Browse Source

Update release note credits

Tesfa Mael 3 years ago
parent
commit
f1b4c52c78
1 changed files with 68 additions and 67 deletions
  1. 68 67
      ChangeLog.md

+ 68 - 67
ChangeLog.md

@@ -106,7 +106,8 @@ in a specific use case, 1 fix for DTLS.
   wolfSSL, and are doing private key operations on the system (such as signing
   with a private key) are recommended to regenerate private keys and update to
   the most recent version of wolfSSL. CVE-2020-15309 is reserved for this
-  issue. Thanks to Ida Bruhns from Universität zu Lübeck for the report.
+  issue. Thanks to Ida Bruhns from Universität zu Lübeck and Samira Briongos
+  from NEC Laboratories Europe for the report.
 * When using SGX with EC scalar multiplication the possibility of side-channel
   attacks are present. To mitigate the risk of side channel attacks wolfSSL’s
   single precision EC operations should be used instead. Release 4.5.0 turns
@@ -335,13 +336,13 @@ Release 4.3.0 of wolfSSL embedded TLS has bug fixes and new features including:
 * Update to allow compiling for pwdbased/PBKDF2 with having NO_ASN defined
 * Modify KeyShare and PreSharedKey TLS 1.3 extension linked list advancement to be easier for compilers to handle
 * Optimization to parsing certificate extension name strings
-* Adjustment to example server -x runtime behavior when encountering an unrecoverable error case 
+* Adjustment to example server -x runtime behavior when encountering an unrecoverable error case
 * Remove Blake2b support from HMAC
 * Adds new hash wrapper init wc_HashInit_ex and Adds new PBKDF2 API wc_PBKDF2_ex for using heap hints for custom memory pools
 * Adding script to cleanup generated test files,  scripts/cleanup_testfiles.sh
 * Support 20-byte serial numbers and disallow 0
 * sp_div improved to handle when a has less digits than d (--enable-sp-math build)
-* When decoding a policy OID and turning it into a human readable string use snprintf() 
+* When decoding a policy OID and turning it into a human readable string use snprintf()
 * set the IV length of EVP AES GCM to 96-bits by default
 * Allow adding CAs for root CA's over the wire that do not have the extended key usage cert_sign set
 * Added logging messages for SendAlert call and update to send alert after verify certificate callback
@@ -405,13 +406,13 @@ Release 4.2.0 of wolfSSL embedded TLS has bug fixes and new features including:
 * Addition to configure.ac for FIPS wolfRand builds
 * Adding the flag WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY for ignoring certificate date checks with the functions wolfSSL_CTX_load_verify_buffer_ex and wolfSSL_CTX_load_verify_locations_ex
 * Support for PKCS8 keys added to the function wolfSSL_CTX_use_PrivateKey_buffer
-* Support for KECCAK hashing. Build with macro WOLFSSL_HASH_FLAGS and call wc_Sha3_SetFlags(&sha, WC_HASH_SHA3_KECCAK256) before the first SHA3 update 
+* Support for KECCAK hashing. Build with macro WOLFSSL_HASH_FLAGS and call wc_Sha3_SetFlags(&sha, WC_HASH_SHA3_KECCAK256) before the first SHA3 update
 * Addition of setting secure renegotiation at CTX level
 * Addition of KDS (NXP Kinetis Design Studio) example project to directory IDE/KDS/
 * Support for Encrypt-Then-MAC to TLS 1.2 and below
-* Added a new build option for a TITAN session cache that can hold just over 2 million session entries (--enable-titancache)  
+* Added a new build option for a TITAN session cache that can hold just over 2 million session entries (--enable-titancache)
 * Synchronous Quick Assist Support for Sniffer
-* Added Support for SiFive HiFive Unleashed board 
+* Added Support for SiFive HiFive Unleashed board
 * Support for Google WebRTC added in to compatibility layer build
 * Additional Sniffer features; IPv6 sniffer support, Fragment chain input, Data store callback, Various statistics tweaks and other Sniffer fixes
 
@@ -446,7 +447,7 @@ Release 4.2.0 of wolfSSL embedded TLS has bug fixes and new features including:
 * Optimization to SP math, changing variables to const where possible. Thanks to Yair Poleg (yair.poleg@ayyeka.com) of Ayyeka for proposing static declaration of global constant variables in SP code
 * Additional fuzz testing and fixes for TLS 1.3 use, including additional TLS 1.3 alert messages (PR#2440 for more information)
 * Additional sanity check that ciphersuite from client hello is used in server hello response (check can be removed with the macro WOLFSSL_NO_STRICT_CIPHER_SUITE)
-* Improved MMCAU performance: SHA-1 by 35%, SHA-256 by 20% and MD5 by 78% 
+* Improved MMCAU performance: SHA-1 by 35%, SHA-256 by 20% and MD5 by 78%
 * By default, disallow SHA-2 cipher suites from being used in TLS 1.0 and 1.1 handshakes (can be ignored with macro WOLFSSL_OLDTLS_SHA2_CIPHERSUITES)
 * Optimization of export session buffer size with enable option --enable-sessionexport=nopeer
 * Spelling fixes in comments and some cast warnings resolved
@@ -986,7 +987,7 @@ This release includes many performance improvements with Intel ASM (AVX/AVX2) an
 * Fixes to allow custom serial number during certificate generation
 * Add method to get WOLFSSL_CTX certificate manager
 * Improvement to `wolfSSL_SetOCSP_Cb` to allow context per WOLFSSL object
-* Alternate certificate chain support `WOLFSSL_ALT_CERT_CHAINS`. Enables checking cert against multiple CA's. 
