X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=63fe26c3c25d78cf8203929e7aa21c1a97e4e8df;hp=8d07a23709d2170531f7796132edb0a8d74249cd;hb=6ccfc8fa316f8dcfe4c943e5a43e9e3661be9cb1;hpb=80162ad645f8982102d6994b9ea9ca6c371e933d diff --git a/CHANGES b/CHANGES index 8d07a23709..63fe26c3c2 100644 --- a/CHANGES +++ b/CHANGES @@ -7,7 +7,18 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. - Changes between 1.1.0h and 1.1.1 [xx XXX xxxx] + Changes between 1.1.0i and 1.1.1 [xx XXX xxxx] + + *) Add a new ClientHello callback. Provides a callback interface that gives + the application the ability to adjust the nascent SSL object at the + earliest stage of ClientHello processing, immediately after extensions have + been collected but before they have been processed. In particular, this + callback can adjust the supported TLS versions in response to the contents + of the ClientHello + [Benjamin Kaduk] + + *) Add SM2 base algorithm support. + [Jack Lloyd] *) s390x assembly pack: add (improved) hardware-support for the following cryptographic primitives: sha3, shake, aes-gcm, aes-ccm, aes-ctr, aes-ofb, @@ -225,16 +236,7 @@ *) Support for TLSv1.3 added. Note that users upgrading from an earlier version of OpenSSL should review their configuration settings to ensure that they are still appropriate for TLSv1.3. For further information see: - https://www.openssl.org/blog/blog/2018/02/08/tlsv1.3/ - - NOTE: In this pre-release of OpenSSL a draft version of the - TLSv1.3 standard has been implemented. Implementations of different draft - versions of the standard do not inter-operate, and this version will not - inter-operate with an implementation of the final standard when it is - eventually published. Different pre-release versions may implement - different versions of the draft. The final version of OpenSSL 1.1.1 will - implement the final version of the standard. - TODO(TLS1.3): Remove the above note before final release + https://wiki.openssl.org/index.php/TLS1.3 [Matt Caswell] *) Grand redesign of the OpenSSL random generator