[openssl-commits] [openssl] OpenSSL_1_1_0-pre5 create

Matt Caswell matt at openssl.org
Tue Apr 19 15:08:55 UTC 2016

The annotated tag OpenSSL_1_1_0-pre5 has been created
        at  5de95e329a9ebf9049841880e1e0097ab98a8b06 (tag)
   tagging  68072bcfe1cea2c8026a76b01cdc4db3c1172d9c (commit)
  replaces  OpenSSL_1_1_0-pre4
 tagged by  Matt Caswell
        on  Tue Apr 19 15:57:51 2016 +0100

- Log -----------------------------------------------------------------
OpenSSL 1.1.0-pre5 release tag

Alex Gaynor (4):
      GH36: Add casts to match the documentation
      Fixed a bunch of typos in the docs
      Fixed language     Reviewed-by: Richard Levitte <levitte at openssl.org>     Reviewed-by: Rich Salz <rsalz at openssl.org>
      Correct another batch of typos

Andrea Grandi (1):
      Add a check of the FD_SETSIZE before the call to select()

Andy Polyakov (21):
      Configurations/10-main.conf: freeze -std option in darwin*-ppc-cc.
      config: fix off-by-centimeter-to-the-right typo.
      Windows build system: get uplink right.
      Configurations/windows-makefile.tmpl: respect no-makedepend.
      Build system: VC-WIN64I fixups.
      Build system: VC-WIN64I fixups.
      Windows build system: fix 32-bit appveyor build.
      crypto/seed: add small-footprint path.
      poly1305/asm/poly1305-x86.pl: don't loose 59-th bit.
      crypto/blake2: make lowest-level function handle multiple blocks..
      apps/Makefile.in: add tsget rule.
      crypto/poly1305: don't break carry chains.
      Configure: add BLAKE_DEBUG to --strict-warnings set.
      bio/bss_file.c: since VS2015 one can't tell apart own and "alien" FILE     pointers, except for minimal std[in|out|err].
      test/[dane|evp_]test.c: BIO-fy file I/O.
      windows-makefile.tmpl: clean up after DLL link failure.
      Configurations/10-main.conf: omit now redundant -D_WINDLL.
      Clean-up *_DEBUG options.
      PPC assembly pack: remove branch hints.
      chacha/asm/chacha-armv8.pl: fix intermittent build failures.
      PPC assebmly pack: initial POWER9 support tidbits.

Beat Bolli (1):
      RSA: the docs still talk about RSA_PKCS1_SSLeay

Ben Laurie (12):
      Deal with DSA_SIG opaqueness.
      sctp requires dgram.
      Move declaration of i into blocks where it is used.
      Fix no-rc4.
      Fix enable-zlib no-comp.
      More things that don't work together.
      Make it legal C.
      Fix buffer overrun in ASN1_parse().
      Signed/unsigned compare.
      Free engine on error.
      Free methods on destroy.

Benjamin Kaduk (1):
      Clarify the behavior of BIO_gets() a bit more

Conrado Porto Lopes Gouvêa (1):
      Update EVP_CIPHER_CTX_set_padding documentation.

Coty Sutherland (1):
      Correcting typo that causes make install fail

David Benjamin (4):
      RT4660: BIO_METHODs should be const.
      Resolve DTLS cookie and version before session resumption.
      RT 4393: Call EC_GROUP_order_bits in priv2opt.
      Fix memory leak on invalid CertificateRequest.

Dr. Stephen Henson (16):
      Simplify define as we don't support MS-DOS anymore.
      Use correct C format for keysets.pl
      constify ECDSA_SIG_get0()
      constify DSA_SIG_get0()
      Don't use hardcoded values for types
      move x_pubkey.c to crypto/x509
      Make X509_PUBKEY opaque
      remove unused references field
      Remove X509_PUBKEY lock.
      Fix X509_PUBKEY cached key handling.
      fix memory leak in ca
      always use field names
      X509_PUBKEY docs
      Remove check_defer()
      make update
      Add X509_STORE_CTX_set0_untrusted function.

