[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.5a and 0.9.6  [xx XXX 2000]

  *) Modification to PKCS#7 encoding routines to output definite
     length encoding. Since currently the whole structures are in
     memory there's not real point in using indefinite length 
     constructed encoding. However if OpenSSL is compiled with
     the flag PKCS7_INDEFINITE_ENCODING the old form is used.
     [Steve Henson]

  *) Added BIO_vprintf() and BIO_vsnprintf().
     [Richard Levitte]

  *) Added more prefixes to parse for in the the strings written
     through a logging bio, to cover all the levels that are available
     through syslog.  The prefixes are now:

	PANIC, EMERG, EMR	=>	LOG_EMERG
	ALERT, ALR		=>	LOG_ALERT
	CRIT, CRI		=>	LOG_CRIT
	ERROR, ERR		=>	LOG_ERR
	WARNING, WARN, WAR	=>	LOG_WARNING
	NOTICE, NOTE, NOT	=>	LOG_NOTICE
	INFO, INF		=>	LOG_INFO
	DEBUG, DBG		=>	LOG_DEBUG

     and as before, if none of those prefixes are present at the
     beginning of the string, LOG_ERR is chosen.

     On Win32, the LOG_* levels are mapped according to this:

	LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR	=> EVENTLOG_ERROR_TYPE
	LOG_WARNING				=> EVENTLOG_WARNING_TYPE
	LOG_NOTICE, LOG_INFO, LOG_DEBUG		=> EVENTLOG_INFORMATION_TYPE

     [Richard Levitte]

  *) Made it possible to reconfigure with just the configuration
     argument "reconf" or "reconfigure".  The command line arguments
     are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
     and are retrieved from there when reconfiguring.
     [Richard Levitte]

  *) MD4 implemented.
     [Assar Westerlund <assar@sics.se>, Richard Levitte]

  *) Add the arguments -CAfile and -CApath to the pkcs12 utility.
     [Richard Levitte]

  *) The obj_dat.pl script was messing up the sorting of object
     names. The reason was that it compared the quoted version
     of strings as a result "OCSP" > "OCSP Signing" because
     " > SPACE. Changed script to store unquoted versions of
     names and add quotes on output. It was also omitting some
     names from the lookup table if they were given a default
     value (that is if SN is missing it is given the same
     value as LN and vice versa), these are now added on the
     grounds that if an object has a name we should be able to
     look it up. Finally added warning output when duplicate
     short or long names are found.
     [Steve Henson]

  *) Changes needed for Tandem NSK.
     [Scott Uroff scott@xypro.com]

  *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
     RSA_padding_check_SSLv23(), special padding was never detected
     and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
     version rollback attacks was not effective.

     In s23_clnt.c, don't use special rollback-attack detection padding
     (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
     client; similarly, in s23_srvr.c, don't do the rollback check if
     SSL 2.0 is the only protocol enabled in the server.
     [Bodo Moeller]

  *) Make it possible to get hexdumps of unprintable data with 'openssl
     asn1parse'.  By implication, the functions ASN1_parse_dump() and
     BIO_dump_indent() are added.
     [Richard Levitte]

  *) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
     these print out strings and name structures based on various
     flags including RFC2253 support and proper handling of
     multibyte characters. Added options to the 'x509' utility 
     to allow the various flags to be set.
     [Steve Henson]

  *) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
     Also change the functions X509_cmp_current_time() and
     X509_gmtime_adj() work with an ASN1_TIME structure,
     this will enable certificates using GeneralizedTime in validity
     dates to be checked.
     [Steve Henson]

  *) Make the NEG_PUBKEY_BUG code (which tolerates invalid
     negative public key encodings) on by default,
     NO_NEG_PUBKEY_BUG can be set to disable it.
     [Steve Henson]

  *) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
     content octets. An i2c_ASN1_OBJECT is unnecessary because
     the encoding can be trivially obtained from the structure.
     [Steve Henson]

  *) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
     not read locks (CRYPTO_r_[un]lock).
     [Bodo Moeller]

  *) A first attempt at creating official support for shared
     libraries through configuration.  I've kept it so the
     default is static libraries only, and the OpenSSL programs
     are always statically linked for now, but there are
     preparations for dynamic linking in place.
     This has been tested on Linux and True64.
     [Richard Levitte]

