X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=CHANGES;h=e770a240b7f0af5cae79448c8febd6910f939b0d;hb=c4e6fb15244e27f1e93df3f59fe37b59a784f5dc;hp=8e358c69fae276c0f42f5605b708366c6d7485ff;hpb=94a209d8e1ef9cc0a26ff16e5419b198fdfa5adc;p=oweals%2Fopenssl.git

diff --git a/CHANGES b/CHANGES
index 8e358c69fa..e770a240b7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,66 @@
 
  Changes between 1.0.x and 1.1.0  [xx XXX xxxx]
 
+  *) Make openssl verify return errors.
+     [Chris Palmer <palmer@google.com> and Ben Laurie]
+
+  *) Fix OCSP checking.
+     [Rob Stradling <rob.stradling@comodo.com> and Ben Laurie]
+
+  *) New option -crl_download in several openssl utilities to download CRLs
+     from CRLDP extension in certificates.
+     [Steve Henson]
+
+  *) Integrate hostname, email address and IP address checking with certificate
+     verification. New verify options supporting checking in opensl utility.
+     [Steve Henson]
+
+  *) New function X509_CRL_diff to generate a delta CRL from the difference
+     of two full CRLs. Add support to "crl" utility.
+     [Steve Henson]
+
+  *) New options -CRL and -CRLform for s_client and s_server for CRLs.
+     [Steve Henson]
+
+  *) Extend OCSP I/O functions so they can be used for simple general purpose
+     HTTP as well as OCSP. New wrapper function which can be used to download
+     CRLs using the OCSP API.
+     [Steve Henson]
+
+  *) New functions to set lookup_crls callback and to retrieve
+     X509_STORE from X509_STORE_CTX.
+     [Steve Henson]
+
+  *) New ctrl and macro to retrieve supported points extensions.
+     Print out extension in s_server and s_client.
+     [Steve Henson]
+
+  *) New function ASN1_TIME_diff to calculate the difference between two
+     ASN1_TIME structures or one structure and the current time.
+     [Steve Henson]
+
+  *) Fixes and wildcard matching support to hostname and email checking
+     functions. Add manual page.
+     [Florian Weimer (Red Hat Product Security Team)]
+
+  *) New experimental SSL_CONF* functions. These provide a common framework
+     for application configuration using configuration files or command lines.
+     [Steve Henson]
+
+  *) New functions to check a hostname email or IP address against a
+     certificate. Add options x509 utility to print results of checks against
+     a certificate.
+     [Steve Henson]
+
+  *) Add -rev test option to s_server to just reverse order of characters
+     received by client and send back to server. Also prints an abbreviated
+     summary of the connection parameters.
+     [Steve Henson]
+
+  *) New option -brief for s_client and s_server to print out a brief summary
+     of connection parameters.
+     [Steve Henson]
+
   *) Add functions to retrieve and manipulate the raw cipherlist sent by a
      client to OpenSSL.
      [Steve Henson]
@@ -350,6 +410,10 @@
 
  Changes between 1.0.1 and 1.0.2 [xx XXX xxxx]
 
+  *) MIPS assembly pack updates: support for MIPS32r2 and SmartMIPS ASE,
+     platform support for Linux and Android.
+     [Andy Polyakov]
+
   *) Call OCSP Stapling callback after ciphersuite has been chosen, so
      the right response is stapled. Also change current certificate to
      the certificate actually sent.