OSDN > Developer > lincolntgl1987 > Chambre > Openssl > Commit

Openssl
Fork

bdcloud2020/openssl

R/O
HTTP
SSH
HTTPS

Commit

Commit MetaInfo

Révision	5a9c441c6e739ef0e3585e7aaa544fdf074a1ad4 (tree)
l'heure	2001-04-06 02:48:04
Auteur	Richard Levitte <levitte@open...>
Commiter	Richard Levitte

Message de Log

Release OpenSSL 0.9.6a [engine]
The tag will be OpenSSL-engine-0_9_6a

Change Summary

modified: CHANGES (diff)
modified: FAQ (diff)
modified: README (diff)
modified: STATUS (diff)
modified: TABLE (diff)
modified: crypto/opensslv.h (diff)

Modification

--- a/CHANGES

+++ b/CHANGES

		@@ -2,7 +2,7 @@
2	2	OpenSSL CHANGES
3	3	_______________
4	4
5		- Changes between 0.9.6 and 0.9.6a [xx XXX 2001]
	5	+ Changes between 0.9.6 and 0.9.6a [5 Apr 2001]
6	6
7	7	*) Fix a couple of memory leaks in PKCS7_dataDecode()
8	8	[Steve Henson, reported by Heyun Zheng <hzheng@atdsprint.com>]

--- a/FAQ

+++ b/FAQ

		@@ -1,20 +1,22 @@
1	1	OpenSSL - Frequently Asked Questions
2	2	--------------------------------------
3	3
	4	+[MISC] Miscellaneous questions
	5	+
4	6	* Which is the current version of OpenSSL?
5	7	* Where is the documentation?
6	8	* How can I contact the OpenSSL developers?
	9	+* Where can I get a compiled version of OpenSSL?
	10	+* Why aren't tools like 'autoconf' and 'libtool' used?
	11	+
	12	+[LEGAL] Legal questions
	13	+
7	14	* Do I need patent licenses to use OpenSSL?
8		-* Is OpenSSL thread-safe?
	15	+* Can I use OpenSSL with GPL software?
	16	+
	17	+[USER] Questions on using the OpenSSL applications
	18	+
9	19	* Why do I get a "PRNG not seeded" error message?
10		-* Why does the linker complain about undefined symbols?
11		-* Where can I get a compiled version of OpenSSL?
12		-* I've compiled a program under Windows and it crashes: why?
13		-* How do I read or write a DER encoded buffer using the ASN1 functions?
14		-* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
15		-* I've called <some function> and it fails, why?
16		-* I just get a load of numbers for the error output, what do they mean?
17		-* Why do I get errors about unknown algorithms?
18	20	* How do I create certificates or certificate requests?
19	21	* Why can't I create certificate requests?
20	22	* Why does <SSL program> fail with a certificate verify error?

		@@ -22,17 +24,38 @@ OpenSSL - Frequently Asked Questions
22	24	* How can I create DSA certificates?
23	25	* Why can't I make an SSL connection using a DSA certificate?
24	26	* How can I remove the passphrase on a private key?
25		-* Why can't the OpenSSH configure script detect OpenSSL?
	27	+* Why can't I use OpenSSL certificates with SSL client authentication?
	28	+* Why does my browser give a warning about a mismatched hostname?
	29	+
	30	+[BUILD] Questions about building and testing OpenSSL
	31	+
	32	+* Why does the linker complain about undefined symbols?
26	33	* Why does the OpenSSL test fail with "bc: command not found"?
27	34	* Why does the OpenSSL test fail with "bc: 1 no implemented"?
28	35	* Why does the OpenSSL compilation fail on Alpha True64 Unix?
29	36	* Why does the OpenSSL compilation fail with "ar: command not found"?
	37	+* Why does the OpenSSL compilation fail on Win32 with VC++?
	38	+
	39	+[PROG] Questions about programming with OpenSSL
	40	+
	41	+* Is OpenSSL thread-safe?
	42	+* I've compiled a program under Windows and it crashes: why?
	43	+* How do I read or write a DER encoded buffer using the ASN1 functions?
	44	+* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
	45	+* I've called <some function> and it fails, why?
	46	+* I just get a load of numbers for the error output, what do they mean?
	47	+* Why do I get errors about unknown algorithms?
	48	+* Why can't the OpenSSH configure script detect OpenSSL?
	49	+* Can I use OpenSSL's SSL library with non-blocking I/O?
	50	+
	51	+===============================================================================
30	52
	53	+[MISC] ========================================================================
31	54
32	55	* Which is the current version of OpenSSL?
33	56
34	57	The current version is available from <URL: http://www.openssl.org>.
35		-OpenSSL 0.9.6 was released on September 24th, 2000.
	58	+OpenSSL 0.9.6a was released on April 5th, 2001.
36	59
37	60	In addition to the current stable release, you can also access daily
38	61	snapshots of the OpenSSL development version at <URL:

		@@ -78,6 +101,27 @@ OpenSSL. Information on the OpenSSL mailing lists is available from
78	101	<URL: http://www.openssl.org>.
79	102
80	103
	104	+* Where can I get a compiled version of OpenSSL?
	105	+
	106	+Some applications that use OpenSSL are distributed in binary form.
	107	+When using such an application, you don't need to install OpenSSL
	108	+yourself; the application will include the required parts (e.g. DLLs).
	109	+
	110	+If you want to install OpenSSL on a Windows system and you don't have
	111	+a C compiler, read the "Mingw32" section of INSTALL.W32 for information
	112	+on how to obtain and install the free GNU C compiler.
	113	+
	114	+A number of Linux and *BSD distributions include OpenSSL.
	115	+
	116	+
	117	+* Why aren't tools like 'autoconf' and 'libtool' used?
	118	+
	119	+autoconf will probably be used in future OpenSSL versions. If it was
	120	+less Unix-centric, it might have been used much earlier.
	121	+
	122	+
	123	+[LEGAL] =======================================================================
	124	+
81	125	* Do I need patent licenses to use OpenSSL?
82	126
83	127	The patents section of the README file lists patents that may apply to

		@@ -89,18 +133,26 @@ You can configure OpenSSL so as not to use RC5 and IDEA by using
89	133	./config no-rc5 no-idea
90	134
91	135
92		-* Is OpenSSL thread-safe?
	136	+* Can I use OpenSSL with GPL software?
93	137
94		-Yes (with limitations: an SSL connection may not concurrently be used
95		-by multiple threads). On Windows and many Unix systems, OpenSSL
96		-automatically uses the multi-threaded versions of the standard
97		-libraries. If your platform is not one of these, consult the INSTALL
98		-file.
	138	+On many systems including the major Linux and BSD distributions, yes (the
	139	+GPL does not place restrictions on using libraries that are part of the
	140	+normal operating system distribution).
99	141
100		-Multi-threaded applications must provide two callback functions to
101		-OpenSSL. This is described in the threads(3) manpage.
	142	+On other systems, the situation is less clear. Some GPL software copyright
	143	+holders claim that you infringe on their rights if you use OpenSSL with
	144	+their software on operating systems that don't normally include OpenSSL.
	145	+
	146	+If you develop open source software that uses OpenSSL, you may find it
	147	+useful to choose an other license than the GPL, or state explicitely that
	148	+"This program is released under the GPL with the additional exemption that
	149	+compiling, linking, and/or using OpenSSL is allowed." If you are using
	150	+GPL software developed by others, you may want to ask the copyright holder
	151	+for permission to use their software with OpenSSL.
102	152
103	153
	154	+[USER] ========================================================================
	155	+
104	156	* Why do I get a "PRNG not seeded" error message?
105	157
106	158	Cryptographic software needs a source of unpredictable data to work

