Return to 68.html CVS log | Up to [local] / www |
version 1.83, 2020/11/19 20:15:16 | version 1.84, 2020/11/25 17:07:35 | ||
---|---|---|---|
|
|
||
<li>Correctly handle ssl_cert_dup() failure in <a href="https://man.openbsd.org/SSL_set_SSL_CTX">SSL_set_SSL_CTX(3)</a>. | <li>Correctly handle ssl_cert_dup() failure in <a href="https://man.openbsd.org/SSL_set_SSL_CTX">SSL_set_SSL_CTX(3)</a>. | ||
<li>Fail on receiving an invalid NID in <a href="https://man.openbsd.org/X509_ATTRIBUTE_create">X509_ATTRIBUTE_create(3)</a> instead of constructing a broken objects that may cause NULL pointer accesses. | <li>Fail on receiving an invalid NID in <a href="https://man.openbsd.org/X509_ATTRIBUTE_create">X509_ATTRIBUTE_create(3)</a> instead of constructing a broken objects that may cause NULL pointer accesses. | ||
<li>Fix <a href="https://man.openbsd.org/SSL_shutdown">SSL_shutdown(3)</a> behavior in TLSv1.3 to match the legacy stack. The previous behavior could cause a hang. | <li>Fix <a href="https://man.openbsd.org/SSL_shutdown">SSL_shutdown(3)</a> behavior in TLSv1.3 to match the legacy stack. The previous behavior could cause a hang. | ||
<li>Modify "openssl x509" to display invalid certificate times as invalid, and correctly deal with the failing return case from <a href="https://man.openbsd.org/X509_cmp_time ">X509_cmp_time(3)</a> so that a certificate with an invalid NotAfter does not appear valid. | <li>Modify "openssl x509" to display invalid certificate times as invalid, and correctly deal with the failing return case from <a href="https://man.openbsd.org/X509_cmp_time">X509_cmp_time(3)</a> so that a certificate with an invalid NotAfter does not appear valid. | ||
</ul> | </ul> | ||
</ul> | </ul> | ||