]>
Commit | Line | Data |
---|---|---|
651d0aff | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
0cceb1c7 BM |
5 | Changes between 0.9.3a and 0.9.4 |
6 | ||
dbd665c2 DSH |
7 | *) Complete the PEM_* macros with DECLARE_PEM versions to replace the |
8 | function prototypes in pem.h, also change util/mkdef.pl to add the | |
9 | necessary function names. | |
10 | [Steve Henson] | |
11 | ||
f76a8084 BM |
12 | *) mk1mf.pl (used by Windows builds) did not properly read the |
13 | options set by Configure in the top level Makefile; typo fixed, | |
14 | now "no-idea" etc. works as intended. | |
15 | [Bodo Moeller] | |
16 | ||
8623f693 DSH |
17 | *) New functions CONF_load_bio() and CONF_load_fp() to allow a config |
18 | file to be loaded from a BIO or FILE pointer. The BIO version will | |
19 | for example allow memory BIOs to contain config info. | |
20 | [Steve Henson] | |
21 | ||
a111306b BM |
22 | *) New function "CRYPTO_num_locks" that returns CRYPTO_NUM_LOCKS. |
23 | Whoever hopes to achieve shared-library compatibility across versions | |
24 | must use this, not the compile-time macro. | |
11af1a27 BM |
25 | (Exercise 0.9.4: Which is the minimum library version required by |
26 | such programs?) | |
27 | Note: All this applies only to multi-threaded programs, others don't | |
28 | need locks. | |
a111306b BM |
29 | [Bodo Moeller] |
30 | ||
95d29597 BM |
31 | *) Add missing case to s3_clnt.c state machine -- one of the new SSL tests |
32 | through a BIO pair triggered the default case, i.e. | |
33 | SSLerr(...,SSL_R_UNKNOWN_STATE). | |
34 | [Bodo Moeller] | |
35 | ||
36 | *) New "BIO pair" concept (crypto/bio/bss_bio.c) so that applications | |
37 | can use the SSL library even if none of the specific BIOs is | |
38 | appropriate. | |
39 | [Bodo Moeller] | |
40 | ||
9bce3070 DSH |
41 | *) Fix a bug in i2d_DSAPublicKey() which meant it returned the wrong value |
42 | for the encoded length. | |
43 | [Jeon KyoungHo <khjeon@sds.samsung.co.kr>] | |
44 | ||
565d1065 DSH |
45 | *) Add initial documentation of the X509V3 functions. |
46 | [Steve Henson] | |
47 | ||
b7d135b3 DSH |
48 | *) Add a new pair of functions PEM_write_PKCS8PrivateKey() and |
49 | PEM_write_bio_PKCS8PrivateKey() that are equivalent to | |
50 | PEM_write_PrivateKey() and PEM_write_bio_PrivateKey() but use the more | |
51 | secure PKCS#8 private key format with a high iteration count. | |
52 | [Steve Henson] | |
53 | ||
9d9b559e RE |
54 | *) Fix determination of Perl interpreter: A perl or perl5 |
55 | _directory_ in $PATH was also accepted as the interpreter. | |
56 | [Ralf S. Engelschall] | |
57 | ||
5f6d0ea2 DSH |
58 | *) Fix demos/sign/sign.c: well there wasn't anything strictly speaking |
59 | wrong with it but it was very old and did things like calling | |
60 | PEM_ASN1_read() directly and used MD5 for the hash not to mention some | |
61 | unusual formatting. | |
62 | [Steve Henson] | |
63 | ||
f62676b9 DSH |
64 | *) Fix demos/selfsign.c: it used obsolete and deleted functions, changed |
65 | to use the new extension code. | |
66 | [Steve Henson] | |
67 | ||
68 | *) Implement the PEM_read/PEM_write functions in crypto/pem/pem_all.c | |
69 | with macros. This should make it easier to change their form, add extra | |
70 | arguments etc. Fix a few PEM prototypes which didn't have cipher as a | |
71 | constant. | |
72 | [Steve Henson] | |
73 | ||
8151f52a BM |
74 | *) Add to configuration table a new entry that can specify an alternative |
75 | name for unistd.h (for pre-POSIX systems); we need this for NeXTstep, | |
76 | according to Mark Crispin <MRC@Panda.COM>. | |
77 | [Bodo Moeller] | |
78 | ||
c77f47ab | 79 | #if 0 |
05861c77 BL |
80 | *) DES CBC did not update the IV. Weird. |
81 | [Ben Laurie] | |
c77f47ab | 82 | #else |
a7bd0396 BM |
83 | des_cbc_encrypt does not update the IV, but des_ncbc_encrypt does. |
84 | Changing the behaviour of the former might break existing programs -- | |
85 | where IV updating is needed, des_ncbc_encrypt can be used. | |
c77f47ab | 86 | #endif |
05861c77 | 87 | |
233bf734 BL |
88 | *) When bntest is run from "make test" it drives bc to check its |
89 | calculations, as well as internally checking them. If an internal check | |
90 | fails, it needs to cause bc to give a non-zero result or make test carries | |
91 | on without noticing the failure. Fixed. | |
92 | [Ben Laurie] | |
93 | ||
908eb7b8 UM |
94 | *) DES library cleanups. |
95 |