+* Alternate certificate chain support `WOLFSSL_ALT_CERT_CHAINS`. Enables checking cert against multiple CA's.
 * Added new `--disable-oldnames` option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA).
 * Refactor SSL_ and hashing types to use wolf specific prefix (WOLFSSL and WC_) to allow openssl coexistence.
 * Fixes for HAVE_INTEL_MULX
@@ -1106,7 +1107,7 @@ More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
 - Added support for HAproxy load balancer
 - Added option to allow SHA1 with TLS 1.2 for IIS compatibility (WOLFSSL_ALLOW_TLS_SHA1)
 - Added Curve25519 51-bit Implementation, increasing performance on systems that have 128 bit types
-- Fix to not send session ID on server side if session cache is off unless we're echoing 
+- Fix to not send session ID on server side if session cache is off unless we're echoing
 session ID as part of session tickets
 - Fixes for ensuring all default ciphers are setup correctly (see PR #830)
 - Added NXP Hexiwear example in `IDE/HEXIWEAR`.
@@ -1114,7 +1115,7 @@ session ID as part of session tickets
 - Fixes for TLS elliptic curve selection on private key import.
 - Fixes for RNG with Intel rdrand and rdseed speedups.
 - Improved performance with Intel rdrand to use full 64-bit output
-- Added new --enable-intelrand option to indicate use of RDRAND preference for RNG source 
+- Added new --enable-intelrand option to indicate use of RDRAND preference for RNG source
 - Removed RNG ARC4 support
 - Added ECC helpers to get size and id from curve name.
 - Added ECC Cofactor DH (ECC-CDH) support
@@ -1737,7 +1738,7 @@ and comments about the new features please check the manual.
   handling and reduce memory fragmentation on I/O large sizes
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -1748,7 +1749,7 @@ and comments about the new features please check the manual.
 - Freescale Kinetis mmCAU support
 - TLS Hello extensions
   - ECC
-  - Secure Renegotiation (null) 
+  - Secure Renegotiation (null)
   - Truncated HMAC
 - SCEP support
   - PKCS #7 Enveloped data and signed data
@@ -1795,7 +1796,7 @@ http://cache.freescale.com/files/32bit/doc/user_guide/CAUAPIUG.pdf
 
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -1821,7 +1822,7 @@ and comments about the new features please check the manual.
 
 When compiling with Mingw, libtool may give the following warning due to
 path conversion errors:
- 
+
 ```
 libtool: link: Could not determine host file name corresponding to **
 libtool: link: Continuing, but uninstalled executables may not work.
@@ -1831,7 +1832,7 @@ If so, examples and testsuite will have problems when run, showing an
 error while loading shared libraries. To resolve, please run "make install".
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -1853,7 +1854,7 @@ and comments about the new features please check the manual.
       13 bytes DTLS headers, but every effort is now made to align with the
       CYASSL_GENERAL_ALIGNMENT flag which sets desired alignment requirement
 - NO_64BIT flag to turn off 64bit data type accumulators in public key code
-    * Note, some systems are faster with 32bit accumulators 
+    * Note, some systems are faster with 32bit accumulators
 - --enable-stacksize for example client/server stack use
     * Note, modern desktop Operating Systems may add bytes to each stack frame
 - Updated compression/decompression with direct crypto access
@@ -1874,19 +1875,19 @@ and comments about the new features please check the manual.