  *) Randomness polling function for Win9x, as described in:
     Peter Gutmann, Software Generation of Practically Strong
     Random Numbers.
Commit	Line	Data
651d0aff	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
c90341a1 RL	5	Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
c90341a1 RL	6
eaa28181 DSH	7	*) Modification to PKCS#7 encoding routines to output definite
	8	length encoding. Since currently the whole structures are in
	9	memory there's not real point in using indefinite length
	10	constructed encoding. However if OpenSSL is compiled with
	11	the flag PKCS7_INDEFINITE_ENCODING the old form is used.
	12	[Steve Henson]
	13
e6629837 RL	14	*) Added BIO_vprintf() and BIO_vsnprintf().
	15	[Richard Levitte]
	16
6fd5a047 RL	17	*) Added more prefixes to parse for in the the strings written
	18	through a logging bio, to cover all the levels that are available
	19	through syslog. The prefixes are now:
	20
	21	PANIC, EMERG, EMR => LOG_EMERG
	22	ALERT, ALR => LOG_ALERT
	23	CRIT, CRI => LOG_CRIT
	24	ERROR, ERR => LOG_ERR
	25	WARNING, WARN, WAR => LOG_WARNING
	26	NOTICE, NOTE, NOT => LOG_NOTICE
	27	INFO, INF => LOG_INFO
	28	DEBUG, DBG => LOG_DEBUG
	29
	30	and as before, if none of those prefixes are present at the
	31	beginning of the string, LOG_ERR is chosen.
	32
	33	On Win32, the LOG_* levels are mapped according to this:
	34
	35	LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR => EVENTLOG_ERROR_TYPE
	36	LOG_WARNING => EVENTLOG_WARNING_TYPE
	37	LOG_NOTICE, LOG_INFO, LOG_DEBUG => EVENTLOG_INFORMATION_TYPE
	38
	39	[Richard Levitte]
	40
368f8554 RL	41	*) Made it possible to reconfigure with just the configuration
	42	argument "reconf" or "reconfigure". The command line arguments
	43	are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
	44	and are retrieved from there when reconfiguring.
	45	[Richard Levitte]
	46
3009458e	47	*) MD4 implemented.
bb531a0a	48	[Assar Westerlund <assar@sics.se>, Richard Levitte]
3009458e	49
88364bc2 RL	50	*) Add the arguments -CAfile and -CApath to the pkcs12 utility.
	51	[Richard Levitte]
	52
d4fbe318 DSH	53	*) The obj_dat.pl script was messing up the sorting of object
	54	names. The reason was that it compared the quoted version
	55	of strings as a result "OCSP" > "OCSP Signing" because
	56	" > SPACE. Changed script to store unquoted versions of
	57	names and add quotes on output. It was also omitting some
	58	names from the lookup table if they were given a default
	59	value (that is if SN is missing it is given the same
	60	value as LN and vice versa), these are now added on the
	61	grounds that if an object has a name we should be able to
	62	look it up. Finally added warning output when duplicate
	63	short or long names are found.
	64	[Steve Henson]
	65
2d978cbd	66	*) Changes needed for Tandem NSK.
d4fbe318	67	[Scott Uroff scott@xypro.com]
2d978cbd	68
aa826d88 BM	69	*) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
	70	RSA_padding_check_SSLv23(), special padding was never detected
	71	and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
	72	version rollback attacks was not effective.
	73
37569e64 BM	74	In s23_clnt.c, don't use special rollback-attack detection padding
	75	(RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
	76	client; similarly, in s23_srvr.c, don't do the rollback check if
	77	SSL 2.0 is the only protocol enabled in the server.
	78	[Bodo Moeller]
	79
ca1e465f RL	80	*) Make it possible to get hexdumps of unprintable data with 'openssl
	81	asn1parse'. By implication, the functions ASN1_parse_dump() and
	82	BIO_dump_indent() are added.
	83	[Richard Levitte]
	84
a657546f DSH	85	*) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
	86	these print out strings and name structures based on various
	87	flags including RFC2253 support and proper handling of
	88	multibyte characters. Added options to the 'x509' utility
	89	to allow the various flags to be set.
	90	[Steve Henson]
	91
284ef5f3 DSH	92	*) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
	93	Also change the functions X509_cmp_current_time() and
	94	X509_gmtime_adj() work with an ASN1_TIME structure,
	95	this will enable certificates using GeneralizedTime in validity
	96	dates to be checked.
	97	[Steve Henson]
	98
	99	*) Make the NEG_PUBKEY_BUG code (which tolerates invalid
	100	negative public key encodings) on by default,
	101	NO_NEG_PUBKEY_BUG can be set to disable it.
	102	[Steve Henson]
	103
	104	*) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
	105	content octets. An i2c_ASN1_OBJECT is unnecessary because
	106	the encoding can be trivially obtained from the structure.
	107	[Steve Henson]
	108
fa729135 BM	109	*) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
	110	not read locks (CRYPTO_r_[un]lock).
	111	[Bodo Moeller]
	112
b436a982 RL	113	*) A first attempt at creating official support for shared
	114	libraries through configuration. I've kept it so the
	115	default is static libraries only, and the OpenSSL programs
	116	are always statically linked for now, but there are
	117	preparations for dynamic linking in place.
	118	This has been tested on Linux and True64.
	119	[Richard Levitte]
	120
c0722725 UM	121	*) Randomness polling function for Win9x, as described in:
	122	Peter Gutmann, Software Generation of Practically Strong
	123	Random Numbers.
	124