Zap many things that are promised for later

We can mention the new OpenSSL compat API and the validator API when they're enabled. The commit message for the validator is out of place.
author: Theo Buehler <tb@openbsd.org> 2020-10-07 21:54:19 +0200
committer: Brent Cook <busterb@gmail.com> 2020-10-17 03:15:28 -0500
commit: 6693b2ebd83771f8ac02ec1533360444f9f6fb58 (patch)
tree: 207d153c62325cd8ccaf3351835304a3dc04470a /ChangeLog
parent: 4de6e2988370865e447f3d3e826ffc7aee96056b (diff)
download: portable-6693b2ebd83771f8ac02ec1533360444f9f6fb58.tar.gz
portable-6693b2ebd83771f8ac02ec1533360444f9f6fb58.tar.bz2
portable-6693b2ebd83771f8ac02ec1533360444f9f6fb58.zip
1 files changed, 2 insertions, 22 deletions
diff --git a/ChangeLog b/ChangeLog
index 936ffa4..0edf65e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -34,29 +34,12 @@ LibreSSL Portable Release Notes:
          enabled for both server and client. The OpenSSL TLSv1.3 API is not
          yet available and will be provided in an upcoming release.
-        * This release also adds a new X509 certificate chain validator
+        * New X509 certificate chain validator loosely based on Go's X509
+          validator.
-          The new validator finds multiple validated chains to handle the
-          modern PKI cases which may frequently have multiple paths via
-          different intermediates to different roots. It is loosely based on
-          golang's X509 validator.
-          This includes integration so that the new validator can be used via
-          X509_verify_cert() as well as a new API x509_verify() which will
-          return multiple chains (similar to go).
-          The new public API is not yet exposed, and will be finalized and
-          enabled later.
        * Improve the handling of BIO_read()/BIO_write() failures in the
          TLSv1.3 stack.
-        * Prepare to provide most of the TLSv1.3-related OpenSSL 1.1.1 API.
-          This will be finished in an upcoming release.
-        * Implement SSL_{CTX_,}set_ciphersuites() and add regress. This is not
-          yet public API and will be enabled in a future release.
        * Start replacing the existing TLSv1.2 record layer.
        * Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.
@@ -112,9 +95,6 @@ LibreSSL Portable Release Notes:
        * Document return value from EC_KEY_get0_public_key(3).
-        * Add initial manual page for the x509_verify() chain validator which
-          will be installed once the new API is publically exposed.
        * Greatly expanded test coverage by the tlsfuzzer test scripts.
        * Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1
author	Theo Buehler <tb@openbsd.org>	2020-10-07 21:54:19 +0200
committer	Brent Cook <busterb@gmail.com>	2020-10-17 03:15:28 -0500
commit	6693b2ebd83771f8ac02ec1533360444f9f6fb58 (patch)
tree	207d153c62325cd8ccaf3351835304a3dc04470a /ChangeLog
parent	4de6e2988370865e447f3d3e826ffc7aee96056b (diff)
download	portable-6693b2ebd83771f8ac02ec1533360444f9f6fb58.tar.gz portable-6693b2ebd83771f8ac02ec1533360444f9f6fb58.tar.bz2 portable-6693b2ebd83771f8ac02ec1533360444f9f6fb58.zip

diff --git a/ChangeLog b/ChangeLog index 936ffa4..0edf65e 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -34,29 +34,12 @@ LibreSSL Portable Release Notes:
34	enabled for both server and client. The OpenSSL TLSv1.3 API is not	34	enabled for both server and client. The OpenSSL TLSv1.3 API is not
35	yet available and will be provided in an upcoming release.	35	yet available and will be provided in an upcoming release.
36		36
37	* This release also adds a new X509 certificate chain validator	37	* New X509 certificate chain validator loosely based on Go's X509
38		38	validator.
39	The new validator finds multiple validated chains to handle the
40	modern PKI cases which may frequently have multiple paths via
41	different intermediates to different roots. It is loosely based on
42	golang's X509 validator.
43
44	This includes integration so that the new validator can be used via
45	X509_verify_cert() as well as a new API x509_verify() which will
46	return multiple chains (similar to go).
47
48	The new public API is not yet exposed, and will be finalized and
49	enabled later.
50		39
51	* Improve the handling of BIO_read()/BIO_write() failures in the	40	* Improve the handling of BIO_read()/BIO_write() failures in the
52	TLSv1.3 stack.	41	TLSv1.3 stack.
53		42
54	* Prepare to provide most of the TLSv1.3-related OpenSSL 1.1.1 API.
55	This will be finished in an upcoming release.
56
57	* Implement SSL_{CTX_,}set_ciphersuites() and add regress. This is not
58	yet public API and will be enabled in a future release.
59
60	* Start replacing the existing TLSv1.2 record layer.	43	* Start replacing the existing TLSv1.2 record layer.
61		44
62	* Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.	45	* Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.
@@ -112,9 +95,6 @@ LibreSSL Portable Release Notes:
112		95
113	* Document return value from EC_KEY_get0_public_key(3).	96	* Document return value from EC_KEY_get0_public_key(3).
114		97
115	* Add initial manual page for the x509_verify() chain validator which
116	will be installed once the new API is publically exposed.
117
118	* Greatly expanded test coverage by the tlsfuzzer test scripts.	98	* Greatly expanded test coverage by the tlsfuzzer test scripts.
119		99
120	* Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1	100	* Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1