version 1.66, 2021/10/04 13:17:16 |
version 1.67, 2021/10/04 14:18:08 |
|
|
<li>Allowed specification of TLS ciphers and protocols in <a href="https://man.openbsd.org/smtp.1">smtp(1)</a>. |
<li>Allowed specification of TLS ciphers and protocols in <a href="https://man.openbsd.org/smtp.1">smtp(1)</a>. |
</ul> |
</ul> |
|
|
<li>LibreSSL 3.4.0 XXX |
<li>LibreSSL 3.4.1 XXX |
<ul> |
<ul> |
<li>New Features |
<li>New Features |
<ul> |
<ul> |
<li>... |
<li>Added support for OpenSSL 1.1.1 TLSv1.3 APIs.</li> |
|
<li>Enabled the new x509 validator. |
</ul> |
</ul> |
|
|
<li>Portable Improvements |
<li>Portable Improvements |
<ul> |
<ul> |
<li>... |
<li>Ported continuous integration and test infrastructure to Github actions.</li> |
|
<li>Added Universal Windows Platform (UWP) build support.</li> |
|
<li>Fixed mingw-w64 builds on newer versions with missing SSP support.</li> |
|
<li>Added non-executable stack annotations for CMake builds.</li> |
</ul> |
</ul> |
|
|
<li>API and Documentation Enhancements |
<li>API and Documentation Enhancements |
<ul> |
<ul> |
<li>... |
<li>Added the following APIs from OpenSSL |
|
<ul> |
|
BN_bn2binpad |
|
BN_bn2lebinpad |
|
BN_lebin2bn |
|
EC_GROUP_get_curve |
|
EC_GROUP_order_bits |
|
EC_GROUP_set_curve |
|
EC_POINT_get_affine_coordinates |
|
EC_POINT_set_affine_coordinates |
|
EC_POINT_set_compressed_coordinates |
|
EVP_DigestSign |
|
EVP_DigestVerify |
|
SSL_CIPHER_find |
|
SSL_CTX_get0_privatekey |
|
SSL_CTX_get_max_early_data |
|
SSL_CTX_get_ssl_method |
|
SSL_CTX_set_ciphersuites |
|
SSL_CTX_set_max_early_data |
|
SSL_CTX_set_post_handshake_auth |
|
SSL_SESSION_get0_cipher |
|
SSL_SESSION_get_max_early_data |
|
SSL_SESSION_is_resumable |
|
SSL_SESSION_set_max_early_data |
|
SSL_get_early_data_status |
|
SSL_get_max_early_data |
|
SSL_read_early_data |
|
SSL_set0_rbio |
|
SSL_set_ciphersuites |
|
SSL_set_max_early_data |
|
SSL_set_post_handshake_auth |
|
SSL_set_psk_use_session_callback |
|
SSL_verify_client_post_handshake |
|
SSL_write_early_data |
|
</ul> |
|
<li>Added AES-GCM constants from RFC 7714 for SRTP.</li> |
</ul> |
</ul> |
|
|
<li>Compatibility Changes |
<li>Compatibility Changes |
<ul> |
<ul> |
<li>... |
<li>Implement flushing for TLSv1.3 handshakes behavior, needed for Apache.</li> |
|
<li>Call the info callback on connect/accept exit in TLSv1.3, needed for p5-Net-SSLeay.</li> |
|
<li>Default to using named curve parameter encoding from pre-OpenSSL 1.1.0, adding OPENSSL_EC_EXPLICIT_CURVE.</li> |
|
<li>Do not ignore SSL_TLSEXT_ERR_FATAL from the ALPN callback.</li> |
</ul> |
</ul> |
|
|
<li>Testing and Proactive Security |
<li>Testing and Proactive Security |
<ul> |
<ul> |
<li>... |
<li>Added additional state machine test coverage.</li> |
|
<li>Improved integration test support with ruby/openssl and p5-Net_SSLeay</li> |
</ul> |
</ul> |
|
|
<li>Internal Improvements |
<li>Internal Improvements |
<ul> |
<ul> |
<li>... |
<li>... |
</ul> |
</ul> |
|
|
<li>Bug Fixes |
<li>Bug Fixes |
<ul> |
<ul> |
<li>... |
<li>... |
</ul> |
</ul> |
</ul> |
</ul> |
|
|