		@@ -138,6 +190,101 @@ versions. However, be warned that /dev/random is usually a blocking
138	190	device, which may have some effects on OpenSSL.
139	191
140	192
	193	+* How do I create certificates or certificate requests?
	194	+
	195	+Check out the CA.pl(1) manual page. This provides a simple wrapper round
	196	+the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
	197	+out the manual pages for the individual utilities and the certificate
	198	+extensions documentation (currently in doc/openssl.txt).
	199	+
	200	+
	201	+* Why can't I create certificate requests?
	202	+
	203	+You typically get the error:
	204	+
	205	+ unable to find 'distinguished_name' in config
	206	+ problems making Certificate Request
	207	+
	208	+This is because it can't find the configuration file. Check out the
	209	+DIAGNOSTICS section of req(1) for more information.
	210	+
	211	+
	212	+* Why does <SSL program> fail with a certificate verify error?
	213	+
	214	+This problem is usually indicated by log messages saying something like
	215	+"unable to get local issuer certificate" or "self signed certificate".
	216	+When a certificate is verified its root CA must be "trusted" by OpenSSL
	217	+this typically means that the CA certificate must be placed in a directory
	218	+or file and the relevant program configured to read it. The OpenSSL program
	219	+'verify' behaves in a similar way and issues similar error messages: check
	220	+the verify(1) program manual page for more information.
	221	+
	222	+
	223	+* Why can I only use weak ciphers when I connect to a server using OpenSSL?
	224	+
	225	+This is almost certainly because you are using an old "export grade" browser
	226	+which only supports weak encryption. Upgrade your browser to support 128 bit
	227	+ciphers.
	228	+
	229	+
	230	+* How can I create DSA certificates?
	231	+
	232	+Check the CA.pl(1) manual page for a DSA certificate example.
	233	+
	234	+
	235	+* Why can't I make an SSL connection to a server using a DSA certificate?
	236	+
	237	+Typically you'll see a message saying there are no shared ciphers when
	238	+the same setup works fine with an RSA certificate. There are two possible
	239	+causes. The client may not support connections to DSA servers most web
	240	+browsers (including Netscape and MSIE) only support connections to servers
	241	+supporting RSA cipher suites. The other cause is that a set of DH parameters
	242	+has not been supplied to the server. DH parameters can be created with the
	243	+dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example:
	244	+check the source to s_server in apps/s_server.c for an example.
	245	+
	246	+
	247	+* How can I remove the passphrase on a private key?
	248	+
	249	+Firstly you should be really really sure you want to do this. Leaving
	250	+a private key unencrypted is a major security risk. If you decide that
	251	+you do have to do this check the EXAMPLES sections of the rsa(1) and
	252	+dsa(1) manual pages.
	253	+
	254	+
	255	+* Why can't I use OpenSSL certificates with SSL client authentication?
	256	+
	257	+What will typically happen is that when a server requests authentication
	258	+it will either not include your certificate or tell you that you have
	259	+no client certificates (Netscape) or present you with an empty list box
	260	+(MSIE). The reason for this is that when a server requests a client
	261	+certificate it includes a list of CAs names which it will accept. Browsers
	262	+will only let you select certificates from the list on the grounds that
	263	+there is little point presenting a certificate which the server will
	264	+reject.
	265	+
	266	+The solution is to add the relevant CA certificate to your servers "trusted
	267	+CA list". How you do this depends on the server sofware in uses. You can
	268	+print out the servers list of acceptable CAs using the OpenSSL s_client tool:
	269	+
	270	+openssl s_client -connect www.some.host:443 -prexit
	271	+
	272	+If your server only requests certificates on certain URLs then you may need
	273	+to manually issue an HTTP GET command to get the list when s_client connects:
	274	+
	275	+GET /some/page/needing/a/certificate.html
	276	+
	277	+If your CA does not appear in the list then this confirms the problem.
	278	+
	279	+
	280	+* Why does my browser give a warning about a mismatched hostname?
	281	+
	282	+Browsers expect the server's hostname to match the value in the commonName
	283	+(CN) field of the certificate. If it does not then you get a warning.
	284	+
	285	+
	286	+[BUILD] =======================================================================
	287	+
141	288	* Why does the linker complain about undefined symbols?
142	289
143	290	Maybe the compilation was interrupted, and make doesn't notice that

