Update CHANGES for the new release

author Matt Caswell <matt@openssl.org>

Tue, 17 Mar 2020 11:24:20 +0000 (11:24 +0000)

committer Matt Caswell <matt@openssl.org>

Tue, 17 Mar 2020 13:43:08 +0000 (13:43 +0000)
author Matt Caswell <matt@openssl.org>
Tue, 17 Mar 2020 11:24:20 +0000 (11:24 +0000)
committer Matt Caswell <matt@openssl.org>
Tue, 17 Mar 2020 13:43:08 +0000 (13:43 +0000)
diff --git a/CHANGES b/CHANGES

index 8c29dfae55dc134a5fc144716c4f9233b73ed7b7..005ea56d40457896eef6dcaaf7059f1865359df4 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,25 @@
   release branch.
  
   Changes between 1.1.1d and 1.1.1e [xx XXX xxxx]
+  *) Properly detect EOF while reading in libssl. Previously if we hit an EOF
+     while reading in libssl then we would report an error back to the
+     application (SSL_ERROR_SYSCALL) but errno would be 0. We now add
+     an error to the stack (which means we instead return SSL_ERROR_SSL) and
+     therefore give a hint as to what went wrong.
+     [Matt Caswell]
+
+  *) Check that ed25519 and ed448 are allowed by the security level. Previously
+     signature algorithms not using an MD were not being checked that they were
+     allowed by the security level.
+     [Kurt Roeckx]
+
+  *) Fixed SSL_get_servername() behaviour. The behaviour of SSL_get_servername()
+     was not quite right. The behaviour was not consistent between resumption
+     and normal handshakes, and also not quite consistent with historical
+     behaviour. The behaviour in various scenarios has been clarified and
+     it has been updated to make it match historical behaviour as closely as
+     possible.
+     [Matt Caswell]
  
    *) [VMS only] The header files that the VMS compilers include automatically,
       __DECC_INCLUDE_PROLOGUE.H and __DECC_INCLUDE_EPILOGUE.H, use pragmas that
author	Matt Caswell <matt@openssl.org>
	Tue, 17 Mar 2020 11:24:20 +0000 (11:24 +0000)
committer	Matt Caswell <matt@openssl.org>
	Tue, 17 Mar 2020 13:43:08 +0000 (13:43 +0000)