Initial incomplete TLS v1.2 support. New ciphersuites added, new version

checking added, SHA256 PRF support added. At present only RSA key exchange ciphersuites work with TLS v1.2 as the new signature format is not yet implemented.
author: Dr. Stephen Henson <steve@openssl.org> 2011-04-29 22:56:51 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2011-04-29 22:56:51 +0000
commit: 7409d7ad517650db332ae528915a570e4e0ab88b (patch)
tree: 30ef3e18eff537854b4e443080bfb1f96c0fef12 /CHANGES
parent: 08557cf22cd7c337d7430c32fb21ed29a77a8131 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 30458ff152..5191ed6870 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,14 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch
+     to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based
+     ciphersuites. At present only RSA key exchange ciphersuites work with
+     TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
+     SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods
+     and version checking.
+     [Steve Henson]
+
   *) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled
      with this defined it will not be affected by any changes to ssl internal
      structures. Add several utility functions to allow openssl application
author	Dr. Stephen Henson <steve@openssl.org>	2011-04-29 22:56:51 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2011-04-29 22:56:51 +0000
commit	7409d7ad517650db332ae528915a570e4e0ab88b (patch)
tree	30ef3e18eff537854b4e443080bfb1f96c0fef12 /CHANGES
parent	08557cf22cd7c337d7430c32fb21ed29a77a8131 (diff)