		@@ -162,17 +309,99 @@ If none of these helps, you may want to try using the current snapshot.
162	309	If the problem persists, please submit a bug report.
163	310
164	311
165		-* Where can I get a compiled version of OpenSSL?
	312	+* Why does the OpenSSL test fail with "bc: command not found"?
166	313
167		-Some applications that use OpenSSL are distributed in binary form.
168		-When using such an application, you don't need to install OpenSSL
169		-yourself; the application will include the required parts (e.g. DLLs).
	314	+You didn't install "bc", the Unix calculator. If you want to run the
	315	+tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor.
170	316
171		-If you want to install OpenSSL on a Windows system and you don't have
172		-a C compiler, read the "Mingw32" section of INSTALL.W32 for information
173		-on how to obtain and install the free GNU C compiler.
174	317
175		-A number of Linux and *BSD distributions include OpenSSL.
	318	+* Why does the OpenSSL test fail with "bc: 1 no implemented"?
	319	+
	320	+On some SCO installations or versions, bc has a bug that gets triggered
	321	+when you run the test suite (using "make test"). The message returned is
	322	+"bc: 1 not implemented".
	323	+
	324	+The best way to deal with this is to find another implementation of bc
	325	+and compile/install it. GNU bc (see http://www.gnu.org/software/software.html
	326	+for download instructions) can be safely used, for example.
	327	+
	328	+
	329	+* Why does the OpenSSL compilation fail on Alpha True64 Unix?
	330	+
	331	+On some Alpha installations running True64 Unix and Compaq C, the compilation
	332	+of crypto/sha/sha_dgst.c fails with the message 'Fatal: Insufficient virtual
	333	+memory to continue compilation.' As far as the tests have shown, this may be
	334	+a compiler bug. What happens is that it eats up a lot of resident memory
	335	+to build something, probably a table. The problem is clearly in the
	336	+optimization code, because if one eliminates optimization completely (-O0),
	337	+the compilation goes through (and the compiler consumes about 2MB of resident
	338	+memory instead of 240MB or whatever one's limit is currently).
	339	+
	340	+There are three options to solve this problem:
	341	+
	342	+1. set your current data segment size soft limit higher. Experience shows
	343	+that about 241000 kbytes seems to be enough on an AlphaServer DS10. You do
	344	+this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of
	345	+kbytes to set the limit to.
	346	+
	347	+2. If you have a hard limit that is lower than what you need and you can't
	348	+get it changed, you can compile all of OpenSSL with -O0 as optimization
	349	+level. This is however not a very nice thing to do for those who expect to
	350	+get the best result from OpenSSL. A bit more complicated solution is the
	351	+following:
	352	+
	353	+----- snip:start -----
	354	+ make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl \| \
	355	+ sed -e 's/ -O[0-9] / -O0 /'`"
	356	+ rm `ls crypto/.o crypto/sha/.o \| grep -v 'sha_dgst\.o'`
	357	+ make
	358	+----- snip:end -----
	359	+
	360	+This will only compile sha_dgst.c with -O0, the rest with the optimization
	361	+level chosen by the configuration process. When the above is done, do the
	362	+test and installation and you're set.
	363	+
	364	+
	365	+* Why does the OpenSSL compilation fail with "ar: command not found"?
	366	+
	367	+Getting this message is quite usual on Solaris 2, because Sun has hidden
	368	+away 'ar' and other development commands in directories that aren't in
	369	+$PATH by default. One of those directories is '/usr/ccs/bin'. The
	370	+quickest way to fix this is to do the following (it assumes you use sh
	371	+or any sh-compatible shell):
	372	+
	373	+----- snip:start -----
	374	+ PATH=${PATH}:/usr/ccs/bin; export PATH
	375	+----- snip:end -----
	376	+
	377	+and then redo the compilation. What you should really do is make sure
	378	+'/usr/ccs/bin' is permanently in your $PATH, for example through your
	379	+'.profile' (again, assuming you use a sh-compatible shell).
	380	+
	381	+
	382	+* Why does the OpenSSL compilation fail on Win32 with VC++?
	383	+
	384	+Sometimes, you may get reports from VC++ command line (cl) that it
	385	+can't find standard include files like stdio.h and other weirdnesses.
	386	+One possible cause is that the environment isn't correctly set up.
	387	+To solve that problem, one should run VCVARS32.BAT which is found in
	388	+the 'bin' subdirectory of the VC++ installation directory (somewhere
	389	+under 'Program Files'). This needs to be done prior to running NMAKE,
	390	+and the changes are only valid for the current DOS session.
	391	+
	392	+
	393	+[PROG] ========================================================================
	394	+
	395	+* Is OpenSSL thread-safe?
	396	+
	397	+Yes (with limitations: an SSL connection may not concurrently be used
	398	+by multiple threads). On Windows and many Unix systems, OpenSSL
	399	+automatically uses the multi-threaded versions of the standard
	400	+libraries. If your platform is not one of these, consult the INSTALL
	401	+file.
	402	+
	403	+Multi-threaded applications must provide two callback functions to
	404	+OpenSSL. This is described in the threads(3) manpage.
176	405
177	406
178	407	* I've compiled a program under Windows and it crashes: why?

