X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=f0e2c1dbb13233823d7984e170c9dbd7b070d6b3;hp=0e347a67b5d0d75147bb8ccbafc727d5f9dab812;hb=befbd0619b6d1aaf9e70cfbf113afb141009bced;hpb=acf20c7dbde56c0b7c076d5ee08d78a9aa135fea diff --git a/CHANGES b/CHANGES index 0e347a67b5..f0e2c1dbb1 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,22 @@ OpenSSL CHANGES _______________ - Changes between 0.9.8k and 1.0 [xx XXX xxxx] + Changes between 0.9.8l and 1.0 [xx XXX xxxx] + + *) Add load_crls() function to apps tidying load_certs() too. Add option + to verify utility to allow additional CRLs to be included. + [Steve Henson] + + *) Update OCSP request code to permit adding custom headers to the request: + some responders need this. + [Steve Henson] + + *) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where + return value is ignored. NB. The functions RAND_add(), RAND_seed(), + BIO_set_cipher() and some obscure PEM functions were changed so they + can now return an error. The RAND changes required a change to the + RAND_METHOD structure. + [Steve Henson] *) New macro __owur for "OpenSSL Warn Unused Result". This makes use of a gcc attribute to warn if the result of a function is ignored. This @@ -827,7 +842,16 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] - Changes between 0.9.8k and 0.9.8l [xx XXX xxxx] + Changes between 0.9.8l and 0.9.8m [xx XXX xxxx] + + *) Fixes to stateless session resumption handling. Use initial_ctx when + issuing and attempting to decrypt tickets in case it has changed during + servername handling. Use a non-zero length session ID when attempting + stateless session resumption: this makes it possible to determine if + a resumption has occurred immediately after receiving server hello + (several places in OpenSSL subtly assume this) instead of later in + the handshake. + [Steve Henson] *) The functions ENGINE_ctrl(), OPENSSL_isservice(), CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error