[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.6 and 0.9.7  [xx XXX 2001]

     Both OpenSSL 0.9.6a (bugfix release, 5 Apr 2001) and OpenSSL 0.9.7
     are based on OpenSSL 0.9.6.  
     Change log entries are tagged as follows:
         -) applies to 0.9.6a (/0.9.6b) only
         *) applies to 0.9.6a (/0.9.6b) and 0.9.7
         +) applies to 0.9.7 only

  *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
     positive and less than q.
     [Bodo Moeller]

  +) Enhance the general user interface with mechanisms for inner control
     and with pssibilities to have yes/no kind of prompts.
     [Richard Levitte]

  *) Change all calls to low level digest routines in the library and
     applications to use EVP. Add missing calls to HMAC_cleanup() and
     don't assume HMAC_CTX can be copied using memcpy().
     [Verdon Walker <VWalker@novell.com>, Steve Henson]

  +) Add the possibility to control engines through control names but with
     arbitrary arguments instead of just a string.
     Change the key loaders to take a UI_METHOD instead of a callback
     function pointer.  NOTE: this breaks binary compatibility with earlier
     versions of OpenSSL [engine].
     Addapt the nCipher code for these new conditions and add a card insertion
     callback.
     [Richard Levitte]

  +) Enhance the general user interface with mechanisms to better support
     dialog box interfaces, application-defined prompts, the possibility
     to use defaults (for example default passwords from somewhere else)
     and interrupts/cancelations.
     [Richard Levitte]

  *) Don't change *pointer in CRYPTO_add_lock() is add_lock_callback is
     used: it isn't thread safe and the add_lock_callback should handle
     that itself.
     [Paul Rose <Paul.Rose@bridge.com>]

  *) Verify that incoming data obeys the block size in
     ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c).
     [Bodo Moeller]

  +) Tidy up PKCS#12 attribute handling. Add support for the CSP name
     attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
     [Steve Henson]

  *) Fix OAEP check.
Commit	Line	Data
81a6c781	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
a9d2bc49	5	Changes between 0.9.6 and 0.9.7 [xx XXX 2001]
a43cf9fa	6
f2346808	7	Both OpenSSL 0.9.6a (bugfix release, 5 Apr 2001) and OpenSSL 0.9.7
a9d2bc49 BM	8	are based on OpenSSL 0.9.6.
a9d2bc49 BM	9	Change log entries are tagged as follows:
f2346808 BM	10	-) applies to 0.9.6a (/0.9.6b) only
f2346808 BM	11	*) applies to 0.9.6a (/0.9.6b) and 0.9.7
a9d2bc49 BM	12	+) applies to 0.9.7 only
a9d2bc49 BM	13
c458a331 BM	14	*) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
	15	positive and less than q.
	16	[Bodo Moeller]
	17
fd3e027f	18	+) Enhance the general user interface with mechanisms for inner control
235dd0a2 RL	19	and with pssibilities to have yes/no kind of prompts.
	20	[Richard Levitte]
	21
323f289c DSH	22	*) Change all calls to low level digest routines in the library and
	23	applications to use EVP. Add missing calls to HMAC_cleanup() and
	24	don't assume HMAC_CTX can be copied using memcpy().
	25	[Verdon Walker <VWalker@novell.com>, Steve Henson]
	26
839590f5 RL	27	+) Add the possibility to control engines through control names but with
	28	arbitrary arguments instead of just a string.
	29	Change the key loaders to take a UI_METHOD instead of a callback
	30	function pointer. NOTE: this breaks binary compatibility with earlier
	31	versions of OpenSSL [engine].
	32	Addapt the nCipher code for these new conditions and add a card insertion
	33	callback.
	34	[Richard Levitte]
	35
9ad0f681 RL	36	+) Enhance the general user interface with mechanisms to better support
	37	dialog box interfaces, application-defined prompts, the possibility
	38	to use defaults (for example default passwords from somewhere else)
	39	and interrupts/cancelations.
	40	[Richard Levitte]
	41
3cc1f498 DSH	42	) Don't change pointer in CRYPTO_add_lock() is add_lock_callback is
	43	used: it isn't thread safe and the add_lock_callback should handle
	44	that itself.
	45	[Paul Rose <Paul.Rose@bridge.com>]
	46
285b4275 BM	47	*) Verify that incoming data obeys the block size in
	48	ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c).
	49	[Bodo Moeller]
	50
f2a253e0 DSH	51	+) Tidy up PKCS#12 attribute handling. Add support for the CSP name
	52	attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
	53	[Steve Henson]
	54
ecf18606 BM	55	*) Fix OAEP check.
	56