[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________


 Changes between 0.9.01b and 0.9.1c

  *) Fixed the nasty bug where rsaref.h was not found under compile-time
     because the symlink to include/ was missing.
     [Ralf S. Engelschall]

  *) Incorporated the popular no-RSA/DSA-only patches 
     which allow to compile a RSA-free SSLeay.
     [Interrader Ldt., Ralf S. Engelschall]

  *) Fixed nasty rehash problem under `make -f Makefile.ssl links'
     when "ssleay" is still not found.
     [Ralf S. Engelschall]

  *) Added more platforms to Configure: Cray T3E, HPUX 11, 
     [Ralf S. Engelschall, Beckmann <beckman@acl.lanl.gov>]

  *) Updated the README file.
     [Ralf S. Engelschall]

  *) Added various .cvsignore files in the CVS repository subdirs
     to make a "cvs update" really silent.
     [Ralf S. Engelschall]

  *) Recompiled the error-definition header files and added
     missing symbols to the Win32 linker tables.
     [Ralf S. Engelschall]

  *) Cleaned up the top-level documents;
     o new files: CHANGES and LICENSE
     o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay 
     o merged COPYRIGHT into LICENSE
     o removed obsolete TODO file
     o renamed MICROSOFT to INSTALL.W32
     [Ralf S. Engelschall]

  *) Removed dummy files from the 0.9.1b source tree: 
     crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
     crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
     crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
     crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
     util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
     [Ralf S. Engelschall]

  *) Added various platform portability fixes.
     [Marc J. Cox]

  *) The Genesis of the OpenSSL rpject:
     We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
     Joung and Tim J. Hudson created while they were working for C2Net until
     summer 1998.
     [The OpenSSL Project]
 
 Changes between 0.9.0b and 0.9.1b

  *) Updated a few CA certificates under certs/
     [Eric A. Young]

  *) Changed some BIGNUM api stuff.
     [Eric A. Young]

  *) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD, 
     DGUX x86, Linux Alpha, etc.
     [Eric A. Young]

  *) New COMP library [crypto/comp/] for SSL Record Layer Compression: 
     RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
     available).
     [Eric A. Young]

  *) Add -strparse option to asn1pars program which parses nested 
     binary structures 
     [Dr Stephen Henson <shenson@bigfoot.com>]

  *) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
     [Eric A. Young]

  *) DSA fix for "ca" program.
     [Eric A. Young]

  *) Added "-genkey" option to "dsaparam" program.
     [Eric A. Young]

  *) Added RIPE MD160 (rmd160) message digest.
     [Eric A. Young]

  *) Added -a (all) option to "ssleay version" command.
     [Eric A. Young]

  *) Added PLATFORM define which is the id given to Configure.
     [Eric A. Young]

  *) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
     [Eric A. Young]

  *) Extended the ASN.1 parser routines.
     [Eric A. Young]

  *) Extended BIO routines to support REUSEADDR, seek, tell, etc.
     [Eric A. Young]

  *) Added a BN_CTX to the BN library.
     [Eric A. Young]

  *) Fixed the weak key values in DES library
     [Eric A. Young]

  *) Changed API in EVP library for cipher aliases.
     [Eric A. Young]

  *) Added support for RC2/64bit cipher.
     [Eric A. Young]

  *) Converted the lhash library to the crypto/mem.c functions.
     [Eric A. Young]

  *) Added more recognized ASN.1 object ids.
     [Eric A. Young]

  *) Added more RSA padding checks for SSL/TLS.
     [Eric A. Young]

  *) Added BIO proxy/filter functionality.
     [Eric A. Young]

  *) Added extra_certs to SSL_CTX which can be used
     send extra CA certificates to the client in the CA cert chain sending
     process. It can be configured with SSL_CTX_add_extra_chain_cert().
     [Eric A. Young]

  *) Now Fortezza is denied in the authentication phase because
     this is key exchange mechanism is not supported by SSLeay at all.
     [Eric A. Young]

  *) Additional PKCS1 checks.
     [Eric A. Young]

  *) Support the string "TLSv1" for all TLS v1 ciphers.
     [Eric A. Young]

  *) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
     ex_data index of the SSL context in the X509_STORE_CTX ex_data.
     [Eric A. Young]

  *) Fixed a few memory leaks.
     [Eric A. Young]

  *) Fixed various code and comment typos.
     [Eric A. Young]

