-nameopt fix has been moved to 0.9.7

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 15b69a3f3d4a54f50fd9ab27b3cc85bb69d9db2a..9dbb21213c5e5cb5bd8f2eccca01232ac0160090 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -9,13 +9,12 @@
      the "ECCdraft" ciphersuite group alias can be used to select them.
      [Vipul Gupta and Sumit Gupta (Sun Microsystems Laboratories)]
 
-TODO: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft
-cipher suites correctly.
-
   *) Add ECDH engine support.
      [Nils Gura and Douglas Stebila (Sun Microsystems Laboratories)]
 
   *) Add ECDH in new directory crypto/ecdh/.
+TODO: more general interface (return  x  coordinate, not its hash)
+TODO: bug: pad  x  with leading zeros if necessary
      [Douglas Stebila (Sun Microsystems Laboratories)]
 
   *) Let BN_rand_range() abort with an error after 100 iterations
@@ -233,10 +232,11 @@ cipher suites correctly.
      [Nils Larsch <nla@trustcenter.de>]
 
   *) Include some named elliptic curves, and add OIDs from X9.62,
-     SECG, and WAP/WTLS.  The curves can be obtained from the new
-     functions
-          EC_GROUP_new_by_nid()
-          EC_GROUP_new_by_name()
+     SECG, and WAP/WTLS.  Each curve can be obtained from the new
+     function
+          EC_GROUP_new_by_nid(),
+     and the list of available named curves can be obtained with
+          EC_get_builtin_curves().
      Also add a 'curve_name' member to EC_GROUP objects, which can be
      accessed via
          EC_GROUP_set_nid()
@@ -245,6 +245,15 @@ cipher suites correctly.
  
  Changes between 0.9.6g and 0.9.7  [XX xxx 2002]
 
+  *) Make -nameopt work fully for req and add -reqopt switch.
+     [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson]
+
+  *) The "block size" for block ciphers in CFB and OFB mode should be 1.
+     [Steve Henson, reported by Yngve Nysaeter Pettersen <yngve@opera.com>]
+
+  *) The "block size" for block ciphers in CFB and OFB mode should be 1.
+     [Steve Henson]
+
   *) Make sure tests can be performed even if the corresponding algorithms
      have been removed entirely.  This was also the last step to make
      OpenSSL compilable with DJGPP under all reasonable conditions.
@@ -1908,6 +1917,18 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Clean old EAY MD5 hack from e_os.h.
      [Richard Levitte]
 
+ Changes between 0.9.6g and 0.9.6h  [xx XXX xxxx]
+
+  *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
+     the cached sessions are flushed, as the remove_cb() might use ex_data
+     contents. Bug found by Sam Varshavchik <mrsam@courier-mta.com>
+     (see [openssl.org #212]).
+     [Geoff Thorpe, Lutz Jaenicke]
+
+  *) Fix typo in OBJ_txt2obj which incorrectly passed the content
+     length, instead of the encoding length to d2i_ASN1_OBJECT.
+     [Steve Henson]
+
  Changes between 0.9.6f and 0.9.6g  [9 Aug 2002]
 
   *) [In 0.9.6g-engine release:]