X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=12aeb9b872c44e2934d85104d032fb64b2c4bda1;hp=15e795ca0095835df2eecbb434573088bd65e97a;hb=0caec9e8f82a6ae70ea53518966d493037758f5e;hpb=9b2f486c9e95c79ab9a0f10a9f61a8792ed2a18d

diff --git a/CHANGES b/CHANGES
index 15e795ca00..12aeb9b872 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,16 +2,92 @@
  OpenSSL CHANGES
  _______________
 
+ Changes between 0.9.7 and 0.9.8  [xx XXX 2001]
+
+  *)
+
  Changes between 0.9.6 and 0.9.7  [xx XXX 2001]
 
-     OpenSSL 0.9.6a/0.9.6b (bugfix releases, 5 Apr 2001 and 9 July 2001)
-     and OpenSSL 0.9.7 were developed in parallel, based on OpenSSL 0.9.6.  
+     OpenSSL 0.9.6a/0.9.6b/0.9.6c (bugfix releases, 5 Apr 2001, 9 July 2001
+     and 21 Dec 2001) and OpenSSL 0.9.7 were developed in parallel, based
+     on OpenSSL 0.9.6.  
 
      Change log entries are tagged as follows:
          -) applies to 0.9.6a/0.9.6b/0.9.6c only
          *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
          +) applies to 0.9.7 only
 
+  *) Add information about CygWin32 1.3 and on, and preserve proper
+     configuration for the versions before that.
+     [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]
+
+  *) Make removal from session cache (SSL_CTX_remove_session()) more robust:
+     check whether we deal with a copy of a session and do not delete from
+     the cache in this case. Problem reported by "Izhar Shoshani Levi"
+     <izhar@checkpoint.com>.
+     [Lutz Jaenicke]
+
+  *) Do not store session data into the internal session cache, if it
+     is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
+     flag is set). Proposed by Aslam <aslam@funk.com>.
+     [Lutz Jaenicke]
+
+  +) Support for crypto accelerator cards from Accelerated Encryption
+     Processing, www.aep.ie.  (Use engine 'aep')
+     The support was copied from 0.9.6c [engine] and adapted/corrected
+     to work with the new engine framework.
+     [AEP Inc. and Richard Levitte]
+
+  +) Support for SureWare crypto accelerator cards from Baltimore
+     Technologies.  (Use engine 'sureware')
+     The support was copied from 0.9.6c [engine] and adapted
+     to work with the new engine framework.
+     [Richard Levitte]
+
+  *) Have ASN1_BIT_STRING_set_bit() really clear a bit when the requested
+     value is 0.
+     [Richard Levitte]
+
+  +) Have the CHIL engine fork-safe (as defined by nCipher) and actually
+     make the newer ENGINE framework commands for the CHIL engine work.
+     [Toomas Kiisk <vix@cyber.ee> and Richard Levitte]
+
+  +) Make it possible to produce shared libraries on ReliantUNIX.
+     [Robert Dahlem <Robert.Dahlem@ffm2.siemens.de> via Richard Levitte]
+
+  *) Add the configuration target linux-s390x.
+     [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
+
+  +) Add the configuration target debug-linux-ppro.
+     Make 'openssl rsa' use the general key loading routines
+     implemented in apps.c, and make those routines able to
+     handle the key format FORMAT_NETSCAPE and the variant
+     FORMAT_IISSGC.
+     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
+
+  *) Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
+     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
+
+  +) Add -keyform to rsautl, and document -engine.
+     [Richard Levitte, inspired by Toomas Kiisk <vix@cyber.ee>]
+
+  +) Change BIO_new_file (crypto/bio/bss_file.c) to use new
+     BIO_R_NO_SUCH_FILE error code rather than the generic
+     ERR_R_SYS_LIB error code if fopen() fails with ENOENT.
+     [Ben Laurie]
+
+  +) Add new functions
+          ERR_peek_last_error
+          ERR_peek_last_error_line
+          ERR_peek_last_error_line_data.
+     These are similar to
+          ERR_peek_error
+          ERR_peek_error_line
+          ERR_peek_error_line_data,
+     but report on the latest error recorded rather than the first one
+     still in the error queue.
+     [Ben Laurie, Bodo Moeller]
+        
   +) default_algorithms option in ENGINE config module. This allows things
      like:
      default_algorithms = ALL
@@ -201,15 +277,16 @@
      [Bodo Moeller]
 
   +) Change all functions with names starting with des_ to be starting
-     with DES_ instead.  This because there are increasing clashes with
-     libdes and other des libraries that are currently used by other
-     projects.  The old libdes interface is provided, as well as crypt(),
-     if openssl/des_old.h is included.  Note that crypt() is no longer
-     declared in openssl/des.h.
-     In order to maintain compatibility with current applications using
-     libcrypto, the old libdes interface is still provided, as long as
-     OPENSSL_NO_OLD_DES_SUPPORT is not defined, by automatically including
-     openssl/des_old.h. 
+     with DES_ instead.  Add wrappers that are compatible with libdes,
+     but are named _ossl_old_des_*.  Finally, add macros that map the
+     des_* symbols to the corresponding _ossl_old_des_*.
+
+     All this is done because there are increasing clashes with libdes
+     and other DES libraries that are currently used by other projects.
+     The old libdes interface (including crypt()) is provided if
+     <openssl/des_old.h> is included.  For now, this automatically
+     happens in <openssl/des.h> unless OPENSSL_DISABLE_OLD_DES_SUPPORT is
+     defined.  Note that crypt() is no longer declared in <openssl/des.h>.
 
      NOTE: This is a major break of an old API into a new one.  Software
      authors are encouraged to switch to the DES_ style functions.  Some