I've updated the version of OpenSSL to 0.9.7-1. This also includes the
openssl-devel package.
This is finally the long expected 0.9.7 version of OpenSSL which has been
released officially on 2002-12-31.
The Cygwin version contains two patches which are not in the official
source tree.
The official release announcement text follows:
OpenSSL version 0.9.7 released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.7 of our open source toolkit for SSL/TLS. This new
OpenSSL version is a major release and incorporates at least 262
changes and bugfixes to the toolkit (for a complete list see
http://www.openssl.org/source/exp/CHANGES.
The most significant changes are:
o New library section OCSP.
o Complete rewrite of ASN1 code.
o CRL checking in verify code and openssl utility.
o Extension copying in 'ca' utility.
o Flexible display options in 'ca' utility.
o Provisional support for international characters with UTF8.
o Support for external crypto devices ('engine') is no longer
a separate distribution.
o New elliptic curve library section.
o New AES (Rijndael) library section.
o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit,
Linux x86_64, Linux 64-bit on Sparc v9
o Extended support for some platforms: VxWorks
o Enhanced support for shared libraries.
o Now only builds PIC code when shared library support is requested.
o Support for pkg-config.
o Lots of new manuals.
o Makes symbolic links to or copies of manuals to cover all described
functions.
o Change DES API to clean up the namespace (some applications link also
against libdes providing similar functions having the same name).
Provide macros for backward compatibility (will be removed in the
future).
o Unify handling of cryptographic algorithms (software and engine)
to be available via EVP routines for asymmetric and symmetric ciphers.
o NCONF: new configuration handling routines.
o Change API to use more 'const' modifiers to improve error checking
and help optimizers.
o Finally remove references to RSAref.
o Reworked parts of the BIGNUM code.
o Support for new engines: Broadcom ubsec, Accelerated Encryption
Processing, IBM 4758.
o A few new engines added in the demos area.
o Extended and corrected OID (object identifier) table.
o PRNG: query at more locations for a random device, automatic query for
EGD style random sources at several locations.
o SSL/TLS: allow optional cipher choice according to server's preference.
o SSL/TLS: allow server to explicitly set new session ids.
o SSL/TLS: support Kerberos cipher suites (RFC2712).
Only supports MIT Kerberos for now.
o SSL/TLS: allow more precise control of renegotiations and sessions.
o SSL/TLS: add callback to retrieve SSL/TLS messages.
o SSL/TLS: support AES cipher suites (RFC3268).
We consider OpenSSL 0.9.7 to be the best version of OpenSSL available
and we strongly recommend that users of older versions upgrade as
soon as possible. OpenSSL 0.9.7 is available for download via HTTP
and FTP from the following master locations (you can find the various
FTP mirrors under http://www.openssl.org/source/mirror.html):
o http://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
OpenSSL 0.9.6 (all patch levels) came in the form of two distributions,
a normal one and an engine variant that included support for external
crypto devices. In 0.9.7, the engine framework is part of the normal
distribution, so there are no variants of 0.9.7.
To update your installation, click on the Install Cygwin now link on
the http://cygwin.com/ web page. This downloads setup.exe to your
system. Once you've downloaded setup.exe, run it and select Net
(Devel for the openssl-devel package) and then click on the appropriate
field until the above announced version number appears if it is not
displayed already.
If you have questions or comments, please send them to the Cygwin
mailing list at: [EMAIL PROTECTED] . I would appreciate it if you would
use this mailing list rather than emailing me directly. This includes
ideas and comments about the setup utility or Cygwin in general.
If you want to make a point or ask a question, the Cygwin mailing list
is the appropriate place.
*** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***
If you want to unsubscribe from the cygwin-announce mailing list, look
at the List-Unsubscribe: tag in the email header of this message.
Send email to the address specified there. It will be in the format:
[EMAIL PROTECTED]
If you need more information on unsubscribing, start reading here:
