Add DSA library string. Workaround for IIS .key file invalid

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 4874d87bd99e16db554a1fe787c7d3b5e7340b26..bc4f2218d6d192a0341b7f6c96412866f88e5ac0 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,28 @@
 
  Changes between 0.9.5a and 0.9.6  [xx XXX 2000]
 
+  *) Add missing DSA library text string. Work around for some IIS
+     key files with invalid SEQUENCE encoding.
+     [Steve Henson]
+
+  *) Add a document (doc/standards.txt) that list all kinds of standards
+     and so on that are implemented in OpenSSL.
+     [Richard Levitte]
+
+  *) Enhance c_rehash script. Old version would mishandle certificates
+     with the same subject name hash and wouldn't handle CRLs at all.
+     Added -fingerprint option to crl utility, to support new c_rehash
+     features.
+     [Steve Henson]
+
+  *) Eliminate non-ANSI declarations in crypto.h and stack.h.
+        [Ulf Möller]
+
+  *) Fix for SSL server purpose checking. Server checking was
+     rejecting certificates which had extended key usage present
+     but no ssl client purpose.
+     [Steve Henson, reported by Rene Grosser <grosser@hisolutions.com>]
+
   *) Make PKCS#12 code work with no password. The PKCS#12 spec
      is a little unclear about how a blank password is handled.
      Since the password in encoded as a BMPString with terminating