From 13b4f6323b2e3a57ef3084f3683f402d338b48ae Mon Sep 17 00:00:00 2001 From: "Dr. David von Oheimb" Date: Mon, 28 Oct 2024 19:32:32 +0100 Subject: [PATCH] CHANGES.md: re-word 'app' to 'command' and 'apps' to 'commands' for consistency --- CHANGES.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 91a58ff558807..08faf0501d6c1 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -150,7 +150,7 @@ OpenSSL 3.4 * Added options `-not_before` and `-not_after` for explicit setting start and end dates of certificates created with the `req` and `x509` - apps. Added the same options also to `ca` app as alias for + commands. Added the same options also to `ca` command as alias for `-startdate` and `-enddate` options. *Stephan Wurm* @@ -957,14 +957,14 @@ OpenSSL 3.2 * Lutz Jänicke* - * The `x509`, `ca`, and `req` apps now produce X.509 v3 certificates. + * The `x509`, `ca`, and `req` commands now produce X.509 v3 certificates. The `-x509v1` option of `req` prefers generation of X.509 v1 certificates. `X509_sign()` and `X509_sign_ctx()` make sure that the certificate has X.509 version 3 if the certificate information includes X.509 extensions. *David von Oheimb* - * Fix and extend certificate handling and the apps `x509`, `verify` etc. + * Fix and extend certificate handling and the commands `x509`, `verify` etc. such as adding a trace facility for debugging certificate chain building. *David von Oheimb* @@ -1293,7 +1293,7 @@ OpenSSL 3.1 *Orr Toledano* - * s_client and s_server apps now explicitly say when the TLS version + * `s_client` and `s_server` commands now explicitly say when the TLS version does not include the renegotiation mechanism. This avoids confusion between that scenario versus when the TLS version includes secure renegotiation but the peer lacks support for it. @@ -2344,7 +2344,8 @@ breaking changes, and mappings for the large list of deprecated functions. *Nicola Tuveri* - * Behavior of the `pkey` app is changed, when using the `-check` or `-pubcheck` + * Behavior of the `pkey` command is changed, + when using the `-check` or `-pubcheck` switches: a validation failure triggers an early exit, returning a failure exit status to the parent process.