===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/71.html,v
retrieving revision 1.43
retrieving revision 1.44
diff -c -r1.43 -r1.44
*** www/71.html	2022/04/13 14:44:35	1.43
--- www/71.html	2022/04/13 14:51:54	1.44
***************
*** 1012,1022 ****
            safer code
        <li>Convert {i2d,d2i}_{,EC_,DSA_,RSA_}PUBKEY{,_bio,_fp}() to templated
            ASN1
!       <li>Convert ASN1_OBJECT_new() to calloc()
!       <li>Convert ASN1_STRING_type_new() to calloc()
        <li>Rewrite ASN1_STRING_cmp()
-       <li>Use calloc() for X509_CRL_METHOD_new() instead of malloc()
-       <li>Convert ASN1_PCTX_new() to calloc()
        <li>Replace asn1_tlc_clear and asn1_tlc_clear_nc macros with a function
        <li>Consolidate {d2i,i2d}_{pr,pu}.c
        <li>Remove handling of a NULL BUF_MEM from asn1_collect()
--- 1012,1020 ----
            safer code
        <li>Convert {i2d,d2i}_{,EC_,DSA_,RSA_}PUBKEY{,_bio,_fp}() to templated
            ASN1
!       <li>Convert ASN1_OBJECT_new(), ASN1_STRING_type_new(), ASN1_PCTX_new(),
!           and X509_CRL_METHOD_new() to using calloc() instead of malloc()
        <li>Rewrite ASN1_STRING_cmp()
        <li>Replace asn1_tlc_clear and asn1_tlc_clear_nc macros with a function
        <li>Consolidate {d2i,i2d}_{pr,pu}.c
        <li>Remove handling of a NULL BUF_MEM from asn1_collect()
***************
*** 1046,1055 ****
        <li>Check DH public key in ssl_kex_peer_public_dhe()
        <li>Move the minimum DHE key size check into ssl_kex_peer_params_dhe()
        <li>Clean up and refactor server side DHE key exchange
!       <li>Provide CBS_get_last_u8()
!       <li>Provide CBS_get_u64()
!       <li>Provide CBS_add_u64()
!       <li>Provide various CBS_peek_* functions
        <li>Use CBS_get_last_u8() to find the content type in TLSv1.3 records
        <li>unifdef TLS13_USE_LEGACY_CLIENT_AUTH
        <li>Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack
--- 1044,1051 ----
        <li>Check DH public key in ssl_kex_peer_public_dhe()
        <li>Move the minimum DHE key size check into ssl_kex_peer_params_dhe()
        <li>Clean up and refactor server side DHE key exchange
!       <li>Provide CBS_get_last_u8(), CBS_get_u64(), CBS_add_u64() and various
!           CBS_peek_* functions.
        <li>Use CBS_get_last_u8() to find the content type in TLSv1.3 records
        <li>unifdef TLS13_USE_LEGACY_CLIENT_AUTH
        <li>Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack
***************
*** 1063,1070 ****
        <li>Rename tls13_key_share to tls_key_share
        <li>Allocate and free the EVP_AEAD_CTX struct in
            tls13_record_protection
!       <li>Convert legacy TLS client to tls_key_share
!       <li>Convert legacy TLS server to tls_key_share
        <li>Stop attempting to duplicate the public and private key of dh_tmp
        <li>Rename dh_tmp to dhe_params
        <li>Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY
--- 1059,1065 ----
        <li>Rename tls13_key_share to tls_key_share
        <li>Allocate and free the EVP_AEAD_CTX struct in
            tls13_record_protection
!       <li>Convert legacy TLS client and server to tls_key_share
        <li>Stop attempting to duplicate the public and private key of dh_tmp
        <li>Rename dh_tmp to dhe_params
        <li>Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY