aboutsummaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorBob Beck <beck@openbsd.org>2020-10-08 08:46:52 -0600
committerBob Beck <beck@openbsd.org>2020-10-08 08:46:52 -0600
commita8bc7358c271fa5491155f6eb57d3f3a392c8ec7 (patch)
tree5aeaf89f2b0aa21c638e12746a67319ae13c06a3 /ChangeLog
parentb39be4f23e75fd5ba4a376996deaec75ca0b5fdd (diff)
downloadportable-a8bc7358c271fa5491155f6eb57d3f3a392c8ec7.tar.gz
portable-a8bc7358c271fa5491155f6eb57d3f3a392c8ec7.tar.bz2
portable-a8bc7358c271fa5491155f6eb57d3f3a392c8ec7.zip
wordsmith some, and include mention of name constraints and bettertle test suite
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog17
1 files changed, 12 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index 179b3eb..51a8b27 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -30,12 +30,17 @@ LibreSSL Portable Release Notes:
30 30
313.2.2 - Stable release 313.2.2 - Stable release
32 32
33 * This is the first stable release with the new TLSv1.3 implementation 33 * This is the first stable release with the new TLSv1.3
34 enabled for both server and client. The OpenSSL TLSv1.3 API is not 34 implementation enabled by default for both server and client. The
35 yet available and will be provided in an upcoming release. 35 OpenSSL 1.1 TLSv1.3 API is not yet available and will be provided
36 in an upcoming release.
36 37
37 * New X509 certificate chain validator loosely based on Go's X509 38 * New X509 certificate chain validator that correctly handles
38 validator. 39 multiple paths through intermediate certificates. Loosely based on
40 Go's X509 validator.
41
42 * New name constraints verification implementation which passes the
43 bettertls.com certificate validation check suite.
39 44
40 * Improve the handling of BIO_read()/BIO_write() failures in the 45 * Improve the handling of BIO_read()/BIO_write() failures in the
41 TLSv1.3 stack. 46 TLSv1.3 stack.
@@ -94,6 +99,8 @@ LibreSSL Portable Release Notes:
94 99
95 * Greatly expanded test coverage via the tlsfuzzer test scripts. 100 * Greatly expanded test coverage via the tlsfuzzer test scripts.
96 101
102 * Expanded test coverage via the bettertls certificate test suite.
103
97 * Test interoperability with the Botan TLS client. 104 * Test interoperability with the Botan TLS client.
98 105
99 * Make pthread_mutex static initialisation work on Windows. 106 * Make pthread_mutex static initialisation work on Windows.