Prepare for a possible disabling of certain messages that DEC C spews out.

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 326b5cf7a1dfbb3f90df067b5980d6a3ab385942..22ad45b5ff76e7945d13f5d5f9ff0be378714581 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,14 +4,20 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
+  *) Add missing #ifndefs that caused missing symbols when building libssl
+     as a shared library without RSA.  Use #ifndef NO_SSL2 instead of
+     NO_RSA in ssl/s2*.c. 
+     [Kris Kennaway <kris@hub.freebsd.org>, modified by Ulf Möller]
+
   *) Precautions against using the PRNG uninitialized: RAND_bytes() now
      has a return value which indicates the quality of the random data
      (1 = ok, 0 = not seeded).  Also an error is recorded on the thread's
-     error queue.
+     error queue. New function RAND_pseudo_bytes() generates output that is
+     guaranteed to be unique but not unpredictable.
      (TO DO: always check the result of RAND_bytes when it is used in the
-     library, because leaving the error in the error queue but reporting
-     success in a function that uses RAND_bytes could confuse things
-     considerably.)
+     library, or use RAND_pseudo_bytes instead, because leaving the
+     error in the error queue but reporting success in a function that
+     uses RAND_bytes could confuse things considerably.)
      [Ulf Möller]
 
   *) Do more iterations of Rabin-Miller probable prime test (specifically,