Allow client certificate lists > 16kB ("Douglas E. Engert" <deengert@anl.gov>.)

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index ab1037ed0456e004d4b5d8efb8d6f0eed03a1608..4d560e66ddf901121dbb30dc02c64cdaa83f5a10 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,21 @@
          *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
          +) applies to 0.9.7 only
 
+  *) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
+     This function was broken, as the check for a new client hello message
+     to handle SGC did not allow these large messages.
+     (Tracked down by "Douglas E. Engert" <deengert@anl.gov>.)
+     [Lutz Jaenicke]
+
+  *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
+     [Lutz Jaenicke]
+
+  +) Add EVP test program.
+     [Ben Laurie]
+
+  +) Add symmetric cipher support to ENGINE. Expect the API to change!
+     [Ben Laurie]
+
   +) New CRL functions: X509_CRL_set_version(), X509_CRL_set_issuer_name()
      X509_CRL_set_lastUpdate(), X509_CRL_set_nextUpdate(), X509_CRL_sort(),
      X509_REVOKED_set_serialNumber(), and X509_REVOKED_set_revocationDate().