diff options
| -rw-r--r-- | ChangeLog | 6 |
1 files changed, 5 insertions, 1 deletions
| @@ -103,13 +103,17 @@ LibreSSL Portable Release Notes: | |||
| 103 | since the return value of X509_verify_cert() is unreliable in | 103 | since the return value of X509_verify_cert() is unreliable in |
| 104 | presence of a callback that returns 1 too often. | 104 | presence of a callback that returns 1 too often. |
| 105 | 105 | ||
| 106 | * Update getentropy on Windows to use Cryptography Next Generation | ||
| 107 | (CNG). wincrypt is deprecated and no longer works with newer Windows | ||
| 108 | environments, such as in Windows Store apps. | ||
| 109 | |||
| 106 | * Implement auto chain for the TLSv1.3 server since some software | 110 | * Implement auto chain for the TLSv1.3 server since some software |
| 107 | relies on this. | 111 | relies on this. |
| 108 | 112 | ||
| 109 | * Handle additional certificate error cases in the new X.509 verifier. | 113 | * Handle additional certificate error cases in the new X.509 verifier. |
| 110 | Keep track of the errors encountered if a verify callback tells the | 114 | Keep track of the errors encountered if a verify callback tells the |
| 111 | verifier to continue and report them back via the error on the store | 115 | verifier to continue and report them back via the error on the store |
| 112 | context. This mimicks the behavior of the old verifier that would | 116 | context. This mimics the behavior of the old verifier that would |
| 113 | persist the first error encountered while building the chain. | 117 | persist the first error encountered while building the chain. |
| 114 | 118 | ||
| 115 | * Report specific failures for "self signed certificates" in a way | 119 | * Report specific failures for "self signed certificates" in a way |