[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.5a and 0.9.6  [xx XXX 2000]

  *) For consistency with other BIO_puts implementations, call
     buffer_write(b, ...) directly in buffer_puts instead of calling
     BIO_write(b, ...).
     [Peter.Sylvester@EdelWeb.fr]

  *) Fix BN_mul_word for the case where the word is 0. (We have to use
     BN_zero, we may not return a BIGNUM with an array consisting of
     words set to zero.)
     [Bodo Moeller]

  *) Avoid calling abort() from within the library when problems are
     detected, except if preprocessor symbols have been defined
     (such as REF_CHECK, BN_DEBUG etc.).
     [Bodo Moeller]

  *) New openssl application 'rsautl'. This utility can be
     used for low level RSA operations. DER public key
     BIO/fp routines also added.
     [Steve Henson]

  *) New Configure entry and patches for compiling on QNX 4.
     [Andreas Schneider <andreas@ds3.etech.fh-hamburg.de>]

  *) A demo state-machine implementation was sponsored by
     Nuron (http://www.nuron.com/) and is now available in
     demos/state_machine.
     [Ben Laurie]

  *) New options added to the 'dgst' utility for signature
     generation and verification.
     [Steve Henson]

  *) Unrecognized PKCS#7 content types are now handled via a
     catch all ASN1_TYPE structure. This allows unsupported
     types to be stored as a "blob" and an application can
     encode and decode it manually.
     [Steve Henson]

  *) Fix various signed/unsigned issues to make a_strex.c
     compile under VC++.
     [Oscar Jacobsson <oscar.jacobsson@celocom.com>]

  *) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct
     length if passed a buffer. ASN1_INTEGER_to_BN failed
     if passed a NULL BN and its argument was negative.
     [Steve Henson, pointed out by Sven Heiberg <sven@tartu.cyber.ee>]

  *) Modification to PKCS#7 encoding routines to output definite
     length encoding. Since currently the whole structures are in
     memory there's not real point in using indefinite length 
     constructed encoding. However if OpenSSL is compiled with
     the flag PKCS7_INDEFINITE_ENCODING the old form is used.
     [Steve Henson]

  *) Added BIO_vprintf() and BIO_vsnprintf().
     [Richard Levitte]

  *) Added more prefixes to parse for in the the strings written
     through a logging bio, to cover all the levels that are available
     through syslog.  The prefixes are now:

	PANIC, EMERG, EMR	=>	LOG_EMERG
	ALERT, ALR		=>	LOG_ALERT
	CRIT, CRI		=>	LOG_CRIT
	ERROR, ERR		=>	LOG_ERR
	WARNING, WARN, WAR	=>	LOG_WARNING
	NOTICE, NOTE, NOT	=>	LOG_NOTICE
	INFO, INF		=>	LOG_INFO
	DEBUG, DBG		=>	LOG_DEBUG

     and as before, if none of those prefixes are present at the
     beginning of the string, LOG_ERR is chosen.

     On Win32, the LOG_* levels are mapped according to this:

	LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR	=> EVENTLOG_ERROR_TYPE
	LOG_WARNING				=> EVENTLOG_WARNING_TYPE
	LOG_NOTICE, LOG_INFO, LOG_DEBUG		=> EVENTLOG_INFORMATION_TYPE

     [Richard Levitte]

  *) Made it possible to reconfigure with just the configuration
     argument "reconf" or "reconfigure".  The command line arguments
     are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
     and are retrieved from there when reconfiguring.
     [Richard Levitte]

  *) MD4 implemented.
     [Assar Westerlund <assar@sics.se>, Richard Levitte]

  *) Add the arguments -CAfile and -CApath to the pkcs12 utility.
     [Richard Levitte]

  *) The obj_dat.pl script was messing up the sorting of object
     names. The reason was that it compared the quoted version
     of strings as a result "OCSP" > "OCSP Signing" because
     " > SPACE. Changed script to store unquoted versions of
     names and add quotes on output. It was also omitting some
     names from the lookup table if they were given a default
     value (that is if SN is missing it is given the same
     value as LN and vice versa), these are now added on the
     grounds that if an object has a name we should be able to
     look it up. Finally added warning output when duplicate
     short or long names are found.
     [Steve Henson]

  *) Changes needed for Tandem NSK.
     [Scott Uroff scott@xypro.com]

  *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
     RSA_padding_check_SSLv23(), special padding was never detected
     and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
     version rollback attacks was not effective.

