Call RAND_cleanup in openssl application.

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 31f983472440ae68734a2145bc618247af9c596b..7d332674dbe1defbf55c3e302d03dfb523f4640c 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,37 @@
 
  Changes between 1.0.1 and 1.0.2 [xx XXX xxxx]
 
+  *) New option -crl_download in several openssl utilities to download CRLs
+     from CRLDP extension in certificates.
+     [Steve Henson]
+
+  *) New options -CRL and -CRLform for s_client and s_server for CRLs.
+     [Steve Henson]
+
+  *) New function X509_CRL_diff to generate a delta CRL from the difference
+     of two full CRLs. Add support to "crl" utility.
+     [Steve Henson]
+
+  *) New functions to set lookup_crls function and to retrieve
+     X509_STORE from X509_STORE_CTX.
+     [Steve Henson]
+
+  *) Print out deprecated issuer and subject unique ID fields in
+     certificates.
+     [Steve Henson]
+
+  *) Extend OCSP I/O functions so they can be used for simple general purpose
+     HTTP as well as OCSP. New wrapper function which can be used to download
+     CRLs using the OCSP API.
+     [Steve Henson]
+
+  *) Delegate command line handling in s_client/s_server to SSL_CONF APIs.
+     [Steve Henson]
+
+  *) SSL_CONF* functions. These provide a common framework for application
+     configuration using configuration files or command lines.
+     [Steve Henson]
+
   *) SSL/TLS tracing code. This parses out SSL/TLS records using the
      message callback and prints the results. Needs compile time option
      "enable-ssl-trace". New options to s_client and s_server to enable