[thirdparty/openssl.git] / CHANGES


 OpenTLS CHANGES
 _______________


 Changes between 0.9.01b and 0.9.1c

  *) Fixed the nasty bug where rsaref.h was not found under compile-time
     because the symlink to include/ was missing.
     [Ralf S. Engelschall]

  *) Incorporated the popular no-RSA/DSA-only patches 
     which allow to compile a RSA-free SSLeay.
     [Interrader Ldt., Ralf S. Engelschall]

  *) Fixed nasty rehash problem under `make -f Makefile.ssl links'
     when "ssleay" is still not found.
     [Ralf S. Engelschall]

  *) Added more platforms to Configure: Cray T3E, HPUX 11, 
     [Ralf S. Engelschall, Beckmann <beckman@acl.lanl.gov>]

  *) Updated the README file.
     [Ralf S. Engelschall]

  *) Added various .cvsignore files in the CVS repository subdirs
     to make a "cvs update" really silent.
     [Ralf S. Engelschall]

  *) Recompiled the error-definition header files and added
     missing symbols to the Win32 linker tables.
     [Ralf S. Engelschall]

  *) Cleaned up the top-level documents;
     o new files: CHANGES and LICENSE
     o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay 
     o merged COPYRIGHT into LICENSE
     o removed obsolete TODO file
     o renamed MICROSOFT to INSTALL.W32
     [Ralf S. Engelschall]

  *) Removed dummy files from the 0.9.1b source tree: 
     crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
     crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
     crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
     crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
     util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
     [Ralf S. Engelschall]

  *) Added various platform portability fixes.
     [Marc J. Cox]

  *) The Genesis of the OpenTLS rpject:
     We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
     Joung and Tim J. Hudson created while they were working for C2Net until
     summer 1998.
     [The OpenTLS Project]
 
 Changes between 0.9.0b and 0.9.1b

  *) Updated a few CA certificates under certs/
     [Eric A. Young]

  *) Changed some BIGNUM api stuff.
     [Eric A. Young]

  *) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD, 
     DGUX x86, Linux Alpha, etc.
     [Eric A. Young]

  *) New COMP library [crypto/comp/] for SSL Record Layer Compression: 
     RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
     available).
     [Eric A. Young]

  *) Add -strparse option to asn1pars program which parses nested 
     binary structures 
     [Dr Stephen Henson <shenson@bigfoot.com>]

  *) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
     [Eric A. Young]

  *) DSA fix for "ca" program.
     [Eric A. Young]

  *) Added "-genkey" option to "dsaparam" program.
     [Eric A. Young]

  *) Added RIPE MD160 (rmd160) message digest.
     [Eric A. Young]

  *) Added -a (all) option to "ssleay version" command.
     [Eric A. Young]

  *) Added PLATFORM define which is the id given to Configure.
     [Eric A. Young]

  *) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
     [Eric A. Young]

  *) Extended the ASN.1 parser routines.
     [Eric A. Young]

  *) Extended BIO routines to support REUSEADDR, seek, tell, etc.
     [Eric A. Young]

  *) Added a BN_CTX to the BN library.
     [Eric A. Young]

  *) Fixed the weak key values in DES library
     [Eric A. Young]

  *) Changed API in EVP library for cipher aliases.
     [Eric A. Young]

  *) Added support for RC2/64bit cipher.
     [Eric A. Young]

  *) Converted the lhash library to the crypto/mem.c functions.
     [Eric A. Young]

  *) Added more recognized ASN.1 object ids.
     [Eric A. Young]

  *) Added more RSA padding checks for SSL/TLS.
     [Eric A. Young]

  *) Added BIO proxy/filter functionality.
     [Eric A. Young]

  *) Added extra_certs to SSL_CTX which can be used
     send extra CA certificates to the client in the CA cert chain sending
     process. It can be configured with SSL_CTX_add_extra_chain_cert().
     [Eric A. Young]

  *) Now Fortezza is denied in the authentication phase because
     this is key exchange mechanism is not supported by SSLeay at all.
     [Eric A. Young]

  *) Additional PKCS1 checks.
     [Eric A. Young]

  *) Support the string "TLSv1" for all TLS v1 ciphers.
     [Eric A. Young]

  *) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
     ex_data index of the SSL context in the X509_STORE_CTX ex_data.
     [Eric A. Young]

  *) Fixed a few memory leaks.
     [Eric A. Young]

  *) Fixed various code and comment typos.
     [Eric A. Young]