Emilia Kasper (9):
      Fix memory leaks in ASN.1
      New SSL test framework
      testutil: return 1 on success
      Rename ssltest -> ssltest_old
      Remove redundant symlink
      Allow generate_ssl_tests.pl to find testlib
      Adjust --strict-warnings builds in Travis
      Fix warnings exposed by clang-3.8
      Disable some sanitizer checks without PEDANTIC

FdaSilvaYY (10):
      Fix error code
      Fix a big leak when using stack-allocated BIO items.
      Fix two leaks in X509_REQ_to_X509
      Add X509_REQ_get0_pubkey method
      Use X509_REQ_get0_pubkey
      Fix a possible leak on NETSCAPE_SPKI_verify failure.
      various spelling fixes
      Fix an error code spelling.
      Fix a shadow symbol warning
      Add missing mem leak test activation and checks

Fedor Indutny (1):
      Allow different protocol version when trying to reuse a session

Jeffrey Walton (1):
      RT4476: Fix some cast-alignment warnings

Jérôme Duval (2):
      Add Haiku support.
      Haiku x86-64 doesn't need RC4_CHAR.

Kazuki Yamaguchi (1):
      Add SSL_CTX_get_ciphers()

Kirill Marinushkin (3):
      Optimized BIO mem read - without reallocation
      sizeof() updated to cover coding style
      moved structure bio_buf_mem_st from headers to bss_mem.c

Kurt Roeckx (4):
      Check algo_strength using SSL_STRONG_MASK
      It's called SSL_session_reused(), not SSL_session_resumed()
      Add session reuse tests.
      When using no-dtls create OPENSSL_NO_DTLS

Lyon Chen (1):
      Add SSL_SESSION_get0_hostname()

Mat (1):
      Fix: CRYPTO_THREAD_run_once

Matt Caswell (84):
      Fix a potential double free in EVP_DigestInit_ex
      Ensure that memory allocated for the ticket is freed
      Mark OCB as an AEAD cipher
      Fix no-rc2 in the CMS test
      Ensure that no-comp functions are flagged as such
      Resolved unresolved symbols with no-hw
      Fix no-cmac
      Fix no-deprecated
      Fix no-dgram
      Fix no-des
      Fix no-dsa
      Skip the CMS tests if CMS is disabled
      Fix no-scrypt
      Remove the no-rijndael option
      Fix no-seed
      Fix no-gost
      Fix no-sock
      Fix no-ts with --strict-warnings
      Add functions for creating BIO_METHODs
      Make BIO opaque
      make update
      Add documentation for BIO functions
      Add a CHANGES entry for opaque BIOs
      Fix the zlib config option
      Fix build compilation failures
      Remove the CRYPTO_mem_leaks adjustment for the BIO
      Make the DSA structure opaque
      Make DSA_METHOD opaque
      Document functions added as a result of DSA opacity changes
      Added DSA opacity to CHANGES
      make update
      Various DSA opacity fixups
      Rename get/set_app_data to get0/set0_app_data
      Remove some OPENSSL_NO_ASYNC guards in init
      Fix no-ocsp
      Make DH opaque
      make update
      Make DH_METHOD opaque
      make update
      Fix double free bug in error path
      Add documentation for following DH and DH_METHOD opacity
      Add CHANGES entry for DH and DH_METHOD opacity
      Fix the no-nextprotoneg option
      Fix the no-tls option
      Remove an unused function
      Fix the no-posix-io option
      Deprecate COMP_zlib_cleanup() and make it a no-op
      Deprecate ERR_free_strings() and make it a no-op
      Deprecate SSL_COMP_free_compression_methods() and make it a no-op
      Fix conditional compile logic in speed.c
      Deprecate RAND_cleanup() and make it a no-op
      Deprecate CRYPTO_cleanup_all_ex_data() and make it a no-op
      Deprecate BIO_sock_cleanup() and make it a no-op
      Deprecate EVP_cleanup() and make it a no-op
      Deprecate OBJ_cleanup() and make it a no-op
      Deprecate ENGINE_cleanup() and make it a no-op
      Deprecate CONF_modules_free() and make it a no-op
      make update
      Add a CHANGES entry for the deprecated cleanup functions
      Rename lots of *_intern or *_internal function to int_*
      Fix symbols missing from shared build
      Fix explicit de-init macros
      Misc fix ups to deprecate explicit de-init documentation
      Tweak to documentation
      Rename int_*() functions to *_int()
      Fix no-tls1_1 and no-tls1_2
      Remove no-aes, no-rsa, no-sha, no-md5 and no-hmac
      Remove OPENSSL_NO_AES guards
      Remove OPENSSL_NO_SHA guards
      Remove OPENSSL_NO_HMAC
      Update the INSTALL instructions with lots of options
      Update INSTALL file based on feedback
      Add a CHANGES entry for removal of Configure options
      make update
      Fix AFALG kernel and headers mismatch problem
      Ensure all locks are properly cleaned up
      The err_cleanup() funtion is internal so shouldn't be exported
      Fix no-stdio and no-autoalginit
      Fix ex_data locks issue
      Make "shared" builds the default
      Update Travis and Appveyor for change to shared by default
      Fix PKCS7 memory leak
      Unsigned chars can't be negative
      Prepare for 1.1.0-pre5 release

