1 files changed, 186 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 8a70b14..24de35e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,192 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+3.2.2 - Stable release
+        * Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.
+        * Start replacing the existing TLSv1.2 record layer.
+        * Send alert on ssl_get_prev_session() failure.
+        * Simplify return codes for tls1_process_ticket() and
+          tls_decrypt_ticket().
+        * Simplify tls_decrypt_ticket() exit path.
+        * Copy the session id directly in ssl_get_prev_session() instead of
+          handing it through several functions for copying.
+        * Split session retrieval out of ssl_get_prev_session().
+        * Zero out variable on the stack to avoid leaving garbage in the tail
+          of short session ids.
+        * Remove unnecessary zeroing after recallocarray() in
+          ASN1_BIT_STRING_set_bit().
+        * Rewrite X509_INFO_{new,free}() more idiomatically.
+        * Import commented versions of the latest OPENSSL_NO_* flags from
+          OpenSSL 1.1.1g.
+        * Document return value from EC_KEY_get0_public_key(3).
+        * Set alpn_selected_len = 0 whenever alpn_selected is NULL.
+        * Add option type OPTION_UL_VALUE_OR to openssl(1) option parser.
+        * Convert openssl(1) ocsp option handling.
+        * Major style cleanup in ocsp.c.
+        * Assorted ciphers related cleanup in ssl_lib.c.
+        * Add issuer cache in preparation for changes to the validation code.
+        * Replace some SSL_AD_* with TLS13_ALERT_* defines in the new TLSv1.3
+          code.
+        * Rename ssl_cipher_is_permitted() to the more accurate and specific
+          ssl_cipher_allowed_in_version_range().
+        * Simplify SSL_get_ciphers().
+        * Remove cipher_list_by_id.
+        * Add a new implementation of X509 name constraints with regression
+          tests.
+        * Fix and re-enable cert and cipher interop tests.
+        * Include machine/endian.h gost2814789.c in order to pick up the
+          __STRICT_ALIGNMENT define.
+        * Enable the new X509 name constraints verification.
+        * Avoid an out-of-bounds write in BN_rand().
+        * Simplify tls1_set_ec_id().
+        * Use uint16_t for curve_id.
+        * Improve the handling of BIO_read()/BIO_write() failures in the
+          TLSv1.3 stack.
+        * Add a new certificate chain validator.
+          The new validator finds multiple validated chains to handle the
+          modern PKI cases which may frequently have multiple paths via
+          different intermediates to different roots. It is loosely based on
+          golang's X509 validator.
+          This includes integration so that the new validator can be used via
+          X509_verify_cert() as well as a new API x509_verify() which will
+          return multiple chains (similar to go).
+          The new public API is not yet exposed, and will be finalized and
+          exposed with a man page and a library minor bump later.
+        * Implement SSL_{CTX_,}set_ciphersuites() and add regress. This is not
+          yet public API and will be enabled in a future release.
+        * Enable the use of the new X509 chain validator by default.
+        * Fix double frees and a NULL dereference introduced on review of the
+          new validator.
+        * Remove various unused variables in the X509 code.
+        * Fix memory leaks in x509_constraints_chain() and
+          X509V3_ext_add_alias().
+        * Add initial manual page for the x509_verify() chain validator which
+          will be installed once the new API is publically exposed.
+        * Avoid NULL deref in SSL_{,CTX_}set_ciphersuites().
+        * Clean up and simplify SSL_set_session().
+        * Move state initialization from SSL_clear() to ssl3_clear() to ensure
+          that it gets correctly reinitialized across a SSL_set_ssl_method()
+          call.
+        * Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1
+          servers.
+        * Mop up the get_ssl_method function pointer.
+        * Clean up and simplify SSL_set_ssl_method().
+        * Deduplicate the time validation code between the legacy and the new
+          verification code.
+        * Set error_depth and current_cert to avoid problems in legacy
+          callbacks that don't do proper error checking.
+        * Correct a failure case in tls12_record_layer_seal_record_protected().
+        * Do not destroy an existing cipher list when ssl_parse_ciphersuites()
+          fails to match the behavior of ssl_create_cipher_list() and
+          SSL_set_ciphersuites() of OpenSSL.
+        * Split the tls12_record_layer_write_mac() for future reuse on the
+          read side.
+        * Dedup code in x509_verify_ctx_new_from_xsc().
+        * Make check in x509_verify_ctx_set_max_signatures() consistent with
+          others.
