[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________


 Changes between 0.9.3 and 0.9.3a  [29 May 1999]

  *) New configuration variant "sco5-gcc".

  *) Updated some demos.
     [Sean O Riordain, Wade Scholine]

  *) Add missing BIO_free at exit of pkcs12 application.
     [Wu Zhigang]

  *) Fix memory leak in conf.c.
     [Steve Henson]

  *) Updates for Win32 to assembler version of MD5.
     [Steve Henson]

  *) Set #! path to perl in apps/der_chop to where we found it
     instead of using a fixed path.
     [Bodo Moeller]

  *) SHA library changes for irix64-mips4-cc.
     [Andy Polyakov]

  *) Improvements for VMS support.
     [Richard Levitte]

 Changes between 0.9.2b and 0.9.3  [24 May 1999]

  *) Bignum library bug fix. IRIX 6 passes "make test" now!
     This also avoids the problems with SC4.2 and unpatched SC5.  
     [Andy Polyakov <appro@fy.chalmers.se>]

  *) New functions sk_num, sk_value and sk_set to replace the previous macros.
     These are required because of the typesafe stack would otherwise break 
     existing code. If old code used a structure member which used to be STACK
     and is now STACK_OF (for example cert in a PKCS7_SIGNED structure) with
     sk_num or sk_value it would produce an error because the num, data members
     are not present in STACK_OF. Now it just produces a warning. sk_set
     replaces the old method of assigning a value to sk_value
     (e.g. sk_value(x, i) = y) which the library used in a few cases. Any code
     that does this will no longer work (and should use sk_set instead) but
     this could be regarded as a "questionable" behaviour anyway.
     [Steve Henson]

  *) Fix most of the other PKCS#7 bugs. The "experimental" code can now
     correctly handle encrypted S/MIME data.
     [Steve Henson]

  *) Change type of various DES function arguments from des_cblock
     (which means, in function argument declarations, pointer to char)
     to des_cblock * (meaning pointer to array with 8 char elements),
     which allows the compiler to do more typechecking; it was like
     that back in SSLeay, but with lots of ugly casts.

     Introduce new type const_des_cblock.
     [Bodo Moeller]

  *) Reorganise the PKCS#7 library and get rid of some of the more obvious
     problems: find RecipientInfo structure that matches recipient certificate
     and initialise the ASN1 structures properly based on passed cipher.
     [Steve Henson]

  *) Belatedly make the BN tests actually check the results.
     [Ben Laurie]

  *) Fix the encoding and decoding of negative ASN1 INTEGERS and conversion
     to and from BNs: it was completely broken. New compilation option
     NEG_PUBKEY_BUG to allow for some broken certificates that encode public
     key elements as negative integers.
     [Steve Henson]

  *) Reorganize and speed up MD5.
     [Andy Polyakov <appro@fy.chalmers.se>]

  *) VMS support.
     [Richard Levitte <richard@levitte.org>]

  *) New option -out to asn1parse to allow the parsed structure to be
     output to a file. This is most useful when combined with the -strparse
     option to examine the output of things like OCTET STRINGS.
     [Steve Henson]

  *) Make SSL library a little more fool-proof by not requiring any longer
     that SSL_set_{accept,connect}_state be called before
     SSL_{accept,connect} may be used (SSL_set_..._state is omitted
     in many applications because usually everything *appeared* to work as
     intended anyway -- now it really works as intended).
     [Bodo Moeller]

