Fix a number of typos and expand a few entries

author: Theo Buehler <tb@openbsd.org> 2021-04-13 14:53:35 +0200
committer: Theo Buehler <tb@openbsd.org> 2021-04-13 14:53:48 +0200
commit: 0d7d4ec2267bd1b4a49e86cdd251a01f2dc385f1 (patch)
tree: e1690636f9c5e64af1c020aebc4cb03873fe06b5 /ChangeLog
parent: 2509d58f8af80e7967c53aa80e9a650d7b464ad2 (diff)
download: portable-0d7d4ec2267bd1b4a49e86cdd251a01f2dc385f1.tar.gz
portable-0d7d4ec2267bd1b4a49e86cdd251a01f2dc385f1.tar.bz2
portable-0d7d4ec2267bd1b4a49e86cdd251a01f2dc385f1.zip
1 files changed, 18 insertions, 16 deletions
diff --git a/ChangeLog b/ChangeLog
index 41bc6cd..8654509 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -30,10 +30,10 @@ LibreSSL Portable Release Notes:
 3.3.2 - Development release
-        * This release adds support for DTLSv1.2 and continued the record layer
+        * This release adds support for DTLSv1.2 and continues the rewrite
-          rewrite for the legacy stack. Numerous bugs and interoperability
+          of the record layer for the legacy stack. Numerous bugs and
-          issues were fixed in the new verifier. The OpenSSL 1.1 TLSv1.3 API
+          interoperability issues were fixed in the new verifier. The
-          is not yet available.
+          OpenSSL 1.1 TLSv1.3 API is not yet available.
        * Switch finish{,_peer}_md_len from an int to a size_t.
@@ -54,7 +54,8 @@ LibreSSL Portable Release Notes:
          these could leak if SSL_shutdown() or tls_close() were called
          after closing the underlying socket().
-        * Free struct members in their natural order for reviewability.
+        * Free struct members in tls13_record_layer_free() in their natural
+          order for reviewability.
        * Gracefully handle root certificates being both trusted and
          untrusted.
@@ -64,7 +65,7 @@ LibreSSL Portable Release Notes:
        * Use the legacy verifier when building auto chains.
-        * Use consistent namesin tls13_{client,server}_finished_{recv,send}().
+        * Use consistent names in tls13_{client,server}_finished_{recv,send}().
        * Add tls13_secret_{init,cleanup}() and use them throughout the
          TLSv1.3 code base.
@@ -97,26 +98,27 @@ LibreSSL Portable Release Notes:
        * Clean up dtls1_reset_seq_numbers().
-        * Factor out code for explicit IV length, block size and MAC length.
+        * Factor out code for explicit IV length, block size and MAC length
+          from tls12_record_layer_open_record_protected_cipher().
        * Provide record layer overhead for DTLS.
        * Provide functions to determine if TLSv1.2 record protection is
          engaged.
-        * Add code to handle change of cipehr state in the new TLSv1.2 record
+        * Add code to handle change of cipher state in the new TLSv1.2 record
          layer.
        * Mop up unused dtls1_build_sequence_numbers() function.
        * Allow setting a keypair on a tls context without specifying the
-          private key and fake it internally in libtls. This removes the need
+          private key, and fake it internally in libtls. This removes the
-          for privsep engines like relayd to use bogus keys.
+          need for privsep engines like relayd to use bogus keys.
        * Skip the private key check for fake private keys.
-        * Move the private key setup to a helper function with proper error
+        * Move the private key setup from tls_configure_ssl_keypair() to a
-          checking.
+          helper function with proper error checking.
        * Change the internal tls_configure_ssl_keypair() function to
          return -1 instead of 1 on failure.
@@ -138,7 +140,7 @@ LibreSSL Portable Release Notes:
        * Correct handshake MAC/PRF for various TLSv1.2 cipher suites which
          were originally added with the default handshake MAC and PRF rather
-          than hte SHA256 handshake MAC and PRF.
+          than the SHA256 handshake MAC and PRF.
        * Absorb ssl3_get_algorithm2() into ssl_get_handshake_evp_md().
@@ -170,8 +172,8 @@ LibreSSL Portable Release Notes:
          zero if the minimum or maximum has been set to zero to match
          OpenSSL's behavior.
-        * Rename the "truncated" label into "decode_err" and "f_err" into
+        * Rename the "truncated" label into "decode_err" and the "f_err"
-          "fatal_err".
+          label into "fatal_err".
        * Factor out and change some of the legacy client version code.
@@ -321,7 +323,7 @@ LibreSSL Portable Release Notes:
        * Document SSL_set_hostflags(3) and SSL_get0_peername(3).
-        * Update SSL_get_version.3 manualf or DTLSv.1.2 support.
+        * Update SSL_get_version.3 manual for DTLSv.1.2 support.
 3.3.1 - Security fix
author	Theo Buehler <tb@openbsd.org>	2021-04-13 14:53:35 +0200
committer	Theo Buehler <tb@openbsd.org>	2021-04-13 14:53:48 +0200
commit	0d7d4ec2267bd1b4a49e86cdd251a01f2dc385f1 (patch)
tree	e1690636f9c5e64af1c020aebc4cb03873fe06b5 /ChangeLog
parent	2509d58f8af80e7967c53aa80e9a650d7b464ad2 (diff)
download	portable-0d7d4ec2267bd1b4a49e86cdd251a01f2dc385f1.tar.gz portable-0d7d4ec2267bd1b4a49e86cdd251a01f2dc385f1.tar.bz2 portable-0d7d4ec2267bd1b4a49e86cdd251a01f2dc385f1.zip