Changes between 0.9.7c and 0.9.8 [xx XXX xxxx]
+ *) Reduce the chances of duplicate issuer name and serial numbers (in
+ violation of RFC3280) using the OpenSSL certificate creation utilities.
+ This is done by creating a random 64 bit value for the initial serial
+ number when a serial number file is created or when a self signed
+ certificate is created using 'openssl req -x509'. The initial serial
+ number file is now moved from CA.pl to the 'ca' utility with a new
+ option -create_serial.
+ [Steve Henson]
+
+ *) Reduced header interdepencies by declaring more opaque objects in
+ ossl_typ.h. As a consequence, including some headers (eg. engine.h) will
+ give fewer recursive includes, which could break lazy source code - so
+ this change is covered by the OPENSSL_NO_DEPRECATED symbol. As always,
+ developers should define this symbol when building and using openssl to
+ ensure they track the recommended behaviour, interfaces, [etc], but
+ backwards-compatible behaviour prevails when this isn't defined.
+ [Geoff Thorpe]
+
*) New function X509_POLICY_NODE_print() which prints out policy nodes.
[Steve Henson]
between threads, blinding will still be very fast).
[Bodo Moeller]
-yet to be integrated into this CVS branch:
-- Geoff's ENGINE_set_default() fix
-
*) Target "mingw" now allows native Windows code to be generated in
the Cygwin environment as well as with the MinGW compiler.
[Ulf Moeller]
projects / openssl.git / blobdiff