generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Clean up CHANGES

Browse Source 
Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Emilia Kasper
2014-11-20 12:20:02 +01:00
parent e94a6c0ede
commit 31832e8ff1
1 changed files with 1 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
CHANGES
View File

@@ -303,23 +303,7 @@
whose return value is often ignored. whose return value is often ignored.
[Steve Henson] [Steve Henson]
Changes between 1.0.1j and 1.0.2 [xx XXX xxxx] Changes between 1.0.1k and 1.0.2 [xx XXX xxxx]
*) Tighten handling of the ChangeCipherSpec (CCS) message: reject
early CCS messages during renegotiation. (Note that because
renegotiation is encrypted, this early CCS was not exploitable.)
[Emilia K<>sper]
*) Tighten client-side session ticket handling during renegotiation:
ensure that the client only accepts a session ticket if the server sends
the extension anew in the ServerHello. Previously, a TLS client would
reuse the old extension state and thus accept a session ticket if one was
announced in the initial ServerHello.
Similarly, ensure that the client requires a session ticket if one
was advertised in the ServerHello. Previously, a TLS client would
ignore a missing NewSessionTicket message.
[Emilia K<>sper]
*) Accelerated NIST P-256 elliptic curve implementation for x86_64 *) Accelerated NIST P-256 elliptic curve implementation for x86_64
(other platforms pending). (other platforms pending).