diff options
| author | Theo Buehler <tb@openbsd.org> | 2024-09-12 08:21:26 +0200 |
|---|---|---|
| committer | Theo Buehler <tb@openbsd.org> | 2024-09-12 08:24:39 +0200 |
| commit | 663f6cf6111fa74564182b895e154874af1c7649 (patch) | |
| tree | 8a7a7750e2b3c44a62a62b4a05313974b56508b7 | |
| parent | 1e2e50eece1768a154cee87b9135efbafbb0a8ad (diff) | |
| download | portable-663f6cf6111fa74564182b895e154874af1c7649.tar.gz portable-663f6cf6111fa74564182b895e154874af1c7649.tar.bz2 portable-663f6cf6111fa74564182b895e154874af1c7649.zip | |
Clean up and expand ChangeLog
| -rw-r--r-- | ChangeLog | 13 |
1 files changed, 10 insertions, 3 deletions
| @@ -69,7 +69,6 @@ LibreSSL Portable Release Notes: | |||
| 69 | - Improvements in the openssl(1) speed app's signal handler. | 69 | - Improvements in the openssl(1) speed app's signal handler. |
| 70 | - Cleaned up various X509v3_* extension API. | 70 | - Cleaned up various X509v3_* extension API. |
| 71 | - Unified the X.509v3 extension methods. | 71 | - Unified the X.509v3 extension methods. |
| 72 | - Added support for TLS PRF in the EVP KDF API. | ||
| 73 | - Cleaned up cipher handling in SSL_SESSION. | 72 | - Cleaned up cipher handling in SSL_SESSION. |
| 74 | - Removed get_cipher from SSL_METHOD. | 73 | - Removed get_cipher from SSL_METHOD. |
| 75 | - Rewrote CRYPTO_EX_DATA from scratch. The only intentional change of | 74 | - Rewrote CRYPTO_EX_DATA from scratch. The only intentional change of |
| @@ -78,11 +77,18 @@ LibreSSL Portable Release Notes: | |||
| 78 | - Removed bogus connect() call from netcat. | 77 | - Removed bogus connect() call from netcat. |
| 79 | - Uses of atoi() and strtol() in libcrypto were replaced with | 78 | - Uses of atoi() and strtol() in libcrypto were replaced with |
| 80 | strtonum(). | 79 | strtonum(). |
| 80 | - Introduced crypto_arch.h which will contain the architecture | ||
| 81 | dependent code and defines rather than the public opensslconf.h. | ||
| 82 | - OPENSSL_cpu_caps() is now architecture independent. | ||
| 83 | - Reorganized the DES implementation to use fewer files and removed | ||
| 84 | optimizations for ancient processors and compilers. | ||
| 81 | * New features | 85 | * New features |
| 82 | - Added CRLfile option to the cms command of openssl(1) to specify | 86 | - Added CRLfile option to the cms command of openssl(1) to specify |
| 83 | additional CRLs for use during verification. | 87 | additional CRLs for use during verification. |
| 84 | * Documentation improvements | 88 | * Documentation improvements |
| 85 | - Removed documentation of no longer existing API. | 89 | - Removed documentation of no longer existing API. |
| 90 | - Unified the description of the obsolete ENGINE parameter that | ||
| 91 | needs to remain in many functions and should always be NULL. | ||
| 86 | * Testing and proactive security | 92 | * Testing and proactive security |
| 87 | - Switched the remaining tests to new certs. | 93 | - Switched the remaining tests to new certs. |
| 88 | * Compatibility changes | 94 | * Compatibility changes |
| @@ -101,21 +107,22 @@ LibreSSL Portable Release Notes: | |||
| 101 | - Removed the useless pem2.h, a public header that was added since | 107 | - Removed the useless pem2.h, a public header that was added since |
| 102 | it was too hard to add a single prototype to one file. | 108 | it was too hard to add a single prototype to one file. |
| 103 | - Removed conf_api.h and the public API therein. | 109 | - Removed conf_api.h and the public API therein. |
| 110 | - Removed ssl2.h, ssl23.h and ui_compat.h. | ||
| 104 | - Numerous conf and attribute functions were removed. Some unused | 111 | - Numerous conf and attribute functions were removed. Some unused |
| 105 | types were removed, others were made opaque. | 112 | types were removed, others were made opaque. |
| 106 | - Only specified versions can be set on certs, CRLs and CSRs. | ||
| 107 | - Removed the deprecated HMAC_Init() function. | 113 | - Removed the deprecated HMAC_Init() function. |
| 108 | - Removed OPENSSL_load_builtin_modules(). | 114 | - Removed OPENSSL_load_builtin_modules(). |
| 109 | - Removed X509_REQ_{get,set}_extension_nids(). | 115 | - Removed X509_REQ_{get,set}_extension_nids(). |
| 110 | - X509_check_trust() and was removed, X509_VAL was made opaque. | 116 | - X509_check_trust() and was removed, X509_VAL was made opaque. |
| 117 | - Only specified versions can be set on certs, CRLs and CSRs. | ||
| 111 | - Removed unused PEM_USER and PEM_CTX types from pem.h. | 118 | - Removed unused PEM_USER and PEM_CTX types from pem.h. |
| 112 | - Removed typdefs for COMP_CTX, COMP_METHOD, X509_CRL_METHOD, STORE, | 119 | - Removed typdefs for COMP_CTX, COMP_METHOD, X509_CRL_METHOD, STORE, |
| 113 | STORE_METHOD, and SSL_AEAD_CTX. | 120 | STORE_METHOD, and SSL_AEAD_CTX. |
| 114 | - i2d_ASN1_OBJECT() now returns -1 on error like most other i2d_*. | 121 | - i2d_ASN1_OBJECT() now returns -1 on error like most other i2d_*. |
| 115 | - SPKAC support was removed from openssl(1). | 122 | - SPKAC support was removed from openssl(1). |
| 116 | - Added TLS1-PRF support to the EVP interface. | 123 | - Added TLS1-PRF support to the EVP interface. |
| 117 | - Removed ssl2.h, ssl23.h, and ui_compat.h. | ||
| 118 | - Support for attributes in EVP_PKEYs was removed. | 124 | - Support for attributes in EVP_PKEYs was removed. |
| 125 | - The X509at_* API is no longer public. | ||
| 119 | - SSL_CTX_set1_cert_store() and SSL_CIPHER_get_handshake_digest() | 126 | - SSL_CTX_set1_cert_store() and SSL_CIPHER_get_handshake_digest() |
| 120 | were added to libssl. | 127 | were added to libssl. |
| 121 | - The completely broken UI_UTIL password API was removed. | 128 | - The completely broken UI_UTIL password API was removed. |