X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=CHANGES;h=bcfae0a349f3fa78327c746bf808916c5d5f9cef;hb=a847130696532ae0a2d3884daefdd8ac6cecdfdc;hp=a06b1e4c24937f98e2a984666bdb6b9913e7ab69;hpb=053fa39af62f5b3543ebec8592e4592965b18e26;p=openssl.git

diff --git a/CHANGES b/CHANGES
index a06b1e4c24..bcfae0a349 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,20 @@
  _______________
 
  Changes between 1.0.2 and 1.1.0  [xx XXX xxxx]
+
+  *) Rewrite PSK to support ECDHE_PSK, DHE_PSK and RSA_PSK. Add ciphersuites
+     from RFC4279, RFC4785, RFC5487, RFC5489.
+
+     Thanks to Christian J. Dietrich and Giuseppe D'Angelo for the
+     original RSA_PSK patch.
+     [Steve Henson]
+
+  *) Dropped support for the SSL3_FLAGS_DELAY_CLIENT_FINISHED flag. This SSLeay
+     era flag was never set throughout the codebase (only read). Also removed
+     SSL3_FLAGS_POP_BUFFER which was only used if
+     SSL3_FLAGS_DELAY_CLIENT_FINISHED was also set.
+     [Matt Caswell]
+
   *) Changed the default name options in the "ca", "crl", "req" and "x509"
      to be "oneline" instead of "compat".
      [Richard Levitte]
@@ -148,7 +162,7 @@
      [mancha <mancha1@zoho.com>]
 
   *) Fix eckey_priv_encode so it immediately returns an error upon a failure
-     in i2d_ECPrivateKey.
+     in i2d_ECPrivateKey.  Thanks to Ted Unangst for feedback on this issue.
      [mancha <mancha1@zoho.com>]
 
   *) Fix some double frees. These are not thought to be exploitable.
@@ -434,7 +448,7 @@
      whose return value is often ignored. 
      [Steve Henson]
 
- Changes between 1.0.2c and 1.0.2d [xx XXX xxxx]
+ Changes between 1.0.2c and 1.0.2d [9 Jul 2015]
 
   *) Alternate chains certificate forgery