1 files changed, 39 insertions, 135 deletions
diff --git a/ChangeLog b/ChangeLog
index 24de35e..3d7fda2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -30,77 +30,18 @@ LibreSSL Portable Release Notes:
 3.2.2 - Stable release
-        * Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.
+        * Improve the handling of BIO_read()/BIO_write() failures in the
+          TLSv1.3 stack.
-        * Start replacing the existing TLSv1.2 record layer.
-        * Send alert on ssl_get_prev_session() failure.
-        * Simplify return codes for tls1_process_ticket() and
-          tls_decrypt_ticket().
-        * Simplify tls_decrypt_ticket() exit path.
-        * Copy the session id directly in ssl_get_prev_session() instead of
-          handing it through several functions for copying.
-        * Split session retrieval out of ssl_get_prev_session().
-        * Zero out variable on the stack to avoid leaving garbage in the tail
-          of short session ids.
-        * Remove unnecessary zeroing after recallocarray() in
-          ASN1_BIT_STRING_set_bit().
-        * Rewrite X509_INFO_{new,free}() more idiomatically.
-        * Import commented versions of the latest OPENSSL_NO_* flags from
-          OpenSSL 1.1.1g.
-        * Document return value from EC_KEY_get0_public_key(3).
-        * Set alpn_selected_len = 0 whenever alpn_selected is NULL.
-        * Add option type OPTION_UL_VALUE_OR to openssl(1) option parser.
-        * Convert openssl(1) ocsp option handling.
-        * Major style cleanup in ocsp.c.
-        * Assorted ciphers related cleanup in ssl_lib.c.
-        * Add issuer cache in preparation for changes to the validation code.
-        * Replace some SSL_AD_* with TLS13_ALERT_* defines in the new TLSv1.3
-          code.
-        * Rename ssl_cipher_is_permitted() to the more accurate and specific
-          ssl_cipher_allowed_in_version_range().
-        * Simplify SSL_get_ciphers().
-        * Remove cipher_list_by_id.
-        * Add a new implementation of X509 name constraints with regression
-          tests.
-        * Fix and re-enable cert and cipher interop tests.
-        * Include machine/endian.h gost2814789.c in order to pick up the
-          __STRICT_ALIGNMENT define.
-        * Enable the new X509 name constraints verification.
-        * Avoid an out-of-bounds write in BN_rand().
-        * Simplify tls1_set_ec_id().
+        * Prepare to provide most of the TLSv1.3-related OpenSSL 1.1.1 API.
+          This will be finished in an upcoming release.
-        * Use uint16_t for curve_id.
+        * Implement SSL_{CTX_,}set_ciphersuites() and add regress. This is not
+          yet public API and will be enabled in a future release.
-        * Improve the handling of BIO_read()/BIO_write() failures in the
+        * Start replacing the existing TLSv1.2 record layer.
-          TLSv1.3 stack.
-        * Add a new certificate chain validator.
+        * Add a new X509 certificate chain validator.
          The new validator finds multiple validated chains to handle the
          modern PKI cases which may frequently have multiple paths via
@@ -114,101 +55,64 @@ LibreSSL Portable Release Notes:
          The new public API is not yet exposed, and will be finalized and
          exposed with a man page and a library minor bump later.
-        * Implement SSL_{CTX_,}set_ciphersuites() and add regress. This is not
+        * Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.
-          yet public API and will be enabled in a future release.
-        * Enable the use of the new X509 chain validator by default.
-        * Fix double frees and a NULL dereference introduced on review of the
-          new validator.
-        * Remove various unused variables in the X509 code.
-        * Fix memory leaks in x509_constraints_chain() and
-          X509V3_ext_add_alias().
-        * Add initial manual page for the x509_verify() chain validator which
+        * Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.
-          will be installed once the new API is publically exposed.
-        * Avoid NULL deref in SSL_{,CTX_}set_ciphersuites().
+        * Send alert on ssl_get_prev_session() failure.
-        * Clean up and simplify SSL_set_session().
+        * Zero out variable on the stack to avoid leaving garbage in the tail
+          of short session ids.
        * Move state initialization from SSL_clear() to ssl3_clear() to ensure
          that it gets correctly reinitialized across a SSL_set_ssl_method()
          call.
-        * Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1
+        * Avoid an out-of-bounds write in BN_rand().
-          servers.
