]>
Commit | Line | Data |
---|---|---|
651d0aff | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
5 | ||
1b24cca9 BM |
6 | Changes between 0.9.2b and 0.9.3 [XX May 1999] |
7 | [I suggest using the same format for the | |
8 | date as in opensslv.h. 0.9.1c used | |
9 | hyphens in the date, so I wrote | |
10 | [23-Dec-1998] down below; but in later | |
11 | versions, these hyphens are gone.] | |
7d7d2cbc | 12 | |
e14d4443 UM |
13 | *) Bignum library bug fix. IRIX 6 passes "make test" now! |
14 | This also avoids the problems with SC4.2 and unpatched SC5. | |
15 | [Andy Polyakov <appro@fy.chalmers.se>] | |
16 | ||
e84240d4 DSH |
17 | *) New functions sk_num, sk_value and sk_set to replace the previous macros. |
18 | These are required because of the typesafe stack would otherwise break | |
19 | existing code. If old code used a structure member which used to be STACK | |
20 | and is now STACK_OF (for example cert in a PKCS7_SIGNED structure) with | |
21 | sk_num or sk_value it would produce an error because the num, data members | |
22 | are not present in STACK_OF. Now it just produces a warning. sk_set | |
23 | replaces the old method of assigning a value to sk_value | |
24 | (e.g. sk_value(x, i) = y) which the library used in a few cases. Any code | |
25 | that does this will no longer work (and should use sk_set instead) but | |
26 | this could be regarded as a "questionable" behaviour anyway. | |
27 | [Steve Henson] | |
28 | ||
1b266dab DSH |
29 | *) Fix most of the other PKCS#7 bugs. The "experimental" code can now |
30 | correctly handle encrypted S/MIME data. | |
31 | [Steve Henson] | |
32 | ||
55519bbb | 33 | *) Change type of various DES function arguments from des_cblock |
f43c8149 | 34 | (which means, in function argument declarations, pointer to char) |
55519bbb BM |
35 | to des_cblock * (meaning pointer to array with 8 char elements), |
36 | which allows the compiler to do more typechecking; it was like | |
37 | that back in SSLeay, but with lots of ugly casts. | |
38 | ||
39 | Introduce new type const_des_cblock. | |
40 | [Bodo Moeller] | |
41 | ||
84fa704c DSH |
42 | *) Reorganise the PKCS#7 library and get rid of some of the more obvious |
43 | problems: find RecipientInfo structure that matches recipient certificate | |
44 | and initialise the ASN1 structures properly based on passed cipher. | |
45 | [Steve Henson] | |
46 | ||
62bad771 BL |
47 | *) Belatedly make the BN tests actually check the results. |
48 | [Ben Laurie] | |
49 | ||
1ad2ecb6 DSH |
50 | *) Fix the encoding and decoding of negative ASN1 INTEGERS and conversion |
51 | to and from BNs: it was completely broken. New compilation option | |
52 | NEG_PUBKEY_BUG to allow for some broken certificates that encode public | |
53 | key elements as negative integers. | |
54 | [Steve Henson] | |
55 | ||
bd3576d2 UM |
56 | *) Reorganize and speed up MD5. |
57 | [Andy Polyakov <appro@fy.chalmers.se>] | |
58 | ||
7d7d2cbc UM |
59 | *) VMS support. |
60 | [Richard Levitte <richard@levitte.org>] | |
1b276f30 | 61 | |
f5eac85e DSH |
62 | *) New option -out to asn1parse to allow the parsed structure to be |
63 | output to a file. This is most useful when combined with the -strparse | |
64 | option to examine the output of things like OCTET STRINGS. | |
65 | [Steve Henson] | |
66 | ||
b31b04d9 BM |
67 | *) Make SSL library a little more fool-proof by not requiring any longer |
68 | that SSL_set_{accept,connect}_state be called before | |
69 | SSL_{accept,connect} may be used (SSL_set_..._state is omitted | |
70 | in many applications because usually everything *appeared* to work as | |
71 | intended anyway -- now it really works as intended). | |
72 | [Bodo Moeller] | |
73 | ||
d5a2ea4b UM |
74 | *) Move openssl.cnf out of lib/. |
75 |