[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________


 Changes between 0.9.01c and 0.9.1d

  *) Fix various bugs in Configure. This affects the following platforms:
     nextstep
     ncr-scde
     unixware-2.0
     unixware-2.0-pentium
     sco5-cc.
     [Ben Laurie]

 Changes between 0.9.01b and 0.9.1c

  *) Added OPENSSL_VERSION_NUMBER to crypto/crypto.h and 
     changed SSLeay to OpenSSL in version strings.
     [Ralf S. Engelschall]
  
  *) Some fixups to the top-level documents.
     [Paul Sutton]

  *) Fixed the nasty bug where rsaref.h was not found under compile-time
     because the symlink to include/ was missing.
     [Ralf S. Engelschall]

  *) Incorporated the popular no-RSA/DSA-only patches 
     which allow to compile a RSA-free SSLeay.
     [Andrew Cooke / Interrader Ldt., Ralf S. Engelschall]

  *) Fixed nasty rehash problem under `make -f Makefile.ssl links'
     when "ssleay" is still not found.
     [Ralf S. Engelschall]

  *) Added more platforms to Configure: Cray T3E, HPUX 11, 
     [Ralf S. Engelschall, Beckmann <beckman@acl.lanl.gov>]

  *) Updated the README file.
     [Ralf S. Engelschall]

  *) Added various .cvsignore files in the CVS repository subdirs
     to make a "cvs update" really silent.
     [Ralf S. Engelschall]

  *) Recompiled the error-definition header files and added
     missing symbols to the Win32 linker tables.
     [Ralf S. Engelschall]

  *) Cleaned up the top-level documents;
     o new files: CHANGES and LICENSE
     o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay 
     o merged COPYRIGHT into LICENSE
     o removed obsolete TODO file
     o renamed MICROSOFT to INSTALL.W32
     [Ralf S. Engelschall]

  *) Removed dummy files from the 0.9.1b source tree: 
     crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
     crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
     crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
     crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
     util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
     [Ralf S. Engelschall]

  *) Added various platform portability fixes.
     [Mark J. Cox]

  *) The Genesis of the OpenSSL rpject:
     We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
     Joung and Tim J. Hudson created while they were working for C2Net until
     summer 1998.
     [The OpenSSL Project]
 
 Changes between 0.9.0b and 0.9.1b

  *) Updated a few CA certificates under certs/
     [Eric A. Young]

  *) Changed some BIGNUM api stuff.
     [Eric A. Young]

  *) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD, 
     DGUX x86, Linux Alpha, etc.
     [Eric A. Young]

  *) New COMP library [crypto/comp/] for SSL Record Layer Compression: 
     RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
     available).
     [Eric A. Young]

  *) Add -strparse option to asn1pars program which parses nested 
     binary structures 
     [Dr Stephen Henson <shenson@bigfoot.com>]

  *) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
     [Eric A. Young]

  *) DSA fix for "ca" program.
     [Eric A. Young]

  *) Added "-genkey" option to "dsaparam" program.
     [Eric A. Young]

  *) Added RIPE MD160 (rmd160) message digest.
     [Eric A. Young]

  *) Added -a (all) option to "ssleay version" command.
     [Eric A. Young]

  *) Added PLATFORM define which is the id given to Configure.
     [Eric A. Young]

  *) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
     [Eric A. Young]

  *) Extended the ASN.1 parser routines.
     [Eric A. Young]

  *) Extended BIO routines to support REUSEADDR, seek, tell, etc.
     [Eric A. Young]

  *) Added a BN_CTX to the BN library.
     [Eric A. Young]

  *) Fixed the weak key values in DES library
     [Eric A. Young]

  *) Changed API in EVP library for cipher aliases.
     [Eric A. Young]

  *) Added support for RC2/64bit cipher.
     [Eric A. Young]

  *) Converted the lhash library to the crypto/mem.c functions.
     [Eric A. Young]

  *) Added more recognized ASN.1 object ids.
     [Eric A. Young]

  *) Added more RSA padding checks for SSL/TLS.
     [Eric A. Young]

  *) Added BIO proxy/filter functionality.
     [Eric A. Young]

  *) Added extra_certs to SSL_CTX which can be used
     send extra CA certificates to the client in the CA cert chain sending
     process. It can be configured with SSL_CTX_add_extra_chain_cert().
     [Eric A. Young]

  *) Now Fortezza is denied in the authentication phase because
     this is key exchange mechanism is not supported by SSLeay at all.
     [Eric A. Young]

  *) Additional PKCS1 checks.
     [Eric A. Young]

  *) Support the string "TLSv1" for all TLS v1 ciphers.
     [Eric A. Young]

  *) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
     ex_data index of the SSL context in the X509_STORE_CTX ex_data.
     [Eric A. Young]

  *) Fixed a few memory leaks.
     [Eric A. Young]

  *) Fixed various code and comment typos.
     [Eric A. Young]

