[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.4 and 0.9.5  [xx XXX 1999]

  *) Fix for base64 decode bug. When a base64 bio reads only one line of
     data and it contains EOF it will end up returning an error. This is
     caused by input 46 bytes long. The cause is due to the way base64
     BIOs find the start of base64 encoded data. They do this by trying a
     trial decode on each line until they find one that works. When they
     do a flag is set and it starts again knowing it can pass all the
     data directly through the decoder. Unfortunately it doesn't reset
     the context it uses. This means that if EOF is reached an attempt
     is made to pass two EOFs through the context and this causes the
     resulting error. This can also cause other problems as well. As is
     usual with these problems it takes *ages* to find and the fix is
     trivial: move one line.
     [Steve Henson, reported by ian@uns.ns.ac.yu (Ivan Nejgebauer) ]

  *) Ugly workaround to get s_client and s_server working under Windows. The
     old code wouldn't work because it needed to select() on sockets and the
     tty (for keypresses and to see if data could be written). Win32 only
     supports select() on sockets so we select() with a 1s timeout on the
     sockets and then see if any characters are waiting to be read, if none
     are present then we retry, we also assume we can always write data to
     the tty. This isn't nice because the code then blocks until we've
     received a complete line of data and it is effectively polling the
     keyboard at 1s intervals: however it's quite a bit better than not
     working at all :-) A dedicated Windows application might handle this
     with an event loop for example.
     [Steve Henson]

  *) Enhance RSA_METHOD structure. Now there are two extra methods, rsa_sign
     and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these functions
     will be called when RSA_sign() and RSA_verify() are used. This is useful
     if rsa_pub_dec() and rsa_priv_enc() equivalents are not available.
     For this to work properly RSA_public_decrypt() and RSA_private_encrypt()
     should *not* be used: RSA_sign() and RSA_verify() must be used instead.
     This necessitated the support of an extra signature type NID_md5_sha1
     for SSL signatures and modifications to the SSL library to use it instead
     of calling RSA_public_decrypt() and RSA_private_encrypt().
     [Steve Henson]

  *) Add new -verify -CAfile and -CApath options to the crl program, these
     will lookup a CRL issuers certificate and verify the signature in a
     similar way to the verify program. Tidy up the crl program so it
     no longer acesses structures directly. Make the ASN1 CRL parsing a bit
     less strict. It will now permit CRL extensions even if it is not
     a V2 CRL: this will allow it to tolerate some broken CRLs.
     [Steve Henson]

  *) Initialize all non-automatic variables each time one of the openssl
     sub-programs is started (this is necessary as they may be started
     multiple times from the "OpenSSL>" prompt).
     [Lennart Bang, Bodo Moeller]

  *) Preliminary compilation option RSA_NULL which disables RSA crypto without
     removing all other RSA functionality (this is what NO_RSA does). This
     is so (for example) those in the US can disable those operations covered
     by the RSA patent while allowing storage and parsing of RSA keys and RSA
     key generation.
     [Steve Henson]

  *) Non-copying interface to BIO pairs.
     (still largely untested)
     [Bodo Moeller]

  *) New function ANS1_tag2str() to convert an ASN1 tag to a descriptive
     ASCII string. This was handled independently in various places before.
     [Steve Henson]

  *) New functions UTF8_getc() and UTF8_putc() that parse and generate
     UTF8 strings a character at a time.
     [Steve Henson]

  *) Use client_version from client hello to select the protocol
     (s23_srvr.c) and for RSA client key exchange verification
     (s3_srvr.c), as required by the SSL 3.0/TLS 1.0 specifications.
     [Bodo Moeller]

  *) Add various utility functions to handle SPKACs, these were previously
     handled by poking round in the structure internals. Added new function
     NETSCAPE_SPKI_print() to print out SPKAC and a new utility 'spkac' to
     print, verify and generate SPKACs. Based on an original idea from
     Massimiliano Pala <madwolf@comune.modena.it> but extensively modified.
     [Steve Henson]

  *) RIPEMD160 is operational on all platforms and is back in 'make test'.
     [Andy Polyakov]