     In s23_clnt.c, don't use special rollback-attack detection padding
     (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
     client; similarly, in s23_srvr.c, don't do the rollback check if
     SSL 2.0 is the only protocol enabled in the server.
     [Bodo Moeller]

  *) Make it possible to get hexdumps of unprintable data with 'openssl
     asn1parse'.  By implication, the functions ASN1_parse_dump() and
     BIO_dump_indent() are added.
     [Richard Levitte]

  *) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
     these print out strings and name structures based on various
     flags including RFC2253 support and proper handling of
     multibyte characters. Added options to the 'x509' utility 
     to allow the various flags to be set.
     [Steve Henson]

  *) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
     Also change the functions X509_cmp_current_time() and
     X509_gmtime_adj() work with an ASN1_TIME structure,
     this will enable certificates using GeneralizedTime in validity
     dates to be checked.
     [Steve Henson]

  *) Make the NEG_PUBKEY_BUG code (which tolerates invalid
     negative public key encodings) on by default,
     NO_NEG_PUBKEY_BUG can be set to disable it.
     [Steve Henson]

  *) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
     content octets. An i2c_ASN1_OBJECT is unnecessary because
     the encoding can be trivially obtained from the structure.
     [Steve Henson]

  *) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
     not read locks (CRYPTO_r_[un]lock).
     [Bodo Moeller]

  *) A first attempt at creating official support for shared
     libraries through configuration.  I've kept it so the
     default is static libraries only, and the OpenSSL programs
     are always statically linked for now, but there are
     preparations for dynamic linking in place.
     This has been tested on Linux and True64.
     [Richard Levitte]

