X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=CHANGES;h=b72f682386a11d54f0b0bfb6fa3d9dfbd962ed00;hb=fa470a84a026208d07167f90cfa83834140305ae;hp=acac07a4b3759a11b8742b01b946aefc2d1a5cf6;hpb=d5a2ea4b73220d58f12b2d6bdd378dc8e0a23bf9;p=openssl.git

diff --git a/CHANGES b/CHANGES
index acac07a4b3..b72f682386 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,7 +3,36 @@
  _______________
 
 
- Changes between 0.9.2b and 0.9.3
+ Changes between 0.9.2b and 0.9.3  [XX May 1999]
+                                   [I suggest using the same format for the
+                                   date as in opensslv.h.  0.9.1c used
+                                   hyphens in the date, so I wrote
+                                   [23-Dec-1998] down below; but in later
+                                   versions, these hyphens are gone.]
+
+  *) Fix the encoding and decoding of negative ASN1 INTEGERS and conversion
+     to and from BNs: it was completely broken. New compilation option
+     NEG_PUBKEY_BUG to allow for some broken certificates that encode public
+     key elements as negative integers.
+     [Steve Henson]
+
+  *) Reorganize and speed up MD5.
+     [Andy Polyakov <appro@fy.chalmers.se>]
+
+  *) VMS support.
+     [Richard Levitte <richard@levitte.org>]
+
+  *) New option -out to asn1parse to allow the parsed structure to be
+     output to a file. This is most useful when combined with the -strparse
+     option to examine the output of things like OCTET STRINGS.
+     [Steve Henson]
+
+  *) Make SSL library a little more fool-proof by not requiring any longer
+     that SSL_set_{accept,connect}_state be called before
+     SSL_{accept,connect} may be used (SSL_set_..._state is omitted
+     in many applications because usually everything *appeared* to work as
+     intended anyway -- now it really works as intended).
+     [Bodo Moeller]
 
   *) Move openssl.cnf out of lib/.
      [Ulf Möller]
@@ -32,11 +61,12 @@
      Changing settings for an SSL_CTX *ctx after having done s = SSL_new(ctx)
      does not influence s as it used to.
      
-     Projected further changes:
      In order to clean up things more thoroughly, inside SSL_SESSION
-     we should not use CERT any longer, but a new structure SESS_CERT
-     that holds per-session data, and CERT should hold only those
-     values that can have meaningful defaults in an SSL_CTX.
+     we don't use CERT any longer, but a new structure SESS_CERT
+     that holds per-session data (if available); currently, this is
+     the peer's certificate chain and, for clients, the server's certificate
+     and temporary key.  CERT holds only those values that can have
+     meaningful defaults in an SSL_CTX.
      [Bodo Moeller]
 
   *) New function X509V3_EXT_i2d() to create an X509_EXTENSION structure
@@ -344,7 +374,8 @@
      so they no longer are missing under -DNOPROTO. 
      [Soren S. Jorvang <soren@t.dk>]
 
- Changes between 0.9.1c and 0.9.2b
+
+ Changes between 0.9.1c and 0.9.2b  [22 Mar 1999]
 
   *) Make SSL_get_peer_cert_chain() work in servers. Unfortunately, it still
      doesn't work when the session is reused. Coming soon!
@@ -1011,7 +1042,8 @@
   *) Generate Makefile.ssl from Makefile.org (to keep CVS happy).
      [Ben Laurie]
 
- Changes between 0.9.1b and 0.9.1c
+
+ Changes between 0.9.1b and 0.9.1c  [23-Dec-1998]
 
   *) Added OPENSSL_VERSION_NUMBER to crypto/crypto.h and 
      changed SSLeay to OpenSSL in version strings.
@@ -1071,7 +1103,8 @@
      summer 1998.
      [The OpenSSL Project]
  
- Changes between 0.9.0b and 0.9.1b
+
+ Changes between 0.9.0b and 0.9.1b  [not released]
 
   *) Updated a few CA certificates under certs/
      [Eric A. Young]