We have released LibreSSL 3.3.0, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. This is the first development release from the 3.2.x series, which will eventually be part of OpenBSD 6.9. It includes the following changes: * Make openssl(1) s_server ignore -4 and -6 for compatibility with OpenSSL. * Further cleanup of the DTLS record handling. * Continue the replacement of the TLSv1.2 record layer by reimplementing the read side of the TLSv1.2 record handling. * Replace DTLSv1_enc_data() with TLSv1_1_enc_data(). * Merge d1_{clnt,srvr}.c into ssl_{clnt,srvr}.c. * When switching from the TLSv1.3 stack to the legacy stack include a TLS record header. This is necessary if there is more than one handshake message in the TLS plaintext record. * Set SO_REUSEADDR on the server socket in the openssl(1) ocsp command. * Fix resource handling on error in OCSP_request_add0_id(). * Add const to ssl_ciphers and tls1[23]_sigalgs* to push them into .data.rel.ro and .rodata, respectively. * Add a const qualifier to srtp_known_profiles. * Simplify TLS method by removing the client and server specific methods internally. * Avoid casting away const in ssl_ctx_make_profiles(). * Make sure there is enough room for stashing the handshake message when switching to the legacy TLS stack. * Avoid explicitly conditioning an assert on DTLS1_VERSION to make the assert work for newer DTLS versions. * Merge SSL_ENC_METHOD into SSL_METHOD_INTERNAL. * Send a host header with OCSP queries to make openssl(1) ocsp work with some widely used OCSP responders. * Fix a memory leak in the openssl(1) s_client. * Add a flag to mark DTLS methods as DTLS to have an easy way to recognize DTLS methods that avoids inspecting the version number. * Implement SSL_is_dtls() and use it internally in place of the SSL_IS_DTLS macro. * Unbreak DTLS retransmissions for flights that include a CCS. * Add ability to ocspcheck(8) to parse a port in the specified OCSP URL. * Refactor and clean up ocspcheck(8) and add regression tests. * If x509_verify() fails, ensure that the error is set on both the x509_verify_ctx() and its store context to make some failures visible from SSL_get_verify_result(). * Use the X509_STORE_CTX get_issuer() callback from the new X.509 verifier to fix hashed certificate directories. * Only check BIO_should_read() on read and BIO_should_write() on write. Previously, BIO_should_write() was also checked after read and BIO_should_read() after write which could cause stalls in software that uses the same BIO for read and write. * In openssl(1) verify, also check for error on the store context since the return value of X509_verify_cert() is unreliable in presence of a callback that returns 1 too often. * Update getentropy on Windows to use Cryptography Next Generation (CNG). wincrypt is deprecated and no longer works with newer Windows environments, such as in Windows Store apps. * Implement auto chain for the TLSv1.3 server since some software relies on this. * Handle additional certificate error cases in the new X.509 verifier. Keep track of the errors encountered if a verify callback tells the verifier to continue and report them back via the error on the store context. This mimics the behavior of the old verifier that would persist the first error encountered while building the chain. * Report specific failures for "self signed certificates" in a way compatible with the old verifier since software relies on the error code. * Implement key exporter for TLSv1.3. * Plug a large memory leak in the new verifier caused by calling X509_policy_check() repeatedly instead. * Avoid leaking memory in x509_verify_chain_dup(). * Various documentation improvements, particularly around TLS methods. The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.