  *) Randomness polling function for Win9x, as described in:
     Peter Gutmann, Software Generation of Practically Strong
     Random Numbers.
Commit	Line	Data
651d0aff	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
c90341a1 RL	5	Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
c90341a1 RL	6
affadbef BM	7	*) For consistency with other BIO_puts implementations, call
	8	buffer_write(b, ...) directly in buffer_puts instead of calling
	9	BIO_write(b, ...).
	10	[Peter.Sylvester@EdelWeb.fr]
	11
bbb8de09 BM	12	*) Fix BN_mul_word for the case where the word is 0. (We have to use
	13	BN_zero, we may not return a BIGNUM with an array consisting of
	14	words set to zero.)
	15	[Bodo Moeller]
	16
	17	*) Avoid calling abort() from within the library when problems are
	18	detected, except if preprocessor symbols have been defined
	19	(such as REF_CHECK, BN_DEBUG etc.).
	20	[Bodo Moeller]
	21
bd08a2bd DSH	22	*) New openssl application 'rsautl'. This utility can be
	23	used for low level RSA operations. DER public key
	24	BIO/fp routines also added.
	25	[Steve Henson]
	26
a545c6f6 BM	27	*) New Configure entry and patches for compiling on QNX 4.
	28	[Andreas Schneider <andreas@ds3.etech.fh-hamburg.de>]
	29
7049ef5f BL	30	*) A demo state-machine implementation was sponsored by
	31	Nuron (http://www.nuron.com/) and is now available in
	32	demos/state_machine.
	33	[Ben Laurie]
	34
7df1c720 DSH	35	*) New options added to the 'dgst' utility for signature
	36	generation and verification.
	37	[Steve Henson]
	38
d096b524 DSH	39	*) Unrecognized PKCS#7 content types are now handled via a
	40	catch all ASN1_TYPE structure. This allows unsupported
	41	types to be stored as a "blob" and an application can
	42	encode and decode it manually.
	43	[Steve Henson]
	44
7df1c720	45	*) Fix various signed/unsigned issues to make a_strex.c
469938cb DSH	46	compile under VC++.
	47	[Oscar Jacobsson <oscar.jacobsson@celocom.com>]
	48
	49	*) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct
	50	length if passed a buffer. ASN1_INTEGER_to_BN failed
	51	if passed a NULL BN and its argument was negative.
	52	[Steve Henson, pointed out by Sven Heiberg <sven@tartu.cyber.ee>]
	53
eaa28181 DSH	54	*) Modification to PKCS#7 encoding routines to output definite
	55	length encoding. Since currently the whole structures are in
	56	memory there's not real point in using indefinite length
	57	constructed encoding. However if OpenSSL is compiled with
	58	the flag PKCS7_INDEFINITE_ENCODING the old form is used.
	59	[Steve Henson]
	60
e6629837 RL	61	*) Added BIO_vprintf() and BIO_vsnprintf().
	62	[Richard Levitte]
	63
6fd5a047 RL	64	*) Added more prefixes to parse for in the the strings written
	65	through a logging bio, to cover all the levels that are available
	66	through syslog. The prefixes are now:
	67
	68	PANIC, EMERG, EMR => LOG_EMERG
	69	ALERT, ALR => LOG_ALERT
	70	CRIT, CRI => LOG_CRIT
	71	ERROR, ERR => LOG_ERR
	72	WARNING, WARN, WAR => LOG_WARNING
	73	NOTICE, NOTE, NOT => LOG_NOTICE
	74	INFO, INF => LOG_INFO
	75	DEBUG, DBG => LOG_DEBUG
	76
	77	and as before, if none of those prefixes are present at the
	78	beginning of the string, LOG_ERR is chosen.
	79
	80	On Win32, the LOG_* levels are mapped according to this:
	81
	82	LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR => EVENTLOG_ERROR_TYPE
	83	LOG_WARNING => EVENTLOG_WARNING_TYPE
	84	LOG_NOTICE, LOG_INFO, LOG_DEBUG => EVENTLOG_INFORMATION_TYPE
	85
	86	[Richard Levitte]
	87
368f8554 RL	88	*) Made it possible to reconfigure with just the configuration
	89	argument "reconf" or "reconfigure". The command line arguments
	90	are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
	91	and are retrieved from there when reconfiguring.
	92	[Richard Levitte]
	93
3009458e	94	*) MD4 implemented.
bb531a0a	95	[Assar Westerlund <assar@sics.se>, Richard Levitte]
3009458e	96
88364bc2 RL	97	*) Add the arguments -CAfile and -CApath to the pkcs12 utility.
	98	[Richard Levitte]
	99
d4fbe318 DSH	100	*) The obj_dat.pl script was messing up the sorting of object
	101	names. The reason was that it compared the quoted version
	102	of strings as a result "OCSP" > "OCSP Signing" because
	103	" > SPACE. Changed script to store unquoted versions of
	104	names and add quotes on output. It was also omitting some
	105	names from the lookup table if they were given a default
	106	value (that is if SN is missing it is given the same
	107	value as LN and vice versa), these are now added on the
	108	grounds that if an object has a name we should be able to
	109	look it up. Finally added warning output when duplicate
	110	short or long names are found.
	111	[Steve Henson]
	112
2d978cbd	113	*) Changes needed for Tandem NSK.
d4fbe318	114	[Scott Uroff scott@xypro.com]
2d978cbd	115
aa826d88 BM	116	*) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
	117	RSA_padding_check_SSLv23(), special padding was never detected
	118	and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
	119	version rollback attacks was not effective.
	120
37569e64 BM	121	In s23_clnt.c, don't use special rollback-attack detection padding
	122	(RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
	123	client; similarly, in s23_srvr.c, don't do the rollback check if
	124	SSL 2.0 is the only protocol enabled in the server.
	125	[Bodo Moeller]
	126
ca1e465f RL	127	*) Make it possible to get hexdumps of unprintable data with 'openssl
	128	asn1parse'. By implication, the functions ASN1_parse_dump() and
	129	BIO_dump_indent() are added.
	130	[Richard Levitte]
	131
a657546f DSH	132	*) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
	133	these print out strings and name structures based on various
	134	flags including RFC2253 support and proper handling of
	135	multibyte characters. Added options to the 'x509' utility
	136	to allow the various flags to be set.
	137	[Steve Henson]
	138
284ef5f3 DSH	139	*) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
	140	Also change the functions X509_cmp_current_time() and
	141	X509_gmtime_adj() work with an ASN1_TIME structure,
	142	this will enable certificates using GeneralizedTime in validity
	143	dates to be checked.
	144	[Steve Henson]
	145
	146	*) Make the NEG_PUBKEY_BUG code (which tolerates invalid
	147	negative public key encodings) on by default,
	148	NO_NEG_PUBKEY_BUG can be set to disable it.
	149	[Steve Henson]
	150
	151	*) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
	152	content octets. An i2c_ASN1_OBJECT is unnecessary because
	153	the encoding can be trivially obtained from the structure.
	154	[Steve Henson]
	155
fa729135 BM	156	*) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
	157	not read locks (CRYPTO_r_[un]lock).
	158	[Bodo Moeller]
	159
b436a982 RL	160	*) A first attempt at creating official support for shared
	161	libraries through configuration. I've kept it so the
	162	default is static libraries only, and the OpenSSL programs
	163	are always statically linked for now, but there are
	164	preparations for dynamic linking in place.
	165	This has been tested on Linux and True64.
	166	[Richard Levitte]
	167
c0722725 UM	168	*) Randomness polling function for Win9x, as described in:
	169	Peter Gutmann, Software Generation of Practically Strong
	170	Random Numbers.
	171