[openssl-commits] [openssl] OpenSSL_1_1_0-pre2 create
Richard Levitte
levitte at openssl.org
Thu Jan 14 14:31:01 UTC 2016
The annotated tag OpenSSL_1_1_0-pre2 has been created
at 4f17c7a4127cf1c0e0942397f82b8b43c7668cfa (tag)
tagging bd31d02e412f80f53073a1eb776dffe06ac91746 (commit)
replaces OpenSSL_1_1_0-pre1
tagged by Richard Levitte
on Thu Jan 14 15:26:56 2016 +0100
- Log -----------------------------------------------------------------
OpenSSL 1.1.0-pre2 release tag
Alessandro Ghedini (1):
GH540: add casts to safestack.h
Andy Polyakov (10):
Configurations/10-main.conf: fix typos in mingw/cygwin configs.
evp/e_chacha20_poly1305.c: TLS interop fixes.
Configure: 'reconf' to respect CROSS_COMPILE and CC.
Configure: add framework for ChaCha and Poly1305 assembly.
x86_64 assembly pack: tune clang version detection even further.
crypto/ppccap.c: add SIGILL-free processor capability detection code.
crpyto/ppccpuid.pl: add FPU probe and fix OPENSSL_rdtsc.
sha/asm/sha256-armv4.pl: one of "universal" flags combination didn't compile. (and unify table address calculation in ARMv8 code path).
bn/asm/bn-c64xplus.asm: update commentary.
Configure: refine 'reconf' logic.
Ben Kaduk (1):
Fix typo
Ben Laurie (8):
Make no-dh work, plus other no-dh problems found by Richard.
Support ccache.
Fix (incorrect) uninitialised variable warning.
Remove no longer existant structure member and direct references to EVP_MD_CTX internals.
Don't use EC when no-ec.
Fix no-dgram.
Fix no-engine.
Fix no-dh.
Daniel Kahn Gillmor (1):
The functions take a SSL *, not a SSL_CTX *
David Benjamin (1):
Fix memory leak in DSA redo case.
Dr. Stephen Henson (71):
extension documentation
add X509_up_ref() documentation
Add extension utility documentation.
remove ancient SSLeay bug workaround
fix warning
Extend EVP_PKEY_copy_parameters()
Add EVP_PKEY_get0_* functions.
New function X509_get0_pubkey
make update
Update EVP_PKEY documentation.
New EC functions.
Use EC_KEY_key2buf and EC_oct2key in libssl.
Remove SSL_OP_SINGLE_ECDH_USE code.
Remove ECDH client auth code.
Constify EC_KEY in ECDH_compute_key.
remove unnecessary key copy
Add ECDH/DH utility functions.
Use EVP_PKEY for server EC.
Use EVP_PKEY for client side EC.
make update
fix for no-ec
delete unused context
Remove fixed DH ciphersuites.
SSL library configuration module.
Add ssl_mcnf.c to Makefile
Load module in SSL_library_init
Add ssl configuration support to s_server and s_client
Demo server using SSL_CTX_config
SSL configuration module docs
make errors
unload modules in ssltest
make update
remove unused error code
In mkerr.pl look in directories under ssl/
add -unref option to mkerr.pl
Add ossl_inline
Always generate DH keys for ephemeral DH cipher suites.
EVP_PKEY DH client support.
utility function
Server side EVP_PKEY DH support
fix no-ec
Convert RSA encrypt to use EVP_PKEY
Check for missing DSA parameters.
Use X509_get0_pubkey where appropriate
remove invalid free
Change STACK_OF to use inline functions.
Fix declarations and constification for inline stack.
remove unused PREDECLARE
Rename DECLARE*STACK_OF to DEFINE*STACK_OF
Only declare stacks in headers
use more descriptive name DEFINE_STACK_OF_CONST
Recognise disabled algorithms automatically.
remove hard coded algorithms
Correct header defines
Add DEPRECATEDIN support.
update ordinals
fix shadow warning
Disable some algorithms by default
Add memory leak return value.
Update leak test to check return values.
Fix jpaketest compilation error.
Inline LHASH_OF
Add lh_new() inlining
Add lh_doall inlining
Add lh_doall_arg inlining
Remove mkstack.pl: it is no longer needed.
Use ossl_inline and DEFINE_LHASH_OF
update ordinals
fix jpaketest and correct comment
recognise no-crypto-mdebug
To avoid possible time_t overflow use X509_time_adj_ex()
Emilia Kasper (1):
Fix a ** 0 mod 1 = 0 for real this time.
