Changes between 0.9.7 and 0.9.8 [xx XXX 2002]
+ *) Add more X9.62 OIDs.
+ [Nils Larsch <nla@trustcenter.de>]
+
*) Add ECDSA in new directory crypto/ecdsa/.
Add applications 'openssl ecdsaparam' and 'openssl ecdsa'
extracted before the specific public key.
[Nils Larsch <nla@trustcenter.de>]
- *) Add reference counting for EC_GROUP objects.
- [Nils Larsch <nla@trustcenter.de>]
-
*) Include some named elliptic curves. These can be obtained from
the new functions
EC_GROUP_new_by_nid()
*) applies to 0.9.6a ... 0.9.6d and 0.9.7
+) applies to 0.9.7 only
+ +) Fix the 'app_verify_callback' interface so that the user-defined
+ argument is actually passed to the callback: In the
+ SSL_CTX_set_cert_verify_callback() prototype, the callback
+ declaration has been changed from
+ int (*cb)()
+ into
+ int (*cb)(X509_STORE_CTX *,void *);
+ in ssl_verify_cert_chain (ssl/ssl_cert.c), the call
+ i=s->ctx->app_verify_callback(&ctx)
+ has been changed into
+ i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg).
+
+ To update applications using SSL_CTX_set_cert_verify_callback(),
+ a dummy argument can be added to their callback functions.
+ [D. K. Smetters <smetters@parc.xerox.com>]
+
+ +) Added the '4758cca' ENGINE to support IBM 4758 cards.
+ [Maurice Gittens <maurice@gittens.nl>, touchups by Geoff Thorpe]
+
+ *) Fix bug in SSL_clear(): bad sessions were not removed (found by
+ Yoram Zahavi <YoramZ@gilian.com>).
+ [Lutz Jaenicke]
+
+) Add and OPENSSL_LOAD_CONF define which will cause
OpenSSL_add_all_algorithms() to load the openssl.cnf config file.
This allows older applications to transparently support certain
always load it have also been added.
[Steve Henson]
+ +) Add the OFB, CFB and CTR (all with 128 bit feedback) to AES.
+ Adjust NIDs and EVP layer.
+ [Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
+
+) Config modules support in openssl utility.
Most commands now load modules from the config file,