OpenSSL 1.0.0. Add CHANGES entry noting the consequences.

vector contiguous.
PR: 2802

Reviewed by: steve
Improved localisation of TLS extension handling and code tidy.

Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>

PR: 2792

BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)

PR: 2793

e_aes_cbc_hmac_sha1.c (mostly for aesthetic reasons).

PR: 2792

tested, because kernel is not in shape to handle it *yet*. The code is
committed mostly to stimulate the kernel development.

(TLS 1.2 clients could end up negotiating these with an OpenSSL server
with TLS 1.2 disabled, which is problematic.)

Submitted by: Adam Langley

If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client
ciphersuites to this value. A value of 50 should be sufficient.

Document workarounds in CHANGES.

Some servers hang when presented with a client hello record length exceeding
255 bytes but will work with longer client hellos if the TLS record version
in client hello does not exceed TLS v1.0. Unfortunately this doesn't fix all
cases...

PR: 2791
Submitted by: Ben Noordhuis

PR: 2790
Submitted by: Alexei Khlebnikov

PR: 2538

countermeasure.

PR: 2778

s_server.

Localize client hello extension parsing in t1_lib.c

enabled instead of requiring an application to hard code a (possibly
inappropriate) parameter set and delve into EC internals we just
automatically use the preferred curve.