		@@ -259,68 +488,6 @@ is forgetting to load OpenSSL's table of algorithms with
259	488	OpenSSL_add_all_algorithms(). See the manual page for more information.
260	489
261	490
262		-* How do I create certificates or certificate requests?
263		-
264		-Check out the CA.pl(1) manual page. This provides a simple wrapper round
265		-the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
266		-out the manual pages for the individual utilities and the certificate
267		-extensions documentation (currently in doc/openssl.txt).
268		-
269		-
270		-* Why can't I create certificate requests?
271		-
272		-You typically get the error:
273		-
274		- unable to find 'distinguished_name' in config
275		- problems making Certificate Request
276		-
277		-This is because it can't find the configuration file. Check out the
278		-DIAGNOSTICS section of req(1) for more information.
279		-
280		-
281		-* Why does <SSL program> fail with a certificate verify error?
282		-
283		-This problem is usually indicated by log messages saying something like
284		-"unable to get local issuer certificate" or "self signed certificate".
285		-When a certificate is verified its root CA must be "trusted" by OpenSSL
286		-this typically means that the CA certificate must be placed in a directory
287		-or file and the relevant program configured to read it. The OpenSSL program
288		-'verify' behaves in a similar way and issues similar error messages: check
289		-the verify(1) program manual page for more information.
290		-
291		-
292		-* Why can I only use weak ciphers when I connect to a server using OpenSSL?
293		-
294		-This is almost certainly because you are using an old "export grade" browser
295		-which only supports weak encryption. Upgrade your browser to support 128 bit
296		-ciphers.
297		-
298		-
299		-* How can I create DSA certificates?
300		-
301		-Check the CA.pl(1) manual page for a DSA certificate example.
302		-
303		-
304		-* Why can't I make an SSL connection to a server using a DSA certificate?
305		-
306		-Typically you'll see a message saying there are no shared ciphers when
307		-the same setup works fine with an RSA certificate. There are two possible
308		-causes. The client may not support connections to DSA servers most web
309		-browsers (including Netscape and MSIE) only support connections to servers
310		-supporting RSA cipher suites. The other cause is that a set of DH parameters
311		-has not been supplied to the server. DH parameters can be created with the
312		-dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example:
313		-check the source to s_server in apps/s_server.c for an example.
314		-
315		-
316		-* How can I remove the passphrase on a private key?
317		-
318		-Firstly you should be really really sure you want to do this. Leaving
319		-a private key unencrypted is a major security risk. If you decide that
320		-you do have to do this check the EXAMPLES sections of the rsa(1) and
321		-dsa(1) manual pages.
322		-
323		-
324	491	* Why can't the OpenSSH configure script detect OpenSSL?
325	492
326	493	There is a problem with OpenSSH 1.2.2p1, in that the configure script