Michał Trojnara (1):
      Removed no-ops for the old locking API

Pauli (1):
      RT4458: Fix #ifndef line for GOST

Rich Salz (25):
      Sort cipher-list at runtime.
      Remove ultrix/mips support.
      Remove Netware and OS/2
      Fix build; CPP syntax error.
      Remove more unused things.
      Move blake2_loclh to blake2 directory
      ct_int.h only needed by crypto/ct
      GH886: CONNECT should use HTTP/1.1
      Remove #error from include files.
      Make DSO opaque.
      Have only one DSO_METHOD_openssl
      Remove several unused undocumented functions.
      Move dso.h to internal
      More Borland removal.
      Revert part of applink/Borland commit
      Use return "" not set a var and return.
      Revert "Fix an error code spelling."
      Revert "various spelling fixes"
      Add OCSP to mkdef
      Add SSL_DANE typedef for consistency.
      Need err_load_crypto_strings_int declared.
      Write POD page.
      Make many X509_xxx types opaque.
      Rename some lowercase API's
      Make string_to_hex/hex_to_string public

Richard Levitte (120):
      Prepare for 1.1.0-pre5-dev
      unix-Makefile template: use $(PERL) everywhere
      Have 'openssl version -a' output the default engines directory as well
      Don't define OPENSSL_ENGINES in test recipes, do it in Makefiles instead
      Added build.info debugging capability to Configure
      Start documenting Configure internals
      Remove support for Borland C++
      Add install targets for Windows
      windows-makefile.tmpl: Stop keeping temporary files
      Disallow --classic for Windows
      Make picker, thread and combine standard config helper functions
      README: small fixups
      Make OpenSSL::Test::run() sensitive to signals
      Add a test to see that signals are caught as failures
      apps/progs.pl: more consistent output for digests
      Implement support for no-ts
      make update
      Better 'make depend' mechanism
      Correct incorrect path
      Don't perform tsa tests if configured "no-ts"
      Correct the check of files to depend on against known generated ones
      Correct the export list when writing configdata.pm
      Make apps/progs.pl more flexible
      Include progs.h directly in openssl.c instead of via apps.h
      Generate apps/progs.h on the fly
      Ignore the generated apps/progs.h
      Use the dependencies received in generatesrc()
      Shut find up about files not found
      Clear the exit code from 'find' in 'make depend'
      Replace sed command with perl
      The command source are files, not directories
      Add a few more quotes for Windows (install_ssldirs)
      Correct faulty L<> links in .pods
      apps/progs.pl: add back the INCLUDE_FUNCTION_TABLE wrapper
      Don't let 'generate' target depend on generated files, act directly instead
      make update
      If the asm file to be compiled isn't generated, leave the ext alone
      Have makedepend output to stdout and redirect it
      Remove the mk1mf VC-WIN* builds and its supporting scripts
      Remove generation of ms/version32.rc from Configure, use util/mkrc.pl
      Remove the remainder of util/mk1mf.pl and companion scripts
      Remove mk1mf documentation
      In for loop values, introduce a dummy to protect against empty list
      Just like bio_out, bio_err needs the linebuffer filter on VMS
      Downcase VMS config names
      Small fixups in DSO
      VMS: compensate for command line length limits with a logical name
      VMS: update the properties of symbol search
      Adjust some default installation directories
      Misc fixes in VMS/openssl_startup.com.in
      VMS: Rethink the staging directory
      VMS: have mms ignore creation of already existing dirs
      VMS: install openssl.conf in OPENSSLDIR, not INSTALLTOP
      VMS: $? might be huge enough to break line length limit, so don't print it
      VMS: add a note about DECC$* logical names
      Math::BigInt does floored divs, BN_div does truncated div, compensate
      VMS: Display the correct path to openssl_startup.com and openssl-utils.com
      VMS: Harmonize the paths in openssl_startup.com with what's really installed
      VMS: Disable the warning MAYLOSEDATA3
      Config: The cflags in vms-alpha and vms-ia64 have to be added
      'make test' depends of having util/shlib-wrap.sh symlinked in build dir
      Adapt bf_lbuf for opaque BIO
      Make it possible to specify source files that will only be used for shared libs
      Break out DllMain from crypto/cryptlib.c and use it in shared libs only
      Add the option 'interpreter_args' to perlapps() and perltest()
      Since OpenSSL::Test redirects stderr to /dev/null, don't do so in 80-test_ca.t
      Have OpenSsl..Test::app() and friends look for file in source as well
      When verbosity is requested, OpenSSL::Test::run() displays the command
      Rearrange the use of 'proto' in BIO_lookup
      Fix pointer size issues on VMS
      Fix pointer size issue with setbuf() on VMS
      Fix pointer size issues with argv on VMS
      Make the '-in' option in apps/passwd.c less mandatory
      Fix "no-ui" configuration
      When looking for executables, don't forget the extension
      OpenSSL::Test: have cmdstr() return the true command.
      Make the use of perl more consistent
      Force argv to be an array of long pointers on VMS
      Add the C macro NDEBUG when configuring for release
      make depend: Check that find returned a non-empty string rather than an empty
      apps/opt.c: next was only used when NDEBUG undefined, move it inside guard
      Enhance OpenSSL::Test::cmdstr to give cmd string variants
      Adapt some test recipes to the newer cmdstr()
      Ordinals adjustment
      Makefile et al template: only modify static library with new object files
      Don't shadow known symbols write, read, puts, gets
      Make sure the rand_byte buffer in padlock engine is cleansed.
      VMS: Fix special case for [.test]ssltest_old.c
      Perl cleanup: don't create lists unnecessarily
      Make the RSA structure opaque
      Document RSA accessors/writers
      Make the RSA_METHOD structure opaque
      Document RSA_METHOD creators/destructor/accessors/writers
      Update CHANGES with the new about RSA and RSA_METHOD
      make update
      Add apps/tsget and test/ssltest_old to .gitignore
      Perl: foreach (@list) { code } is better
      Fix forgotten adaptation to opaque RSA and RSA_METHOD
      Better use BIO_snprintf() than snprintf(), in case the later isn't available
      OpenSSL::Test: when moving directory, affect env as well
      VMS doesn't have directory separators in the same sense as Unix
      Don't check the generated ssl-tests configs on VMS
      BIO: respect opening in text mode
      Fix setting of debug callback in apps/enc.c
      Fix zlib configuration options.
      Configuration: Simplify the way vms information is retrieved
      Remake the way dynamic zlib is loaded
      Fix the handling of --with-zlib-include
      Don't use FORMAT_BASE64 format when compressing / decompressing
      Move a declaration that's private to libcrypto
      Cleanup libcrypto.num and make update
      Rename internal symbol to follow internal naming pattern
      Fix installation for no-stdio and no-autoalginit
      Fix installation on VMS for no-stdio and no-autoalginit
      ex_libs settings have to be added to, not overriden, on Windows too
      Don't use a default for --with-zlib-lib on Windows with option 'zlib'
      Small OCSP fixup
      Remove declaration of function that isn't implemented
      Restore OCSP_basic_verify() error return semantics
      NOTES files will contain more requirements, make that explicit

