X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=CHANGES;h=0bc0d90e7de2abf5b6052e3a0dea8c871dba7787;hb=8002e3073bf7235801f75cf42bc0252fc034d041;hp=14ffb4083eecf419feb0a2d4b8bf4b7289ea4c93;hpb=aaf35f11d760ca64981d6633c4816193d1ea6145;p=oweals%2Fopenssl.git diff --git a/CHANGES b/CHANGES index 14ffb4083e..0bc0d90e7d 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,31 @@ Changes between 0.9.8k and 1.0 [xx XXX xxxx] + *) Add CHECKED_STACK_OF macro to safestack.h, otherwise safestack can't + be used on C++. + [Steve Henson] + + *) Add "missing" function EVP_MD_flags() (without this the only way to + retrieve a digest flags is by accessing the structure directly. Update + EVP_MD_do_all*() and EVP_CIPHER_do_all*() to include the name a digest + or cipher is registered as in the "from" argument. Print out all + registered digests in the dgst usage message instead of manually + attempting to work them out. + [Steve Henson] + + *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello: + this allows the use of compression and extensions. Change default cipher + string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2 + by default unless an application cipher string requests it. + [Steve Henson] + + *) Alter match criteria in PKCS12_parse(). It used to try to use local + key ids to find matching certificates and keys but some PKCS#12 files + don't follow the (somewhat unwritten) rules and this strategy fails. + Now just gather all certificates together and the first private key + then look for the first certificate that matches the key. + [Steve Henson] + *) Support use of registered digest and cipher names for dgst and cipher commands instead of having to add each one as a special case. So now you can do: @@ -765,6 +790,9 @@ Changes between 0.9.8k and 0.9.8l [xx XXX xxxx] + *) Handle non-blocking I/O properly in SSL_shutdown() call. + [Darryl Miles ] + *) Add 2.5.4.* OIDs [Ilya O. ]