]>
Commit | Line | Data |
---|---|---|
651d0aff | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
5 | ||
1b276f30 RE |
6 | Changes between 0.9.2b and 0.9.3 |
7 | ||
f9a25931 RE |
8 | *) Add `openssl ca -revoke <certfile>' facility which revokes a certificate |
9 | specified in <certfile> by updating the entry in the index.txt file. | |
10 | This way one no longer has to edit the index.txt file manually for | |
11 | revoking a certificate. The -revoke option does the gory details now. | |
12 | [Massimiliano Pala <madwolf@openca.org>, Ralf S. Engelschall] | |
13 | ||
2f0cd195 RE |
14 | *) Fix `openssl crl -noout -text' combination where `-noout' killed the |
15 | `-text' option at all and this way the `-noout -text' combination was | |
16 | inconsistent in `openssl crl' with the friends in `openssl x509|rsa|dsa'. | |
17 | [Ralf S. Engelschall] | |
18 | ||
268c2102 RE |
19 | *) Make sure a corresponding plain text error message exists for the |
20 | X509_V_ERR_CERT_REVOKED/23 error number which can occur when a | |
21 | verify callback function determined that a certificate was revoked. | |
22 | [Ralf S. Engelschall] | |
23 | ||
fc8ee06b BM |
24 | *) Bugfix: In test/testenc, don't test "openssl <cipher>" for |
25 | ciphers that were excluded, e.g. by -DNO_IDEA. Also, test | |
26 | all available cipers including rc5, which was forgotten until now. | |
27 | In order to let the testing shell script know which algorithms | |
28 | are available, a new (up to now undocumented) command | |
29 | "openssl list-cipher-commands" is used. | |
30 | [Bodo Moeller] | |
31 | ||
c7ac31e2 BM |
32 | *) Bugfix: s_client occasionally would sleep in select() when |
33 | it should have checked SSL_pending() first. | |
34 | [Bodo Moeller] | |
35 | ||
9d892e28 UM |
36 | *) New functions DSA_do_sign and DSA_do_verify to provide access to |
37 | the raw DSA values prior to ASN.1 encoding. | |
38 |