  *) A minor bug in ssl/s3_clnt.c where there would always be 4 0 
     bytes sent in the client random.
     [Edward Bishop <ebishop@spyglass.com>]
Commit	Line	Data
651d0aff RE	1
	2	OpenTLS CHANGES
	3	_______________
	4
	5
	6	Changes between 0.9.01b and 0.9.1c
	7
13e91dd3 RE	8	*) Fixed the nasty bug where rsaref.h was not found under compile-time
	9	because the symlink to include/ was missing.
	10	[Ralf S. Engelschall]
	11
	12	*) Incorporated the popular no-RSA/DSA-only patches
	13	which allow to compile a RSA-free SSLeay.
	14	[Interrader Ldt., Ralf S. Engelschall]
	15
	16	*) Fixed nasty rehash problem under `make -f Makefile.ssl links'
	17	when "ssleay" is still not found.
	18	[Ralf S. Engelschall]
	19
	20	*) Added more platforms to Configure: Cray T3E, HPUX 11,
	21	[Ralf S. Engelschall, Beckmann <beckman@acl.lanl.gov>]
	22
651d0aff RE	23	*) Updated the README file.
	24	[Ralf S. Engelschall]
	25
	26	*) Added various .cvsignore files in the CVS repository subdirs
	27	to make a "cvs update" really silent.
	28	[Ralf S. Engelschall]
	29
	30	*) Recompiled the error-definition header files and added
	31	missing symbols to the Win32 linker tables.
	32	[Ralf S. Engelschall]
	33
	34	*) Cleaned up the top-level documents;
	35	o new files: CHANGES and LICENSE
	36	o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay
	37	o merged COPYRIGHT into LICENSE
	38	o removed obsolete TODO file
	39	o renamed MICROSOFT to INSTALL.W32
	40	[Ralf S. Engelschall]
	41
	42	*) Removed dummy files from the 0.9.1b source tree:
	43	crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
	44	crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
	45	crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
	46	crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
	47	util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
	48	[Ralf S. Engelschall]
	49
13e91dd3	50	*) Added various platform portability fixes.
651d0aff RE	51	[Marc J. Cox]
	52
	53	*) The Genesis of the OpenTLS rpject:
	54	We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
	55	Joung and Tim J. Hudson created while they were working for C2Net until
	56	summer 1998.
	57	[The OpenTLS Project]
	58
	59	Changes between 0.9.0b and 0.9.1b
	60
	61	*) Updated a few CA certificates under certs/
	62	[Eric A. Young]
	63
	64	*) Changed some BIGNUM api stuff.
	65	[Eric A. Young]
	66
	67	*) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD,
	68	DGUX x86, Linux Alpha, etc.
	69	[Eric A. Young]
	70
	71	*) New COMP library [crypto/comp/] for SSL Record Layer Compression:
	72	RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
	73	available).
	74	[Eric A. Young]
	75
	76	*) Add -strparse option to asn1pars program which parses nested
	77	binary structures
	78	[Dr Stephen Henson <shenson@bigfoot.com>]
	79
	80	*) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
	81	[Eric A. Young]
	82
	83	*) DSA fix for "ca" program.
	84	[Eric A. Young]
	85
	86	*) Added "-genkey" option to "dsaparam" program.
	87	[Eric A. Young]
	88
	89	*) Added RIPE MD160 (rmd160) message digest.
	90	[Eric A. Young]
	91
	92	*) Added -a (all) option to "ssleay version" command.
	93	[Eric A. Young]
	94
	95	*) Added PLATFORM define which is the id given to Configure.
	96	[Eric A. Young]
	97
	98	*) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
	99	[Eric A. Young]
	100
	101	*) Extended the ASN.1 parser routines.
	102	[Eric A. Young]
	103
	104	*) Extended BIO routines to support REUSEADDR, seek, tell, etc.
	105	[Eric A. Young]
	106
	107	*) Added a BN_CTX to the BN library.
	108	[Eric A. Young]
	109
	110	*) Fixed the weak key values in DES library
	111	[Eric A. Young]
	112
	113	*) Changed API in EVP library for cipher aliases.
	114	[Eric A. Young]
115
116	*) Added support for RC2/64bit cipher.
117	[Eric A. Young]
118
119	*) Converted the lhash library to the crypto/mem.c functions.
120	[Eric A. Young]
121
122	*) Added more recognized ASN.1 object ids.
123	[Eric A. Young]
124
125	*) Added more RSA padding checks for SSL/TLS.
126	[Eric A. Young]
127
128	*) Added BIO proxy/filter functionality.
129	[Eric A. Young]
130
131	*) Added extra_certs to SSL_CTX which can be used
132	send extra CA certificates to the client in the CA cert chain sending
133	process. It can be configured with SSL_CTX_add_extra_chain_cert().
134	[Eric A. Young]
135
136	*) Now Fortezza is denied in the authentication phase because
137	this is key exchange mechanism is not supported by SSLeay at all.
138	[Eric A. Young]
139
140	*) Additional PKCS1 checks.
141	[Eric A. Young]
142
143	*) Support the string "TLSv1" for all TLS v1 ciphers.
144	[Eric A. Young]
145
146	*) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
147	ex_data index of the SSL context in the X509_STORE_CTX ex_data.
148	[Eric A. Young]
149
150	*) Fixed a few memory leaks.
151	[Eric A. Young]
152
153	*) Fixed various code and comment typos.
154	[Eric A. Young]
155
156	*) A minor bug in ssl/s3_clnt.c where there would always be 4 0
157	bytes sent in the client random.
158	[Edward Bishop <ebishop@spyglass.com>]
159