  *) Allow the config file extension section to be overwritten on the
     command line. Based on an original idea from Massimiliano Pala
     <madwolf@comune.modena.it>. The new option is called -extensions
     and can be applied to ca, req and x509. Also -reqexts to override
     the request extensions in req and -crlexts to override the crl extensions
     in ca.
     [Steve Henson]

  *) Add new feature to the SPKAC handling in ca.  Now you can include
     the same field multiple times by preceding it by "XXXX." for example:
     1.OU="Unit name 1"
     2.OU="Unit name 2"
     this is the same syntax as used in the req config file.
     [Steve Henson]

  *) Allow certificate extensions to be added to certificate requests. These
     are specified in a 'req_extensions' option of the req section of the
     config file. They can be printed out with the -text option to req but
     are otherwise ignored at present.
     [Steve Henson]

  *) Fix a horrible bug in enc_read() in crypto/evp/bio_enc.c: if the first
     data read consists of only the final block it would not decrypted because
     EVP_CipherUpdate() would correctly report zero bytes had been decrypted.
     A misplaced 'break' also meant the decrypted final block might not be
     copied until the next read.
     [Steve Henson]

  *) Initial support for DH_METHOD. Again based on RSA_METHOD. Also added
     a few extra parameters to the DH structure: these will be useful if
     for example we want the value of 'q' or implement X9.42 DH.
     [Steve Henson]

  *) Initial support for DSA_METHOD. This is based on the RSA_METHOD and
     provides hooks that allow the default DSA functions or functions on a
     "per key" basis to be replaced. This allows hardware acceleration and
     hardware key storage to be handled without major modification to the
     library. Also added low level modexp hooks and CRYPTO_EX structure and 
     associated functions.
     [Steve Henson]

  *) Add a new flag to memory BIOs, BIO_FLAG_MEM_RDONLY. This marks the BIO
     as "read only": it can't be written to and the buffer it points to will
     not be freed. Reading from a read only BIO is much more efficient than
     a normal memory BIO. This was added because there are several times when
     an area of memory needs to be read from a BIO. The previous method was
     to create a memory BIO and write the data to it, this results in two
     copies of the data and an O(n^2) reading algorithm. There is a new
     function BIO_new_mem_buf() which creates a read only memory BIO from
     an area of memory. Also modified the PKCS#7 routines to use read only
     memory BIOSs.
     [Steve Henson]

  *) Bugfix: ssl23_get_client_hello did not work properly when called in
     state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of
     a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read,
     but a retry condition occured while trying to read the rest.
     [Bodo Moeller]

  *) The PKCS7_ENC_CONTENT_new() function was setting the content type as
     NID_pkcs7_encrypted by default: this was wrong since this should almost
     always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle
     the encrypted data type: this is a more sensible place to put it and it
     allows the PKCS#12 code to be tidied up that duplicated this
     functionality.
     [Steve Henson]

  *) Changed obj_dat.pl script so it takes its input and output files on
     the command line. This should avoid shell escape redirection problems
     under Win32.
     [Steve Henson]

  *) Initial support for certificate extension requests, these are included
     in things like Xenroll certificate requests. Included functions to allow
     extensions to be obtained and added.
     [Steve Henson]

  *) -crlf option to s_client and s_server for sending newlines as
     CRLF (as required by many protocols).
     [Bodo Moeller]

 Changes between 0.9.3a and 0.9.4  [09 Aug 1999]
  
  *) Install libRSAglue.a when OpenSSL is built with RSAref.
     [Ralf S. Engelschall]

  *) A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency.
     [Andrija Antonijevic <TheAntony2@bigfoot.com>]

  *) Fix -startdate and -enddate (which was missing) arguments to 'ca'
     program.
     [Steve Henson]

  *) New function DSA_dup_DH, which duplicates DSA parameters/keys as
     DH parameters/keys (q is lost during that conversion, but the resulting
     DH parameters contain its length).