  *) Move openssl.cnf out of lib/.
Commit	Line	Data
651d0aff	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
	4
	5
31fab3e8	6	Changes between 0.9.3 and 0.9.3a [29 May 1999]
472bde40	7
2e36cc41 BM	8	*) New configuration variant "sco5-gcc".
2e36cc41 BM	9
71f08093	10	*) Updated some demos.
054009a6	11	[Sean O Riordain, Wade Scholine]
71f08093	12
e95f6268 BM	13	*) Add missing BIO_free at exit of pkcs12 application.
	14	[Wu Zhigang]
	15
	16	*) Fix memory leak in conf.c.
	17	[Steve Henson]
	18
472bde40 BM	19	*) Updates for Win32 to assembler version of MD5.
	20	[Steve Henson]
	21
	22	*) Set #! path to perl in apps/der_chop to where we found it
	23	instead of using a fixed path.
	24	[Bodo Moeller]
	25
	26	*) SHA library changes for irix64-mips4-cc.
	27	[Andy Polyakov]
	28
	29	*) Improvements for VMS support.
	30	[Richard Levitte]
	31
557068c0	32	Changes between 0.9.2b and 0.9.3 [24 May 1999]
7d7d2cbc	33
e14d4443 UM	34	*) Bignum library bug fix. IRIX 6 passes "make test" now!
	35	This also avoids the problems with SC4.2 and unpatched SC5.
	36	[Andy Polyakov <appro@fy.chalmers.se>]
	37
e84240d4 DSH	38	*) New functions sk_num, sk_value and sk_set to replace the previous macros.
	39	These are required because of the typesafe stack would otherwise break
	40	existing code. If old code used a structure member which used to be STACK
	41	and is now STACK_OF (for example cert in a PKCS7_SIGNED structure) with
	42	sk_num or sk_value it would produce an error because the num, data members
	43	are not present in STACK_OF. Now it just produces a warning. sk_set
	44	replaces the old method of assigning a value to sk_value
	45	(e.g. sk_value(x, i) = y) which the library used in a few cases. Any code
	46	that does this will no longer work (and should use sk_set instead) but
	47	this could be regarded as a "questionable" behaviour anyway.
	48	[Steve Henson]
	49
1b266dab DSH	50	*) Fix most of the other PKCS#7 bugs. The "experimental" code can now
	51	correctly handle encrypted S/MIME data.
	52	[Steve Henson]
	53
55519bbb	54	*) Change type of various DES function arguments from des_cblock
f43c8149	55	(which means, in function argument declarations, pointer to char)
55519bbb BM	56	to des_cblock * (meaning pointer to array with 8 char elements),
	57	which allows the compiler to do more typechecking; it was like
	58	that back in SSLeay, but with lots of ugly casts.
	59
	60	Introduce new type const_des_cblock.
	61	[Bodo Moeller]
	62
84fa704c DSH	63	*) Reorganise the PKCS#7 library and get rid of some of the more obvious
	64	problems: find RecipientInfo structure that matches recipient certificate
	65	and initialise the ASN1 structures properly based on passed cipher.
	66	[Steve Henson]
	67
62bad771 BL	68	*) Belatedly make the BN tests actually check the results.
	69	[Ben Laurie]
	70
1ad2ecb6 DSH	71	*) Fix the encoding and decoding of negative ASN1 INTEGERS and conversion
	72	to and from BNs: it was completely broken. New compilation option
	73	NEG_PUBKEY_BUG to allow for some broken certificates that encode public
	74	key elements as negative integers.
	75	[Steve Henson]
	76
bd3576d2 UM	77	*) Reorganize and speed up MD5.
	78	[Andy Polyakov <appro@fy.chalmers.se>]
	79
7d7d2cbc UM	80	*) VMS support.
7d7d2cbc UM	81	[Richard Levitte <richard@levitte.org>]
1b276f30	82
f5eac85e DSH	83	*) New option -out to asn1parse to allow the parsed structure to be
	84	output to a file. This is most useful when combined with the -strparse
	85	option to examine the output of things like OCTET STRINGS.
	86	[Steve Henson]
	87
b31b04d9 BM	88	*) Make SSL library a little more fool-proof by not requiring any longer
	89	that SSL_set_{accept,connect}_state be called before
	90	SSL_{accept,connect} may be used (SSL_set_..._state is omitted
	91	in many applications because usually everything appeared to work as
	92	intended anyway -- now it really works as intended).
	93	[Bodo Moeller]
	94
d5a2ea4b UM	95	*) Move openssl.cnf out of lib/.
	96