projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| 81a6c781 | 1 | |
| f1c236f8 | 2 | OpenSSL CHANGES |
| 651d0aff RE |
3 | _______________ |
| 4 | ||
| beab098d | 5 | Changes between 0.9.7c and 0.9.8 [xx XXX xxxx] |
| 4d94ae00 | 6 | |
| 8dc344cc GT |
7 | *) Because of the callback-based approach for implementing LHASH as a |
| 8 | template type, lh_insert() adds opaque objects to hash-tables and | |
| 9 | lh_doall() or lh_doall_arg() are typically used with a destructor callback | |
| 10 | to clean up those corresponding objects before destroying the hash table | |
| 11 | (and losing the object pointers). So some over-zealous constifications in | |
| 12 | LHASH have been relaxed so that lh_insert() does not take (nor store) the | |
| 13 | objects as "const" and the lh_doall[_arg] callback wrappers are not | |
| 14 | prototyped to have "const" restrictions on the object pointers they are | |
| 15 | given (and so aren't required to cast them away any more). | |
| 16 | [Geoff Thorpe] | |
| 17 | ||
| 0991f070 GT |
18 | *) The tmdiff.h API was so ugly and minimal that our own timing utility |
| 19 | (speed) prefers to use its own implementation. The two implementations | |
| 20 | haven't been consolidated as yet (volunteers?) but the tmdiff API has had | |
| 21 | its object type properly exposed (MS_TM) instead of casting to/from "char | |
| 22 | *". This may still change yet if someone realises MS_TM and "ms_time_***" | |
| 23 | aren't necessarily the greatest nomenclatures - but this is what was used | |
| 24 | internally to the implementation so I've used that for now. | |
| 25 | [Geoff Thorpe] | |
| 26 | ||
| 9d473aa2 | 27 | *) Ensure that deprecated functions do not get compiled when |
| 2aaec9cc GT |
28 | OPENSSL_NO_DEPRECATED is defined. Some "openssl" subcommands and a few of |
| 29 | the self-tests were still using deprecated key-generation functions so | |
| 30 | these have been updated also. | |
| 9d473aa2 GT |
31 | [Geoff Thorpe] |
| 32 | ||
| c5a55463 DSH |
33 | *) Reorganise PKCS#7 code to separate the digest location functionality |
| 34 | into PKCS7_find_digest(), digest addtion into PKCS7_bio_add_digest(). | |
| 35 | New function PKCS7_set_digest() to set the digest type for PKCS#7 | |
| 36 | digestedData type. Add additional code to correctly generate the | |
| 37 | digestedData type and add support for this type in PKCS7 initialization | |
| 38 | functions. | |
| 8d9086df DSH |
39 | [Steve Henson] |
| 40 | ||
| c5a55463 DSH |
41 | *) New function PKCS7_set0_type_other() this initializes a PKCS7 |
| 42 | structure of type "other". | |
| 8d9086df DSH |
43 | [Steve Henson] |
| 44 | ||
| 6bd27f86 RE |
45 | *) Fix prime generation loop in crypto/bn/bn_prime.pl by making |
| 46 | sure the loop does correctly stop and breaking ("division by zero") | |
| 47 | modulus operations are not performed. The (pre-generated) prime | |
| 48 | table crypto/bn/bn_prime.h was already correct, but it could not be | |
| 49 | re-generated on some platforms because of the "division by zero" | |
| 50 | situation in the script. | |
| 51 | [Ralf S. Engelschall] | |
| 52 | ||
| 968766ca BM |
53 | *) Update support for ECC-based TLS ciphersuites according to |
| 54 | draft-ietf-tls-ecc-03.txt: the KDF1 key derivation function with | |
| 55 | SHA-1 now is only used for "small" curves (where the | |
| 56 | representation of a field element takes up to 24 bytes); for | |
| 57 | larger curves, the field element resulting from ECDH is directly | |
| 58 | used as premaster secret. | |
| 59 | [Douglas Stebila (Sun Microsystems Laboratories)] | |
| 60 | ||
| 652ae06b BM |
61 | *) Add code for kP+lQ timings to crypto/ec/ectest.c, and add SEC2 |
| 62 | curve secp160r1 to the tests. | |
| 63 | [Douglas Stebila (Sun Microsystems Laboratories)] | |
| 64 | ||
| e666c459 RL |
65 | *) Add the possibility to load symbols globally with DSO. |
| 66 |