X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=86c572d162f922e37fccb954c64a3d33e303079f;hp=384abf882f93b8b56e0b57eaf8643e9ee7e415f7;hb=a974e64aaaa8a6f99f55a68d28c07c04ecea2f50;hpb=f00a10b89734e84fe80f98ad9e2e77b557c701ae diff --git a/CHANGES b/CHANGES index 384abf882f..86c572d162 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,79 @@ Changes between 1.0.2 and 1.1.0 [xx XXX xxxx] + *) State machine rewrite. The state machine code has been significantly + refactored in order to remove much duplication of code and solve issues + with the old code (see ssl/statem/README for further details). This change + does have some associated API changes. Notably the SSL_state() function + has been removed and replaced by SSL_get_state which now returns an + "OSSL_HANDSHAKE_STATE" instead of an int. SSL_set_state() has been removed + altogether. The previous handshake states defined in ssl.h and ssl3.h have + also been removed. + [Matt Caswell] + + *) All instances of the string "ssleay" in the public API were replaced + with OpenSSL (case-matching; e.g., OPENSSL_VERSION for #define's) + [Rich Salz] + + *) The demo files in crypto/threads were moved to demo/threads. + [Rich Salz] + + *) Removed obsolete engines: 4758cca, aep, atalla, cswift, nuron and sureware. + [Matt Caswell] + + *) New ASN.1 embed macro. + + New ASN.1 macro ASN1_EMBED. This is the same as ASN1_SIMPLE except the + structure is not allocated: it is part of the parent. That is instead of + + FOO *x; + + it must be: + + FOO x; + + This reduces memory fragmentation and make it impossible to accidentally + set a mandatory field to NULL. + + This currently only works for some fields specifically a SEQUENCE, CHOICE, + or ASN1_STRING type which is part of a parent SEQUENCE. Since it is + equivalent to ASN1_SIMPLE it cannot be tagged, OPTIONAL, SET OF or + SEQUENCE OF. + [Steve Henson] + + *) Remove EVP_CHECK_DES_KEY, a compile-time option that never compiled. + [Emilia Käsper] + + *) Removed DES and RC4 ciphersuites from DEFAULT. Also removed RC2 although + in 1.0.2 EXPORT was already removed and the only RC2 ciphersuite is also + an EXPORT one. COMPLEMENTOFDEFAULT has been updated accordingly to add + DES and RC4 ciphersuites. + [Matt Caswell] + + *) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs. + This changes the decoding behaviour for some invalid messages, + though the change is mostly in the more lenient direction, and + legacy behaviour is preserved as much as possible. + [Emilia Käsper] + *) Fix no-stdio build. + [ David Woodhouse and also + Ivan Nestlerode ] + + *) New testing framework + The testing framework has been largely rewritten and is now using + perl and the perl modules Test::Harness and an extended variant of + Test::More called OpenSSL::Test to do its work. All test scripts in + test/ have been rewritten into test recipes, and all direct calls to + executables in test/Makefile have become individual recipes using the + simplified testing OpenSSL::Test::Simple. + + For documentation on our testing modules, do: + + perldoc test/testlib/OpenSSL/Test/Simple.pm + perldoc test/testlib/OpenSSL/Test.pm + + [Richard Levitte] + *) In DSA_generate_parameters_ex, if the provided seed is too short, return an error [Rich Salz and Ismo Puustinen ]