     For 1024-bit p, DSA_generate_parameters followed by DSA_dup_DH is
     much faster than DH_generate_parameters (which creates parameters
     where p = 2*q + 1), and also the smaller q makes DH computations
     much more efficient (160-bit exponentiation instead of 1024-bit
     exponentiation); so this provides a convenient way to support DHE
     ciphersuites in SSL/TLS servers (see ssl/ssltest.c).  It is of
     utter importance to use
         SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
     or
         SSL_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
     when such DH parameters are used, because otherwise small subgroup
     attacks may become possible!
     [Bodo Moeller]

  *) Avoid memory leak in i2d_DHparams.
     [Bodo Moeller]

  *) Allow the -k option to be used more than once in the enc program:
     this allows the same encrypted message to be read by multiple recipients.
     [Steve Henson]

  *) New function OBJ_obj2txt(buf, buf_len, a, no_name), this converts
     an ASN1_OBJECT to a text string. If the "no_name" parameter is set then
     it will always use the numerical form of the OID, even if it has a short
     or long name.
     [Steve Henson]

  *) Added an extra RSA flag: RSA_FLAG_EXT_PKEY. Previously the rsa_mod_exp
     method only got called if p,q,dmp1,dmq1,iqmp components were present,
     otherwise bn_mod_exp was called. In the case of hardware keys for example
     no private key components need be present and it might store extra data
     in the RSA structure, which cannot be accessed from bn_mod_exp.
     By setting RSA_FLAG_EXT_PKEY rsa_mod_exp will always be called for
     private key operations.
     [Steve Henson]

  *) Added support for SPARC Linux.
     [Andy Polyakov]

  *) pem_password_cb function type incompatibly changed from
          typedef int pem_password_cb(char *buf, int size, int rwflag);
     to
          ....(char *buf, int size, int rwflag, void *userdata);
     so that applications can pass data to their callbacks:
     The PEM[_ASN1]_{read,write}... functions and macros now take an
     additional void * argument, which is just handed through whenever
     the password callback is called.
     [Damien Miller <dmiller@ilogic.com.au>; tiny changes by Bodo Moeller]

     New function SSL_CTX_set_default_passwd_cb_userdata.

     Compatibility note: As many C implementations push function arguments
     onto the stack in reverse order, the new library version is likely to
     interoperate with programs that have been compiled with the old
     pem_password_cb definition (PEM_whatever takes some data that
     happens to be on the stack as its last argument, and the callback
     just ignores this garbage); but there is no guarantee whatsoever that
     this will work.

  *) The -DPLATFORM="\"$(PLATFORM)\"" definition and the similar -DCFLAGS=...
     (both in crypto/Makefile.ssl for use by crypto/cversion.c) caused
     problems not only on Windows, but also on some Unix platforms.
     To avoid problematic command lines, these definitions are now in an
     auto-generated file crypto/buildinf.h (created by crypto/Makefile.ssl
     for standard "make" builds, by util/mk1mf.pl for "mk1mf" builds).
     [Bodo Moeller]

  *) MIPS III/IV assembler module is reimplemented.
     [Andy Polyakov]

