Changes between 1.0.2f and 1.1.0 [xx XXX xxxx]
+ *) CRIME protection: disable compression by default, even if OpenSSL is
+ compiled with zlib enabled. Applications can still enable compression
+ by calling SSL_CTX_clear_options(ctx, SSL_OP_NO_COMPRESSION), or by
+ using the SSL_CONF library to configure compression.
+ [Emilia Käsper]
+
+ *) The signature of the session callback configured with
+ SSL_CTX_sess_set_get_cb was changed. The read-only input buffer
+ was explicitly marked as 'const unsigned char*' instead of
+ 'unsigned char*'.
+ [Emilia Käsper]
+
+ *) Always DPURIFY. Remove the use of uninitialized memory in the
+ RNG, and other conditional uses of DPURIFY. This makes -DPURIFY a no-op.
+ [Emilia Käsper]
+
*) Removed many obsolete configuration items, including
DES_PTR, DES_RISC1, DES_RISC2, DES_INT
MD2_CHAR, MD2_INT, MD2_LONG
RC2_SHORT, RC2_LONG, RC4_LONG, RC4_CHUNK, RC4_INDEX
[Rich Salz, with advice from Andy Polyakov]
+ *) Many BN internals have been moved to an internal header file.
+ [Rich Salz with help from Andy Polyakov]
+
*) Configuration and writing out the results from it has changed.
Files such as Makefile include/openssl/opensslconf.h and are now
produced through general templates, such as Makefile.in and
projects / openssl.git / blobdiff