  *) A minor bug in ssl/s3_clnt.c where there would always be 4 0 
     bytes sent in the client random.
     [Edward Bishop <ebishop@spyglass.com>]
Commit	Line	Data
651d0aff	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
	4
	5
320a14cb RE	6	Changes between 0.9.01c and 0.9.1d
320a14cb RE	7
1641cb60 BL	8	*) Fix various bugs in Configure. This affects the following platforms:
	9	nextstep
	10	ncr-scde
	11	unixware-2.0
	12	unixware-2.0-pentium
	13	sco5-cc.
	14	[Ben Laurie]
ae82b46f	15
651d0aff	16	Changes between 0.9.01b and 0.9.1c
9ce5db45	17
f10a5c2a RE	18	*) Added OPENSSL_VERSION_NUMBER to crypto/crypto.h and
f10a5c2a RE	19	changed SSLeay to OpenSSL in version strings.
9ce5db45	20	[Ralf S. Engelschall]
9acc2aa6 RE	21
	22	*) Some fixups to the top-level documents.
	23	[Paul Sutton]
651d0aff	24
13e91dd3 RE	25	*) Fixed the nasty bug where rsaref.h was not found under compile-time
	26	because the symlink to include/ was missing.
	27	[Ralf S. Engelschall]
	28
	29	*) Incorporated the popular no-RSA/DSA-only patches
	30	which allow to compile a RSA-free SSLeay.
320a14cb	31	[Andrew Cooke / Interrader Ldt., Ralf S. Engelschall]
13e91dd3 RE	32
	33	*) Fixed nasty rehash problem under `make -f Makefile.ssl links'
	34	when "ssleay" is still not found.
	35	[Ralf S. Engelschall]
	36
	37	*) Added more platforms to Configure: Cray T3E, HPUX 11,
	38	[Ralf S. Engelschall, Beckmann <beckman@acl.lanl.gov>]
	39
651d0aff RE	40	*) Updated the README file.
	41	[Ralf S. Engelschall]
	42
	43	*) Added various .cvsignore files in the CVS repository subdirs
	44	to make a "cvs update" really silent.
	45	[Ralf S. Engelschall]
	46
	47	*) Recompiled the error-definition header files and added
	48	missing symbols to the Win32 linker tables.
	49	[Ralf S. Engelschall]
	50
	51	*) Cleaned up the top-level documents;
	52	o new files: CHANGES and LICENSE
	53	o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay
	54	o merged COPYRIGHT into LICENSE
	55	o removed obsolete TODO file
	56	o renamed MICROSOFT to INSTALL.W32
	57	[Ralf S. Engelschall]
	58
	59	*) Removed dummy files from the 0.9.1b source tree:
	60	crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
	61	crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
	62	crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
	63	crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
	64	util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
	65	[Ralf S. Engelschall]
	66
13e91dd3	67	*) Added various platform portability fixes.
9acc2aa6	68	[Mark J. Cox]
651d0aff	69
f1c236f8	70	*) The Genesis of the OpenSSL rpject:
651d0aff RE	71	We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
	72	Joung and Tim J. Hudson created while they were working for C2Net until
	73	summer 1998.
f1c236f8	74	[The OpenSSL Project]
651d0aff RE	75
	76	Changes between 0.9.0b and 0.9.1b
	77
	78	*) Updated a few CA certificates under certs/
	79	[Eric A. Young]
	80
	81	*) Changed some BIGNUM api stuff.
	82	[Eric A. Young]
	83
	84	*) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD,
	85	DGUX x86, Linux Alpha, etc.
	86	[Eric A. Young]
	87
	88	*) New COMP library [crypto/comp/] for SSL Record Layer Compression:
	89	RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
	90	available).
	91	[Eric A. Young]
	92
	93	*) Add -strparse option to asn1pars program which parses nested
	94	binary structures
	95	[Dr Stephen Henson <shenson@bigfoot.com>]
	96
	97	*) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
	98	[Eric A. Young]
	99
	100	*) DSA fix for "ca" program.
	101	[Eric A. Young]
	102
	103	*) Added "-genkey" option to "dsaparam" program.
	104	[Eric A. Young]
	105
	106	*) Added RIPE MD160 (rmd160) message digest.
	107	[Eric A. Young]
	108
	109	*) Added -a (all) option to "ssleay version" command.
	110	[Eric A. Young]
	111
	112	*) Added PLATFORM define which is the id given to Configure.
	113	[Eric A. Young]
	114
	115	*) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
	116	[Eric A. Young]
	117
	118	*) Extended the ASN.1 parser routines.
	119	[Eric A. Young]
	120
	121	*) Extended BIO routines to support REUSEADDR, seek, tell, etc.
	122	[Eric A. Young]
	123
	124	*) Added a BN_CTX to the BN library.
	125	[Eric A. Young]
	126
	127	*) Fixed the weak key values in DES library
	128	[Eric A. Young]
	129
	130	*) Changed API in EVP library for cipher aliases.
	131	[Eric A. Young]
	132
	133	*) Added support for RC2/64bit cipher.
	134	[Eric A. Young]
	135
	136	*) Converted the lhash library to the crypto/mem.c functions.
	137	[Eric A. Young]
	138
139	*) Added more recognized ASN.1 object ids.
140	[Eric A. Young]
141
142	*) Added more RSA padding checks for SSL/TLS.
143	[Eric A. Young]
144
145	*) Added BIO proxy/filter functionality.
146	[Eric A. Young]
147
148	*) Added extra_certs to SSL_CTX which can be used
149	send extra CA certificates to the client in the CA cert chain sending
150	process. It can be configured with SSL_CTX_add_extra_chain_cert().
151	[Eric A. Young]
152
153	*) Now Fortezza is denied in the authentication phase because
154	this is key exchange mechanism is not supported by SSLeay at all.
155	[Eric A. Young]
156
157	*) Additional PKCS1 checks.
158	[Eric A. Young]
159
160	*) Support the string "TLSv1" for all TLS v1 ciphers.
161	[Eric A. Young]
162
163	*) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
164	ex_data index of the SSL context in the X509_STORE_CTX ex_data.
165	[Eric A. Young]
166
167	*) Fixed a few memory leaks.
168	[Eric A. Young]
169
170	*) Fixed various code and comment typos.
171	[Eric A. Young]
172
173	*) A minor bug in ssl/s3_clnt.c where there would always be 4 0
174	bytes sent in the client random.
175	[Edward Bishop <ebishop@spyglass.com>]
176