X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=CHANGES;h=66f3928b88913fe743e9fc11c739cca4a272b7d7;hb=c79f22c63a60166bbfd11af6d683a02d6abcebb9;hp=927b9e7717437fd2c84841099314f1e7c88fba8a;hpb=333f926d677d12e42279274c525c7b9af52ece8c;p=oweals%2Fopenssl.git diff --git a/CHANGES b/CHANGES index 927b9e7717..66f3928b88 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,15 @@ Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] + *) Transparently support X9.42 DH parameters when calling + PEM_read_bio_DHparameters. This means existing applications can handle + the new parameter format automatically. + [Steve Henson] + + *) Initial experimental support for X9.42 DH parameter format: mainly + to support use of 'q' parameter for RFC5114 parameters. + [Steve Henson] + *) Add DH parameters from RFC5114 including test data to dhtest. [Steve Henson] @@ -198,18 +207,6 @@ security. [Emilia Käsper (Google)] - *) Add DTLS-SRTP negotiation from RFC 5764. - [Eric Rescorla] - - *) Add DTLS-SRTP negotiation from RFC 5764. - [Eric Rescorla] - - *) Add Next Protocol Negotiation, - http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be - disabled with a no-npn flag to config or Configure. Code donated - by Google. - [Adam Langley and Ben Laurie] - *) New function OPENSSL_gmtime_diff to find the difference in days and seconds between two tm structures. This will be used to provide additional functionality for ASN1_TIME. @@ -258,6 +255,39 @@ Changes between 1.0.0f and 1.0.1 [xx XXX xxxx] + *) Improved PRNG seeding for VOS. + [Paul Green ] + + *) Extensive assembler packs updates, most notably: + + - x86[_64]: AES-NI, PCLMULQDQ, RDRAND support; + - x86[_64]: SSSE3 support (SHA1, vector-permutation AES); + - x86_64: bit-sliced AES implementation; + - ARM: NEON support, contemporary platforms optimizations; + - s390x: z196 support; + - *: GHASH and GF(2^m) multiplication implementations; + + [Andy Polyakov] + + *) Make TLS-SRP code conformant with RFC 5054 API cleanup + (removal of unnecessary code) + [Peter Sylvester ] + + *) Add -attime option to openssl utilities. + [Peter Eckersley , Ben Laurie and Steve Henson] + + *) Add TLS key material exporter from RFC 5705. + [Eric Rescorla] + + *) Add DTLS-SRTP negotiation from RFC 5764. + [Eric Rescorla] + + *) Add Next Protocol Negotiation, + http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be + disabled with a no-npn flag to config or Configure. Code donated + by Google. + [Adam Langley and Ben Laurie] + *) Add optional 64-bit optimized implementations of elliptic curves NIST-P224, NIST-P256, NIST-P521, with constant-time single point multiplication on typical inputs. Compiler support for the nonstandard type __uint128_t is @@ -487,6 +517,16 @@ Changes between 1.0.0e and 1.0.0f [xx XXX xxxx] + *) Fix ssl_ciph.c set-up race. + [Adam Langley (Google)] + + *) Fix spurious failures in ecdsatest.c. + [Emilia Käsper (Google)] + + *) Fix the BIO_f_buffer() implementation (which was mixing different + interpretations of the '..._len' fields). + [Adam Langley (Google)] + *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent threads won't reuse the same blinding coefficients. @@ -1407,6 +1447,16 @@ Changes between 0.9.8r and 0.9.8s [xx XXX xxxx] + *) Fix ssl_ciph.c set-up race. + [Adam Langley (Google)] + + *) Fix spurious failures in ecdsatest.c. + [Emilia Käsper (Google)] + + *) Fix the BIO_f_buffer() implementation (which was mixing different + interpretations of the '..._len' fields). + [Adam Langley (Google)] + *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent threads won't reuse the same blinding coefficients.