Commit 380e5d30 authored by Niels Möller's avatar Niels Möller

Update NEWS file, including ABI issue.

parent 8df2963a
NEWS for the Nettle 3.4 release
This release fixes bugs and adds a few new features. It also
addresses an ABI compatibility issue affecting Nettle-3.1 and
later, see below.
Bug fixes:
* Fixed an improper use of GMP mpn_mul, breaking curve2559 and
......@@ -11,6 +15,17 @@ NEWS for the Nettle 3.4 release
* Fix compilation error with --enable-fat om ARM. Fix
contributed by Andreas Schneider.
* Reorganized the way data items are made available in the
ABI.
Short version: Nettle header files now define the symbols
nettle_hashes, nettle_aeads, nettle_armors, as well as the
ecc curves nettle_secp_*, as preprocessor macros invoking a
corresponding function returning the address of the data
item. For backwards ABI compatibility, the symbols are still
present in the compiled libraries, and with the same sizes
as in nettle-3.3.
New features:
* Support for RSA-PSS signatures, contributed by Daiki Ueno.
......@@ -27,6 +42,55 @@ NEWS for the Nettle 3.4 release
architecture independent, except in --enable-mini-gmp
configurations.
ABI issue:
Since the breakage was a bit subtle, let me document it here.
The nettle and hogweed libraries export a couple of data
symbols, and for some of these, the size was never intended to
be part of the api. E.g.,
extern const struct nettle_hash * const nettle_hashes[];
which is an NULL-terminated array, and
extern const struct ecc_curve nettle_secp_256r1;
where the ecc_curve struct is only forward declared in the
public headers.
It turns out the sizes nevertheless may leak into the ABI, and
that increasing the sizes can break old executables linked
with a newer version of the library.
When linking a classic non-PIE executable with a shared
library, we get ELF relocations of type R_X86_64_COPY for
references to data items. These mean that the linker allocates
space for the data item in the data segment of executable, at
a fixed address determined at link-time, and with size
extracted from the version of the .so-file seen when linking.
At load time, the run time linker then copies the contents of
the symbol from the .so file to that location, and uses the
copy instead of the version loaded with the .so-file. And if
the data item in the .so file used at load time is larger than
the data item seen at link time, it is silently truncated in
the process.
So when SHA3 hashes were was added to the nettle_hashes array
in the nettle-3.3 release, this way of linking produces a
truncated array at load time, no longer NULL-terminated.
In some future version, the plan is to add a leading
underscore to the name of the actual data items, e.g.,
nettle_hashes --> _nettle_hashes, breaking the ABI. While
keeping the nettle_get_hashes function and the nettle_hashes
macro as the supported ways to access it.
The shared library names are libnettle.so.6.4 and
libhogweed.so.4.4, with sonames still libnettle.so.6 and
libhogweed.so.4. It is intended to be fully binary compatible
with nettle-3.1.
NEWS for the Nettle 3.3 release
This release fixes a couple of bugs, and improves resistance
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment