X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=8ae1483db4ece0de2140ea0ce391c3d5403e854c;hp=8e613aa3dc096ccf1a090cb230f4c1d812213359;hb=571199434c616deb176a3fff9e5bb05bcc96f53b;hpb=6434450cd6a10bc7b34a6f24e05b28a488f142ac diff --git a/CHANGES b/CHANGES index 8e613aa3dc..8ae1483db4 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,56 @@ OpenSSL CHANGES _______________ - Changes between 0.9.3a and 0.9.4 + Changes between 0.9.3a and 0.9.4 [xx Jul/Aug/...? 1999] + + *) New function OBJ_obj2txt(buf, buf_len, a, no_name), this converts + an ASN1_OBJECT to a text string. If the "no_name" parameter is set then + it will always use the numerical form of the OID, even if it has a short + or long name. + [Steve Henson] + + *) Added an extra RSA flag: RSA_FLAG_EXT_PKEY. Previously the rsa_mod_exp + method only got called if p,q,dmp1,dmq1,iqmp components were present, + otherwise bn_mod_exp was called. In the case of hardware keys for example + no private key components need be present and it might store extra data + in the RSA structure, which cannot be accessed from bn_mod_exp. By setting + RSA_FLAG_EXT_PKEY rsa_mod_exp will always be called for private key + operations. + [Steve Henson] + + *) Added support for SPARC Linux. + [Andy Polyakov] + + *) pem_password_cb function type incompatibly changed from + typedef int pem_password_cb(char *buf, int size, int rwflag); + to + ....(char *buf, int size, int rwflag, void *userdata); + so that applications can pass data to their callbacks: + The PEM[_ASN1]_{read,write}... functions and macros now take an + additional void * argument, which is just handed through whenever + the password callback is called. + [Damien Miller , with tiny changes by Bodo Moeller] + + New function SSL_CTX_set_default_passwd_cb_userdata. + + Compatibility note: As many C implementations push function arguments + onto the stack in reverse order, the new library version is likely to + interoperate with programs that have been compiled with the old + pem_password_cb definition (PEM_whatever takes some data that + happens to be on the stack as its last argument, and the callback + just ignores this garbage); but there is no guarantee whatsoever that + this will work. + + *) The -DPLATFORM="\"$(PLATFORM)\"" definition and the similar -DCFLAGS=... + (both in crypto/Makefile.ssl for use by crypto/cversion.c) caused + problems not only on Windows, but also on some Unix platforms. + To avoid problematic command lines, these definitions are now in an + auto-generated file crypto/buildinf.h (created by crypto/Makefile.ssl + for standard "make" builds, by util/mk1mf.pl for "mk1mf" builds). + [Bodo Moeller] + + *) MIPS III/IV assembler module is reimplemented. + [Andy Polyakov] *) More DES library cleanups: remove references to srand/rand and delete an unused file. @@ -54,7 +103,8 @@ this bug. [Steve Henson, reported by Doug Erickson ] - *) Memory leak checking had some problems. The interface is as follows: + *) Memory leak checking (-DCRYPTO_MDEBUG) had some problems. + The interface is as follows: Applications can use CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) aka MemCheck_start(), CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) aka MemCheck_stop(); @@ -66,12 +116,21 @@ Some inconsistent states that previously were possible (and were even the default) are now avoided. + + -DCRYPTO_MDEBUG_TIME is new and additionally stores the current time + with each memory chunk allocated; this is occasionally more helpful + than just having a counter. + + -DCRYPTO_MDEBUG_THREAD is also new and adds the thread ID. + + -DCRYPTO_MDEBUG_ALL enables all of the above, plus any future + extensions. [Bodo Moeller] *) Introduce "mode" for SSL structures (with defaults in SSL_CTX), which largely parallels "options", but is for changing API behaviour, whereas "options" are about protocol behaviour. - Initial "mode" flags (still experimental) are: + Initial "mode" flags are: SSL_MODE_ENABLE_PARTIAL_WRITE Allow SSL_write to report success when a single record has been written.