Update to 1.82
- New upstream release 1.82
- Added support for building under Linuxbrew (a linuxbrew version of MacOS
Homebrew)
- Implement SSL_CTX_set_psk_client_callback() and
SSL_set_psk_client_callback()
- Skip the NPN test if the SSL library is LibreSSL
- Fixed a problem with a variable declaration in
ssleay_session_secret_cb_invoke
- Bugfix: tlsext_status_cb_invoke(...): free ocsp_response only when
allocated; the same callback is used on a server side for OCSP stapling
and in that case ocsp_response is NULL and not used
- New feature: Added a binding
SSL_set_session_ticket_ext_cb(ssl, callback, data); a callback used by
EAP-FAST/EAP-TEAT to parse and process TLS session ticket
- New feature: Added a binding SSL_set_session_ticket_ext(ssl, ticket); used
by EAP-FAST/EAP-TEAP to define TLS session ticket value
- Bugfix: tlsext_ticket_key_cb_invoke(...): allow SHA256 HMAC key to be 32
bytes instead of 16 bytes (which OpenSSL will pad with zeros up to 32
bytes)
- New feature: Added following bindings:
- X509_get_ex_data(cert, idx)
- X509_get_ex_new_index(argl, argp, new_func, dup_func, free_func)
- X509_get_app_data(cert)
- X509_set_ex_data(cert, idx, data)
- X509_set_app_data(cert, arg)
- X509_STORE_CTX_get_ex_new_index(argl, argp, new_func, dup_func, free_func)
- X509_STORE_CTX_get_app_data(x509_store_ctx)
- X509_STORE_CTX_set_app_data(x509_store_ctx, arg)
- New feature: Added an implementation for
SSL_get_finished(ssl, buf, count=2*EVP_MAX_MD_SIZE)
- New feature: Added an implementation for
SSL_get_peer_finished(ssl, buf, count=2*EVP_MAX_MD_SIZE)
- Bugfix: SSL_get_keyblock_size(s): Calculate key block size correctly also
with AEAD ciphers, which don’t use digest functions
- New feature: Added a binding SSL_set_tlsext_status_ocsp_resp(ssl, staple);
used by a server side to include OCSP staple in ServerHello
- Bugfix: SSL_OCSP_response_verify(ssl, rsp, svreq, flags): check that chain
and last are not NULL before trying to use them
- Bugfix: inc/Module/Install/PRIVATE/Net/SSLeay.pm: Don’t quote include and
lib paths
- Drop EL-5 support
- Drop BuildRoot: and Group: tags
- Drop explicit buildroot cleaning in %install section
- Drop explicit %clean section