His comments are:
1) Changes all references for `True64' to be `Tru64', which is the correct
spelling for the OS name.
2) Makes `alpha-cc' be the same as `alpha164-cc', and adds an `alphaold-cc'
entry that is the same as the previous `alpha-cc'. The reason is that most
people these days are using the newer compiler, so it should be the default.
3) Adds a bit of commentary to Configure, regarding the name changes of
the OS over the years, so it's not so confusing to people that haven't been
with the OS for a while.
4) Adds an `alpha-cc-rpath' target (which is *not* selected automatically
by Configure under any circumstance) that builds an RPATH into the
shared libraries. This is explained in the comment in Configure. It's
very very useful for people that want it, and people that don't want it
just shouldn't choose that target.
5) Adds the `-pthread' flag as the best way to get POSIX thread support
from the newer compiler.
6) Updates the Makefile targets, so that when the `alpha164-cc', `alpha-cc',
or `alpha-cc-rpath' target is what Configure is set to use, it uses a Makefile
target that includes the `-msym' option when building the shared library.
This is a performance enhancement.
7) Updates `config' so that if it detects you're running version 4 or 5
of the OS, it automatically selects `alpha-cc', but uses `alphaold-cc'
for versions 1-3 of the OS.
8) Updates the comment in opensslv.h, fixing both the OS name typo and
adding a reference to IRIX 6.x, since the shared library semantics are
virtually identical there.
HP-UX in common in ./config). Note that for the moment of this writing
none of 64-bit platforms pass bntest. I'm committing this anyway as it's
too frustrating to patch snapshots over and over while 0.9.6 is known to
work.
reduce linker bloat. For example the
single line:
PEM_read_X509()
results in a binary of around 400K in Linux!
This first step separates some of the PEM functions and
avoids linking in some PKCS#7 and PKCS#12 code.
things), especially as the RSA keys are fixed. However, DSA only fixes the
DSA parameters and then generates the public and private components on the
fly each time - this commit hard-codes some sampled key values so that this
is no longer the case.
Add new extension functions which work with NCONF.
Tidy up extension config routines and remove redundant code.
Fix NCONF_get_number().
Todo: more testing of apps to see they still work...
applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().
Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.
with arbitrary arguments instead of just a string.
- Change the key loaders to take a UI_METHOD instead of a callback
function pointer. NOTE: this breaks binary compatibility with
earlier versions of OpenSSL [engine].
- Addapt the nCipher code for these new conditions and add a card
insertion callback.
prompting, application-defined prompts, the possibility to use
defaults (for example default passwords from somewhere else) and
interrupts/cancelations.
Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.
