Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
+ *) Precautions against using the PRNG uninitialized: RAND_bytes() now
+ has a return value which indicated the quality of the random data
+ (1 = ok, 0 = not seeded).
+ [Ulf Möller]
+
+ *) Do more iterations of Rabin-Miller probable prime test (specifically,
+ 3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes
+ instead of only 2 for all lengths; see BN_prime_checks definition
+ in crypto/bn/bn.h for the complete table). This guarantees a
+ false-positive rate of at most 2^-80 (actually less because we are
+ additionally doing trial division) for random input.
+ [Bodo Moeller]
+
*) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs.
[Bodo Moeller]
*) Add the possibility to add extra information to the memory leak
detecting output, to form tracebacks, showing from where each
- allocation was originated. Also updated sid code to be multi-
- thread-safe.
+ allocation was originated: CRYPTO_push_info("constant string") adds
+ the string plus current file name and line number to a per-thread
+ stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info()
+ is like calling CYRPTO_pop_info() until the stack is empty.
+ Also updated memory leak detection code to be multi-thread-safe.
[Richard Levitte]
*) Add options -text and -noout to pkcs7 utility and delete the
for all purposes.
[Steve Henson]
- *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The
- problem was that one of the replacement routines had not been working since
- SSLeay releases. For now the offending routine has been replaced with
- non-optimised assembler. Even so, this now gives around 95% performance
- improvement for 1024 bit RSA signs.
+ *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD).
+ The problem was that one of the replacement routines had not been working
+ since SSLeay releases. For now the offending routine has been replaced
+ with non-optimised assembler. Even so, this now gives around 95%
+ performance improvement for 1024 bit RSA signs.
[Mark Cox]
*) Hack to fix PKCS#7 decryption when used with some unorthodox RC2