The recent CHANGES note between 0.9.6g and 0.9.6h needs copying into the

 Changes between 0.9.6g and 0.9.6h  [xx XXX xxxx]

 Changes between 0.9.6g and 0.9.6h  [xx XXX xxxx]

  *) Add a SSL_SESS_CACHE_NO_INTERNAL_STORE flag to take over half

     the job SSL_SESS_CACHE_NO_INTERNAL_LOOKUP was inconsistently

     doing, define a new flag (SSL_SESS_CACHE_NO_INTERNAL) to be

     the bitwise-OR of the two for use by the majority of applications

     wanting this behaviour, and update the docs. The documented

     behaviour and actual behaviour were inconsistent and had been

     changing anyway, so this is more a bug-fix than a behavioural

     change.

     [Geoff Thorpe, diagnosed by Nadav Har'El]

  *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c

  *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c

     (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).

     (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).

     [Bodo Moeller]

     [Bodo Moeller]