diff options
author | Dr. David von Oheimb <dev@ddvo.net> | 2021-01-27 22:13:30 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-07-21 11:46:18 +0200 |
commit | 4672e5de9e22a752870c9a05e0a92faef9e6f340 (patch) | |
tree | bbb19d03ec3a39680a6604cb02506e6e5d451464 /CHANGES.md | |
parent | ee11462d31e0f05bc75264ab40bf90ae55cb1d7c (diff) |
tls_process_{client,server}_certificate(): allow verify_callback return > 1
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13937)
Diffstat (limited to 'CHANGES.md')
-rw-r--r-- | CHANGES.md | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/CHANGES.md b/CHANGES.md index 8109e0ad8d..49031339d0 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -292,6 +292,15 @@ breaking changes, and mappings for the large list of deprecated functions. * Deprecated the obsolete X9.31 RSA key generation related functions. + * While a callback function set via `SSL_CTX_set_cert_verify_callback()` + is not allowed to return a value > 1, this is no more taken as failure. + + *Viktor Dukhovni and David von Oheimb* + + * Deprecated the obsolete X9.31 RSA key generation related functions + BN_X931_generate_Xpq(), BN_X931_derive_prime_ex(), and + BN_X931_generate_prime_ex(). + *Tomáš Mráz* * The default key generation method for the regular 2-prime RSA keys was |