X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=3bab83fb4be6fc8764aa5373e256b01ae901f5c4;hp=579707a241db24edf15457fa3b2e901fdfdcba19;hb=74cdf6f73adf00b3c7d2fb0c0773fd824221a4c6;hpb=4ec2d4d2b3a8cba1fdc656acd6b19d003191d779 diff --git a/CHANGES b/CHANGES index 579707a241..3bab83fb4b 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,45 @@ OpenSSL CHANGES _______________ - Changes between 0.9.4 and 0.9.5 [xx XXX 2000] + Changes between 0.9.4 and 0.9.5 [28 Feb 2000] + + *) In bntest.c don't call BN_rand with zero bits argument. + [Steve Henson, pointed out by Andrew W. Gray ] + + *) BN_mul bugfix: In bn_mul_part_recursion() only the a>a[n] && b>b[n] + case was implemented. This caused BN_div_recp() to fail occasionally. + [Ulf Möller] + + *) Add an optional second argument to the set_label() in the perl + assembly language builder. If this argument exists and is set + to 1 it signals that the assembler should use a symbol whose + scope is the entire file, not just the current function. This + is needed with MASM which uses the format label:: for this scope. + [Steve Henson, pointed out by Peter Runestig ] + + *) Change the ASN1 types so they are typedefs by default. Before + almost all types were #define'd to ASN1_STRING which was causing + STACK_OF() problems: you couldn't declare STACK_OF(ASN1_UTF8STRING) + for example. + [Steve Henson] + + *) Change names of new functions to the new get1/get0 naming + convention: After 'get1', the caller owns a reference count + and has to call ..._free; 'get0' returns a pointer to some + data structure without incrementing reference counters. + (Some of the existing 'get' functions increment a reference + counter, some don't.) + Similarly, 'set1' and 'add1' functions increase reference + counters or duplicate objects. + [Steve Henson] + + *) Allow for the possibility of temp RSA key generation failure: + the code used to assume it always worked and crashed on failure. + [Steve Henson] + + *) Fix potential buffer overrun problem in BIO_printf(). + [Ulf Möller, using public domain code by Patrick Powell; problem + pointed out by David Sacerdote ] *) Support EGD . New functions RAND_egd() and RAND_status(). In the command line application, @@ -294,7 +332,8 @@ *) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs. [Bodo Moeller] - *) New function X509_CTX_rget_chain(), this returns the chain + *) New function X509_CTX_rget_chain() (renamed to X509_CTX_get1_chain + in the 0.9.5 release), this returns the chain from an X509_CTX structure with a dup of the stack and all the X509 reference counts upped: so the stack will exist after X509_CTX_cleanup() has been called. Modify pkcs12.c @@ -630,10 +669,12 @@ it clearly returns an error if you try to read the wrong kind of key. Added a -pubkey option to the 'x509' utility to output the public key. - Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*() and add - EVP_PKEY_rset_*() functions that do the same as the EVP_PKEY_assign_*() - except they up the reference count of the added key (they don't "swallow" - the supplied key). + Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*() + (renamed to EVP_PKEY_get1_*() in the OpenSSL 0.9.5 release) and add + EVP_PKEY_rset_*() functions (renamed to EVP_PKEY_set1_*()) + that do the same as the EVP_PKEY_assign_*() except they up the + reference count of the added key (they don't "swallow" the + supplied key). [Steve Henson] *) Fixes to crypto/x509/by_file.c the code to read in certificates and