		@@ -362,71 +529,19 @@ applied to the OpenSSH distribution:
362	529	----- snip:end -----
363	530
364	531
365		-* Why does the OpenSSL test fail with "bc: command not found"?
	532	+* Can I use OpenSSL's SSL library with non-blocking I/O?
366	533
367		-You didn't install "bc", the Unix calculator. If you want to run the
368		-tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor.
369		-
370		-
371		-* Why does the OpenSSL test fail with "bc: 1 no implemented"?
	534	+Yes; make sure to read the SSL_get_error(3) manual page!
372	535
373		-On some SCO installations or versions, bc has a bug that gets triggered when
374		-you run the test suite (using "make test"). The message returned is "bc:
375		-1 not implemented". The best way to deal with this is to find another
376		-implementation of bc and compile/install it. For example, GNU bc (see
377		-http://www.gnu.org/software/software.html for download instructions) can
378		-be safely used.
	536	+A pitfall to avoid: Don't assume that SSL_read() will just read from
	537	+the underlying transport or that SSL_write() will just write to it --
	538	+it is also possible that SSL_write() cannot do any useful work until
	539	+there is data to read, or that SSL_read() cannot do anything until it
	540	+is possible to send data. One reason for this is that the peer may
	541	+request a new TLS/SSL handshake at any time during the protocol,
	542	+requiring a bi-directional message exchange; both SSL_read() and
	543	+SSL_write() will try to continue any pending handshake.
379	544
380	545
381		-* Why does the OpenSSL compilation fail on Alpha True64 Unix?
382		-
383		-On some Alpha installations running True64 Unix and Compaq C, the compilation
384		-of crypto/sha/sha_dgst.c fails with the message 'Fatal: Insufficient virtual
385		-memory to continue compilation.' As far as the tests have shown, this may be
386		-a compiler bug. What happens is that it eats up a lot of resident memory
387		-to build something, probably a table. The problem is clearly in the
388		-optimization code, because if one eliminates optimization completely (-O0),
389		-the compilation goes through (and the compiler consumes about 2MB of resident
390		-memory instead of 240MB or whatever one's limit is currently).
391		-
392		-There are three options to solve this problem:
393		-
394		-1. set your current data segment size soft limit higher. Experience shows
395		-that about 241000 kbytes seems to be enough on an AlphaServer DS10. You do
396		-this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of
397		-kbytes to set the limit to.
398		-
399		-2. If you have a hard limit that is lower than what you need and you can't
400		-get it changed, you can compile all of OpenSSL with -O0 as optimization
401		-level. This is however not a very nice thing to do for those who expect to
402		-get the best result from OpenSSL. A bit more complicated solution is the
403		-following:
404		-
405		------ snip:start -----
406		- make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl \| \
407		- sed -e 's/ -O[0-9] / -O0 /'`"
408		- rm `ls crypto/.o crypto/sha/.o \| grep -v 'sha_dgst\.o'`
409		- make
410		------ snip:end -----
411		-
412		-This will only compile sha_dgst.c with -O0, the rest with the optimization
413		-level chosen by the configuration process. When the above is done, do the
414		-test and installation and you're set.
415		-
416		-
417		-* Why does the OpenSSL compilation fail with "ar: command not found"?
418		-
419		-Getting this message is quite usual on Solaris 2, because Sun has hidden
420		-away 'ar' and other development commands in directories that aren't in
421		-$PATH by default. One of those directories is '/usr/ccs/bin'. The
422		-quickest way to fix this is to do the following (it assumes you use sh
423		-or any sh-compatible shell):
424		-
425		------ snip:start -----
426		- PATH=${PATH}:/usr/ccs/bin; export PATH
427		------ snip:end -----
428		-
429		-and then redo the compilation. What you should really do is make sure
430		-'/usr/ccs/bin' is permanently in your $PATH, for example through your
431		-'.profile' (again, assuming you use a sh-compatible shell).
	546	+===============================================================================
432	547

