Extra ; removed.

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 43a0ffcfb7fa2e8b210c8ec6b18660055f690864..2d7c5b5f5082729c3958ea7f360fce27b14375cc 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -335,6 +335,11 @@ TODO: bug: pad  x  with leading zeros if necessary
  
  Changes between 0.9.6h and 0.9.7  [XX xxx 2002]
 
+  *) Disable Heimdal support, since it hasn't been fully implemented.
+     Still give the possibility to force the use of Heimdal, but with
+     warnings and a request that patches get sent to openssl-dev.
+     [Richard Levitte]
+
   *) Add the VC-CE target, introduce the WINCE sysname, and add
      INSTALL.WCE and appropriate conditionals to make it build.
      [Steven Reddie <smr@essemer.com.au> via Richard Levitte]
@@ -2111,6 +2116,21 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 
  Changes between 0.9.6g and 0.9.6h  [xx XXX xxxx]
 
+  *) New function OPENSSL_cleanse(), which is used to cleanse a section of
+     memory from it's contents.  This is done with a counter that will
+     place alternating values in each byte.  This can be used to solve
+     two issues: 1) the removal of calls to memset() by highly optimizing
+     compilers, and 2) cleansing with other values than 0, since those can
+     be read through on certain media, for example a swap space on disk.
+     [Geoff Thorpe]
+
+  *) Bugfix: client side session caching did not work with external caching,
+     because the session->cipher setting was not restored when reloading
+     from the external cache. This problem was masked, when
+     SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
+     (Found by Steve Haslam <steve@araqnid.ddts.net>.)
+     [Lutz Jaenicke]
+
   *) Fix client_certificate (ssl/s2_clnt.c): The permissible total
      length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
      [Zeev Lieber <zeev-l@yahoo.com>]