diff options
| -rw-r--r-- | ChangeLog | 18 |
1 files changed, 7 insertions, 11 deletions
| @@ -49,7 +49,7 @@ LibreSSL Portable Release Notes: | |||
| 49 | * Send alert on ssl_get_prev_session() failure. | 49 | * Send alert on ssl_get_prev_session() failure. |
| 50 | 50 | ||
| 51 | * Zero out variable on the stack to avoid leaving garbage in the tail | 51 | * Zero out variable on the stack to avoid leaving garbage in the tail |
| 52 | of short session ids. | 52 | of short session IDs. |
| 53 | 53 | ||
| 54 | * Move state initialization from SSL_clear() to ssl3_clear() to ensure | 54 | * Move state initialization from SSL_clear() to ssl3_clear() to ensure |
| 55 | that it gets correctly reinitialized across a SSL_set_ssl_method() | 55 | that it gets correctly reinitialized across a SSL_set_ssl_method() |
| @@ -60,8 +60,8 @@ LibreSSL Portable Release Notes: | |||
| 60 | * Fix numerous leaks in the UI_dup_* functions. Simplify and tidy up | 60 | * Fix numerous leaks in the UI_dup_* functions. Simplify and tidy up |
| 61 | the code in ui_lib.c. | 61 | the code in ui_lib.c. |
| 62 | 62 | ||
| 63 | * Avoid potential segmentation fault with SSL_get0_alpn_selected | 63 | * Correctly track selected ALPN length to avoid a potential segmentation |
| 64 | by setting alpn_selected_len = 0 whenever alpn_selected is NULL. | 64 | fault with SSL_get0_alpn_selected() when alpn_selected is NULL. |
| 65 | 65 | ||
| 66 | * Include machine/endian.h gost2814789.c in order to pick up the | 66 | * Include machine/endian.h gost2814789.c in order to pick up the |
| 67 | __STRICT_ALIGNMENT define. | 67 | __STRICT_ALIGNMENT define. |
| @@ -76,13 +76,10 @@ LibreSSL Portable Release Notes: | |||
| 76 | * Refactor dtls1_new(), dtls1_hm_fragment_new(), | 76 | * Refactor dtls1_new(), dtls1_hm_fragment_new(), |
| 77 | dtls1_drain_fragments(), dtls1_clear_queues(). | 77 | dtls1_drain_fragments(), dtls1_clear_queues(). |
| 78 | 78 | ||
| 79 | * Replace some SSL_AD_* with TLS13_ALERT_* defines in the new TLSv1.3 | 79 | * Copy the session ID directly in ssl_get_prev_session() instead of |
| 80 | code. | ||
| 81 | |||
| 82 | * Copy the session id directly in ssl_get_prev_session() instead of | ||
| 83 | handing it through several functions for copying. | 80 | handing it through several functions for copying. |
| 84 | 81 | ||
| 85 | * Avoid memset() before memcpy() for CBS_add_bytes(). | 82 | * Avoid memset() before memcpy() in CBS_add_bytes(). |
| 86 | 83 | ||
| 87 | * Rewrite X509_INFO_{new,free}() more idiomatically. | 84 | * Rewrite X509_INFO_{new,free}() more idiomatically. |
| 88 | 85 | ||
| @@ -95,10 +92,9 @@ LibreSSL Portable Release Notes: | |||
| 95 | 92 | ||
| 96 | * Document return value from EC_KEY_get0_public_key(3). | 93 | * Document return value from EC_KEY_get0_public_key(3). |
| 97 | 94 | ||
| 98 | * Greatly expanded test coverage by the tlsfuzzer test scripts. | 95 | * Greatly expanded test coverage via the tlsfuzzer test scripts. |
| 99 | 96 | ||
| 100 | * Test the Botan TLS client with LibreSSL, OpenSSL 1.0.2 and 1.1.1 | 97 | * Test interoperability with the Botan TLS client. |
| 101 | servers. | ||
| 102 | 98 | ||
| 103 | * Make pthread_mutex static initialisation work on Windows. | 99 | * Make pthread_mutex static initialisation work on Windows. |
| 104 | 100 | ||