Hongze Zhu (1):
add malloc fail check & fix memory leak
Kurt Roeckx (7):
Use OPENSSL_NO_DTLS instead of OPENSSL_NO_DTLS1
Also change the non-debug versions to use size_t
Avoid using a dangling pointer when removing the last item
Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER and SSL_OP_TLS_D5_BUG support.
Add support for minimum and maximum protocol version
Allow disabling the min and max version
File is about s_time, not s_client
Mat (4):
Fix build failure on Windows
Adds crypto-mdebug as a valid option
Adds missing type casts
Fix c++ compilation
Mathias Berchtold (1):
Fix missing casts for c++
Matt Caswell (21):
Prepare for 1.1.0-pre2-dev
Fix OCB link
Fix compile failure
Fix compile failure with no-threads
Fix compile failure with no-srp
Fix no-psk compile failure
Fix s_server problem with no-ec
Don't export internal symbols
Fix updating via mkdef.pl
Fix build on Solaris
Add SSL_CIPHER_description() for Chacha20/Poly1305
Fix URLs mangled by reformat
Fix inline build failure
Add test for missing CertificateStatus message
Fix error when server does not send CertificateStatus message
Ensure we don't call the OCSP callback if resuming a session
Add some documentation for the OCSP callback functions
Simplify calling of the OCSP callback
Increase the max size limit for a CertificateRequest message
Fix NSS format session output
Fix test_ordinals
Pascal Cuoq (1):
Function pop_info() returned a dangling pointer
Rich Salz (34):
Use SHA256 not MD5 as default digest.
Allow ChaCha20-Poly1305 in DTLS
Use SHA256 not MD5 as default digest.
Revert "Allow ChaCha20-Poly1305 in DTLS"
Remove GMP engine.
Rename some BUF_xxx to OPENSSL_xxx
Provide better "make depend" warning.
Fix typo.
Rename sec_mem to mem_sec, like other files.
mem-cleanup, cont'd.
Remove err and prime demo's
Remove some L<asdf|asdf> which crept back in.
Rename *_realloc_clean to *_clear_realloc
Cleanup CRYPTO_{push,pop}_info
make a "missed make update" update
RT4202: Update rt URL's.
Update to SHA256 for TSA signing digest.
Remove some unused perl scripts
Remove more (rest?) of FIPS build stuff.
mem functions cleanup
Fix build-break; 'make update'
Fix another build break for no-mem-debug
Portability fix for apps/s_client.c
Another portability fix.
Fix no CRYPTO_MDEBUG build (windows)
RT41897: Add an CRYPTO_secure_actual_size
GH528: "cipher -v" output is confusing.
Yet another make update.
RT4227: Range-check in apps.
Move Makefiles to Makefile.in
Fix typo in error message
Add CRYPTO_EX_DATA; remove EC_EXTRA_DATA
Add missing #ifdef's to fix build break
Call single parent free_comp routine.
Richard Levitte (68):
Make EVP_ENCODE_CTX opaque
Adapt BIO_f_base64 to the opaque EVP_ENCODE_CTX
Adapt PEM routines to the opaque EVP_ENCODE_CTX
Adapt EVP tests to the opaque EVP_ENCODE_CTX
make update
make update, missed file
Better splitting regexp for test_ordinals
Modify the lower level memory allocation routines to take size_t
Remove the "eay" c-file-style indicators
Fix the etags action line, as etags doesn't take -R
Refactor DTLS cookie generation and verification
Prefer ReuseAddr over Reuse, with IO::Socket::INET
Fix some missing or faulty header file inclusions
SIZE_MAX doesn't exist everywhere, supply an alternative
Correct missing prototype
Remove the #ifndef OPENSSL_SYS_VMS around SSL_add_dir_cert_subjects_to_stack
Fix faulty check in the VMS version of opt_progname
Fix a possible memleak
Instead of a local hack, implement SIZE_MAX in numbers.h if it's missing
Remove crypto/pem/pem_seal.c
Enhance util/mkdef.pl to provide a VMS linker option file for shlibs
Remove the old VMS linker option file creator for shlibs
Remove all remaining traces if PEM_Seal
Adjust $default_depflags to changes in Configure
Only run DANE tests when EC is supported
Have mkdef.pl use case sensitive symbols for shareable symbol vector
VMS INDENTIFICATION should only have the version number
