| #
af2f14ac |
| 20-Nov-2020 |
Richard Levitte |
ERR: Drop or deprecate dangerous or overly confusing functions
ERR_get_error_line() is deprecated, and ERR_get_error_func() and
ERR_get_error_data() are removed in favor of ERR_get_error
ERR: Drop or deprecate dangerous or overly confusing functions
ERR_get_error_line() is deprecated, and ERR_get_error_func() and
ERR_get_error_data() are removed in favor of ERR_get_error_all(),
since they pop the error record, leaving the caller with only partial
error record data and no way to get the rest if the wish.
If it's desirable to retrieve data piecemeal, the caller should
consider using the diverse ERR_peek functions and finish off with
ERR_get_error().
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13466)
show more ...
|
| #
e3197e5a |
| 26-Nov-2020 |
Matt Caswell |
Prepare for 3.0 alpha 10
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
| #
68ec3d47 |
| 26-Nov-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 9
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
| #
f5a46ed7 |
| 12-Nov-2020 |
Richard Levitte |
Modify the ERR init functions to use the internal ERR string loaders
This deprecates all the ERR_load_ functions, and moves their definition to
separate C source files that can easily be
Modify the ERR init functions to use the internal ERR string loaders
This deprecates all the ERR_load_ functions, and moves their definition to
separate C source files that can easily be removed when those functions are
finally removed.
This also reduces include/openssl/kdferr.h to include cryptoerr_legacy.h,
moves the declaration of ERR_load_ERR_strings() from include/openssl/err.h
to include/openssl/cryptoerr_legacy.h, and finally removes the declaration
of ERR_load_DSO_strings(), which was entirely internal anyway.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13390)
show more ...
|
| #
ecabd006 |
| 05-Nov-2020 |
Matt Caswell |
Prepare for 3.0 alpha 9
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
| #
20d7295c |
| 05-Nov-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 8
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
| #
e8dca211 |
| 15-Oct-2020 |
Matt Caswell |
Prepare for 3.0 alpha 8
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
|
Revision tags: openssl-3.0.0-alpha7 |
|
| #
f9a5682e |
| 15-Oct-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 7
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
| #
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
The OPENSSL_CTX type stands out a little by using a different prefix.
For consistency reasons, this type is renamed to OSSL_LIB_CTX.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
| #
d8dc8538 |
| 24-Sep-2020 |
Dr. Matthias St. Pierre |
Change CVE link style in CHANGES and NEWS
Replace [collapsed reference links][] for the CVEs by
[shortcut reference links], in order to to improve the
readability of the raw markdown
Change CVE link style in CHANGES and NEWS
Replace [collapsed reference links][] for the CVEs by
[shortcut reference links], in order to to improve the
readability of the raw markdown text.
Consistently add parentheses around the CVE links at the
end of the CVE descriptions. (The NEWS file already had
the parentheses, in the CHANGES file they where missing.)
[collapsed reference links]:
https://github.github.com/gfm/#collapsed-reference-link
[shortcut reference links]:
https://github.github.com/gfm/#shortcut-reference-link
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12967)
show more ...
|
| #
6ffc3127 |
| 24-Sep-2020 |
Dr. Matthias St. Pierre |
Update CHANGES and NEWS for 1.1.1h release
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12967)
|
|
Revision tags: OpenSSL_1_1_1h |
|
| #
ece9304c |
| 16-Aug-2020 |
Richard Levitte |
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
Fixes #12455
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openss
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
Fixes #12455
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12660)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha6 |
|
| #
7d615e21 |
| 22-Jul-2020 |
Pauli |
rand_drbg: remove RAND_DRBG.
The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API i
rand_drbg: remove RAND_DRBG.
The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
and some of its API calls are rather low-level. This holds in particular
for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG
type changing mechanism (RAND_DRBG_set()).
Adding a compatibility layer to continue supporting the RAND_DRBG API as
a legacy API for a regular deprecation period turned out to come at the
price of complicating the new provider API unnecessarily. Since the
RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
to drop it entirely.
Other related changes:
Use RNG instead of DRBG in EVP_RAND documentation. The documentation was
using DRBG in places where it should have been RNG or CSRNG.
Move the RAND_DRBG(7) documentation to EVP_RAND(7).
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12509)
show more ...
|
| #
1b2873e4 |
| 06-Aug-2020 |
Matt Caswell |
Prepare for 3.0 alpha 7
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
| #
e3ec8020 |
| 06-Aug-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 6
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
| #
16c6534b |
| 25-Jun-2020 |
Dr. David von Oheimb |
check-format.pl: Add an entry about it to NEWS.md and to CHANGES.md
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12270)
|
| #
318565b7 |
| 16-Jul-2020 |
Richard Levitte |
Prepare for 3.0 alpha 6
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
| #
e70a2d9f |
| 16-Jul-2020 |
Richard Levitte |
Prepare for release of 3.0 alpha 5
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
| #
8dab4de5 |
| 16-Jul-2020 |
Richard Levitte |
Add latest changes and news in CHANGES.md and NEWS.md
- Reworked test perl framwork for parallel tests
- Reworked ERR codes to make better space for system errors
- Deprecation of th
Add latest changes and news in CHANGES.md and NEWS.md
- Reworked test perl framwork for parallel tests
- Reworked ERR codes to make better space for system errors
- Deprecation of the ENGINE API
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12461)
show more ...
|
| #
036cbb6b |
| 10-Jun-2020 |
Dr. David von Oheimb |
Rename NOTES*, README*, VERSION, HACKING, LICENSE to .md or .txt
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12109)
|
| #
8c1cbc72 |
| 29-Jun-2020 |
Gustaf Neumann |
Fix typos and repeated words
CLA: trivial
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from ht
Fix typos and repeated words
CLA: trivial
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12320)
show more ...
|
| #
3bd65f9b |
| 22-Jun-2020 |
Richard Levitte |
Update NEWS and CHANGES
NEWS and CHANGES hasn't mentioned OPENSSL_CTX before, so adding entries now.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com
Update NEWS and CHANGES
NEWS and CHANGES hasn't mentioned OPENSSL_CTX before, so adding entries now.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12228)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
| #
aba03ae5 |
| 02-Jan-2020 |
Kurt Roeckx |
Reduce the security bits for MD5 and SHA1 based signatures in TLS
This has as effect that SHA1 and MD5+SHA1 are no longer supported at
security level 1, and that TLS < 1.2 is no longer s
Reduce the security bits for MD5 and SHA1 based signatures in TLS
This has as effect that SHA1 and MD5+SHA1 are no longer supported at
security level 1, and that TLS < 1.2 is no longer supported at the
default security level of 1, and that you need to set the security
level to 0 to use TLS < 1.2.
Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #10787
show more ...
|
| #
0d96afd2 |
| 25-Jun-2020 |
Matt Caswell |
Prepare for 3.0 alpha 5
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
|
| #
38778b78 |
| 25-Jun-2020 |
Matt Caswell |
Prepare for release of 3.0 alpha 4
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
|
