projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix SSL_R naming inconsistency.
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 1abff63983fbb4440f286f1db467276c242d9781..a54081402faa00d1cb01c4e63ceaa3693063bffc 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,12 @@
 
  Changes between 1.0.1i and 1.0.2 [xx XXX xxxx]
 
+  *) Add support for TLS_FALLBACK_SCSV.
+     Client applications doing fallback retries should call
+     SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV).
+     (CVE-2014-3566)
+     [Adam Langley, Bodo Moeller]
+
   *) Accelerated NIST P-256 elliptic curve implementation for x86_64
      (other platforms pending).
      [Shay Gueron (Intel Corp), Andy Polyakov]
@@ -52,6 +58,11 @@
      This work was sponsored by Intel Corp.
      [Andy Polyakov]
 
+  *) Support for DTLS 1.2. This adds two sets of DTLS methods: DTLS_*_method()
+     supports both DTLS 1.2 and 1.0 and should use whatever version the peer
+     supports and DTLSv1_2_*_method() which supports DTLS 1.2 only.
+     [Steve Henson]
+
   *) Use algorithm specific chains in SSL_CTX_use_certificate_chain_file():
      this fixes a limiation in previous versions of OpenSSL.
      [Steve Henson]
Unnamed repository; edit this file 'description' to name the repository.