The limit per SYMBOL_VECTOR isn't the amount of symbols, it's the line length
Use SPARE instead of PRIVATE_PROCEDURE to reserve unused SYMBOL_VECTOR slots
Make sure to have both upper and mixed case symbols in SYMBOL_VECTOR
Make EVP_CIPHER_CTX opaque and renew the creator / destructor functions
Add accessors and writers for EVP_CIPHER_CTX
Adapt the internal EVP routines to opaque EVP_CIPHER_CTX
Adapt cipher implementations to opaque EVP_CIPHER_CTX
Adapt all EVP_CIPHER_CTX users for it becoming opaque
Remove EVP_CIPHER_CTX_flags, it's only confusing
Make EVP_CIPHER opaque and add creator/destructor/accessor/writer functions
Adapt the internal EVP routines to opaque EVP_CIPHER
Adapt builtin cipher implementations to opaque EVP_CIPHER
Adapt all engines that need it to opaque EVP_CIPHER
EVP_CIPHER_CTX_new_cipher_data was a temporary measure, not needed any more
Adapt all EVP_CIPHER users for it becoming opaque
Add back deprecated functions in macro form
Document the new EVP_CIPHER and EVP_CIPHER_CTX functionality
make update
Remove unused internal macros
Add notes in CHANGES and NEWS
Correct a small typo in CHANGES
VMS will downcase all command parameters unless they're quoted
Fix test/recipes/80-test_ca.t to work on VMS
Pipes on VMS do not work well with binary data, use an intermediary file
After EVP_CIPHER turned opaque, e_rc5.c needs to include evp_int.h
Have the VMS exit code follow POSIX conventions
Don't return from main(), use EXIT() instead
VMS perl doesn't implement fork(), so don't run the TLSProxy tests there
Simplify the EXIT macrot for VMS
Remove test_probable_prime_coprime from test/bntest.c
VMS C doesn't provide intmax_t/uinmax_t, use our own
Quick fix of debugging option for mk1mf.pl.
Remove spurious ;
Reorder the ordinals in libeay.num
Add a directry spec for mcr if there is none
Fall back to c_rehash if 'openssl rehash' fails
Do not use redirection on binary files
Rename binmode into textmode and use it correctly
VMS open() doesn't take O_BINARY, but takes a context description
Change the last copyright year to 2016 in README
Prepare for 1.1.0-pre2 release
Rob Stradling (1):
Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633).
Roumen Petrov (3):
remove duplicates in util/libeay.num
__STDC_VERSION__ is not defined for c89 compilers
redundant redeclaration of 'OPENSSL_strlcpy'
Todd Short (1):
Memory leak in state machine in error path
Viktor Dukhovni (34):
Restore full support for EVP_CTX_create() etc.
Avoid erroneous "assert(private)" failures.
Fix option value parsing in crl2pkcs7 -certfile
Fix erroneous SO suffix in darwin64-debug-test-64-clang target
Refine and re-wrap Min/Max protocol docs
Protocol version selection and negotiation rewrite
Cleanup of verify(1) failure output
X509_verify_cert() cleanup
Drop incorrect id == -1 case from X509_check_trust
Fix X509_STORE_CTX_cleanup()
DANE support structures, constructructors and accessors
DANE documentation typos
DANE make update
DANE support for X509_verify_cert()
Minor test update
DANE s_client support
Backwards-compatibility subject to OPENSSL_API_COMPAT
Fix some typos in comments
DANE CHANGES
Simplify deprecated declaration exception
Update comment as bn_dup_expand is gone
Fixup actually update danetest.c
Future-proof deprecated declartion parsing
Regenerate SSL record/statem error strings
Enable/disable crypto-mdebug just like other features
Make SSL{_CTX,}_{get,set,clear}_options functions
STACK_OF(SSL_COMP) is a public type
Maximize time_t when intmax_t is available
For stroimax need C99 inttypes.h
Fix DES_LONG breakage
For stro[ui]max require both C99 and UINTMAX_MAX/INTMAX_MAX
Fix nistp512 typos, should be nistp521
Fix verify(1) to report failure when verification fails
Fix double-free bugs in EC group precomputation state
tjmao (1):
Allow ChaCha20-Poly1305 in DTLS
-----------------------------------------------------------------------
More information about the openssl-commits
mailing list