changes: note that some ctrl calls have a different error return.

Providers do not distinguish between invalid and other errors via the return code. Fixes #14442 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14864)
author: Pauli <pauli@openssl.org> 2021-04-14 04:26:41 +0200
committer: Pauli <pauli@openssl.org> 2021-04-15 12:25:24 +0200
commit: 9c1b19eb6f51fd6785cc61418e10070af83df1d2 (patch)
tree: 659db09d8c08594db28a1c220767dfcdbab7abeb
parent: Do not allow creating empty RSA keys by duplication (diff)
download: openssl-9c1b19eb6f51fd6785cc61418e10070af83df1d2.tar.xz
openssl-9c1b19eb6f51fd6785cc61418e10070af83df1d2.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/CHANGES.md b/CHANGES.md
index a2a281637f..76ba709c0e 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -29,6 +29,12 @@ OpenSSL 3.0
 
    *Boris Pismenny, John Baldwin and Andrew Gallatin*
 
+ * The error return values from some control calls (ctrl) have changed.
+   One significant change is that controls which used to return -2 for
+   invalid inputs, now return -1 indicating a generic error condition instead.
+
+   *Paul Dale*
+
  * A public key check is now performed during EVP_PKEY_derive_set_peer().
    Previously DH was internally doing this during EVP_PKEY_derive().
    To disable this check use EVP_PKEY_derive_set_peer_ex(dh, peer, 0). This
author	Pauli <pauli@openssl.org>	2021-04-14 04:26:41 +0200
committer	Pauli <pauli@openssl.org>	2021-04-15 12:25:24 +0200
commit	9c1b19eb6f51fd6785cc61418e10070af83df1d2 (patch)
tree	659db09d8c08594db28a1c220767dfcdbab7abeb
parent	Do not allow creating empty RSA keys by duplication (diff)
download	openssl-9c1b19eb6f51fd6785cc61418e10070af83df1d2.tar.xz openssl-9c1b19eb6f51fd6785cc61418e10070af83df1d2.zip