+        * Avoid memset() before memcpy() for CBS_add_bytes().
+        * Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.
+        * Simplify SSL method lookups.
+        * Prepare to provide most of the TLSv1.3-related OpenSSL 1.1.1 API.
+          This will be finished in an upcoming release.
+        * Fix an overflow in the CN subject line parsing.
+        * Correctly handle ssl_cert_dup() failure in SSL_set_SSL_CTX().
+        * Fix memory leaks in x509_constraints_extract_names().
+        * Correct a 1 byte read overflow in x509_constraints_uri().
+        * Ensure the chain is set on the X509_STORE_CTX before triggering
+          callback.
+        * Release read and write buffers using freezero()
+        * Simplify the cleanup of init_buf via an ssl3_release_init_buffer()
+          function.
+        * Fix numerous leaks in the UI_dup_* functions.
+        * Simplify and tidy up hte code in ui_lib.c.
+        * Refactor dtls1_clear_queues() to make it NULL safe.
+        * Have dtls1_hm_fragment_new() call dtls1_hm_fragment_free() on
+          failure.
+        * Have dtls1_new() call dtls1_free() on failure.
+        * Call dtls1_hm_fragment_free() from dtls1_drain_fragments() to fix
+          potential memory leaks.
+        * Ensure that leaf is set up on X509_STORE_CTX before verification.
+        * Document SSL_set1_host(3).
+        * Document SSL_set_SSL_CTX(3).
+        * Make pthread_mutex static initialisation work on Windows.
+        * Get __STRICT_ALIGNMENT from machine/endian.h with portable build.
 3.2.1 - Development release
        * Propagate alerts from the read half of the TLSv1.3 record layer to I/O

diff --git a/ChangeLog b/ChangeLog index 8a70b14..24de35e 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,192 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	3.2.2 - Stable release
		32
		33	* Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.
		34
		35	* Start replacing the existing TLSv1.2 record layer.
		36
		37	* Send alert on ssl_get_prev_session() failure.
		38
		39	* Simplify return codes for tls1_process_ticket() and
		40	tls_decrypt_ticket().
		41
		42	* Simplify tls_decrypt_ticket() exit path.
		43
		44	* Copy the session id directly in ssl_get_prev_session() instead of
		45	handing it through several functions for copying.
		46
		47	* Split session retrieval out of ssl_get_prev_session().
		48
		49	* Zero out variable on the stack to avoid leaving garbage in the tail
		50	of short session ids.
		51
		52	* Remove unnecessary zeroing after recallocarray() in
		53	ASN1_BIT_STRING_set_bit().
		54
		55	* Rewrite X509_INFO_{new,free}() more idiomatically.
		56
		57	* Import commented versions of the latest OPENSSL_NO_* flags from
		58	OpenSSL 1.1.1g.
		59
		60	* Document return value from EC_KEY_get0_public_key(3).
		61
		62	* Set alpn_selected_len = 0 whenever alpn_selected is NULL.
		63
		64	* Add option type OPTION_UL_VALUE_OR to openssl(1) option parser.
		65
		66	* Convert openssl(1) ocsp option handling.
		67
		68	* Major style cleanup in ocsp.c.
		69
		70	* Assorted ciphers related cleanup in ssl_lib.c.
		71
		72	* Add issuer cache in preparation for changes to the validation code.
		73
		74	* Replace some SSL_AD_* with TLS13_ALERT_* defines in the new TLSv1.3
		75	code.
		76
		77	* Rename ssl_cipher_is_permitted() to the more accurate and specific
		78	ssl_cipher_allowed_in_version_range().
		79
		80	* Simplify SSL_get_ciphers().
		81
		82	* Remove cipher_list_by_id.
		83
		84	* Add a new implementation of X509 name constraints with regression
		85	tests.
		86
		87	* Fix and re-enable cert and cipher interop tests.
		88
		89	* Include machine/endian.h gost2814789.c in order to pick up the
		90	__STRICT_ALIGNMENT define.
		91
		92	* Enable the new X509 name constraints verification.
		93
		94	* Avoid an out-of-bounds write in BN_rand().
		95
		96	* Simplify tls1_set_ec_id().
		97
		98	* Use uint16_t for curve_id.
		99
		100	* Improve the handling of BIO_read()/BIO_write() failures in the
		101	TLSv1.3 stack.
		102
		103	* Add a new certificate chain validator.
