projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Support for multiple CRLs with same issuer name in X509_STORE. Modify
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 4f3d4af2160a584e44786bedc3e4acb3f7ff88d9..2fe0ca88c6dce1d6e4ee7aa791589761dbe4b059 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,23 @@
 
  Changes between 0.9.8b and 0.9.9  [xx XXX xxxx]
 
-  *) Non-blocking OCSP request processing.
+  *) Allow multiple CRLs to exist in an X509_STORE with matching issuer names.
+     Modify get_crl() to find a valid (unexpired) CRL if possible.
+     [Steve Henson]
+
+  *) New function X509_CRL_match() to check if two CRLs are identical. Normally
+     this would be called X509_CRL_cmp() but that name is already used by
+     a function that just compares CRL issuer names. Cache several CRL 
+     extensions in X509_CRL structure and cache CRLDP in X509.
+     [Steve Henson]
+
+  *) Store a "canonical" representation of X509_NAME structure (ASN1 Name)
+     this maps equivalent X509_NAME structures into a consistent structure.
+     Name comparison can then be performed rapidly using memcmp().
+     [Steve Henson]
+
+  *) Non-blocking OCSP request processing. Add -timeout option to ocsp 
+     utility.
      [Steve Henson]
 
   *) Allow digests to supply their own micalg string for S/MIME type using
Unnamed repository; edit this file 'description' to name the repository.