diff options
| -rw-r--r-- | ChangeLog | 11 |
1 files changed, 4 insertions, 7 deletions
| @@ -43,13 +43,10 @@ LibreSSL Portable Release Notes: | |||
| 43 | * Added definitions for three OIDs used in EV certificates. | 43 | * Added definitions for three OIDs used in EV certificates. |
| 44 | From Kyle J. McKay | 44 | From Kyle J. McKay |
| 45 | 45 | ||
| 46 | * Plugged a memory leak in tls_ocsp_free. | 46 | * Added tls_peer_cert_chain_pem to libtls, useful in private |
| 47 | certificate validation callbacks such as those in relayd. | ||
| 47 | 48 | ||
| 48 | * Added tls_peer_cert_chain_pem, tls_cert_hash, and tls_hex_string to | 49 | * Converted explicit clear/free sequences to use freezero(3). |
| 49 | libtls, useful in private certificate validation callbacks such as | ||
| 50 | those in relayd. | ||
| 51 | |||
| 52 | * Converted explicit lear/free sequences to use freezero(3). | ||
| 53 | 50 | ||
| 54 | * Reworked TLS certificate name verification code to more strictly | 51 | * Reworked TLS certificate name verification code to more strictly |
| 55 | follow RFC 6125. | 52 | follow RFC 6125. |
| @@ -70,7 +67,7 @@ LibreSSL Portable Release Notes: | |||
| 70 | 67 | ||
| 71 | * Added HKDF (HMAC Key Derivation Function) from BoringSSL | 68 | * Added HKDF (HMAC Key Derivation Function) from BoringSSL |
| 72 | 69 | ||
| 73 | * Providea a tls_unload_file() function that frees the memory returned | 70 | * Provided a tls_unload_file() function that frees the memory returned |
| 74 | from a tls_load_file() call, ensuring that it the contents become | 71 | from a tls_load_file() call, ensuring that it the contents become |
| 75 | inaccessible. This is specifically needed on platforms where the | 72 | inaccessible. This is specifically needed on platforms where the |
| 76 | library allocators may be different from the application allocator. | 73 | library allocators may be different from the application allocator. |