#
af2f14ac |
| 20-Nov-2020 |
Richard Levitte |
ERR: Drop or deprecate dangerous or overly confusing functions ERR_get_error_line() is deprecated, and ERR_get_error_func() and ERR_get_error_data() are removed in favor of ERR_get_error
ERR: Drop or deprecate dangerous or overly confusing functions ERR_get_error_line() is deprecated, and ERR_get_error_func() and ERR_get_error_data() are removed in favor of ERR_get_error_all(), since they pop the error record, leaving the caller with only partial error record data and no way to get the rest if the wish. If it's desirable to retrieve data piecemeal, the caller should consider using the diverse ERR_peek functions and finish off with ERR_get_error(). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13466)
show more ...
|
#
e3197e5a |
| 26-Nov-2020 |
Matt Caswell |
Prepare for 3.0 alpha 10 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
#
68ec3d47 |
| 26-Nov-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 9 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
#
f5a46ed7 |
| 12-Nov-2020 |
Richard Levitte |
Modify the ERR init functions to use the internal ERR string loaders This deprecates all the ERR_load_ functions, and moves their definition to separate C source files that can easily be
Modify the ERR init functions to use the internal ERR string loaders This deprecates all the ERR_load_ functions, and moves their definition to separate C source files that can easily be removed when those functions are finally removed. This also reduces include/openssl/kdferr.h to include cryptoerr_legacy.h, moves the declaration of ERR_load_ERR_strings() from include/openssl/err.h to include/openssl/cryptoerr_legacy.h, and finally removes the declaration of ERR_load_DSO_strings(), which was entirely internal anyway. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13390)
show more ...
|
#
ecabd006 |
| 05-Nov-2020 |
Matt Caswell |
Prepare for 3.0 alpha 9 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
#
20d7295c |
| 05-Nov-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 8 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
#
e8dca211 |
| 15-Oct-2020 |
Matt Caswell |
Prepare for 3.0 alpha 8 Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
Revision tags: openssl-3.0.0-alpha7 |
|
#
f9a5682e |
| 15-Oct-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 7 Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
#
d8dc8538 |
| 24-Sep-2020 |
Dr. Matthias St. Pierre |
Change CVE link style in CHANGES and NEWS Replace [collapsed reference links][] for the CVEs by [shortcut reference links], in order to to improve the readability of the raw markdown
Change CVE link style in CHANGES and NEWS Replace [collapsed reference links][] for the CVEs by [shortcut reference links], in order to to improve the readability of the raw markdown text. Consistently add parentheses around the CVE links at the end of the CVE descriptions. (The NEWS file already had the parentheses, in the CHANGES file they where missing.) [collapsed reference links]: https://github.github.com/gfm/#collapsed-reference-link [shortcut reference links]: https://github.github.com/gfm/#shortcut-reference-link Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12967)
show more ...
|
#
6ffc3127 |
| 24-Sep-2020 |
Dr. Matthias St. Pierre |
Update CHANGES and NEWS for 1.1.1h release Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12967)
|
Revision tags: OpenSSL_1_1_1h |
|
#
ece9304c |
| 16-Aug-2020 |
Richard Levitte |
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE Fixes #12455 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openss
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE Fixes #12455 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12660)
show more ...
|
Revision tags: openssl-3.0.0-alpha6 |
|
#
7d615e21 |
| 22-Jul-2020 |
Pauli |
rand_drbg: remove RAND_DRBG. The RAND_DRBG API did not fit well into the new provider concept as implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the RAND_DRBG API i
rand_drbg: remove RAND_DRBG. The RAND_DRBG API did not fit well into the new provider concept as implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the RAND_DRBG API is a mixture of 'front end' and 'back end' API calls and some of its API calls are rather low-level. This holds in particular for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG type changing mechanism (RAND_DRBG_set()). Adding a compatibility layer to continue supporting the RAND_DRBG API as a legacy API for a regular deprecation period turned out to come at the price of complicating the new provider API unnecessarily. Since the RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC to drop it entirely. Other related changes: Use RNG instead of DRBG in EVP_RAND documentation. The documentation was using DRBG in places where it should have been RNG or CSRNG. Move the RAND_DRBG(7) documentation to EVP_RAND(7). Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12509)
show more ...
|
#
1b2873e4 |
| 06-Aug-2020 |
Matt Caswell |
Prepare for 3.0 alpha 7 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
#
e3ec8020 |
| 06-Aug-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 6 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
16c6534b |
| 25-Jun-2020 |
Dr. David von Oheimb |
check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12270)
|
#
318565b7 |
| 16-Jul-2020 |
Richard Levitte |
Prepare for 3.0 alpha 6 Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
#
e70a2d9f |
| 16-Jul-2020 |
Richard Levitte |
Prepare for release of 3.0 alpha 5 Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
#
8dab4de5 |
| 16-Jul-2020 |
Richard Levitte |
Add latest changes and news in CHANGES.md and NEWS.md - Reworked test perl framwork for parallel tests - Reworked ERR codes to make better space for system errors - Deprecation of th
Add latest changes and news in CHANGES.md and NEWS.md - Reworked test perl framwork for parallel tests - Reworked ERR codes to make better space for system errors - Deprecation of the ENGINE API Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12461)
show more ...
|
#
036cbb6b |
| 10-Jun-2020 |
Dr. David von Oheimb |
Rename NOTES*, README*, VERSION, HACKING, LICENSE to .md or .txt Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12109)
|
#
8c1cbc72 |
| 29-Jun-2020 |
Gustaf Neumann |
Fix typos and repeated words CLA: trivial Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from ht
Fix typos and repeated words CLA: trivial Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12320)
show more ...
|
#
3bd65f9b |
| 22-Jun-2020 |
Richard Levitte |
Update NEWS and CHANGES NEWS and CHANGES hasn't mentioned OPENSSL_CTX before, so adding entries now. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com
Update NEWS and CHANGES NEWS and CHANGES hasn't mentioned OPENSSL_CTX before, so adding entries now. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12228)
show more ...
|
Revision tags: openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
#
aba03ae5 |
| 02-Jan-2020 |
Kurt Roeckx |
Reduce the security bits for MD5 and SHA1 based signatures in TLS This has as effect that SHA1 and MD5+SHA1 are no longer supported at security level 1, and that TLS < 1.2 is no longer s
Reduce the security bits for MD5 and SHA1 based signatures in TLS This has as effect that SHA1 and MD5+SHA1 are no longer supported at security level 1, and that TLS < 1.2 is no longer supported at the default security level of 1, and that you need to set the security level to 0 to use TLS < 1.2. Reviewed-by: Tim Hudson <tjh@openssl.org> GH: #10787
show more ...
|
#
0d96afd2 |
| 25-Jun-2020 |
Matt Caswell |
Prepare for 3.0 alpha 5 Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
|
#
38778b78 |
| 25-Jun-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 4 Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
|