Rob Percival (2):
      Adds s2i function for ct_precert_poison X509 extension
      Removed unused fields of CT_POLICY_EVAL_CTX

Schüller Felix (1):
      Don't free up EVP_MD_CTX.

Shlomi Fish (1):
      Fix the spelling of "implement".

Steven Linsell (1):
      Fix memory leak where fdlookup linked list is not freed during     ASYNC_WAIT_CTX_free

Todd Short (2):
      Fix ALPN - more fixes
      Fixup SSL EX_DATA index

Viktor Dukhovni (17):
      Bugfix: Encode the requested length in s_cb.c:hexencode()
      Report TLS 1.0 as backwards-compatible TLSv1
      Revert "Include progs.h directly in openssl.c instead of via apps.h"
      Revert "Generate apps/progs.h on the fly"
      Revert "Ignore the generated apps/progs.h"
      Add a comment on dane_verify() logic
      Require intermediate CAs to have basicConstraints CA:true.
      Tidy up x509_vfy callback handling
      Move peer chain security checks into x509_vfy.c
      make update
      After saving errno clear it before calls to strtol et. al.
      Fix mixed declarations and code
      Fix client verify mode to check SSL_VERIFY_PEER
      Suppress CT callback as appropriate
      make update
      Don't use deprecated CONF_modules_free() in tests
      Bugfix: in asn1parse avoid erroneous len after a sub-sequence

Viktor Szakats (3):
      use whitespace more consistently
      fix perl shebang
      set exec attribute for .pl files


More information about the openssl-commits mailing list