X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=9ed1297ccbb50f9c8556e31e4597f72cd67805e6;hp=0eec6b321752e39015f88fff84402ea8541f6496;hb=b6e4dac217afc0925fb2974194d2070ccf30b922;hpb=2b90b1f344b50451673f02ae5ba1291779db544a diff --git a/CHANGES b/CHANGES index 0eec6b3217..9ed1297ccb 100644 --- a/CHANGES +++ b/CHANGES @@ -12,6 +12,79 @@ *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 +) applies to 0.9.7 only + *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid() + returns early because it has nothing to do. + [Andy Schneider ] + + *) [In 0.9.6c-engine and 0.9.7 release:] + Fix mutex callback return values in crypto/engine/hw_ncipher.c. + [Andy Schneider ] + + -) [In 0.9.6c-engine release:] + Add support for Cryptographic Appliance's keyserver technology. + (Use engine 'keyclient') + [Cryptographic Appliances and Geoff Thorpe] + + *) Add a configuration entry for OS/390 Unix. The C compiler 'c89' + is called via tools/c89.sh because arguments have to be + rearranged (all '-L' options must appear before the first object + modules). + [Richard Shapiro ] + + +) Use wNAFs in EC_POINTs_mul() for improved efficiency + (up to about 10% better than before for P-192 and P-224). + [Bodo Moeller] + + -) [In 0.9.6c-engine release:] + Add support for Broadcom crypto accelerator cards, backported + from 0.9.7. + [Broadcom, Nalin Dahyabhai , Mark Cox] + + -) [In 0.9.6c-engine release:] + Add support for SureWare crypto accelerator cards from + Baltimore Technologies. (Use engine 'sureware') + [Baltimore Technologies and Mark Cox] + + -) [In 0.9.6c-engine release:] + Add support for crypto accelerator cards from Accelerated + Encryption Processing, www.aep.ie. (Use engine 'aep') + [AEP Inc. and Mark Cox] + + *) Add a configuration entry for gcc on UnixWare. + [Gary Benson ] + + +) New functions/macros + + SSL_CTX_set_msg_callback(ctx, cb) + SSL_CTX_set_msg_callback_arg(ctx, arg) + SSL_set_msg_callback(ssl, cb) + SSL_set_msg_callback_arg(ssl, arg) + + to request calling a callback function + + void cb(int write_p, int version, int content_type, + const void *buf, size_t len, SSL *ssl, void *arg) + + whenever a protocol message has been completely received + (write_p == 0) or sent (write_p == 1). Here 'version' is the + protocol version according to which the SSL library interprets + the current protocol message (SSL2_VERSION, SSL3_VERSION, or + TLS1_VERSION). 'content_type' is 0 in the case of SSL 2.0, or + the content type as defined in the SSL 3.0/TLS 1.0 protocol + specification (change_cipher_spec(20), alert(21), handshake(22)). + 'buf' and 'len' point to the actual message, 'ssl' to the + SSL object, and 'arg' is the application-defined value set by + SSL[_CTX]_set_msg_callback_arg(). + + 'openssl s_client' and 'openssl s_server' have new '-msg' options + to enable a callback that displays all protocol messages. + [Bodo Moeller] + + *) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake + messages are stored in a single piece (fixed-length part and + variable-length part combined) and fix various bugs found on the way. + [Bodo Moeller] + +) Change the shared library support so shared libraries are built as soon as the corresponding static library is finished, and thereby get openssl and the test programs linked against the shared library. @@ -86,38 +159,6 @@ particular extension is supported. [Steve Henson] - +) New functions/macros - - SSL_CTX_set_msg_callback(ctx, cb) - SSL_CTX_set_msg_callback_arg(ctx, arg) - SSL_set_msg_callback(ssl, cb) - SSL_set_msg_callback_arg(ssl, arg) - - to request calling a callback function - - void cb(int write_p, int version, int content_type, - const void *buf, size_t len, SSL *ssl, void *arg) - - whenever a protocol message has been completely received - (write_p == 0) or sent (write_p == 1). Here 'version' is the - protocol version according to which the SSL library interprets - the current protocol message (SSL2_VERSION, SSL3_VERSION, or - TLS1_VERSION). 'content_type' is 0 in the case of SSL 2.0, or - the content type as defined in the SSL 3.0/TLS 1.0 protocol - specification (change_cipher_spec(20), alert(21), handshake(22)). - 'buf' and 'len' point to the actual message, 'ssl' to the - SSL object, and 'arg' is the application-defined value set by - SSL[_CTX]_set_msg_callback_arg(). - - 'openssl s_client' and 'openssl s_server' have new '-msg' options - to enable a callback that displays all protocol messages. - [Bodo Moeller] - - *) Change ssl/s2_clnt.c and ssl/s3_srvr.c so that received handshake - messages are stored in a single piece (fixed-length part and - variable-length part combined) and fix various bugs found on the way. - [Bodo Moeller] - *) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert (sent using the client's version number) if client_version is smaller than the protocol version in use. Also change @@ -236,8 +277,12 @@ "Douglas E. Engert" . [Lutz Jaenicke] - +) Add support for shared libraries for Unixware-7 and support including - shared libraries for OpenUNIX-8 (Boyd Lynn Gerber ). + +) Add support for shared libraries for Unixware-7 + (Boyd Lynn Gerber ). + [Lutz Jaenicke] + + *) Add OpenUNIX-8 support including shared libraries + (Boyd Lynn Gerber ). [Lutz Jaenicke] *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid @@ -404,7 +449,7 @@ anyway). [Ben Laurie] - +) Enhanced support for IA-64 Unix platforms (well, Linux and HP-UX). + *) Enhanced support for IA-64 Unix platforms (well, Linux and HP-UX). [Andy Polyakov] *) Modified SSL library such that the verify_callback that has been set @@ -921,9 +966,12 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k don't write to the wrong index in ERR_set_error_data. [Bodo Moeller] - +) Function EC_POINTs_mul for simultaneous scalar multiplication - of an arbitrary number of elliptic curve points, optionally - including the generator defined for the EC_GROUP. + +) Function EC_POINTs_mul for multiple scalar multiplication + of an arbitrary number of elliptic curve points + \sum scalars[i]*points[i], + optionally including the generator defined for the EC_GROUP: + scalar*generator + \sum scalars[i]*points[i]. + EC_POINT_mul is a simple wrapper function for the typical case that the point list has just one item (besides the optional generator). @@ -1884,14 +1932,14 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k identity, and test if they are actually available. [Richard Levitte] - +) Add support for shared libraries under Irix. + *) Add support for shared libraries under Irix. [Albert Chin-A-Young ] +) Improve RPM specification file by forcing symbolic linking and making sure the installed documentation is also owned by root.root. [Damien Miller ] - +) Add configuration option to build on Linux on both big-endian and + *) Add configuration option to build on Linux on both big-endian and little-endian MIPS. [Ralf Baechle ] @@ -1921,7 +1969,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k +) Support threads on FreeBSD-elf in Configure. [Richard Levitte] - +) Add the possibility to create shared libraries on HP-UX + *) Add the possibility to create shared libraries on HP-UX [Richard Levitte] +) Fix for SHA1 assembly problem with MASM: it produces