X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=38dc3dc3ff1650e448d1dcb7e5fa02b977570a64;hp=1c9c7fd35c04544351d4b976111b101a1e645fbb;hb=2a81428489762b33b30570e923592fc0894c2b42;hpb=f3e24baddfdab36524ab8172edf0f7f4b15666be

diff --git a/CHANGES b/CHANGES
index 1c9c7fd35c..38dc3dc3ff 100644
--- a/CHANGES
+++ b/CHANGES
@@ -12,7 +12,99 @@
          *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
          +) applies to 0.9.7 only
 
-  *) Only add signing time to PKCS7 structures if it is not already present.
+  +) Make it possible to produce shared libraries on ReliantUNIX.
+     [Robert Dahlem <Robert.Dahlem@ffm2.siemens.de> via Richard Levitte]
+
+  *) Add the configuration target linux-s390x.
+     [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
+
+  +) Add the configuration target debug-linux-ppro.
+     Make 'openssl rsa' use the general key loading routines
+     implemented in apps.c, and make those routines able to
+     handle the key format FORMAT_NETSCAPE and the variant
+     FORMAT_IISSGC.
+     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
+
+  *) Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
+     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
+
+  +) Add -keyform to rsautl, and document -engine.
+     [Richard Levitte, inspired by Toomas Kiisk <vix@cyber.ee>]
+
+  +) Change BIO_new_file (crypto/bio/bss_file.c) to use new
+     BIO_R_NO_SUCH_FILE error code rather than the generic
+     ERR_R_SYS_LIB error code if fopen() fails with ENOENT.
+     [Ben Laurie]
+
+  +) Add new functions
+          ERR_peek_last_error
+          ERR_peek_last_error_line
+          ERR_peek_last_error_line_data.
+     These are similar to
+          ERR_peek_error
+          ERR_peek_error_line
+          ERR_peek_error_line_data,
+     but report on the latest error recorded rather than the first one
+     still in the error queue.
+     [Ben Laurie, Bodo Moeller]
+        
+  +) default_algorithms option in ENGINE config module. This allows things
+     like:
+     default_algorithms = ALL
+     default_algorithms = RSA, DSA, RAND, CIPHERS, DIGESTS
+     [Steve Henson]
+
+  +) Prelminary ENGINE config module.
+     [Steve Henson]
+
+  *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
+     ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
+     variable as an indication that a ClientHello message has been
+     received.  As the flag value will be lost between multiple
+     invocations of ssl3_accept when using non-blocking I/O, the
+     function may not be aware that a handshake has actually taken
+     place, thus preventing a new session from being added to the
+     session cache.
+
+     To avoid this problem, we now set s->new_session to 2 instead of
+     using a local variable.
+     [Lutz Jaenicke, Bodo Moeller]
+
+  *) Bugfix: Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c)
+     if the SSL_R_LENGTH_MISMATCH error is detected.
+     [Geoff Thorpe, Bodo Moeller]
+
+  +) New experimental application configuration code.
+     [Steve Henson]
+
+  *) New 'shared_ldflag' column in Configure platform table.
+     [Richard Levitte]
+
+  *) Fix EVP_CIPHER_mode macro.
+     ["Dan S. Camper" <dan@bti.net>]
+
+  +) Change the AES code to follow the same name structure as all other
+     symmetric ciphers, and behave the same way.  Move everything to
+     the directory crypto/aes, thereby obsoleting crypto/rijndael.
+     [Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
+
+  *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
+     type, we must throw them away by setting rr->length to 0.
+     [D P Chang <dpc@qualys.com>]
+
+  -) OpenSSL 0.9.6c released [21 dec 2001]
+
+  +) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c.
+     [Ben Laurie and Theo de Raadt]
+
+  *) Fix BN_rand_range bug pointed out by Dominikus Scherkl
+     <Dominikus.Scherkl@biodata.com>.  (The previous implementation
+     worked incorrectly for those cases where  range = 10..._2  and
+     3*range  is two bits longer than  range.)
+     [Bodo Moeller]
+
+  *) Only add signing time to PKCS7 structures if it is not already
+     present.
      [Steve Henson]
 
   *) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce",
@@ -145,11 +237,16 @@
      [Bodo Moeller]
 
   +) Change all functions with names starting with des_ to be starting
-     with DES_ instead.  This because there are increasing clashes with
-     libdes and other des libraries that are currently used by other
-     projects.  The old libdes interface is provided, as well as crypt(),
-     if openssl/des_old.h is included.  Note that crypt() is no longer
-     declared in openssl/des.h.
+     with DES_ instead.  Add wrappers that are compatible with libdes,
+     but are named _ossl_old_des_*.  Finally, add macros that map the
+     des_* symbols to the corresponding _ossl_old_des_*.
+
+     All this is done because there are increasing clashes with libdes
+     and other DES libraries that are currently used by other projects.
+     The old libdes interface (including crypt()) is provided if
+     <openssl/des_old.h> is included.  For now, this automatically
+     happens in <openssl/des.h> unless OPENSSL_DISABLE_OLD_DES_SUPPORT is
+     defined.  Note that crypt() is no longer declared in <openssl/des.h>.
 
      NOTE: This is a major break of an old API into a new one.  Software
      authors are encouraged to switch to the DES_ style functions.  Some
@@ -331,7 +428,7 @@
   *) BN_sqr() bug fix.
      [Ulf Möller, reported by Jim Ellis <jim.ellis@cavium.com>]
 
-  *) Make it possible to unload ranges of ERR strings with a new
+  +) Make it possible to unload ranges of ERR strings with a new
      "ERR_unload_strings" function.
      [Geoff Thorpe]
 
@@ -565,6 +662,16 @@
      parameters (and 'speed' generating keys each time).
      [Geoff Thorpe]
 
+  *) Add support for shared libraries under Irix.
+     [Albert Chin-A-Young <china@thewrittenword.com>]
+
+  *) Add configuration option to build on Linux on both big-endian and
+     little-endian MIPS.
+     [Ralf Baechle <ralf@uni-koblenz.de>]
+
+  *) Add the possibility to create shared libraries on HP-UX.
+     [Richard Levitte]
+
   -) OpenSSL 0.9.6b released [9 July 2001]
 
   *) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
@@ -1944,17 +2051,10 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      identity, and test if they are actually available.
      [Richard Levitte]
 
-  *) Add support for shared libraries under Irix.
-     [Albert Chin-A-Young <china@thewrittenword.com>]
-
   +) Improve RPM specification file by forcing symbolic linking and making
      sure the installed documentation is also owned by root.root.
      [Damien Miller <djm@mindrot.org>]
 
-  *) Add configuration option to build on Linux on both big-endian and
-     little-endian MIPS.
-     [Ralf Baechle <ralf@uni-koblenz.de>]
-
   +) Give the OpenSSL applications more possibilities to make use of
      keys (public as well as private) handled by engines.
      [Richard Levitte]
@@ -1981,9 +2081,6 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   +) Support threads on FreeBSD-elf in Configure.
      [Richard Levitte]
 
-  *) Add the possibility to create shared libraries on HP-UX
-     [Richard Levitte]
-
   +) Fix for SHA1 assembly problem with MASM: it produces
      warnings about corrupt line number information when assembling
      with debugging information. This is caused by the overlapping