-        * Mop up the get_ssl_method function pointer.
-        * Clean up and simplify SSL_set_ssl_method().
-        * Deduplicate the time validation code between the legacy and the new
-          verification code.
-        * Set error_depth and current_cert to avoid problems in legacy
-          callbacks that don't do proper error checking.
-        * Correct a failure case in tls12_record_layer_seal_record_protected().
-        * Do not destroy an existing cipher list when ssl_parse_ciphersuites()
-          fails to match the behavior of ssl_create_cipher_list() and
-          SSL_set_ciphersuites() of OpenSSL.
-        * Split the tls12_record_layer_write_mac() for future reuse on the
-          read side.
-        * Dedup code in x509_verify_ctx_new_from_xsc().
-        * Make check in x509_verify_ctx_set_max_signatures() consistent with
+        * Fix numerous leaks in the UI_dup_* functions and simplify and tidy up
-          others.
+          the code in ui_lib.c.
-        * Avoid memset() before memcpy() for CBS_add_bytes().
+        * Avoid potential segmentation fault with SSL_get0_alpn_selected
+          by setting alpn_selected_len = 0 whenever alpn_selected is NULL.
-        * Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.
+        * Include machine/endian.h gost2814789.c in order to pick up the
+          __STRICT_ALIGNMENT define.
        * Simplify SSL method lookups.
-        * Prepare to provide most of the TLSv1.3-related OpenSSL 1.1.1 API.
+        * Clean up and simplify SSL_get_ciphers(), SSL_set_session(),
-          This will be finished in an upcoming release.
+          SSL_set_ssl_method() and several internal functions.
-        * Fix an overflow in the CN subject line parsing.
        * Correctly handle ssl_cert_dup() failure in SSL_set_SSL_CTX().
-        * Fix memory leaks in x509_constraints_extract_names().
+        * Refactor dtls1_new(), dtls1_hm_fragment_new(),
+          dtls1_drain_fragments(), dtls1_clear_queues().
-        * Correct a 1 byte read overflow in x509_constraints_uri().
-        * Ensure the chain is set on the X509_STORE_CTX before triggering
+        * Replace some SSL_AD_* with TLS13_ALERT_* defines in the new TLSv1.3
-          callback.
+          code.
-        * Release read and write buffers using freezero()
-        * Simplify the cleanup of init_buf via an ssl3_release_init_buffer()
-          function.
-        * Fix numerous leaks in the UI_dup_* functions.
+        * Copy the session id directly in ssl_get_prev_session() instead of
+          handing it through several functions for copying.
-        * Simplify and tidy up hte code in ui_lib.c.
+        * Avoid memset() before memcpy() for CBS_add_bytes().
-        * Refactor dtls1_clear_queues() to make it NULL safe.
+        * Rewrite X509_INFO_{new,free}() more idiomatically.
-        * Have dtls1_hm_fragment_new() call dtls1_hm_fragment_free() on
+        * Remove unnecessary zeroing after recallocarray() in
-          failure.
+          ASN1_BIT_STRING_set_bit().
-        * Have dtls1_new() call dtls1_free() on failure.
+        * Convert openssl(1) ocsp new option handling.
-        * Call dtls1_hm_fragment_free() from dtls1_drain_fragments() to fix
+        * Document SSL_set1_host(3), SSL_set_SSL_CTX(3).
-          potential memory leaks.
-        * Ensure that leaf is set up on X509_STORE_CTX before verification.
+        * Document return value from EC_KEY_get0_public_key(3).
-        * Document SSL_set1_host(3).
+        * Add initial manual page for the x509_verify() chain validator which
+          will be installed once the new API is publically exposed.
-        * Document SSL_set_SSL_CTX(3).
+        * Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1
+          servers.
        * Make pthread_mutex static initialisation work on Windows.

diff --git a/ChangeLog b/ChangeLog index 24de35e..3d7fda2 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -30,77 +30,18 @@ LibreSSL Portable Release Notes:
30		30
31	3.2.2 - Stable release	31	3.2.2 - Stable release
32		32
33	* Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.	33	* Improve the handling of BIO_read()/BIO_write() failures in the
34		34	TLSv1.3 stack.
35	* Start replacing the existing TLSv1.2 record layer.
36
37	* Send alert on ssl_get_prev_session() failure.
38
39	* Simplify return codes for tls1_process_ticket() and
40	tls_decrypt_ticket().
