===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/71.html,v
retrieving revision 1.43
retrieving revision 1.44
diff -c -r1.43 -r1.44
*** www/71.html 2022/04/13 14:44:35 1.43
--- www/71.html 2022/04/13 14:51:54 1.44
***************
*** 1012,1022 ****
safer code
Convert {i2d,d2i}_{,EC_,DSA_,RSA_}PUBKEY{,_bio,_fp}() to templated
ASN1
! Convert ASN1_OBJECT_new() to calloc()
! Convert ASN1_STRING_type_new() to calloc()
Rewrite ASN1_STRING_cmp()
- Use calloc() for X509_CRL_METHOD_new() instead of malloc()
- Convert ASN1_PCTX_new() to calloc()
Replace asn1_tlc_clear and asn1_tlc_clear_nc macros with a function
Consolidate {d2i,i2d}_{pr,pu}.c
Remove handling of a NULL BUF_MEM from asn1_collect()
--- 1012,1020 ----
safer code
Convert {i2d,d2i}_{,EC_,DSA_,RSA_}PUBKEY{,_bio,_fp}() to templated
ASN1
! Convert ASN1_OBJECT_new(), ASN1_STRING_type_new(), ASN1_PCTX_new(),
! and X509_CRL_METHOD_new() to using calloc() instead of malloc()
Rewrite ASN1_STRING_cmp()
Replace asn1_tlc_clear and asn1_tlc_clear_nc macros with a function
Consolidate {d2i,i2d}_{pr,pu}.c
Remove handling of a NULL BUF_MEM from asn1_collect()
***************
*** 1046,1055 ****
Check DH public key in ssl_kex_peer_public_dhe()
Move the minimum DHE key size check into ssl_kex_peer_params_dhe()
Clean up and refactor server side DHE key exchange
! Provide CBS_get_last_u8()
! Provide CBS_get_u64()
! Provide CBS_add_u64()
! Provide various CBS_peek_* functions
Use CBS_get_last_u8() to find the content type in TLSv1.3 records
unifdef TLS13_USE_LEGACY_CLIENT_AUTH
Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack
--- 1044,1051 ----
Check DH public key in ssl_kex_peer_public_dhe()
Move the minimum DHE key size check into ssl_kex_peer_params_dhe()
Clean up and refactor server side DHE key exchange
! Provide CBS_get_last_u8(), CBS_get_u64(), CBS_add_u64() and various
! CBS_peek_* functions.
Use CBS_get_last_u8() to find the content type in TLSv1.3 records
unifdef TLS13_USE_LEGACY_CLIENT_AUTH
Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack
***************
*** 1063,1070 ****
Rename tls13_key_share to tls_key_share
Allocate and free the EVP_AEAD_CTX struct in
tls13_record_protection
! Convert legacy TLS client to tls_key_share
! Convert legacy TLS server to tls_key_share
Stop attempting to duplicate the public and private key of dh_tmp
Rename dh_tmp to dhe_params
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY
--- 1059,1065 ----
Rename tls13_key_share to tls_key_share
Allocate and free the EVP_AEAD_CTX struct in
tls13_record_protection
! Convert legacy TLS client and server to tls_key_share
Stop attempting to duplicate the public and private key of dh_tmp
Rename dh_tmp to dhe_params
Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY