Fix unintended sign extension

[openssl.git] / FAQ

diff --git a/FAQ b/FAQ
index c4c2848040e524cca70e7cccee3097549a0b7f2f..75fc9ac7ccaa0b8407995a98abfa7dfc4ab8497b 100644 (file)
--- a/FAQ
+++ b/FAQ
@@ -85,7 +85,6 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.

-OpenSSL 1.0.1e was released on Feb 11, 2013.

 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:


@@ -115,11 +114,6 @@ that came with the version of OpenSSL you are using. The pod format
 documentation is included in each OpenSSL distribution under the docs
 directory.
 
 documentation is included in each OpenSSL distribution under the docs
 directory.
 

-For information on parts of libcrypto that are not yet documented, you
-might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's
-predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>.  Much
-of this still applies to OpenSSL.
-

 There is some documentation about certificate extensions and PKCS#12
 in doc/openssl.txt
 
 There is some documentation about certificate extensions and PKCS#12
 in doc/openssl.txt
 


@@ -139,7 +133,7 @@ OpenSSL.  Information on the OpenSSL mailing lists is available from
 * Where can I get a compiled version of OpenSSL?
 
 You can finder pointers to binary distributions in
 * Where can I get a compiled version of OpenSSL?
 
 You can finder pointers to binary distributions in

-<URL: http://www.openssl.org/related/binaries.html> .
+<URL: http://www.openssl.org/about/binaries.html> .

 
 Some applications that use OpenSSL are distributed in binary form.
 When using such an application, you don't need to install OpenSSL
 
 Some applications that use OpenSSL are distributed in binary form.
 When using such an application, you don't need to install OpenSSL


@@ -418,7 +412,7 @@ whatever name they choose.
 The ways to print out the oneline format of the DN (Distinguished Name) have
 been extended in version 0.9.7 of OpenSSL. Using the new X509_NAME_print_ex()
 interface, the "-nameopt" option could be introduded. See the manual
 The ways to print out the oneline format of the DN (Distinguished Name) have
 been extended in version 0.9.7 of OpenSSL. Using the new X509_NAME_print_ex()
 interface, the "-nameopt" option could be introduded. See the manual

-page of the "openssl x509" commandline tool for details. The old behaviour
+page of the "openssl x509" command line tool for details. The old behaviour

 has however been left as default for the sake of compatibility.
 
 * What is a "128 bit certificate"? Can I create one with OpenSSL?
 has however been left as default for the sake of compatibility.
 
 * What is a "128 bit certificate"? Can I create one with OpenSSL?


@@ -440,7 +434,7 @@ software from the US only weak encryption algorithms could be freely exported
 inadequate. A relaxation of the rules allowed the use of strong encryption but
 only to an authorised server.
 
 inadequate. A relaxation of the rules allowed the use of strong encryption but
 only to an authorised server.
 

-Two slighly different techniques were developed to support this, one used by
+Two slightly different techniques were developed to support this, one used by

 Netscape was called "step up", the other used by MSIE was called "Server Gated
 Cryptography" (SGC). When a browser initially connected to a server it would
 check to see if the certificate contained certain extensions and was issued by
 Netscape was called "step up", the other used by MSIE was called "Server Gated
 Cryptography" (SGC). When a browser initially connected to a server it would
 check to see if the certificate contained certain extensions and was issued by


@@ -729,16 +723,15 @@ possible alternative might be to switch to GCC.
 
 * Test suite still fails, what to do?
 
 
 * Test suite still fails, what to do?
 

-Another common reason for failure to complete some particular test is
-simply bad code generated by a buggy component in toolchain or deficiency
-in run-time environment. There are few cases documented in PROBLEMS file,
-consult it for possible workaround before you beat the drum. Even if you
-don't find solution or even mention there, do reserve for possibility of
-a compiler bug. Compiler bugs might appear in rather bizarre ways, they
-never make sense, and tend to emerge when you least expect them. In order
-to identify one, drop optimization level, e.g. by editing CFLAG line in
-top-level Makefile, recompile and re-run the test.
-
+Another common reason for test failures is bugs in the toolchain
+or run-time environment.  Known cases of this are documented in the
+PROBLEMS file, please review it before you beat the drum. Even if you
+don't find anything in that file, please do consider the possibility
+of a compiler bug. Compiler bugs often appear in rather bizarre ways,
+they never make sense, and tend to emerge when you least expect
+them. One thing to try is to reduce the level of optimization (such
+as by editing the CFLAG variable line in the top-level Makefile),
+and then recompile and re-run the test.

 
 * I think I've found a bug, what should I do?
 
 
 * I think I've found a bug, what should I do?