X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=470435fe821ca2bbd4e04821a2c76ff2699e28c4;hp=c6b9e894feae375986dc353c3bf0203c75e2a85e;hb=d08d8da4326f4bd1a0392fff3089c72d1236b634;hpb=436d318c806003352b916f637ceb68f3bfde72de

diff --git a/CHANGES b/CHANGES
index c6b9e894fe..470435fe82 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,59 @@
 
  Changes between 0.9.1c and 0.9.2
 
+  *) Updates to the new SSL compression code
+     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+  *) Fix so that the version number in the master secret, when passed
+     via RSA, checks that if TLS was proposed, but we roll back to SSLv3
+     (because the server will not accept higher), that the version number
+     is 0x03,0x01, not 0x03,0x00
+     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+  *) Run extensive memory leak checks on SSL apps. Fixed *lots* of memory
+     leaks in ssl/ relating to new X509_get_pubkey() behaviour. Also fixes
+     in apps/ and an unrellated leak in crypto/dsa/dsa_vrf.c
+     [Steve Henson]
+
+  *) Support for RAW extensions where an arbitrary extension can be
+     created by including its DER encoding. See apps/openssl.cnf for
+     an example.
+     [Steve Henson]
+
+  *) Make sure latest Perl versions don't interpret some generated C array
+     code as Perl array code in the crypto/err/err_genc.pl script.
+     [Lars Weber <3weber@informatik.uni-hamburg.de>]
+
+  *) Modify ms/do_ms.bat to not generate assembly language makefiles since
+     not many people have the assembler. Various Win32 compilation fixes and
+     update to the INSTALL.W32 file with (hopefully) more accurate Win32
+     build instructions.
+     [Steve Henson]
+
+  *) Modify configure script 'Configure' to automatically create crypto/date.h
+     file under Win32 and also build pem.h from pem.org. New script
+     util/mkfiles.pl to create the MINFO file on environments that can't do a
+     'make files': perl util/mkfiles.pl >MINFO should work.
+     [Steve Henson]
+
+  *) Major rework of DES function declarations, in the pursuit of correctness
+     and purity. As a result, many evil casts evaporated, and some weirdness,
+     too. You may find this causes warnings in your code. Zapping your evil
+     casts will probably fix them. Mostly.
+     [Ben Laurie]
+
+  *) Fix for a typo in asn1.h. Bug fix to object creation script
+     obj_dat.pl. It considered a zero in an object definition to mean
+     "end of object": none of the objects in objects.h have any zeros
+     so it wasn't spotted.
+     [Steve Henson, reported by Erwann ABALEA <eabalea@certplus.com>]
+
+  *) Add support for Triple DES Cipher Block Chaining with Output Feedback
+     Masking (CBCM). In the absence of test vectors, the best I have been able
+     to do is check that the decrypt undoes the encrypt, so far. Send me test
+     vectors if you have them.
+     [Ben Laurie]
+
   *) Correct caclulation of key length for export ciphers (too much space was
      allocated for null ciphers). This has not been tested!
      [Ben Laurie]
@@ -16,6 +69,7 @@
      If you do a: 
      perl util/mkdef.pl crypto ssl update
      it will update them.
+     [Steve Henson]
 
   *) Overhauled the Perl interface (perl/*):
      - ported BN stuff to OpenSSL's different BN library