--- a/README

+++ b/README

		@@ -1,5 +1,5 @@
1	1
2		- OpenSSL 0.9.6a-beta4-dev [engine] XX xxx XXXX
	2	+ OpenSSL 0.9.6a [engine] 5 Apr 2001
3	3
4	4	Copyright (c) 1998-2000 The OpenSSL Project
5	5	Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

--- a/STATUS

+++ b/STATUS

		@@ -1,46 +1,10 @@
1	1
2	2	OpenSSL STATUS Last modified at
3		- ______________ $Date: 2001/03/26 17:09:12 $
	3	+ ______________ $Date: 2001/04/05 17:48:02 $
4	4
5	5	DEVELOPMENT STATE
6	6
7		- o OpenSSL 0.9.6a: Bugfix release -- under development...
8		- Beta 1 released on March 13th, 2001
9		- HP-UX 10.20 (hpux-parisc-cc) - PASSED [normal+engine]
10		- HP-UX 10.20 (hpux-parisc-gcc) - PASSED [normal+engine]
11		- HP-UX 11.00 32bit (hpux-parisc-gcc) - FAILED [engine]
12		- "openssl speed rsa1024 -engine cswift" fails unless
13		- libswift.sl is renamed to libswift.so.
14		- [CORRECTED]
15		- HP MPE/iX - PASSED [presumed normal]
16		- Linux 2.2.17 SMP (linux-elf) - PASSED [normal+engine]
17		- Windows (VC-WIN32) - FAILED [presumed normal]
18		- Missing line in ms/32all.bat:
19		- perl util\mkfiles.pl >MINFO
20		- [CORRECTED]
21		- In randfile.c, line 214, signed and unsigned int are mixed.
22		- [CORRECTED]
23		- In s_client.c and s_server.c, RAND_status() needs to get
24		- declared (#include <openssl/rand.h>)
25		- [CORRECTED]
26		- OpenVMS (any version) - FAILED [normal+engine]
27		- Missing instructions in building script.
28		- [CORRECTED]
29		- AIX 4.3 - FAILED [engine]
30		- Needs -DDSO_DLFCN and -DHAVE_DLFCN_H to work.
31		- [CORRECTED] (but will not be automagically configured)
32		- Irix 6.5.11 - FAILED [presumed normal]
33		- BN_sqr test fails.
34		- solaris64-sparcv9-cc (SunOS 5.8) - PASSED [normal+engine]
35		- BSDI 4.0.1 (bsdi-elf-gcc) - FAILED [engine]
36		- Needs -DDSO_DLFCN, -DHAVE_DLFCN_H and -ldl to work.
37		- [CORRECTED]
38		- mingw32 w/ gcc 2.95.2 - PASSED [presumed normal]
39		-
40		- Beta 2 released on March 21st, 2001
41		- OpenVMS (tested on VMS 7.2-1 for Alpha) - PASSED [presumed normal]
42		- solaris64-sparcv9-cc (SunOS 5.8) - PASSED [normal]
43		-
	7	+ o OpenSSL 0.9.6a: Released on April 5th, 2001
44	8	o OpenSSL 0.9.6: Released on September 24th, 2000
45	9	o OpenSSL 0.9.5a: Released on April 1st, 2000
46	10	o OpenSSL 0.9.5: Released on February 28th, 2000

--- a/TABLE

+++ b/TABLE

		@@ -1172,8 +1172,8 @@ $cflags = -O3 -fomit-frame-pointer
1172	1172	$unistd =
1173	1173	$thread_cflag = (unknown)
1174	1174	$lflags = -lnsl -lsocket
1175		-$bn_ops = RC4_INDEX
1176		-$bn_obj = RC4_INDEX DES_UNROLL
	1175	+$bn_ops = RC4_INDEX DES_UNROLL
	1176	+$bn_obj =
1177	1177	$des_obj =
1178	1178	$bf_obj =
1179	1179	$md5_obj =

