X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=CHANGES;h=7bd0f924f1f26d6fc939686a9107a1685980485a;hb=7b1ec1cfb76dfd71519d4a1482be0355817b06fc;hp=d6a09b00e2fca96d9b7f36d85ed7308bcd20029b;hpb=1e53a9fd1ad1260274065c12d0e9efbabb7d94e1;p=openssl.git

diff --git a/CHANGES b/CHANGES
index d6a09b00e2..7bd0f924f1 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,10 +4,16 @@
 
  Changes between 1.1.0e and 1.1.1 [xx XXX xxxx]
 
-  *) Add the z modifier parsing to BIO_printf() et al formatting string,
-     to be used for size_t and ssize_t (ossl_ssize_t).
+  *) Add the ASN.1 types INT32, UINT32, INT64, UINT64 and variants prefixed
+     with Z.  These are meant to replace LONG and ZLONG and to be size safe.
+     The use of LONG and ZLONG is discouraged and scheduled for deprecation
+     in OpenSSL 1.2.0.
      [Richard Levitte]
 
+  *) Add the 'z' and 'j' modifiers to BIO_printf() et al formatting string,
+     'z' is to be used for [s]size_t, and 'j' - with [u]int64_t.
+     [Richard Levitte, Andy Polyakov]
+
   *) Add EC_KEY_get0_engine(), which does for EC_KEY what RSA_get0_engine()
      does for RSA, etc.
      [Richard Levitte]
@@ -16,6 +22,12 @@
      platform rather than 'mingw'.
      [Richard Levitte]
 
+  *) The functions X509_STORE_add_cert and X509_STORE_add_crl return
+     success if they are asked to add an object which already exists
+     in the store. This change cascades to other functions which load
+     certificates and CRLs.
+     [Paul Dale]
+
   *) x86_64 assembly pack: annotate code with DWARF CFI directives to
      facilitate stack unwinding even from assembly subroutines.
      [Andy Polyakov]
@@ -37,6 +49,12 @@
   *) Add support for ARIA
      [Paul Dale]
 
+  *) s_client will now send the Server Name Indication (SNI) extension by
+     default unless the new "-noservername" option is used. The server name is
+     based on the host provided to the "-connect" option unless overridden by
+     using "-servername".
+     [Matt Caswell]
+
   *) Add support for SipHash
      [Todd Short]
 
@@ -57,6 +75,10 @@
   *) Support for SSL_OP_NO_ENCRYPT_THEN_MAC in SSL_CONF_cmd.
      [Emilia Käsper]
 
+  *) The RSA "null" method, which was partially supported to avoid patent
+     issues, has been replaced to always returns NULL.
+     [Rich Salz]
+
  Changes between 1.1.0d and 1.1.0e [16 Feb 2017]
 
   *) Encrypt-Then-Mac renegotiation crash