		104
		105	The new validator finds multiple validated chains to handle the
		106	modern PKI cases which may frequently have multiple paths via
		107	different intermediates to different roots. It is loosely based on
		108	golang's X509 validator.
		109
		110	This includes integration so that the new validator can be used via
		111	X509_verify_cert() as well as a new API x509_verify() which will
		112	return multiple chains (similar to go).
		113
		114	The new public API is not yet exposed, and will be finalized and
		115	exposed with a man page and a library minor bump later.
		116
		117	* Implement SSL_{CTX_,}set_ciphersuites() and add regress. This is not
		118	yet public API and will be enabled in a future release.
		119
		120	* Enable the use of the new X509 chain validator by default.
		121
		122	* Fix double frees and a NULL dereference introduced on review of the
		123	new validator.
		124
		125	* Remove various unused variables in the X509 code.
		126
		127	* Fix memory leaks in x509_constraints_chain() and
		128	X509V3_ext_add_alias().
		129
		130	* Add initial manual page for the x509_verify() chain validator which
		131	will be installed once the new API is publically exposed.
		132
		133	* Avoid NULL deref in SSL_{,CTX_}set_ciphersuites().
		134
		135	* Clean up and simplify SSL_set_session().
		136
		137	* Move state initialization from SSL_clear() to ssl3_clear() to ensure
		138	that it gets correctly reinitialized across a SSL_set_ssl_method()
		139	call.
		140
		141	* Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1
		142	servers.
		143
		144	* Mop up the get_ssl_method function pointer.
		145
		146	* Clean up and simplify SSL_set_ssl_method().
		147
		148	* Deduplicate the time validation code between the legacy and the new
		149	verification code.
		150
		151	* Set error_depth and current_cert to avoid problems in legacy
		152	callbacks that don't do proper error checking.
		153
		154	* Correct a failure case in tls12_record_layer_seal_record_protected().
		155
		156	* Do not destroy an existing cipher list when ssl_parse_ciphersuites()
		157	fails to match the behavior of ssl_create_cipher_list() and
		158	SSL_set_ciphersuites() of OpenSSL.
		159
		160	* Split the tls12_record_layer_write_mac() for future reuse on the
		161	read side.
		162
		163	* Dedup code in x509_verify_ctx_new_from_xsc().
		164
		165	* Make check in x509_verify_ctx_set_max_signatures() consistent with
		166	others.
		167
		168	* Avoid memset() before memcpy() for CBS_add_bytes().
		169
		170	* Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.
		171
		172	* Simplify SSL method lookups.
		173
		174	* Prepare to provide most of the TLSv1.3-related OpenSSL 1.1.1 API.
		175	This will be finished in an upcoming release.
		176
		177	* Fix an overflow in the CN subject line parsing.
		178
		179	* Correctly handle ssl_cert_dup() failure in SSL_set_SSL_CTX().
		180
		181	* Fix memory leaks in x509_constraints_extract_names().
		182
		183	* Correct a 1 byte read overflow in x509_constraints_uri().
		184
		185	* Ensure the chain is set on the X509_STORE_CTX before triggering
		186	callback.
		187
		188	* Release read and write buffers using freezero()
		189
		190	* Simplify the cleanup of init_buf via an ssl3_release_init_buffer()
		191	function.
		192
		193	* Fix numerous leaks in the UI_dup_* functions.
		194
		195	* Simplify and tidy up hte code in ui_lib.c.
		196
		197	* Refactor dtls1_clear_queues() to make it NULL safe.
		198
		199	* Have dtls1_hm_fragment_new() call dtls1_hm_fragment_free() on
		200	failure.
		201
		202	* Have dtls1_new() call dtls1_free() on failure.
		203
		204	* Call dtls1_hm_fragment_free() from dtls1_drain_fragments() to fix
		205	potential memory leaks.
		206
		207	* Ensure that leaf is set up on X509_STORE_CTX before verification.
		208
		209	* Document SSL_set1_host(3).
		210
		211	* Document SSL_set_SSL_CTX(3).
		212
		213	* Make pthread_mutex static initialisation work on Windows.
		214
		215	* Get __STRICT_ALIGNMENT from machine/endian.h with portable build.
		216
31	3.2.1 - Development release	217	3.2.1 - Development release
32		218
33	* Propagate alerts from the read half of the TLSv1.3 record layer to I/O	219	* Propagate alerts from the read half of the TLSv1.3 record layer to I/O