X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=e2b130fccd51941b8292718690d36776c634ea2d;hp=8a703499f56803ed4351cd18630b7f397ca1cb34;hb=ab1dee1efc39f7e18487323663d073e7a48ebeaf;hpb=f14845d99983eee30abe846978fe189d4191e9d9

diff --git a/CHANGES b/CHANGES
index 8a703499f5..e2b130fccd 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,16 +2,85 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.6 and 0.9.7  [xx XXX 2001]
+ Changes between 0.9.7 and 0.9.8  [xx XXX 2002]
+
+  *) Add ECDSA in new directory crypto/ecdsa/.
+
+     Add applications 'openssl ecdsaparam' and 'openssl ecdsa'
+     (these are variants of 'openssl dsaparam' and 'openssl dsa').
+
+     ECDSA support is also included in various other files across the
+     library.  Most notably,
+     - 'openssl req' now has a '-newkey ecdsa:file' option;
+     - EVP_PKCS82PKEY (crypto/evp/evp_pkey.c) now can handle ECDSA;
+     - X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
+       d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
+       them suitable for ECDSA where domain parameters must be
+       extracted before the specific public key.
+     [Nils Larsch <nla@trustcenter.de]
+
+  *) Add reference counting for EC_GROUP objects.
+     [Nils Larsch <nla@trustcenter.de]
+
+  *) Include some named elliptic curves.  These can be obtained from
+     the new functions
+          EC_GROUP_new_by_nid()
+          EC_GROUP_new_by_name()
+     Also add a 'nid' field to EC_GROUP objects, which can be accessed
+     via
+         EC_GROUP_set_nid()
+         EC_GROUP_get_nid()
+     [Nils Larsch <nla@trustcenter.de, Bodo Moeller]
+ 
+ Changes between 0.9.6 and 0.9.7  [xx XXX 2002]
 
-     OpenSSL 0.9.6a/0.9.6b (bugfix releases, 5 Apr 2001 and 9 July 2001)
-     and OpenSSL 0.9.7 were developed in parallel, based on OpenSSL 0.9.6.  
+     OpenSSL 0.9.6a/0.9.6b/0.9.6c/0.9.6d (bugfix releases, 5 Apr 2001,
+     9 July 2001, 21 Dec 2001 and xx XXX 2002) and OpenSSL 0.9.7 were
+     developed in parallel, based on OpenSSL 0.9.6.  
 
      Change log entries are tagged as follows:
-         -) applies to 0.9.6a/0.9.6b/0.9.6c only
-         *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
+         -) applies to 0.9.6a ... 0.9.6d only
+         *) applies to 0.9.6a ... 0.9.6d and 0.9.7
          +) applies to 0.9.7 only
 
+  *) Add information about CygWin 1.3 and on, and preserve proper
+     configuration for the versions before that.
+     [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]
+
+  *) Make removal from session cache (SSL_CTX_remove_session()) more robust:
+     check whether we deal with a copy of a session and do not delete from
+     the cache in this case. Problem reported by "Izhar Shoshani Levi"
+     <izhar@checkpoint.com>.
+     [Lutz Jaenicke]
+
+  *) Do not store session data into the internal session cache, if it
+     is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
+     flag is set). Proposed by Aslam <aslam@funk.com>.
+     [Lutz Jaenicke]
+
+  +) Support for crypto accelerator cards from Accelerated Encryption
+     Processing, www.aep.ie.  (Use engine 'aep')
+     The support was copied from 0.9.6c [engine] and adapted/corrected
+     to work with the new engine framework.
+     [AEP Inc. and Richard Levitte]
+
+  +) Support for SureWare crypto accelerator cards from Baltimore
+     Technologies.  (Use engine 'sureware')
+     The support was copied from 0.9.6c [engine] and adapted
+     to work with the new engine framework.
+     [Richard Levitte]
+
+  *) Have ASN1_BIT_STRING_set_bit() really clear a bit when the requested
+     value is 0.
+     [Richard Levitte]
+
+  +) Have the CHIL engine fork-safe (as defined by nCipher) and actually
+     make the newer ENGINE framework commands for the CHIL engine work.
+     [Toomas Kiisk <vix@cyber.ee> and Richard Levitte]
+
+  +) Make it possible to produce shared libraries on ReliantUNIX.
+     [Robert Dahlem <Robert.Dahlem@ffm2.siemens.de> via Richard Levitte]
+
   *) Add the configuration target linux-s390x.
      [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
 
@@ -235,8 +304,8 @@
 
   +) Change all functions with names starting with des_ to be starting
      with DES_ instead.  Add wrappers that are compatible with libdes,
-     but are named _old_des_*.  Finally, add macros that map the des_*
-     symbols to the corresponding _old_des_*.
+     but are named _ossl_old_des_*.  Finally, add macros that map the
+     des_* symbols to the corresponding _ossl_old_des_*.
 
      All this is done because there are increasing clashes with libdes
      and other DES libraries that are currently used by other projects.