]>
Commit | Line | Data |
---|---|---|
651d0aff | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
5 | ||
1b276f30 RE |
6 | Changes between 0.9.2b and 0.9.3 |
7 | ||
dee75ecf RE |
8 | *) Add missing sk_<type>_unshift() function to safestack.h |
9 | [Ralf S. Engelschall] | |
10 | ||
20b85fdd RE |
11 | *) Convert casted X509_INFO stacks to type-safe STACK_OF(X509_INFO). |
12 | [Ralf S. Engelschall] | |
13 | ||
b3ca645f BM |
14 | *) New function SSL_CTX_use_certificate_chain_file that sets the |
15 | "extra_cert"s in addition to the certificate. (This makes sense | |
16 | only for "PEM" format files, as chains as a whole are not | |
17 | DER-encoded.) | |
18 | [Bodo Moeller] | |
19 | ||
7f89714e BM |
20 | *) Support verify_depth from the SSL API. |
21 | x509_vfy.c had what can be considered an off-by-one-error: | |
22 | Its depth (which was not part of the external interface) | |
23 | was actually counting the number of certificates in a chain; | |
24 | now it really counts the depth. | |
25 | [Bodo Moeller] | |
26 | ||
dc1f607a BM |
27 | *) Bugfix in crypto/x509/x509_cmp.c: The SSLerr macro was used |
28 | instead of X509err, which often resulted in confusing error | |
29 | messages since the error codes are not globally unique | |
30 | (e.g. an alleged error in ssl3_accept when a certificate | |
31 | didn't match the private key). | |
32 | ||
4eb77b26 | 33 | *) New function SSL_CTX_set_session_id_context that allows to set a default |
dd1462fd BM |
34 | value (so that you don't need SSL_set_session_id_context for each |
35 | connection using the SSL_CTX). | |
4eb77b26 BM |
36 | [Bodo Moeller] |
37 | ||
c6652749 UM |
38 | *) OAEP decoding bug fix. |
39 |