From berry at nlnetlabs.nl Wed Mar 4 14:16:47 2020 From: berry at nlnetlabs.nl (Berry A.W. van Halderen) Date: Wed, 4 Mar 2020 15:16:47 +0100 Subject: [Softhsm-develop] SoftHSM 2.6.0rc1 Message-ID: <47b85281-f90e-fc18-fd8f-607c84037979@nlnetlabs.nl> Dear all, I've compiled a release candidate for SoftHSM 2.6.0 (RC1). I'd like to known any issues that are blocking promoting this to a proper release. SoftHSM 2.6.0 is a continuation of the 2.5.x branch, and when released willreplace the 2.5 branch for any patches for bug fixes, discontinuing support for that branch. Since this is a continuation of the development containing mostly fixes and improvements. However one thing to be aware of is the switch to Botan version 2. SoftHSM is build with either a back-end of OpenSSL or Botan and cannot support both at the same time and Botan 1 was declared end of life some time ago, so a switch to Botan 2 was really needed. Windows build are only partial supported at this time. No migration, configuration changes or path changes are necessary and the build configuration should not need changing. Download: * https://dist.opendnssec.org/source/testing/softhsm-2.6.0rc1.tar.gz * https://dist.opendnssec.org/source/testing/softhsm-2.6.0rc1.tar.gz.sig * Checksum SHA256: 30f666f6ba59a345af9f97b0efc4d81e1576d72131c2be7df9564c38a8ace0ba \Berry * Issue #493: Upgrade to Botan 2. * Issue #530: Update appveyor build. * Issue #438: Detect crypto algorithms by default. (Patch from Alon Bar-Lev) * Issue #455: Provide a new configuration option to allow enabling and disabling various mechanisms (slots.mechanisms in the softhsm2.conf). (Thanks to Jakub Jelen) * Issue #479: Increase SQLite busy timeout from 15 seconds to 3 minutes. (Patch from Jan Luebbe) * Issue #513: Add configuration option to reset state on fork closing all sessions rather than keeping all sessions open in duplicate process. (Thanks to Anderson Toshiyuki Sasaki) * Issue #500: C_WaitForSlotEvent implementation. (Patch from massey101) * Issue #445: Add wrap support with CKM_AES_CBC. Bugfixes: * Issue #418: Set fields to NULL to avoid double free. (Patch from Brian J Murray) * Issue #423: ENGINE_load_rdrand is not supported with older openssl. (Patch from Alon Bar-Lev) * Issue #429: Updated prerequisite to build from repository. (Patch from Dharmesh Khandelwal) * Issue #434: Fix build issues with CMake. (Patch from Peter Wu) * Issue #435: Fix botan build without EDDSA. (Patch from Peter Wu) * Issue #442: Release resources from OSSLEVPSymmetricAlgorithm. (Patch from Petr Men??k) * Issue #449/#502: Do not copy zero sized buffer avoid null pointer reference. (Patch from space88man) * Issue #464: Race condition with multiple threads closing last session and opening a newer sessions. (Patch from Takarth) * Issue #452: Fixes to automake build fir undefined macros. * Issue #462: User PIN count wrongly calculated. (Patch from Ond?ej Hlavat?) * Issue #516: Fix memory leak in OSSLCryptoFactory. (Patch from Anderson Sasaki) * Issue #494: Allow null pointers as arguments when count is zero. (Patch from Yunjong Jeong) * Issue #518: Sporadic problem in closing sessions because of lookup of object without prior locking. * Issue #506: Check key type for C_EncryptInit and C_DecryptInit. (Patch from Yunjong Jeong) * Issue #526: Adjust EDDSA code to return valid EC_PARAMS. (Patch from Jakub Jelen) * Issue #452: Autogen failure on undefined macro AC_MSG_ERROR. * Issue #527: Fixed some build errors for GCC 10. * Issue #470: Null pointer arguments validation for C_EncryptFinal, etc.