openssl_3_4: init at 3.4.1; openssl_3_3: remove

Updates OpenSSL 3.x latest to 3.4.1

Security Fixes in 3.4.1:
* Fixed RFC7250 handshakes with unauthenticated servers don't abort as expected. ([CVE-2024-12797])
* Fixed timing side-channel in ECDSA signature computation. ([CVE-2024-13176](https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176))

Release notes:
https://github.com/openssl/openssl/blob/openssl-3.4.0/NEWS.md#openssl-34

Some significant changes:
* Deprecation of TS_VERIFY_CTX_set_* functions and addition of replacement TS_VERIFY_CTX_set0_*
  functions with improved semantics
* SHAKE-128 and SHAKE-256 implementations have no default digest length anymore.
  That means these algorithms cannot be used with EVP_DigestFinal/_ex() unless the xoflen param is set before.
* An empty renegotiate extension will be used in TLS client hellos instead of the empty renegotiation SCSV, for
  all connections with a minimum TLS version > 1.0.
* Deprecation of SSL_SESSION_get_time(), SSL_SESSION_set_time() and SSL_CTX_flush_sessions() functions in favor
  of their respective _ex functions which are Y2038-safe on platforms with Y2038-safe time_t

Some new features:
* Support for directly fetched composite signature algorithms such as RSA-SHA2-256 including new API functions
* New options -not_before and -not_after for explicit setting start and end dates of certificates created with
  the req and x509 apps
* Support for attribute certificates
* Support for pkeyutl in combination with key encapsulation (e.q.
  PQC-KEMs): -encap/-decap

Signed-off-by: Markus Theil <theil.markus@gmail.com>

0 files changed, 0 insertions, 0 deletions