  *) A minor bug in ssl/s3_clnt.c where there would always be 4 0 
     bytes sent in the client random.
     [Edward Bishop <ebishop@spyglass.com>]
Commit	Line	Data
651d0aff	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
	4
	5
	6	Changes between 0.9.01b and 0.9.1c
	7
13e91dd3 RE	8	*) Fixed the nasty bug where rsaref.h was not found under compile-time
	9	because the symlink to include/ was missing.
	10	[Ralf S. Engelschall]
	11
	12	*) Incorporated the popular no-RSA/DSA-only patches
	13	which allow to compile a RSA-free SSLeay.
	14	[Interrader Ldt., Ralf S. Engelschall]
	15
	16	*) Fixed nasty rehash problem under `make -f Makefile.ssl links'
	17	when "ssleay" is still not found.
	18	[Ralf S. Engelschall]
	19
	20	*) Added more platforms to Configure: Cray T3E, HPUX 11,
	21	[Ralf S. Engelschall, Beckmann <beckman@acl.lanl.gov>]
	22
651d0aff RE	23	*) Updated the README file.
	24	[Ralf S. Engelschall]
	25
	26	*) Added various .cvsignore files in the CVS repository subdirs
	27	to make a "cvs update" really silent.
	28	[Ralf S. Engelschall]
	29
	30	*) Recompiled the error-definition header files and added
	31	missing symbols to the Win32 linker tables.
	32	[Ralf S. Engelschall]
	33
	34	*) Cleaned up the top-level documents;
	35	o new files: CHANGES and LICENSE
	36	o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay
	37	o merged COPYRIGHT into LICENSE
	38	o removed obsolete TODO file
	39	o renamed MICROSOFT to INSTALL.W32
	40	[Ralf S. Engelschall]
	41
	42	*) Removed dummy files from the 0.9.1b source tree:
	43	crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
	44	crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
	45	crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
	46	crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
	47	util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
	48	[Ralf S. Engelschall]
	49
13e91dd3	50	*) Added various platform portability fixes.
651d0aff RE	51	[Marc J. Cox]
651d0aff RE	52
f1c236f8	53	*) The Genesis of the OpenSSL rpject:
651d0aff RE	54	We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
	55	Joung and Tim J. Hudson created while they were working for C2Net until
	56	summer 1998.
f1c236f8	57	[The OpenSSL Project]
651d0aff RE	58
	59	Changes between 0.9.0b and 0.9.1b
	60
	61	*) Updated a few CA certificates under certs/
	62	[Eric A. Young]
	63
	64	*) Changed some BIGNUM api stuff.
	65	[Eric A. Young]
	66
	67	*) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD,
	68	DGUX x86, Linux Alpha, etc.
	69	[Eric A. Young]
	70
	71	*) New COMP library [crypto/comp/] for SSL Record Layer Compression:
	72	RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
	73	available).
	74	[Eric A. Young]
	75
	76	*) Add -strparse option to asn1pars program which parses nested
	77	binary structures
	78	[Dr Stephen Henson <shenson@bigfoot.com>]
	79
	80	*) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
	81	[Eric A. Young]
	82
	83	*) DSA fix for "ca" program.
	84	[Eric A. Young]
	85
	86	*) Added "-genkey" option to "dsaparam" program.
	87	[Eric A. Young]
	88
	89	*) Added RIPE MD160 (rmd160) message digest.
	90	[Eric A. Young]
	91
	92	*) Added -a (all) option to "ssleay version" command.
	93	[Eric A. Young]
	94
	95	*) Added PLATFORM define which is the id given to Configure.
	96	[Eric A. Young]
	97
	98	*) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
	99	[Eric A. Young]
	100
	101	*) Extended the ASN.1 parser routines.
	102	[Eric A. Young]
	103
	104	*) Extended BIO routines to support REUSEADDR, seek, tell, etc.
	105	[Eric A. Young]
	106
	107	*) Added a BN_CTX to the BN library.
	108	[Eric A. Young]
	109
	110	*) Fixed the weak key values in DES library
	111	[Eric A. Young]
	112
	113	*) Changed API in EVP library for cipher aliases.
	114	[Eric A. Young]
	115
	116	*) Added support for RC2/64bit cipher.
	117	[Eric A. Young]
	118
	119	*) Converted the lhash library to the crypto/mem.c functions.
	120	[Eric A. Young]
	121
122	*) Added more recognized ASN.1 object ids.
123	[Eric A. Young]
124
125	*) Added more RSA padding checks for SSL/TLS.
126	[Eric A. Young]
127
128	*) Added BIO proxy/filter functionality.
129	[Eric A. Young]
130
131	*) Added extra_certs to SSL_CTX which can be used
132	send extra CA certificates to the client in the CA cert chain sending
133	process. It can be configured with SSL_CTX_add_extra_chain_cert().
134	[Eric A. Young]
135
136	*) Now Fortezza is denied in the authentication phase because
137	this is key exchange mechanism is not supported by SSLeay at all.
138	[Eric A. Young]
139
140	*) Additional PKCS1 checks.
141	[Eric A. Young]
142
143	*) Support the string "TLSv1" for all TLS v1 ciphers.
144	[Eric A. Young]
145
146	*) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
147	ex_data index of the SSL context in the X509_STORE_CTX ex_data.
148	[Eric A. Young]
149
150	*) Fixed a few memory leaks.
151	[Eric A. Young]
152
153	*) Fixed various code and comment typos.
154	[Eric A. Young]
155
156	*) A minor bug in ssl/s3_clnt.c where there would always be 4 0
157	bytes sent in the client random.
158	[Edward Bishop <ebishop@spyglass.com>]
159