www/68.html - diff

Return to 68.html CVS log

Up to [local] / www

Diff for /www/68.html between version 1.59 and 1.60

version 1.59, 2020/10/08 15:48:14

version 1.60, 2020/10/08 16:05:20

Line 489

<li>Compatibility Changes

<ul>

<li>Modify I/O behavior so that SSL_MODE_AUTO_RETRY is the default similar to new OpenSSL releases.

<li>Modify I/O behavior so that <a href="https://man.openbsd.org/SSL_CTX_set_mode#SSL_MODE_AUTO_RETRY">SSL_MODE_AUTO_RETRY</a> is the default similar to new OpenSSL releases.

<li>Add the P-521 curve to the list of curves supported by default in the client.

<li>Define OPENSSL_NO_SSL_TRACE in opensslfeatures.h.

<li>Make SSL_CTX_get_ciphers(NULL) return NULL rather than crash.

Line 518

<li>Add initial support for openbsd/powerpc64.

<li>Improve length checks in the TLSv1.3 record layer and provide appropriate alerts for violations of record layer limits.

<li>Enforce that SNI hostnames received by the TLS server are correctly formed as per RFC 5890 and RFC 6066, responding with illegal parameter for a nonconformant host name.

<li>Support SSL_MODE_AUTO_RETRY in TLSv1.3 to allow the automatic retry of handshake messages.

<li>Support <a href="https://man.openbsd.org/SSL_CTX_set_mode#SSL_MODE_AUTO_RETRY">SSL_MODE_AUTO_RETRY</a> in TLSv1.3 to allow the automatic retry of handshake messages.

<li>Improve the handling of <a href="https://man.openbsd.org/BIO_read">BIO_read(3)</a>/<a href="https://man.openbsd.org/BIO_write">BIO_write(3)</a> failures in the TLSv1.3 stack.

<li>Start replacing the existing TLSv1.2 record layer.

<li>Simplify SSL method lookups.