		@@ -2205,9 +2205,9 @@ $cc = gcc
2205	2205	$cflags = -O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H
2206	2206	$unistd =
2207	2207	$thread_cflag = (unknown)
2208		-$lflags =
2209		-$bn_ops = -lsocket
2210		-$bn_obj = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
	2208	+$lflags = -lsocket
	2209	+$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
	2210	+$bn_obj =
2211	2211	$des_obj =
2212	2212	$bf_obj =
2213	2213	$md5_obj =

		@@ -2599,10 +2599,10 @@ $ranlib =
2599	2599	*** unixware-2.0-pentium
2600	2600	$cc = cc
2601	2601	$cflags = -DFILIO_H -Kpentium
2602		-$unistd = -Kthread
2603		-$thread_cflag = -lsocket -lnsl -lx
2604		-$lflags = MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
2605		-$bn_ops =
	2602	+$unistd =
	2603	+$thread_cflag = -Kthread
	2604	+$lflags = -lsocket -lnsl -lx
	2605	+$bn_ops = MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
2606	2606	$bn_obj =
2607	2607	$des_obj =
2608	2608	$bf_obj =

		@@ -2690,7 +2690,51 @@ $cflags = -O -DFILIO_H -Kalloca
2690	2690	$unistd =
2691	2691	$thread_cflag = -Kthread
2692	2692	$lflags = -lsocket -lnsl
2693		-$bn_ops = MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
	2693	+$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
	2694	+$bn_obj =
	2695	+$des_obj =
	2696	+$bf_obj =
	2697	+$md5_obj =
	2698	+$sha1_obj =
	2699	+$cast_obj =
	2700	+$rc4_obj =
	2701	+$rmd160_obj =
	2702	+$rc5_obj =
	2703	+$dso_scheme =
	2704	+$shared_target=
	2705	+$shared_cflag =
	2706	+$shared_extension =
	2707	+$ranlib =
	2708	+
	2709	+*** unixware-7-pentium
	2710	+$cc = cc
	2711	+$cflags = -O -DFILIO_H -Kalloca -Kpentium
	2712	+$unistd =
	2713	+$thread_cflag = -Kthread
	2714	+$lflags = -lsocket -lnsl
	2715	+$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
	2716	+$bn_obj =
	2717	+$des_obj =
	2718	+$bf_obj =
	2719	+$md5_obj =
	2720	+$sha1_obj =
	2721	+$cast_obj =
	2722	+$rc4_obj =
	2723	+$rmd160_obj =
	2724	+$rc5_obj =
	2725	+$dso_scheme =
	2726	+$shared_target=
	2727	+$shared_cflag =
	2728	+$shared_extension =
	2729	+$ranlib =
	2730	+
	2731	+*** unixware-7-pentium_pro
	2732	+$cc = cc
	2733	+$cflags = -O -DFILIO_H -Kalloca -Kpentium_pro
	2734	+$unistd =
	2735	+$thread_cflag = -Kthread
	2736	+$lflags = -lsocket -lnsl
	2737	+$bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
2694	2738	$bn_obj =
2695	2739	$des_obj =
2696	2740	$bf_obj =

--- a/crypto/opensslv.h

+++ b/crypto/opensslv.h

		@@ -25,8 +25,8 @@
25	25	* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
26	26	* major minor fix final patch/beta)
27	27	*/
28		-#define OPENSSL_VERSION_NUMBER 0x00906014L
29		-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6a-beta4-dev [engine] XX xxx XXXX"
	28	+#define OPENSSL_VERSION_NUMBER 0x0090601fL
	29	+#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6a [engine] 5 Apr 2001"
30	30	#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
31	31
32	32

Openssl Fork