  *) More DES library cleanups: remove references to srand/rand and
     delete an unused file.
Commit	Line	Data
651d0aff	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
d91e201e RE	5	Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
d91e201e RE	6
4579dd5d DSH	7	*) Fix for base64 decode bug. When a base64 bio reads only one line of
	8	data and it contains EOF it will end up returning an error. This is
	9	caused by input 46 bytes long. The cause is due to the way base64
	10	BIOs find the start of base64 encoded data. They do this by trying a
	11	trial decode on each line until they find one that works. When they
	12	do a flag is set and it starts again knowing it can pass all the
	13	data directly through the decoder. Unfortunately it doesn't reset
	14	the context it uses. This means that if EOF is reached an attempt
	15	is made to pass two EOFs through the context and this causes the
	16	resulting error. This can also cause other problems as well. As is
	17	usual with these problems it takes ages to find and the fix is
	18	trivial: move one line.
	19	[Steve Henson, reported by ian@uns.ns.ac.yu (Ivan Nejgebauer) ]
	20
06f4536a DSH	21	*) Ugly workaround to get s_client and s_server working under Windows. The
	22	old code wouldn't work because it needed to select() on sockets and the
	23	tty (for keypresses and to see if data could be written). Win32 only
	24	supports select() on sockets so we select() with a 1s timeout on the
	25	sockets and then see if any characters are waiting to be read, if none
	26	are present then we retry, we also assume we can always write data to
	27	the tty. This isn't nice because the code then blocks until we've
	28	received a complete line of data and it is effectively polling the
	29	keyboard at 1s intervals: however it's quite a bit better than not
	30	working at all :-) A dedicated Windows application might handle this
	31	with an event loop for example.
	32	[Steve Henson]
	33
1c80019a DSH	34	*) Enhance RSA_METHOD structure. Now there are two extra methods, rsa_sign
	35	and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these functions
	36	will be called when RSA_sign() and RSA_verify() are used. This is useful
	37	if rsa_pub_dec() and rsa_priv_enc() equivalents are not available.
	38	For this to work properly RSA_public_decrypt() and RSA_private_encrypt()
	39	should not be used: RSA_sign() and RSA_verify() must be used instead.
	40	This necessitated the support of an extra signature type NID_md5_sha1
	41	for SSL signatures and modifications to the SSL library to use it instead
	42	of calling RSA_public_decrypt() and RSA_private_encrypt().
	43	[Steve Henson]
	44
090d848e DSH	45	*) Add new -verify -CAfile and -CApath options to the crl program, these
	46	will lookup a CRL issuers certificate and verify the signature in a
	47	similar way to the verify program. Tidy up the crl program so it
	48	no longer acesses structures directly. Make the ASN1 CRL parsing a bit
	49	less strict. It will now permit CRL extensions even if it is not
	50	a V2 CRL: this will allow it to tolerate some broken CRLs.
	51	[Steve Henson]
	52
396f6314 BM	53	*) Initialize all non-automatic variables each time one of the openssl
	54	sub-programs is started (this is necessary as they may be started
	55	multiple times from the "OpenSSL>" prompt).
	56	[Lennart Bang, Bodo Moeller]
	57
4a61a64f DSH	58	*) Preliminary compilation option RSA_NULL which disables RSA crypto without
	59	removing all other RSA functionality (this is what NO_RSA does). This
	60	is so (for example) those in the US can disable those operations covered
	61	by the RSA patent while allowing storage and parsing of RSA keys and RSA
	62	key generation.
	63	[Steve Henson]
	64
c1082a90	65	*) Non-copying interface to BIO pairs.
6f7af152	66	(still largely untested)
c1082a90 BM	67	[Bodo Moeller]
c1082a90 BM	68
a785abc3 DSH	69	*) New function ANS1_tag2str() to convert an ASN1 tag to a descriptive
	70	ASCII string. This was handled independently in various places before.
	71	[Steve Henson]
	72
aef838fc DSH	73	*) New functions UTF8_getc() and UTF8_putc() that parse and generate
	74	UTF8 strings a character at a time.
	75	[Steve Henson]
	76
074309b7 BM	77	*) Use client_version from client hello to select the protocol
	78	(s23_srvr.c) and for RSA client key exchange verification
	79	(s3_srvr.c), as required by the SSL 3.0/TLS 1.0 specifications.
	80	[Bodo Moeller]
	81
8ce97163 DSH	82	*) Add various utility functions to handle SPKACs, these were previously
