
Version 1.0.5
This release only fixes compilation issues on some platforms.
If 1.0.4 compiled and installed fine on your system, upgrading to this version is not required.
There are no functional changes.
Compilation issues on some platforms were fixed: missing alignment directives were added (required at least on RHEL-6/i386), a workaround for a VRP bug on gcc/armv7 was added, and the library can now be compiled with the SunPro compiler.
Javascript target: io.js is not supported any more. Use nodejs.
Version 1.0.4
Support for AES256-GCM has been added. This requires a CPU with the aesni and pclmul extensions, and is accessible via the crypto_aead_aes256gcm_*() functions.
The Javascript target doesn't use eval() any more, so that the library can be used in Chrome packaged applications.
QNX and CloudABI are now supported.
Support for NaCl has finally been added.
ChaCha20 with an extended (96 bit) nonce and a 32-bit counter has been implemented as crypto_stream_chacha20_ietf(), crypto_stream_chacha20_ietf_xor() and crypto_stream_chacha20_ietf_xor_ic(). An IETF-compatible version of ChaCha20Poly1305 is available as crypto_aead_chacha20poly1305_ietf_npubbytes(), crypto_aead_chacha20poly1305_ietf_encrypt() and crypto_aead_chacha20poly1305_ietf_decrypt().
The sodium_increment() helper function has been added, to increment an arbitrary large number (such as a nonce).
The sodium_compare() helper function has been added, to compare arbitrary large numbers (such as nonces, in order to prevent replay attacks).
Version 1.0.3
In addition to sodium_bin2hex(), sodium_hex2bin() is now a constant-time function.
crypto_stream_xsalsa20_ic() has been added.
crypto_generichash_statebytes(), crypto_auth_*_statebytes() and crypto_hash_*_statebytes() have been added in order to retrieve the size of structures keeping states from foreign languages.
The JavaScript target doesn't require /dev/urandom or an external randombytes() implementation any more. Other minor Emscripten-related improvements have been made in order to support libsodium.js
Custom randombytes implementations do not need to provide their own implementation of randombytes_uniform() any more. randombytes_stir() and randombytes_close() can also be NULL pointers if they are not required.
On Linux, getrandom(2) is being used instead of directly accessing /dev/urandom, if the kernel supports this system call.
crypto_box_seal() and crypto_box_seal_open() have been added.
A solutions for Visual Studio 2015 was added.
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/security/libsodium/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/libsodium/PLIST
cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/libsodium/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index