     * dh
     * dsa
     * md5
-    * sha 
+    * sha
     * arc4
     * null    (allow NULL ciphers)
     * oldtls  (only use TLS 1.2)
     * asn     (no certs or public keys allowed)
-- ./configure generates cyassl/options.h which allows a header the user can 
+- ./configure generates cyassl/options.h which allows a header the user can
   include in their app to make sure the same options are set at the app and
   CyaSSL level.
 - autoconf no longer needs serial-tests which lowers version requirements of
   automake to 1.11 and autoconf to 2.63
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -1904,7 +1905,7 @@ and comments about the new features please check the manual.
 - Camellia crypto and cipher suites
 - Bumped minimum autoconf version to 2.65, automake version to 1.12
 - Addition of OCSP callbacks
-- STM32F2 support with hardware crypto and RNG 
+- STM32F2 support with hardware crypto and RNG
 - Cavium NITROX support
 
 CTaoCrypt now has support for the Microchip PIC32 and has been tested with
@@ -1917,7 +1918,7 @@ To add Cavium NITROX support do:
 ./configure --with-cavium=/home/user/cavium/software
 
 pointing to your licensed cavium/software directory.  Since Cavium doesn't
-build a library we pull in the cavium_common.o file which gives a libtool 
+build a library we pull in the cavium_common.o file which gives a libtool
 warning about the portability of this.  Also, if you're using the github source
 tree you'll need to remove the -Wredundant-decls warning from the generated
 Makefile because the cavium headers don't conform to this warning.  Currently
@@ -1930,11 +1931,11 @@ test and benchmark.  Please see the HAVE_CAVIUM define.
 CyaSSL is able to use the STM32F2 hardware-based cryptography and random number
 generator through the STM32F2 Standard Peripheral Library. For necessary
 defines, see the CYASSL_STM32F2 define in settings.h. Documentation for the
-STM32F2 Standard Peripheral Library can be found in the following document: 
+STM32F2 Standard Peripheral Library can be found in the following document:
 http://www.st.com/internet/com/TECHNICAL_RESOURCES/TECHNICAL_LITERATURE/USER_MANUAL/DM00023896.pdf
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -1962,7 +1963,7 @@ K70 Sub-Family Reference Manual:
 http://cache.freescale.com/files/microcontrollers/doc/ref_manual/K70P256M150SF3RM.pdf
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -1974,7 +1975,7 @@ and comments about the new features please check the manual.
 - Updated build process
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -1993,7 +1994,7 @@ and comments about the new features please check the manual.
 - DTLS Cookie support, reliability coming soon
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -2006,13 +2007,13 @@ and comments about the new features please check the manual.
 - Add static ECDH suites
 - SHA-384 support
 - ECC client certificate support
-- Add medium session cache size (1055 sessions) 
+- Add medium session cache size (1055 sessions)
 - Updated unit tests
 - Protection against mutex reinitialization
 
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -2029,7 +2030,7 @@ and comments about the new features please check the manual.
 
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -2048,7 +2049,7 @@ and comments about the new features please check the manual.
 - Export Base64_Encode for general use
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -2065,7 +2066,7 @@ and comments about the new features please check the manual.
 - Microchip pic32 support
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 
@@ -2089,7 +2090,7 @@ changes are required.
 Special Thanks to Brian Aker for his autoconf, install, and header patches.
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 # CyaSSL Release 2.0.0rc2 (6/6/2011)
@@ -2108,21 +2109,21 @@ This is the 2nd and perhaps final release candidate for version 2.
 Please send any comments or questions to support@yassl.com.
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 # CyaSSL Release 2.0.0rc1 (5/2/2011)
 
 #### Release 2.0.0rc1 for CyaSSL has many new features including:
 - bug fixes
-- SHA-256 cipher suites 
-- Root Certificate Verification (instead of needing all certs in the chain) 
-- PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12) 
-- Serial number retrieval for x509 
-- PBKDF2 and PKCS #12 PBKDF 
-- UID parsing for x509 
-- SHA-256 certificate signatures 
-- Client and server can send chains (SSL_CTX_use_certificate_chain_file) 
+- SHA-256 cipher suites
+- Root Certificate Verification (instead of needing all certs in the chain)
+- PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12)
+- Serial number retrieval for x509
+- PBKDF2 and PKCS #12 PBKDF
+- UID parsing for x509
+- SHA-256 certificate signatures
+- Client and server can send chains (SSL_CTX_use_certificate_chain_file)
 - CA loading can now parse multiple certificates per file
 - Dynamic memory runtime hooks
 - Runtime hooks for logging
@@ -2141,7 +2142,7 @@ options that CyaSSL allows, there may be some configuration fixes needed.