	83	handled by poking round in the structure internals. Added new function
	84	NETSCAPE_SPKI_print() to print out SPKAC and a new utility 'spkac' to
	85	print, verify and generate SPKACs. Based on an original idea from
	86	Massimiliano Pala <madwolf@comune.modena.it> but extensively modified.
	87	[Steve Henson]
	88
2d4287da AP	89	*) RIPEMD160 is operational on all platforms and is back in 'make test'.
	90	[Andy Polyakov]
	91
87a25f90 DSH	92	*) Allow the config file extension section to be overwritten on the
	93	command line. Based on an original idea from Massimiliano Pala
	94	<madwolf@comune.modena.it>. The new option is called -extensions
	95	and can be applied to ca, req and x509. Also -reqexts to override
	96	the request extensions in req and -crlexts to override the crl extensions
	97	in ca.
	98	[Steve Henson]
	99
f9150e54 DSH	100	*) Add new feature to the SPKAC handling in ca. Now you can include
	101	the same field multiple times by preceding it by "XXXX." for example:
	102	1.OU="Unit name 1"
	103	2.OU="Unit name 2"
	104	this is the same syntax as used in the req config file.
	105	[Steve Henson]
	106
c79b16e1 DSH	107	*) Allow certificate extensions to be added to certificate requests. These
	108	are specified in a 'req_extensions' option of the req section of the
	109	config file. They can be printed out with the -text option to req but
	110	are otherwise ignored at present.
	111	[Steve Henson]
	112
96c2201b	113	*) Fix a horrible bug in enc_read() in crypto/evp/bio_enc.c: if the first
0f7e6fe1	114	data read consists of only the final block it would not decrypted because
7b65c329 DSH	115	EVP_CipherUpdate() would correctly report zero bytes had been decrypted.
	116	A misplaced 'break' also meant the decrypted final block might not be
	117	copied until the next read.
	118	[Steve Henson]
	119
13066cee DSH	120	*) Initial support for DH_METHOD. Again based on RSA_METHOD. Also added
	121	a few extra parameters to the DH structure: these will be useful if
	122	for example we want the value of 'q' or implement X9.42 DH.
	123	[Steve Henson]
	124
c0711f7f DSH	125	*) Initial support for DSA_METHOD. This is based on the RSA_METHOD and
	126	provides hooks that allow the default DSA functions or functions on a
	127	"per key" basis to be replaced. This allows hardware acceleration and
	128	hardware key storage to be handled without major modification to the
	129	library. Also added low level modexp hooks and CRYPTO_EX structure and
	130	associated functions.
	131	[Steve Henson]
	132
8484721a DSH	133	*) Add a new flag to memory BIOs, BIO_FLAG_MEM_RDONLY. This marks the BIO
	134	as "read only": it can't be written to and the buffer it points to will
	135	not be freed. Reading from a read only BIO is much more efficient than
	136	a normal memory BIO. This was added because there are several times when
	137	an area of memory needs to be read from a BIO. The previous method was
	138	to create a memory BIO and write the data to it, this results in two
	139	copies of the data and an O(n^2) reading algorithm. There is a new
	140	function BIO_new_mem_buf() which creates a read only memory BIO from
	141	an area of memory. Also modified the PKCS#7 routines to use read only
	142	memory BIOSs.
	143	[Steve Henson]
	144
de1915e4 BM	145	*) Bugfix: ssl23_get_client_hello did not work properly when called in
	146	state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of
	147	a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read,
	148	but a retry condition occured while trying to read the rest.
	149	[Bodo Moeller]
	150
c6c34506 DSH	151	*) The PKCS7_ENC_CONTENT_new() function was setting the content type as
	152	NID_pkcs7_encrypted by default: this was wrong since this should almost
	153	always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle
	154	the encrypted data type: this is a more sensible place to put it and it
	155	allows the PKCS#12 code to be tidied up that duplicated this
	156	functionality.
	157	[Steve Henson]
	158
fd520577 DSH	159	*) Changed obj_dat.pl script so it takes its input and output files on
	160	the command line. This should avoid shell escape redirection problems
	161	under Win32.
	162	[Steve Henson]
	163
87c49f62	164	*) Initial support for certificate extension requests, these are included
fd520577 DSH	165	in things like Xenroll certificate requests. Included functions to allow
fd520577 DSH	166	extensions to be obtained and added.
87c49f62 DSH	167	[Steve Henson]
87c49f62 DSH	168