41
42	* Simplify tls_decrypt_ticket() exit path.
43
44	* Copy the session id directly in ssl_get_prev_session() instead of
45	handing it through several functions for copying.
46
47	* Split session retrieval out of ssl_get_prev_session().
48
49	* Zero out variable on the stack to avoid leaving garbage in the tail
50	of short session ids.
51
52	* Remove unnecessary zeroing after recallocarray() in
53	ASN1_BIT_STRING_set_bit().
54
55	* Rewrite X509_INFO_{new,free}() more idiomatically.
56
57	* Import commented versions of the latest OPENSSL_NO_* flags from
58	OpenSSL 1.1.1g.
59
60	* Document return value from EC_KEY_get0_public_key(3).
61
62	* Set alpn_selected_len = 0 whenever alpn_selected is NULL.
63
64	* Add option type OPTION_UL_VALUE_OR to openssl(1) option parser.
65
66	* Convert openssl(1) ocsp option handling.
67
68	* Major style cleanup in ocsp.c.
69
70	* Assorted ciphers related cleanup in ssl_lib.c.
71
72	* Add issuer cache in preparation for changes to the validation code.
73
74	* Replace some SSL_AD_* with TLS13_ALERT_* defines in the new TLSv1.3
75	code.
76
77	* Rename ssl_cipher_is_permitted() to the more accurate and specific
78	ssl_cipher_allowed_in_version_range().
79
80	* Simplify SSL_get_ciphers().
81
82	* Remove cipher_list_by_id.
83
84	* Add a new implementation of X509 name constraints with regression
85	tests.
86
87	* Fix and re-enable cert and cipher interop tests.
88
89	* Include machine/endian.h gost2814789.c in order to pick up the
90	__STRICT_ALIGNMENT define.
91
92	* Enable the new X509 name constraints verification.
93
94	* Avoid an out-of-bounds write in BN_rand().
95		35
96	* Simplify tls1_set_ec_id().	36	* Prepare to provide most of the TLSv1.3-related OpenSSL 1.1.1 API.
		37	This will be finished in an upcoming release.
97		38
98	* Use uint16_t for curve_id.	39	* Implement SSL_{CTX_,}set_ciphersuites() and add regress. This is not
		40	yet public API and will be enabled in a future release.
99		41
100	* Improve the handling of BIO_read()/BIO_write() failures in the	42	* Start replacing the existing TLSv1.2 record layer.
101	TLSv1.3 stack.
102		43
103	* Add a new certificate chain validator.	44	* Add a new X509 certificate chain validator.
104		45
105	The new validator finds multiple validated chains to handle the	46	The new validator finds multiple validated chains to handle the
106	modern PKI cases which may frequently have multiple paths via	47	modern PKI cases which may frequently have multiple paths via
@@ -114,101 +55,64 @@ LibreSSL Portable Release Notes:
114	The new public API is not yet exposed, and will be finalized and	55	The new public API is not yet exposed, and will be finalized and
115	exposed with a man page and a library minor bump later.	56	exposed with a man page and a library minor bump later.
116		57
117	* Implement SSL_{CTX_,}set_ciphersuites() and add regress. This is not	58	* Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.
118	yet public API and will be enabled in a future release.
119
120	* Enable the use of the new X509 chain validator by default.
121
122	* Fix double frees and a NULL dereference introduced on review of the
123	new validator.
124
125	* Remove various unused variables in the X509 code.
126
127	* Fix memory leaks in x509_constraints_chain() and
128	X509V3_ext_add_alias().
129		59
130	* Add initial manual page for the x509_verify() chain validator which	60	* Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.
131	will be installed once the new API is publically exposed.
132		61
133	* Avoid NULL deref in SSL_{,CTX_}set_ciphersuites().	62	* Send alert on ssl_get_prev_session() failure.
134		63
135	* Clean up and simplify SSL_set_session().	64	* Zero out variable on the stack to avoid leaving garbage in the tail
		65	of short session ids.
136		66
137	* Move state initialization from SSL_clear() to ssl3_clear() to ensure	67	* Move state initialization from SSL_clear() to ssl3_clear() to ensure
138	that it gets correctly reinitialized across a SSL_set_ssl_method()	68	that it gets correctly reinitialized across a SSL_set_ssl_method()
139	call.	69	call.
