OpenSSL version 0.9.8i ute

Det omåttligt populära kryptobiblioteket OpenSSL har nu kommit ut i en ny version, nämligen 0.9.8i.

Några av de många förändringar och förbättringar är:

*) Delta CRL support

*) Support for CRLs partitioned by reason code

*) Support for freshest CRL extension.

*) Initial indirect CRL support.

*) Add support for distinct certificate and CRL paths.

*) Add support for policy mappings extension.

*) Fixes to pathlength constraint, self issued certificate handling,
policy processing to align with RFC3280 and PKITS tests.
*) Support for name constraints certificate extension. DN, email, DNS
and URI types are currently supported.

*) To cater for systems that provide a pointer-based thread ID rather
than numeric, deprecate the current numeric thread ID mechanism and
replace it with a structure and associated callback type

*) Initial support for different CRL issuing certificates.

*) Removed effectively defunct crypto/store from the build.

*) Revamp of STACK to provide stronger type-checking.

*) Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer

RAM on SSL connections.

*) Revamp of LHASH to provide stronger type-checking.

*) Initial support for Cryptographic Message Syntax (aka CMS) based
on RFC3850, RFC3851 and RFC3852.

*) Add options to enc utility to support use of zlib compression BIO.

Några av dessa förändringar är sponsrade av Google. För att se samtliga ändringar:

http://www.openssl.org/source/exp/CHANGES