1b1a6e78 BM	169	*) -crlf option to s_client and s_server for sending newlines as
	170	CRLF (as required by many protocols).
	171	[Bodo Moeller]
	172
9a577e29	173	Changes between 0.9.3a and 0.9.4 [09 Aug 1999]
dfbaf956	174
9a577e29	175	*) Install libRSAglue.a when OpenSSL is built with RSAref.
dfbaf956	176	[Ralf S. Engelschall]
74678cc2	177
96395158 RE	178	*) A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency.
	179	[Andrija Antonijevic <TheAntony2@bigfoot.com>]
	180
ed7f60fb DSH	181	*) Fix -startdate and -enddate (which was missing) arguments to 'ca'
	182	program.
	183	[Steve Henson]
	184
48c843c3 BM	185	*) New function DSA_dup_DH, which duplicates DSA parameters/keys as
	186	DH parameters/keys (q is lost during that conversion, but the resulting
	187	DH parameters contain its length).
	188
	189	For 1024-bit p, DSA_generate_parameters followed by DSA_dup_DH is
	190	much faster than DH_generate_parameters (which creates parameters
	191	where p = 2*q + 1), and also the smaller q makes DH computations
	192	much more efficient (160-bit exponentiation instead of 1024-bit
	193	exponentiation); so this provides a convenient way to support DHE
	194	ciphersuites in SSL/TLS servers (see ssl/ssltest.c). It is of
	195	utter importance to use
	196	SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
	197	or
	198	SSL_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
	199	when such DH parameters are used, because otherwise small subgroup
	200	attacks may become possible!
	201	[Bodo Moeller]
	202
	203	*) Avoid memory leak in i2d_DHparams.
	204	[Bodo Moeller]
	205
922180d7 DSH	206	*) Allow the -k option to be used more than once in the enc program:
	207	this allows the same encrypted message to be read by multiple recipients.
	208	[Steve Henson]
	209
3e3d2ea2 DSH	210	*) New function OBJ_obj2txt(buf, buf_len, a, no_name), this converts
	211	an ASN1_OBJECT to a text string. If the "no_name" parameter is set then
	212	it will always use the numerical form of the OID, even if it has a short
	213	or long name.
	214	[Steve Henson]
	215
770d19b8 DSH	216	*) Added an extra RSA flag: RSA_FLAG_EXT_PKEY. Previously the rsa_mod_exp
	217	method only got called if p,q,dmp1,dmq1,iqmp components were present,
	218	otherwise bn_mod_exp was called. In the case of hardware keys for example
	219	no private key components need be present and it might store extra data
96c2201b BM	220	in the RSA structure, which cannot be accessed from bn_mod_exp.
	221	By setting RSA_FLAG_EXT_PKEY rsa_mod_exp will always be called for
	222	private key operations.
770d19b8 DSH	223	[Steve Henson]
770d19b8 DSH	224
a0618e3e AP	225	*) Added support for SPARC Linux.
	226	[Andy Polyakov]
	227
74678cc2 BM	228	*) pem_password_cb function type incompatibly changed from
	229	typedef int pem_password_cb(char *buf, int size, int rwflag);
	230	to
	231	....(char buf, int size, int rwflag, void userdata);
	232	so that applications can pass data to their callbacks:
	233	The PEM[_ASN1]_{read,write}... functions and macros now take an
	234	additional void * argument, which is just handed through whenever
	235	the password callback is called.
96c2201b	236	[Damien Miller <dmiller@ilogic.com.au>; tiny changes by Bodo Moeller]
74678cc2 BM	237
	238	New function SSL_CTX_set_default_passwd_cb_userdata.
	239
	240	Compatibility note: As many C implementations push function arguments
	241	onto the stack in reverse order, the new library version is likely to
	242	interoperate with programs that have been compiled with the old
	243	pem_password_cb definition (PEM_whatever takes some data that
	244	happens to be on the stack as its last argument, and the callback
	245	just ignores this garbage); but there is no guarantee whatsoever that
	246	this will work.
0cceb1c7	247
664b9985 BM	248	*) The -DPLATFORM="\"$(PLATFORM)\"" definition and the similar -DCFLAGS=...
	249	(both in crypto/Makefile.ssl for use by crypto/cversion.c) caused
	250	problems not only on Windows, but also on some Unix platforms.
2e0fc875	251	To avoid problematic command lines, these definitions are now in an
57119943 BM	252	auto-generated file crypto/buildinf.h (created by crypto/Makefile.ssl
57119943 BM	253	for standard "make" builds, by util/mk1mf.pl for "mk1mf" builds).
664b9985 BM	254	[Bodo Moeller]
664b9985 BM	255
7363455f AP	256	*) MIPS III/IV assembler module is reimplemented.
	257	[Andy Polyakov]
	258
6434450c UM	259	*) More DES library cleanups: remove references to srand/rand and
	260	delete an unused file.
	261