]>
Commit | Line | Data |
---|---|---|
651d0aff | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
38e33cef UM |
5 | Changes between 0.9.4 and 0.9.5 [xx XXX 2000] |
6 | ||
72b60351 DSH |
7 | *) Change the EVP_MD_CTX_type macro so its meaning consistent with |
8 | EVP_MD_type. The old functionality is available in a new macro called | |
9 | EVP_MD_md(). Change code that uses it and update docs. | |
10 | [Steve Henson] | |
11 | ||
745c70e5 BM |
12 | *) ..._ctrl functions now have corresponding ..._callback_ctrl functions |
13 | where the 'void *' argument is replaced by a function pointer argument. | |
14 | Previously 'void *' was abused to point to functions, which works on | |
15 | many platforms, but is not correct. As these functions are usually | |
16 | called by macros defined in OpenSSL header files, most source code | |
17 | should work without changes. | |
18 | ||
19 | *) <openssl/opensslconf.h> (which is created by Configure) now contains | |
20 | sections with information on -D... compiler switches used for | |
21 | compiling the library so that applications can see them. To enable | |
22 | one of these sections, a pre-processor symbol OPENSSL_..._DEFINES | |
23 | must be defined. E.g., | |
24 | #define OPENSSL_ALGORITHM_DEFINES | |
25 | #include <openssl/opensslconf.h> | |
26 | defines all pertinent NO_<algo> symbols, such as NO_IDEA, NO_RSA, etc. | |
27 | ||
b35e9050 BM |
28 | *) Bugfix: Tolerate fragmentation and interleaving in the SSL 3/TLS |
29 | record layer. | |
30 | [Bodo Moeller] | |
31 | ||
d754b385 DSH |
32 | *) Change the 'other' type in certificate aux info to a STACK_OF |
33 | X509_ALGOR. Although not an AlgorithmIdentifier as such it has | |
34 | the required ASN1 format: arbitrary types determined by an OID. | |
35 | [Steve Henson] | |
36 | ||
8a208cba DSH |
37 | *) Add some PEM_write_X509_REQ_NEW() functions and a command line |
38 | argument to 'req'. This is not because the function is newer or | |
39 | better than others it just uses the work 'NEW' in the certificate | |
40 | request header lines. Some software needs this. | |
41 | [Steve Henson] | |
42 | ||
a3fe382e DSH |
43 | *) Reorganise password command line arguments: now passwords can be |
44 | obtained from various sources. Delete the PEM_cb function and make | |
45 | it the default behaviour: i.e. if the callback is NULL and the | |
46 | usrdata argument is not NULL interpret it as a null terminated pass | |
47 | phrase. If usrdata and the callback are NULL then the pass phrase | |
48 | is prompted for as usual. | |
49 | [Steve Henson] | |
50 | ||
bd03b99b BL |
51 | *) Add support for the Compaq Atalla crypto accelerator. If it is installed, |
52 | the support is automatically enabled. The resulting binaries will | |
53 | autodetect the card and use it if present. | |
54 | [Ben Laurie and Compaq Inc.] | |
55 | ||
de469ef2 DSH |
56 | *) Work around for Netscape hang bug. This sends certificate request |
57 | and server done in one record. Since this is perfectly legal in the | |
58 | SSL/TLS protocol it isn't a "bug" option and is on by default. See | |
59 | the bugs/SSLv3 entry for more info. | |
60 | [Steve Henson] | |
61 | ||
bcba6cc6 AP |
62 | *) HP-UX tune-up: new unified configs, HP C compiler bug workaround. |
63 | [Andy Polyakov] | |
64 | ||
d13e4eb0 DSH |
65 | *) Add -rand argument to smime and pkcs12 applications and read/write |
66 | of seed file. | |
67 | [Steve Henson] | |
68 | ||
3ebf0be1 | 69 | *) New 'passwd' tool for crypt(3) and apr1 password hashes. |
bb325c7d BM |
70 | [Bodo Moeller] |
71 | ||
f07fb9b2 DSH |
72 | *) Add command line password options to the remaining applications. |
73 | [Steve Henson] | |
74 | ||
cae55bfc UM |
75 | *) Bug fix for BN_div_recp() for numerators with an even number of |
76 | bits. | |
77 |