 Please send any comments or questions to support@yassl.com.
 
 The CyaSSL manual is available at:
-http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
 and comments about the new features please check the manual.
 
 # CyaSSL Release 1.9.0 (3/2/2011)
@@ -2169,13 +2170,13 @@ build instructions and comments about the new features please check the manual.
 Please send any comments or questions to support@yassl.com.
 
 Happy Holidays.
- 
+
 
 # CyaSSL Release 1.6.5 (9/9/2010)
 
 Release 1.6.5 for CyaSSL adds bug fixes and x509 v3 self signed certificate
 generation.
- 
+
 For general build instructions see doc/Building_CyaSSL.pdf.
 
 To enable certificate generation support add this option to ./configure
@@ -2188,7 +2189,7 @@ in doc/CyaSSL_Extensions_Reference.pdf item 11.
 
 Release 1.6.0 for CyaSSL adds bug fixes, RIPEMD-160, SHA-512, and RSA key
 generation.
- 
+
 For general build instructions see doc/Building_CyaSSL.pdf.
 
 To add RIPEMD-160 support add this option to ./configure
@@ -2211,7 +2212,7 @@ CyaSSL.
 
 Release 1.5.6 for CyaSSL adds bug fixes, compatibility for our JSSE provider,
 and a fix for GCC builds on some systems.
- 
+
 For general build instructions see doc/Building_CyaSSL.pdf.
 
 To add AES-NI support add this option to ./configure
@@ -2221,9 +2222,9 @@ You'll need GCC 4.4.3 or later to make use of the assembly.
 
 # CyaSSL Release 1.5.4 (7/7/2010)
 
-Release 1.5.4 for CyaSSL adds bug fixes, support for AES-NI, SHA1 speed 
+Release 1.5.4 for CyaSSL adds bug fixes, support for AES-NI, SHA1 speed
 improvements from loop unrolling, and support for the Mongoose Web Server.
- 
+
 For general build instructions see doc/Building_CyaSSL.pdf.
 
 To add AES-NI support add this option to ./configure
@@ -2255,7 +2256,7 @@ please send questions or comments to support@yassl.com.
 When doing load testing with CyaSSL, on the echoserver example say, the client
 machine may run out of tcp ephemeral ports, they will end up in the TIME_WAIT
 queue, and can't be reused by default.  There are generally two ways to fix
-this. 
+this.
 
 1. Reduce the length sockets remain on the TIME_WAIT queue OR
 2. Allow items on the TIME_WAIT queue to be reused.
@@ -2313,7 +2314,7 @@ SSL_METHOD *TLSv1_2_server_method(void);
 SSL_METHOD *TLSv1_2_client_method(void);
 ```
 
-CyaSSL was tested against lighttpd 1.4.23.  To build CyaSSL for use with 
+CyaSSL was tested against lighttpd 1.4.23.  To build CyaSSL for use with
 lighttpd use the following commands from the CyaSSL install dir <CyaSSLDir>:
 
 ```
@@ -2498,7 +2499,7 @@ This gives warnings for some symbols but seems to work.
     ./configure
     make
 
-    from the ./testsuite/ directory run ./testsuite 
+    from the ./testsuite/ directory run ./testsuite
 
 #### To make a debug build:
 
@@ -2517,7 +2518,7 @@ Run the testsuite program
 
 
 
-# CyaSSL version 0.9.9 (7/25/2008) 
+# CyaSSL version 0.9.9 (7/25/2008)
 
 This release of CyaSSL adds bug fixes, Pre-Shared Keys, over-rideable memory
 handling, and optionally TomsFastMath.  Thanks to Moisés Guimarães for the
@@ -2537,7 +2538,7 @@ yet use -m64 because of GCCs inability to do 128bit division.
 See notes below (0.2.0) for complete build instructions.
 
 
-# CyaSSL version 0.9.8 (5/7/2008) 
+# CyaSSL version 0.9.8 (5/7/2008)
 
 This release of CyaSSL adds bug fixes, client side Diffie-Hellman, and better
 socket handling.
