Last checked and updated on 15 May 2026
What Is New in OpenSSL 1.0.1
| Category | Highlights |
|---|---|
| New Features | TLS 1.2 support, AES-GCM cipher suites, native Elliptic Curve (ECC) APIs, new s_client/s_server options for TLS 1.2, built-in ChaCha20-Poly1305 draft support |
| Improvements | Hardware-accelerated AES-NI paths, enhanced ENGINE framework, tighter RAND entropy handling, improved multi-thread locking callbacks |
| Bug Fixes | Fixed CVE-2013-0169 (DTLS buffer overflow), CVE-2013-0276 (RSA padding check), memory-leak fixes in SSL_CTX and X509 handling, handshake stability fixes for TLS 1.2 |
| Breaking Changes | SSLv2 disabled by default and removed from the default build, default cipher list now excludes weak ciphers, EVP_PKEY API signatures changed for EC keys |
| Deprecations | SSLv2 and SSLv3 functions marked deprecated, SSL_CTX_set_tmp_rsa_callback slated for removal in future releases |
How does OpenSSL 1.0.1 add TLS 1.2 support?
OpenSSL 1.0.1 implements the full TLS 1.2 protocol, including the new handshake hash algorithms and the AES-GCM cipher suites.
- New
SSL_CTX_set_min_proto_versionandSSL_CTX_set_max_proto_versionhelpers let applications pin TLS 1.2 explicitly. - GCM suites such as
TLS_RSA_WITH_AES_128_GCM_SHA256are now available viaopenssl ciphers -v. - Clients can request TLS 1.2 with
-tls1_2onopenssl s_clientand servers with-tls1_2onopenssl s_server.
openssl s_client -connect example.com:443 -tls1_2In practice this means you can retire older protocol versions without changing application code, provided the peer also supports TLS 1.2.
What elliptic-curve enhancements are introduced in OpenSSL 1.0.1?
OpenSSL 1.0.1 adds native support for a wide range of NIST and Brainpool curves and a new EVP_PKEY API for EC keys.
- New curves:
prime256v1,secp384r1,secp521r1, and Brainpool variants are built-in. - The
EVP_PKEY_new_raw_private_keyandEVP_PKEY_new_raw_public_keyfunctions simplify key import/export. - Engine support for hardware EC accelerators (e.g., Intel QuickAssist) has been refreshed.
openssl ecparam -name prime256v1 -genkey -noout -out ec_key.pemThis matters if your services rely on ECDHE key exchange; you can now enable stronger curves without external libraries.
Why should production teams care about the hardware-accelerated AES-NI paths?
OpenSSL 1.0.1 detects Intel AES-NI instructions at runtime and routes AES-CBC/GCM encryption through the optimized assembly path.
- Performance gains of 30-50 % for bulk TLS traffic on modern CPUs.
- Automatic fallback to the portable C implementation if AES-NI is unavailable.
- No configuration changes required; the feature is enabled by default.
Watch out for older CPUs that lack AES-NI - they will continue using the safe software fallback without any functional impact.
What are the key security fixes that affect upgrade decisions?
OpenSSL 1.0.1 patches several high-severity vulnerabilities that were exploitable in earlier 1.0.0 releases.
- CVE-2013-0169: DTLS buffer overflow fixed by adding proper length checks.
- CVE-2013-0276: RSA padding oracle issue resolved with stricter PKCS#1 v1.5 checks.
- Memory-leak fixes in
SSL_CTX_freeand X509 store handling reduce long-running process footprints.
Most teams will need to rebuild their binaries to incorporate these fixes; the API changes are backward compatible for typical usage.
FAQ
Does OpenSSL 1.0.1 require code changes to enable TLS 1.2?
Most applications can enable TLS 1.2 by calling SSL_CTX_set_min_proto_version with TLS1_2_VERSION or by using the -tls1_2 flag on the command-line tools.
Can I still use SSLv2 with OpenSSL 1.0.1?
SSLv2 is disabled by default and the build option to enable it has been removed, so you cannot use it without recompiling the library.
How do I list the new AES-GCM cipher suites?
Run openssl ciphers -v and look for GCM in the output.
Is the ECC API backward compatible with code written for OpenSSL 0.9.8?
Existing EC functions still exist, but new applications should use the EVP_PKEY interface for better future compatibility.
What command demonstrates the new TLS 1.2 client connection?
Use openssl s_client -connect example.com:443 -tls1_2 as a quick test.
Do the AES-NI optimizations require any special configuration?
No configuration is needed; the library automatically detects and uses AES-NI when available.