]>
Commit | Line | Data |
---|---|---|
651d0aff | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
5 | ||
9cb0969f | 6 | Changes between 0.9.1c and 0.9.2 |
320a14cb | 7 | |
7f9b7b07 DSH |
8 | *) Get the gendsa program working (hopefully) and add it to app list. Remove |
9 | encryption from sample DSA keys (in case anyone is interested the password | |
10 | was "1234"). | |
11 | [Steve Henson] | |
12 | ||
e03ddfae BL |
13 | *) Make _all_ *_free functions accept a NULL pointer. |
14 | [Frans Heymans <fheymans@isaserver.be>] | |
15 | ||
6fa89f94 BL |
16 | *) If a DH key is generated in s3_srvr.c, don't blow it by trying to use |
17 | NULL pointers. | |
18 | [Anonymous <nobody@replay.com>] | |
19 | ||
c13d4799 BL |
20 | *) s_server should send the CAfile as acceptable CAs, not its own cert. |
21 | [Bodo Moeller <3moeller@informatik.uni-hamburg.de>] | |
22 | ||
bc4deee0 BL |
23 | *) Don't blow it for numeric -newkey arguments to apps/req. |
24 | [Bodo Moeller <3moeller@informatik.uni-hamburg.de>] | |
25 | ||
5b00115a BL |
26 | *) Temp key "for export" tests were wrong in s3_srvr.c. |
27 | [Anonymous <nobody@replay.com>] | |
28 | ||
f8c3c05d BL |
29 | *) Add prototype for temp key callback functions |
30 | SSL_CTX_set_tmp_{rsa,dh}_callback(). | |
31 | [Ben Laurie] | |
32 | ||
ad65ce75 DSH |
33 | *) Make DH_free() tolerate being passed a NULL pointer (like RSA_free() and |
34 | DSA_free()). Make X509_PUBKEY_set() check for errors in d2i_PublicKey(). | |
384c479c | 35 | [Steve Henson] |
ad65ce75 | 36 | |
e416ad97 BL |
37 | *) X509_name_add_entry() freed the wrong thing after an error. |
38 | [Arne Ansper <arne@ats.cyber.ee>] | |
39 | ||
4a18cddd BL |
40 | *) rsa_eay.c would attempt to free a NULL context. |
41 | [Arne Ansper <arne@ats.cyber.ee>] | |
42 | ||
bb65e20b BL |
43 | *) BIO_s_socket() had a broken should_retry() on Windoze. |
44 | [Arne Ansper <arne@ats.cyber.ee>] | |
45 | ||
b5e406f7 BL |
46 | *) BIO_f_buffer() didn't pass on BIO_CTRL_FLUSH. |
47 | [Arne Ansper <arne@ats.cyber.ee>] | |
48 | ||
cb0f35d7 RE |
49 | *) Make sure the already existing X509_STORE->depth variable is initialized |
50 | in X509_STORE_new(), but document the fact that this variable is still | |
51 | unused in the certificate verification process. | |
52 | [Ralf S. Engelschall] | |
53 | ||
cfcf6453 | 54 | *) Fix the various library and apps files to free up pkeys obtained from |
ad65ce75 | 55 | X509_PUBKEY_get() et al. Also allow x509.c to handle netscape extensions. |
cfcf6453 DSH |
56 | [Steve Henson] |
57 | ||
cdbb8c2f BL |
58 | *) Fix reference counting in X509_PUBKEY_get(). This makes |
59 | demos/maurice/example2.c work, amongst others, probably. | |
60 | [Steve Henson and Ben Laurie] | |
61 | ||
06d5b162 RE |
62 | *) First cut of a cleanup for apps/. First the `ssleay' program is now named |
63 | `openssl' and second, the shortcut symlinks for the `openssl <command>' | |
64 | are no longer created. This way we have a single and consistent command | |
65 | line interface `openssl <command>', similar to `cvs <command>'. | |
cdbb8c2f | 66 | [Ralf S. Engelschall, Paul Sutton and Ben Laurie] |
06d5b162 | 67 | |
c35f549e DSH |
68 | *) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey |
69 | BIT STRING wrapper always have zero unused bits. | |
70 | [Steve Henson] | |
71 | ||
ebc828ca DSH |
72 | *) Add CA.pl, perl version of CA.sh, add extended key usage OID. |
73 | [Steve Henson] | |
74 | ||
79e259e3 PS |
75 | *) Make the top-level INSTALL documentation easier to understand. |
76 | [Paul Sutton] | |
77 | ||
56ee3117 PS |
78 | *) Makefiles updated to exit if an error occurs in a sub-directory |
79 | make (including if user presses ^C) [Paul Sutton] | |
80 | ||
6063b27b BL |
81 | *) Make Montgomery context stuff explicit in RSA data structure. |
82 | [Ben Laurie] | |
83 | ||
84 | *) Fix build order of pem and err to allow for generated pem.h. | |
85 | [Ben Laurie] | |
86 | ||
87 | *) Fix renumbering bug in X509_NAME_delete_entry(). | |
88 | [Ben Laurie] | |
89 | ||
792a9002 | 90 | *) Enhanced the err-ins.pl script so it makes the error library number |
91 | global and can add a library name. This is needed for external ASN1 and | |
92 | other error libraries. | |
93 | [Steve Henson] | |
94 | ||
95 | *) Fixed sk_insert which never worked properly. | |
96 | [Steve Henson] | |
97 | ||
98 | *) Fix ASN1 macros so they can handle indefinite length construted | |
99 | EXPLICIT tags. Some non standard certificates use these: they can now | |
100 | be read in. | |
101 | [Steve Henson] | |
102 | ||
ce72df1c RE |
103 | *) Merged the various old/obsolete SSLeay documentation files (doc/xxx.doc) |
104 | into a single doc/ssleay.txt bundle. This way the information is still | |
105 | preserved but no longer messes up this directory. Now it's new room for | |
106 | the new set of documenation files. | |
107 | [Ralf S. Engelschall] | |
108 | ||
4098e89c BL |
109 | *) SETs were incorrectly DER encoded. This was a major pain, because they |
110 | shared code with SEQUENCEs, which aren't coded the same. This means that | |
111 | almost everything to do with SETs or SEQUENCEs has either changed name or | |
112 | number of arguments. | |
113 | [Ben Laurie, based on a partial fix by GP Jayan <gp@nsj.co.jp>] | |
114 | ||
115 | *) Fix test data to work with the above. | |
116 | [Ben Laurie] | |
117 | ||
03f8b042 BL |
118 | *) Fix the RSA header declarations that hid a bug I fixed in 0.9.0b but |
119 | was already fixed by Eric for 0.9.1 it seems. | |
88fce979 | 120 |