140		70
141	* Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1	71	* Avoid an out-of-bounds write in BN_rand().
142	servers.
143
144	* Mop up the get_ssl_method function pointer.
145
146	* Clean up and simplify SSL_set_ssl_method().
147
148	* Deduplicate the time validation code between the legacy and the new
149	verification code.
150
151	* Set error_depth and current_cert to avoid problems in legacy
152	callbacks that don't do proper error checking.
153
154	* Correct a failure case in tls12_record_layer_seal_record_protected().
155
156	* Do not destroy an existing cipher list when ssl_parse_ciphersuites()
157	fails to match the behavior of ssl_create_cipher_list() and
158	SSL_set_ciphersuites() of OpenSSL.
159
160	* Split the tls12_record_layer_write_mac() for future reuse on the
161	read side.
162
163	* Dedup code in x509_verify_ctx_new_from_xsc().
164		72
165	* Make check in x509_verify_ctx_set_max_signatures() consistent with	73	* Fix numerous leaks in the UI_dup_* functions and simplify and tidy up
166	others.	74	the code in ui_lib.c.
167		75
168	* Avoid memset() before memcpy() for CBS_add_bytes().	76	* Avoid potential segmentation fault with SSL_get0_alpn_selected
		77	by setting alpn_selected_len = 0 whenever alpn_selected is NULL.
169		78
170	* Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.	79	* Include machine/endian.h gost2814789.c in order to pick up the
		80	__STRICT_ALIGNMENT define.
171		81
172	* Simplify SSL method lookups.	82	* Simplify SSL method lookups.
173		83
174	* Prepare to provide most of the TLSv1.3-related OpenSSL 1.1.1 API.	84	* Clean up and simplify SSL_get_ciphers(), SSL_set_session(),
175	This will be finished in an upcoming release.	85	SSL_set_ssl_method() and several internal functions.
176
177	* Fix an overflow in the CN subject line parsing.
178		86
179	* Correctly handle ssl_cert_dup() failure in SSL_set_SSL_CTX().	87	* Correctly handle ssl_cert_dup() failure in SSL_set_SSL_CTX().
180		88
181	* Fix memory leaks in x509_constraints_extract_names().	89	* Refactor dtls1_new(), dtls1_hm_fragment_new(),
182		90	dtls1_drain_fragments(), dtls1_clear_queues().
183	* Correct a 1 byte read overflow in x509_constraints_uri().
184		91
185	* Ensure the chain is set on the X509_STORE_CTX before triggering	92	* Replace some SSL_AD_* with TLS13_ALERT_* defines in the new TLSv1.3
186	callback.	93	code.
187
188	* Release read and write buffers using freezero()
189
190	* Simplify the cleanup of init_buf via an ssl3_release_init_buffer()
191	function.
192		94
193	* Fix numerous leaks in the UI_dup_* functions.	95	* Copy the session id directly in ssl_get_prev_session() instead of
		96	handing it through several functions for copying.
194		97
195	* Simplify and tidy up hte code in ui_lib.c.	98	* Avoid memset() before memcpy() for CBS_add_bytes().
196		99
197	* Refactor dtls1_clear_queues() to make it NULL safe.	100	* Rewrite X509_INFO_{new,free}() more idiomatically.
198		101
199	* Have dtls1_hm_fragment_new() call dtls1_hm_fragment_free() on	102	* Remove unnecessary zeroing after recallocarray() in
200	failure.	103	ASN1_BIT_STRING_set_bit().
201		104
202	* Have dtls1_new() call dtls1_free() on failure.	105	* Convert openssl(1) ocsp new option handling.
203		106
204	* Call dtls1_hm_fragment_free() from dtls1_drain_fragments() to fix	107	* Document SSL_set1_host(3), SSL_set_SSL_CTX(3).
205	potential memory leaks.
206		108
207	* Ensure that leaf is set up on X509_STORE_CTX before verification.	109	* Document return value from EC_KEY_get0_public_key(3).
208		110
209	* Document SSL_set1_host(3).	111	* Add initial manual page for the x509_verify() chain validator which
		112	will be installed once the new API is publically exposed.
210		113
211	* Document SSL_set_SSL_CTX(3).	114	* Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1
		115	servers.
212		116
213	* Make pthread_mutex static initialisation work on Windows.	117	* Make pthread_mutex static initialisation work on Windows.
214		118