MGF1 digest and OAEP label.
[Steve Henson]
- *) Support for DTLS 1.2. This adds two sets of DTLS methods: DTLS_*_method()
- supports both DTLS 1.2 and 1.0 and should use whatever version the peer
- supports and DTLSv1_2_*_method() which supports DTLS 1.2 only.
- [Steve Henson]
-
*) Make openssl verify return errors.
[Chris Palmer <palmer@google.com> and Ben Laurie]
This work was sponsored by Intel Corp.
[Andy Polyakov]
+ *) Support for DTLS 1.2. This adds two sets of DTLS methods: DTLS_*_method()
+ supports both DTLS 1.2 and 1.0 and should use whatever version the peer
+ supports and DTLSv1_2_*_method() which supports DTLS 1.2 only.
+ [Steve Henson]
+
*) Use algorithm specific chains in SSL_CTX_use_certificate_chain_file():
this fixes a limiation in previous versions of OpenSSL.
[Steve Henson]
X509_CINF_set_modified, X509_CINF_get_issuer, X509_CINF_get_extensions and
X509_CINF_get_signature were reverted post internal team review.
- Changes between 1.0.1g and 1.0.1h [5 Jun 2014]
+ Changes between 1.0.1i and 1.0.1j [xx XXX xxxx]
*) Add additional DigestInfo checks.
- Reencode DigestInto in DER and check against the original: this
- will reject any improperly encoded DigestInfo structures.
+ Reencode DigestInto in DER and check against the original when
+ verifying RSA signature: this will reject any improperly encoded
+ DigestInfo structures.
- Note: this is a precautionary measure OpenSSL and no attacks
- are currently known.
+ Note: this is a precautionary measure and no attacks are currently known.
[Steve Henson]
+ Changes between 1.0.1g and 1.0.1h [5 Jun 2014]
+
*) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
handshake can force the use of weak keying material in OpenSSL
SSL/TLS clients and servers.