+ Changes between 1.0.2f and 1.1.0 [xx XXX xxxx]
+
+ *) Always DPURIFY. Remove the use of uninitialized memory in the
+ RNG, and other conditional uses of DPURIFY. This makes -DPURIFY a no-op.
+ [Emilia Käsper]
+
+ *) Removed many obsolete configuration items, including
+ DES_PTR, DES_RISC1, DES_RISC2, DES_INT
+ MD2_CHAR, MD2_INT, MD2_LONG
+ BF_PTR, BF_PTR2
+ IDEA_SHORT, IDEA_LONG
+ RC2_SHORT, RC2_LONG, RC4_LONG, RC4_CHUNK, RC4_INDEX
+ [Rich Salz, with advice from Andy Polyakov]
+
+ *) Many BN internals have been moved to an internal header file.
+ [Rich Salz with help from Andy Polyakov]
+
+ *) Configuration and writing out the results from it has changed.
+ Files such as Makefile include/openssl/opensslconf.h and are now
+ produced through general templates, such as Makefile.in and
+ crypto/opensslconf.h.in and some help from the perl module
+ Text::Template.
+
+ Also, the center of configuration information is no longer
+ Makefile. Instead, Configure produces a perl module in
+ configdata.pm which holds most of the config data (in the hash
+ table %config), the target data that comes from the target
+ configuration in one of the Configurations/*.conf files (in
+ %target).
+ [Richard Levitte]
+
+ *) To clarify their intended purposes, the Configure options
+ --prefix and --openssldir change their semantics, and become more
+ straightforward and less interdependent.
+
+ --prefix shall be used exclusively to give the location INSTALLTOP
+ where programs, scripts, libraries, include files and manuals are
+ going to be installed. The default is now /usr/local.
+
+ --openssldir shall be used exclusively to give the default
+ location OPENSSLDIR where certificates, private keys, CRLs are
+ managed. This is also where the default openssl.cnf gets
+ installed.
+ If the directory given with this option is a relative path, the
+ values of both the --prefix value and the --openssldir value will
+ be combined to become OPENSSLDIR.
+ The default for --openssldir is INSTALLTOP/ssl.
+
+ Anyone who uses --openssldir to specify where OpenSSL is to be
+ installed MUST change to use --prefix instead.
+ [Richard Levitte]
+
+ *) The GOST engine was out of date and therefore it has been removed. An up
+ to date GOST engine is now being maintained in an external repository.
+ See: https://wiki.openssl.org/index.php/Binaries. Libssl still retains
+ support for GOST ciphersuites (these are only activated if a GOST engine
+ is present).
+ [Matt Caswell]
+
+ *) EGD is no longer supported by default; use enable-egd when
+ configuring.
+ [Ben Kaduk and Rich Salz]