| version 1.33, 2020/05/07 03:39:46 |
version 1.34, 2020/05/07 04:33:10 |
|
|
| </ul> |
</ul> |
| |
|
| <li>LibreSSL 3.1.1 |
<li>LibreSSL 3.1.1 |
| |
<ul> |
| |
<li>API and Documentation Enhancements |
| <ul> |
<ul> |
| <li> Completed initial TLS 1.3 implementation with a completely new state |
<li>Completed initial TLS 1.3 implementation with a completely new state |
| machine and record layer. TLS 1.3 is now enabled by default for the |
machine and record layer. TLS 1.3 is now enabled by default for the |
| client side, with the server side to be enabled in a future release. |
client side, with the server side to be enabled in a future release. |
| Note that the OpenSSL TLS 1.3 API is not yet visible/available. |
Note that the OpenSSL TLS 1.3 API is not yet visible/available. |
| |
<li>Improved SSL_CTX_set_cipher_list(3) and SSL_set_cipher_list(3) to |
| <li> Many more code cleanups, fixes, and improvements to memory handling |
include TLSv1.3 cipher suites even if cipher string does not |
| and protocol parsing. |
indicate it. |
| |
<li>Improved to handle TLSv1.3 HelloRetryRequest. |
| <li> Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1. |
<li>Provided TLSv1.3 cipher suite aliases to match the names used |
| |
in RFC 8446. |
| <li> Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL |
<li>Improved to allow using any of the groups in our NID list to |
| |
generate a client key share. |
| |
<li>Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1. |
| |
<li>Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL |
| 1.1.1 and enabled by default. |
1.1.1 and enabled by default. |
| |
<li>Added cms subcommand to openssl(1). |
| <li> Improved compatibility by backporting functionality and documentation |
<li>Added -addext option to openssl(1) req subcommand. |
| from OpenSSL 1.1.1. |
<li>Added -groups option to openssl(1) s_server subcommand. |
| |
<li>Fixed to show TLSv1.3 extension type with openssl(1) -tlsextdebug. |
| <li> Added many new additional crypto test vectors. |
|
| |
|
| <li> Adjusted EVP_chacha20()'s behavior to match OpenSSL's semantics. |
|
| |
|
| <li> Default CA bundle location is now configurable in portable builds. |
|
| |
|
| <li> Added cms subcommand to openssl(1). |
|
| |
|
| <li> Added -addext option to openssl(1) req subcommand. |
|
| |
|
| <li> Improved SSL_CTX_set_cipher_list(3) and SSL_set_cipher_list(3) to |
|
| include TLSv1.3 cipher suites even if cipher string does not |
|
| indicate it. |
|
| |
|
| <li> Improved to handle TLSv1.3 HelloRetryRequest. |
|
| |
|
| <li> Provided TLSv1.3 cipher suite aliases to match the names used |
|
| in RFC 8446. |
|
| |
|
| <li> Improved to allow using any of the groups in our NID list to |
|
| generate a client key share. |
|
| |
|
| <li> Fixed printing the serialNumber with X509_print_ex() fall back to |
|
| the colon separated hex bytes in case greater than int value. |
|
| |
|
| <li> Fixed to disallow setting the AES-GCM IV length to zero. |
|
| |
|
| <li> Added -groups option to openssl(1) s_server subcommand. |
|
| |
|
| <li> Fixed to show TLSv1.3 extension type with openssl(1) -tlsextdebug. |
|
| |
|
| <li> Improved portable builds to support for use of static MSVC runtimes. |
|
| <li> Fixed portable builds to avoid exporting a sleep() symbol. |
|
| |
|
| <li>API and Documentation Enhancements |
|
| <ul> |
|
| <li>... |
|
| </ul> |
</ul> |
| |
|
| <li>Compatibility Changes |
<li>Compatibility Changes |
| <ul> |
<ul> |
| <li>... |
<li>Improved compatibility by backporting functionality and documentation |
| |
from OpenSSL 1.1.1. |
| |
<li>Adjusted EVP_chacha20()'s behavior to match OpenSSL's semantics. |
| </ul> |
</ul> |
| |
|
| <li>Testing and Proactive Security |
<li>Testing and Proactive Security |
| <ul> |
<ul> |
| <li>... |
<li>Added many new additional crypto test vectors. |
| |
<li>Fixed to disallow setting the AES-GCM IV length to zero. |
| </ul> |
</ul> |
| |
|
| <li>Internal Improvements |
<li>Internal Improvements |
| <ul> |
<ul> |
| <li>... |
<li>Many more code cleanups, fixes, and improvements to memory handling |
| |
and protocol parsing. |
| </ul> |
</ul> |
| |
|
| <li>Portable Improvements |
<li>Portable Improvements |
| <ul> |
<ul> |
| <li>... |
<li>Default CA bundle location is now configurable in portable builds. |
| |
<li>Improved portable builds to support for use of static MSVC runtimes. |
| |
<li>Fixed portable builds to avoid exporting a sleep() symbol. |
| </ul> |
</ul> |
| |
|
| <li>Bug Fixes |
<li>Bug Fixes |
| <ul> |
<ul> |
| <li>... |
<li>Fixed printing the serialNumber with X509_print_ex() fall back to |
| |
the colon separated hex bytes in case greater than int value. |
| </ul> |
</ul> |
| </ul> |
</ul> |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to 67.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www