@@ -2545,7 +2546,7 @@ socket handling.
 See notes below (0.2.0) for complete build instructions.
 
 
-# CyaSSL version 0.9.6 (1/31/2008) 
+# CyaSSL version 0.9.6 (1/31/2008)
 
 This release of CyaSSL adds bug fixes, increased session management, and a fix
 for gnutls.
@@ -2553,15 +2554,15 @@ for gnutls.
 See notes below (0.2.0) for complete build instructions.
 
 
-# CyaSSL version 0.9.0 (10/15/2007) 
+# CyaSSL version 0.9.0 (10/15/2007)
 
-This release of CyaSSL adds bug fixes, MSVC 2005 support, GCC 4.2 support, 
+This release of CyaSSL adds bug fixes, MSVC 2005 support, GCC 4.2 support,
 IPV6 support and test, and new test certificates.
 
 See notes below (0.2.0) for complete build instructions.
 
 
-# CyaSSL version 0.8.0 (1/10/2007) 
+# CyaSSL version 0.8.0 (1/10/2007)
 
 This release of CyaSSL adds increased socket support, for non-blocking writes,
 connects, and interrupted system calls.
@@ -2569,7 +2570,7 @@ connects, and interrupted system calls.
 See notes below (0.2.0) for complete build instructions.
 
 
-# CyaSSL version 0.6.3 (10/30/2006) 
+# CyaSSL version 0.6.3 (10/30/2006)
 
 This release of CyaSSL adds debug logging to stderr to aid in the debugging of
 CyaSSL on systems that may not provide the best support.
@@ -2587,19 +2588,19 @@ To turn logging back off call CyaSSL_Debugging_OFF()
 See notes below (0.2.0) for complete build instructions.
 
 
-# CyaSSL version 0.6.2 (10/29/2006) 
+# CyaSSL version 0.6.2 (10/29/2006)
 
 This release of CyaSSL adds TLS 1.1.
 
 Note that CyaSSL has certificate verification on by default, unlike OpenSSL.
 To emulate OpenSSL behavior, you must call SSL_CTX_set_verify() with
-SSL_VERIFY_NONE.  In order to have full security you should never do this, 
+SSL_VERIFY_NONE.  In order to have full security you should never do this,
 provide CyaSSL with the proper certificates to eliminate impostors and call
 CyaSSL_check_domain_name() to prevent man in the middle attacks.
 
 See notes below (0.2.0) for build instructions.
 
-# CyaSSL version 0.6.0 (10/25/2006) 
+# CyaSSL version 0.6.0 (10/25/2006)
 
 This release of CyaSSL adds more SSL functions, better autoconf, nonblocking
 I/O for accept, connect, and read.  There is now an --enable-small configure
@@ -2609,7 +2610,7 @@ for the defines.  Note that TLS requires HMAC and AES requires TLS.
 See notes below (0.2.0) for build instructions.
 
 
-# CyaSSL version 0.5.5 (09/27/2006) 
+# CyaSSL version 0.5.5 (09/27/2006)
 
 This mini release of CyaSSL adds better input processing through buffered input
 and big message support.  Added SSL_pending() and some sanity checks on user
@@ -2618,23 +2619,23 @@ settings.
 See notes below (0.2.0) for build instructions.
 
 
-# CyaSSL version 0.5.0 (03/27/2006) 
+# CyaSSL version 0.5.0 (03/27/2006)
 
-This release of CyaSSL adds AES support and minor bug fixes. 
+This release of CyaSSL adds AES support and minor bug fixes.
 
 See notes below (0.2.0) for build instructions.
 
 
 # CyaSSL version 0.4.0 (03/15/2006)
 
-This release of CyaSSL adds TLSv1 client/server support and libtool. 
+This release of CyaSSL adds TLSv1 client/server support and libtool.
 
 See notes below for build instructions.
 
 
 # CyaSSL version 0.3.0 (02/26/2006)
 
-This release of CyaSSL adds SSLv3 server support and session resumption. 
+This release of CyaSSL adds SSLv3 server support and session resumption.
 
 See notes below for build instructions.
 
@@ -2660,7 +2661,7 @@ with support for SHA-1 and MD5 digests.  Ciphers include 3DES and RC4.
     ./configure
     make
 
-    from the ./testsuite/ directory run ./testsuite 
+    from the ./testsuite/ directory run ./testsuite
 
 #### to make a debug build: