The annotated tag OpenSSL_1_1_1-pre3 has been created at 096f15afa75dec6afbab7673825044e11ea1df4e (tag) tagging be2df12a349eae53805dd3cb19aa18e3d022acd7 (commit) replaces OpenSSL_1_1_1-pre2 tagged by Matt Caswell on Tue Mar 20 13:13:56 2018 +0000
- Log ----------------------------------------------------------------- OpenSSL 1.1.1-pre3 release tag -----BEGIN PGP SIGNATURE----- iQEuBAABCAAYBQJasQkUERxtYXR0QG9wZW5zc2wub3JnAAoJENnE0m0OYESRbgsH /inDuVSpQA+9+jbMpTZ6xAEkdmqNquF2Wv73qS9naLazib8bKSgyBkBULDU4Cif9 JAhMam3NE2U90jFfxad3AYBC1u5xW5CbiHdXjqY3sfVtTyShdniqo/toqtDfmhwO xZEwmD6CyBWIExQMeQSKiNMwSqLiDoNY4YlyHxtcy91PzjgWcT3kwWQfxeiuk3i3 cbtqDIye09EsT00ocIUfc6Dj/FAIU/HvPUDGIOcrD0JIJ8BJG/iiAm2sLTr1Ajck oFnVTLDcbb56ouh0JH6Ea9W9rugSSYrFLwcz7I+7hF3vd+54YvQPRzuuHFvEn0Vk IFg/afObA5m20nOyT6eJef4= =dYWx -----END PGP SIGNATURE----- Alex Gaynor (7): Fixed a typo in a man page Fixed a typo in a man page Fix a typo in the s_client man page Corrected two typos in a man page Fixed several readability issues in DH_generate_parameters.pod Fixed a spelling mistake in ASN1_TIME_set.pod Fixed a handful of typos Andy Polyakov (23): ec/asm/x25519-x86_64.pl: remove redundant carry chain. ec/curve448/curve448.c: fix undefined behaviour sanitizer failure. ec/curve448/f_generic.c: fix VC-WIN32 debug build failure. mem_sec.c: portability fixup. test/ctype_internal_test.c: portability fixup. Configurations/10-main.conf: add -fno-common back to darwin-ppc-cc. crypto/armcap.c: mask SHA512 hardware detection on iOS. Configurations/10-main.conf: amend out-dated comments. Configurations/windows-makefile.tmpl: simplify install-path "flavour"-ing. Configurations/50-win-onecore.conf: add Windows 10 OneCore targets. Configurations/unix-Makefile.tmpl: overhaul assembler make rules. Configurations/10-main.conf: VC-<target> cleanups. mem_sec.c: portability fixup. store/loader_file.c: rename variables causing conflicts with Android NDK. ec/curve25519.c: resolve regression with Android NDK's arm64 gcc. Configurations/*.conf: overhaul Android targets. NOTES.WIN: classify targets to "native" and "hosted" and restructure. Configure: pass -no-integrated-as. Configurations/15-android.conf: refine clang support. MIPS assembly pack: default heuristic detection to little-endian. Configurations/15-android.conf: default to RC4_CHAR whenever possible. Add NOTES.ANDROID. Configurations/15-android.conf: detect clang by PATH, not by CC. Ben Kaduk (2): Fix doc-nits Attempt to fix boringssl tests Benjamin Kaduk (4): Do not set a nonzero default max_early_data Fix type error in PEM processing Reuse extension_is_relevant() in should_add_extension() Document more X509_STORE functions Benjamin Saunders (1): Introduce SSL_CTX_set_stateless_cookie_{generate,verify}_cb Bernd Edlinger (8): Fix a possible memory leak in engine_table_register Fix a bunch of gcc warnings in packettest.c Fix error handling in b2i_dss and b2i_rsa Fixed a crash in error handing of rand_drbg_new Fix a memory leak in n_ssl3_mac Fix a memory leak in tls1_mac Fix a crash in SSLfatal due to invalid enc_write_ctx Fix bio callback backward compatibility Brad Spencer (1): Test the result of CMS_RecipientInfo_ktri_get0_algs() before using its output in rsa_cms_encrypt(). Bryan Donlan (1): Fix issues in ia32 RDRAND asm leading to reduced entropy David Benjamin (1): Always use adr with __thumb2__. David Makepeace (1): Fixed typo in description of EVP_CIPHER_meth_set_iv_length(). Dr. Matthias St. Pierre (7): bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data BIO_s_mem.pod: fix indirection for out parameter **pp RAND_DRBG: add a function for setting the reseeding defaults Publish the RAND_DRBG API RAND_DRBG: add a function for setting the default DRBG type and flags Fix miscellaneous typos in docs and source Fix: drbgtest fails when tests are executed in random order FdaSilvaYY (1): Duplicate entries ssl_handshake_tbl trace entries... Ivan Filenko (1): Fix typo in ASN1_STRING_length doc Jack Lloyd (3): Add SM2 signature and ECIES schemes Support SM2 ECIES scheme via EVP Handle evp_tests assumption of EVP_PKEY_FLAG_AUTOARGLEN JeffZhao (1): engines/asm/e_padlock*: add support for Zhaoxin's x86 platform Kurt Roeckx (9): Tell the ciphers which DRBG to use for generating random bytes. bnrand_range: Always call bnrand() with the correct flag Check the parent DRBG's strength Fix propotype to include the const qualifier Propagate the request for prediction resistance to the get entropy call Return error when trying to use prediction resistance Make the public and private DRBG thread local Don't use a ssl specific DRBG anymore Add a multithread rand test Matt Caswell (66): Prepare for 1.1.1-pre3-dev Add pkey types for curve448 Integrate X448 and Ed448 into libcrypto Update some documentation for X448/Ed448 Add test vectors for X448 and Ed448 Update CHANGES for X448 and Ed448 Add X448/Ed448 support to libssl Update tests for TLS Ed448 Update CHANGES for X448/Ed448 support in libssl Fix status_request and SCT extensions Remove OPENSSL_USE_NODELETE guards in shlibloadtest Tolerate TLSv1.3 PSKs that are a different size to the hash size Fallback on old style PSK callbacks if the new style ones aren't present Update documentation for the new PSK behaviour Test the new PSK behaviour Give more information in the SSL_stateless return code Don't negotiate TLSv1.3 with the ossl_shim Improve error handling in pk7_doit Fix enable-ssl-trace Free the correct type in OBJ_add_object() Use the TLSv1.3 record header as AAD Only allow supported_versions in a TLSv1.3 ServerHello Update version numbers for TLSv1.3 draft-26 Split configuration of TLSv1.3 ciphers from older ciphers Update s_time to be allow configuration of TLSv1.3 ciphersuites Add documentation for TLSv1.3 ciphersuite configuration Update CHANGES with details of TLSv1.3 ciphersuite configuration Fix clienthellotest for new TLSv1.3 ciphersuite configuration Put the default set of TLSv1.3 ciphersuites in a header file Fix an error number clash Fix no-ec Only update the server session cache when the session is ready Add functions to create an EVP_PKEY from raw private/public key data Add support for setting raw private/public 25519/448 keys Add support for setting raw private HMAC keys Add support for setting raw private SIPHASH keys Add support for setting raw private Poly1305 keys Add the function EVP_PKEY_new_CMAC_key() Update the tests to use the new EVP_PKEY_new_private_key() function Add documentation for the newly added EVP_PKEY_new*() functions Add PrivateKeyRaw and PublicKeyRaw support to evp_test Add some test vectors for testing raw 448/25519 keys Expand the 25519/448 overview man pages Make sure all errors go on the stack in the EVP_PKEY_new*() functions Add functions for setting the new EVP_PKEY_ASN1_METHOD functions Rename EVP_PKEY_new_private_key()/EVP_PKEY_new_public_key() Revert "Don't crash on a missing Subject in index.txt" Revert "Don't allow an empty Subject when creating a Certificate" Report a readable error on a duplicate cert in ca app Allow multiple entries without a Subject even if unique_subject == yes Fix a memory leak in the ca application Fix no-chacha and no-poly1305 Always call the new_session_cb when issuing a NewSessionTicket in TLSv1.3 Don't update the session cache when processing a client certificate in TLSv1.3 Add an anti-replay mechanism Add a test for 0RTT replay protection Document the replay protection capabilities Add a CHANGES entry to mention the replay protection capabilities Fix no-ec Fix no-cmac Fix no-psk Fix no-posix-io compile failure Fix no-sm2 Fix no-ec Update copyright year Prepare for 1.1.1-pre3 release Michael Richardson (1): Reduce travis-ci log output Patrick Steuer (1): Fix test_out_option Paul Yang (3): Check directory is able to create files for various -out option Add test cases for this -out option check Fix the type of -out option Pauli (1): Missings OIDs for XTS added. Rich Salz (4): Make some perl scripts output to stdout Fix credit for SRP code Add code to run test, get malloc counts Revise and cleanup; use strict,warnings Richard Levitte (61): configdata.pm: ensure $prefix is defined crypto/ec/asm/x25519-x86_64.pl: close STDOUT, not $STDOUT storeutl: make sure s2i_ASN1_INTEGER is correctly declared Add VMS version of app_dirname() Check on VMS as well Enable the -out option test on VMS as well Adapt 15-test_out_option.t for more than just Unix Windows makefile: Don't quote generator arguments Configure: fix small spelling error opensslconf.h.in: Use all the "openssl_api_defines" util/dofile.pl: only quote stuff that actually needs quoting Configurations/unix-Makefile.tmpl: remove assignment of AS and ASFLAGS Configure et al: rename all dso_* to module_* in shared-info.pl Make "make variables" config attributes for overridable flags Add space to asoutflag value where appropriate Configurations/10-main.conf: Duplicate cflags to cxxflags config: Pass diverse flags to Configure via the environment Configure et al: get rid of last traces of plib_lflags / PLIB_LDFLAGS Configurations/README: update documentation on flags Configure: disallow the mixture of compiling flags and env / make variables Make a few more asm modules conform: last argument is output file Configure: correct the check of env vars vs command line flags Remove useless -D_ENDIAN from MPE/iX-gcc config Configure et al: Move the definition of library only flags Display the library building flags Restore the display of options with 'openssl version -a' Configure: don't mangle the directory again when checking DEPEND inclusion Configure: catch the build tree configdata.pm Configurations/descrip.mms.tmpl: Fix small errors CONF: On VMS, treat VMS syntax inclusion paths correctly CONF inclusion test: Add VMS specific tests Adjust LPdir_unix.c on VMS for OpenSSL expectations openssl rehash: no more need to massage the files on VMS Refactor the 'depend' target Remove debugging prints from util/add-depends.pl Remove the temporary file in case it wasn't renamed Windows build file: make sure to quote Remove '-Wextra' as default user flags for the Linux clang targets util/add-depends.pl: sort the dependency files Streamline dependency generation util/postprocess-makedepend.pl: For VC, don't include system headers util/postprocess-makedepend.pl: make an effort to collect dependencies Windows makefile: don't use different looking variants of same cmd VMS: add alias macros to avoid 31 character symbol name limit warning Move all dependency post-processing to util/add-depends.pl util/add-depends.pl: add the possibility for debug printouts Visual C: reduce the dependency paths to be relative VMS C: reduce the dependency paths to be relative Configure: Don't fail if there were "make variables" set in env Configure: maintain compability with pre-"make variables" Configure INSTALL: Add a note about backward compatibility and "make variables" ts_RESP_sign: Don't try to use v2 signing when ESS digest isn't set Add a simple method to run regression tests Stop test/shlibloadtest.c from failing in a regression test Clarify a couple of details around "make variables" Support "-min_protocol" and "-max_protocol" in s_server and s_client In TLSProxy::Proxy, specify TLSv1.3 as maximum allowable protocol Enhance ssltestlib's create_ssl_ctx_pair to take min and max proto version Don't generate buildtest_*err.c s_client, s_server: do generic SSL configuration first, specialization after crypto/rand/rand_vms.c: include "internal/rand_int.h" Sebastian Andrzej Siewior (1): Configure: allow to enable afalgeng if target does not start with Linux Sergey Zhuravlev (1): Add GOST OIDs for Edwards parameter sets Steven Noonan (1): speed: add ecdhx448 to ecdh choices Tim Hudson (1): update SRP copyright notice Todd Short (6): If not sending key_share (no TLSv1.3), return appropriately. Add SSL/SSL_CTX_use_cert_and_key() Session Ticket app data Place ticket keys into secure memory Fix no-sm3 (and no-sm2) Fix no-sm3/no-sm2 (with strict-warnings) Tomas Mraz (2): Add support for .include directive in config files Apply system_default configuration on SSL_CTX_new(). Viktor Dukhovni (3): Prepare to detect index changes in OCSP responder. Implement multi-process OCSP responder. Make OCSP "multi" compatible with "no-sock" builds. gmile (1): Add OIDs for DSTU-4145 knekritz (1): Avoid unconditional store in CRYPTO_malloc. xemdetia (1): Fix documentation link to reference man3 ----------------------------------------------------------------------- _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits