]>
Commit | Line | Data |
---|---|---|
d02b48c6 RE |
1 | SSLeay 0.6.5 |
2 | ||
3 | After quite some time (3 months), the new release. I have been very busy | |
4 | for the last few months and so this is mostly bug fixes and improvments. | |
5 | ||
6 | The main additions are | |
7 | ||
8 | - assember for x86 DES. For all those gcc based systems, this is a big | |
9 | improvement. From 117,000 DES operation a second on a pentium 100, | |
10 | I now get 191,000. I have also reworked the C version so it | |
11 | now gives 148,000 DESs per second. | |
12 | - As mentioned above, the inner DES macros now have some more variant that | |
13 | sometimes help, sometimes hinder performance. There are now 3 options | |
14 | DES_PTR (ptr vs array lookup), DES_UNROLL (full vs partial loop unrolling) | |
15 | and DES_RISC (a more register intensive version of the inner macro). | |
16 | The crypto/des/des_opts.c program, when compiled and run, will give | |
17 | an indication of the correct options to use. | |
18 | - The BIO stuff has been improved. Read doc/bio.doc. There are now | |
19 | modules for encryption and base64 encoding and a BIO_printf() function. | |
20 | - The CA program will accept simple one line X509v3 extensions in the | |
21 | ssleay.cnf file. Have a look at the example. Currently this just | |
22 | puts the text into the certificate as an OCTET_STRING so currently | |
23 | the more advanced X509v3 data types are not handled but this is enough | |
24 | for the netscape extensions. | |
25 | - There is the start of a nicer higher level interface to the X509 | |
26 | strucutre. | |
27 | - Quite a lot of bug fixes. | |
28 | - CRYPTO_malloc_init() (or CRYPTO_set_mem_functions()) can be used | |
29 | to define the malloc(), free() and realloc() routines to use | |
30 | (look in crypto/crypto.h). This is mostly needed for Windows NT/95 when | |
31 | using DLLs and mixing CRT libraries. | |
32 | ||
33 | In general, read the 'VERSION' file for changes and be aware that some of | |
34 | the new stuff may not have been tested quite enough yet, so don't just plonk | |
35 | in SSLeay 0.6.5 when 0.6.4 used to work and expect nothing to break. | |
36 | ||
37 | SSLeay 0.6.4 30/08/96 eay | |
38 | ||
39 | I've just finished some test builds on Windows NT, Windows 3.1, Solaris 2.3, | |
40 | Solaris 2.5, Linux, IRIX, HPUX 10 and everthing seems to work :-). | |
41 | ||
42 | The main changes in this release | |
43 | ||
44 | - Thread safe. have a read of doc/threads.doc and play in the mt directory. | |
45 | For anyone using 0.6.3 with threads, I found 2 major errors so consider | |
46 | moving to 0.6.4. I have a test program that builds under NT and | |
47 | solaris. | |
48 | - The get session-id callback has changed. Have a read of doc/callback.doc. | |
49 | - The X509_cert_verify callback (the SSL_verify callback) now | |
50 | has another argument. Have a read of doc/callback.doc | |
51 | - 'ca -preserve', sign without re-ordering the DN. Not tested much. | |
52 | - VMS support. | |
53 | - Compile time memory leak detection can now be built into SSLeay. | |
54 | Read doc/memory.doc | |
55 | - CONF routines now understand '\', '\n', '\r' etc. What this means is that | |
56 | the SPKAC object mentioned in doc/ns-ca.doc can be on multiple lines. | |
57 | - 'ssleay ciphers' added, lists the default cipher list for SSLeay. | |
58 | - RC2 key setup is now compatable with Netscape. | |
59 | - Modifed server side of SSL implementation, big performance difference when | |
60 | using session-id reuse. | |
61 | ||
62 | 0.6.3 | |
63 | ||
64 | Bug fixes and the addition of some nice stuff to the 'ca' program. | |
65 | Have a read of doc/ns-ca.doc for how hit has been modified so | |
66 | it can be driven from a CGI script. The CGI script is not provided, | |
67 | but that is just being left as an excersize for the reader :-). | |
68 | ||
69 | 0.6.2 | |
70 | ||
71 | This is most bug fixes and functionality improvements. | |
72 | ||
73 | Additions are | |
74 | - More thread debugging patches, the thread stuff is still being | |
75 | tested, but for those keep to play with stuff, have a look in | |
76 | crypto/cryptlib.c. The application needs to define 1 (or optionaly | |
77 | a second) callback that is used to implement locking. Compiling | |
78 | with LOCK_DEBUG spits out lots of locking crud :-). | |
79 | This is what I'm currently working on. | |
80 | - SSL_CTX_set_default_passwd_cb() can be used to define the callback | |
81 | function used in the SSL*_file() functions used to load keys. I was | |
82 | always of the opinion that people should call | |
83 | PEM_read_RSAPrivateKey() and pass the callback they want to use, but | |
84 | it appears they just want to use the SSL_*_file() function() :-(. | |
85 | - 'enc' now has a -kfile so a key can be read from a file. This is | |
86 | mostly used so that the passwd does not appear when using 'ps', | |
87 | which appears imposible to stop under solaris. | |
88 | - X509v3 certificates now work correctly. I even have more examples | |
89 | in my tests :-). There is now a X509_EXTENSION type that is used in | |
90 | X509v3 certificates and CRLv2. | |
91 | - Fixed that signature type error :-( | |
92 | - Fixed quite a few potential memory leaks and problems when reusing | |
93 | X509, CRL and REQ structures. | |
94 | - EVP_set_pw_prompt() now sets the library wide default password | |
95 | prompt. | |
96 | - The 'pkcs7' command will now, given the -print_certs flag, output in | |
97 | pem format, all certificates and CRL contained within. This is more | |
98 | of a pre-emtive thing for the new verisign distribution method. I | |
99 | should also note, that this also gives and example in code, of how | |
100 | to do this :-), or for that matter, what is involved in going the | |
101 | other way (list of certs and crl -> pkcs7). | |
102 | - Added RSA's DESX to the DES library. It is also available via the | |
103 | EVP_desx_cbc() method and via 'enc desx'. | |
104 | ||
105 | SSLeay 0.6.1 | |
106 | ||
107 | The main functional changes since 0.6.0 are as follows | |
108 | - Bad news, the Microsoft 060 DLL's are not compatable, but the good news is | |
109 | that from now on, I'll keep the .def numbers the same so they will be. | |
110 | - RSA private key operations are about 2 times faster that 0.6.0 | |
111 | - The SSL_CTX now has more fields so default values can be put against | |
112 | it. When an SSL structure is created, these default values are used | |
113 | but can be overwritten. There are defaults for cipher, certificate, | |
114 | private key, verify mode and callback. This means SSL session | |
115 | creation can now be | |
116 | ssl=SSL_new() | |
117 | SSL_set_fd(ssl,sock); | |
118 | SSL_accept(ssl) | |
119 | .... | |
120 | All the other uglyness with having to keep a global copy of the | |
121 | private key and certificate/verify mode in the server is now gone. | |
122 | - ssl/ssltest.c - one process talking SSL to its self for testing. | |
123 | - Storage of Session-id's can be controled via a session_cache_mode | |
124 | flag. There is also now an automatic default flushing of | |
125 | old session-id's. | |
126 | - The X509_cert_verify() function now has another parameter, this | |
127 | should not effect most people but it now means that the reason for | |
128 | the failure to verify is now available via SSL_get_verify_result(ssl). | |
129 | You don't have to use a global variable. | |
130 | - SSL_get_app_data() and SSL_set_app_data() can be used to keep some | |
131 | application data against the SSL structure. It is upto the application | |
132 | to free the data. I don't use it, but it is available. | |
133 | - SSL_CTX_set_cert_verify_callback() can be used to specify a | |
134 | verify callback function that completly replaces my certificate | |
135 | verification code. Xcert should be able to use this :-). | |
136 | The callback is of the form int app_verify_callback(arg,ssl,cert). | |
137 | This needs to be documented more. | |
138 | - I have started playing with shared library builds, have a look in | |
139 | the shlib directory. It is very simple. If you need a numbered | |
140 | list of functions, have a look at misc/crypto.num and misc/ssl.num. | |
141 | - There is some stuff to do locking to make the library thread safe. | |
142 | I have only started this stuff and have not finished. If anyone is | |
143 | keen to do so, please send me the patches when finished. | |
144 | ||
145 | So I have finally made most of the additions to the SSL interface that | |
146 | I thought were needed. | |
147 | ||
148 | There will probably be a pause before I make any non-bug/documentation | |
149 | related changes to SSLeay since I'm feeling like a bit of a break. | |
150 | ||
151 | eric - 12 Jul 1996 | |
152 | I saw recently a comment by some-one that we now seem to be entering | |
153 | the age of perpetual Beta software. | |
154 | Pioneered by packages like linux but refined to an art form by | |
155 | netscape. | |
156 | ||
157 | I too wish to join this trend with the anouncement of SSLeay 0.6.0 :-). | |
158 | ||
159 | There are quite a large number of sections that are 'works in | |
160 | progress' in this package. I will also list the major changes and | |
161 | what files you should read. | |
162 | ||
163 | BIO - this is the new IO structure being used everywhere in SSLeay. I | |
164 | started out developing this because of microsoft, I wanted a mechanism | |
165 | to callback to the application for all IO, so Windows 3.1 DLL | |
166 | perversion could be hidden from me and the 15 different ways to write | |
167 | to a file under NT would also not be dictated by me at library build | |
168 | time. What the 'package' is is an API for a data structure containing | |
169 | functions. IO interfaces can be written to conform to the | |
170 | specification. This in not intended to hide the underlying data type | |
171 | from the application, but to hide it from SSLeay :-). | |
172 | I have only really finished testing the FILE * and socket/fd modules. | |
173 | There are also 'filter' BIO's. Currently I have only implemented | |
174 | message digests, and it is in use in the dgst application. This | |
175 | functionality will allow base64/encrypto/buffering modules to be | |
176 | 'push' into a BIO without it affecting the semantics. I'm also | |
177 | working on an SSL BIO which will hide the SSL_accept()/SLL_connet() | |
178 | from an event loop which uses the interface. | |
179 | It is also possible to 'attach' callbacks to a BIO so they get called | |
180 | before and after each operation, alowing extensive debug output | |
181 | to be generated (try running dgst with -d). | |
182 | ||
183 | Unfortunaly in the conversion from 0.5.x to 0.6.0, quite a few | |
184 | functions that used to take FILE *, now take BIO *. | |
185 | The wrappers are easy to write | |
186 | ||
187 | function_fp(fp,x) | |
188 | FILE *fp; | |
189 | { | |
190 | BIO *b; | |
191 | int ret; | |
192 | ||
193 | if ((b=BIO_new(BIO_s_file())) == NULL) error..... | |
194 | BIO_set_fp(b,fp,BIO_NOCLOSE); | |
195 | ret=function_bio(b,x); | |
196 | BIO_free(b); | |
197 | return(ret); | |
198 | } | |
199 | Remember, there are no functions that take FILE * in SSLeay when | |
200 | compiled for Windows 3.1 DLL's. | |
201 | ||
202 | -- | |
203 | I have added a general EVP_PKEY type that can hold a public/private | |
204 | key. This is now what is used by the EVP_ functions and is passed | |
205 | around internally. I still have not done the PKCS#8 stuff, but | |
206 | X509_PKEY is defined and waiting :-) | |
207 | ||
208 | -- | |
209 | For a full function name listings, have a look at ms/crypt32.def and | |
210 | ms/ssl32.def. These are auto-generated but are complete. | |
211 | Things like ASN1_INTEGER_get() have been added and are in here if you | |
212 | look. I have renamed a few things, again, have a look through the | |
213 | function list and you will probably find what you are after. I intend | |
214 | to at least put a one line descrition for each one..... | |
215 | ||
216 | -- | |
217 | Microsoft - thats what this release is about, read the MICROSOFT file. | |
218 | ||
219 | -- | |
220 | Multi-threading support. I have started hunting through the code and | |
221 | flaging where things need to be done. In a state of work but high on | |
222 | the list. | |
223 | ||
224 | -- | |
225 | For random numbers, edit e_os.h and set DEVRANDOM (it's near the top) | |
226 | be be you random data device, otherwise 'RFILE' in e_os.h | |
227 | will be used, in your home directory. It will be updated | |
228 | periodically. The environment variable RANDFILE will override this | |
229 | choice and read/write to that file instead. DEVRANDOM is used in | |
230 | conjunction to the RFILE/RANDFILE. If you wish to 'seed' the random | |
231 | number generator, pick on one of these files. | |
232 | ||
233 | -- | |
234 | ||
235 | The list of things to read and do | |
236 | ||
237 | dgst -d | |
238 | s_client -state (this uses a callback placed in the SSL state loop and | |
239 | will be used else-where to help debug/monitor what | |
240 | is happening.) | |
241 | ||
242 | doc/why.doc | |
243 | doc/bio.doc <- hmmm, needs lots of work. | |
244 | doc/bss_file.doc <- one that is working :-) | |
245 | doc/session.doc <- it has changed | |
246 | doc/speed.doc | |
247 | also play with ssleay version -a. I have now added a SSLeay() | |
248 | function that returns a version number, eg 0600 for this release | |
249 | which is primarily to be used to check DLL version against the | |
250 | application. | |
251 | util/* Quite a few will not interest people, but some may, like | |
252 | mk1mf.pl, mkdef.pl, | |
253 | util/do_ms.sh | |
254 | ||
255 | try | |
256 | cc -Iinclude -Icrypto -c crypto/crypto.c | |
257 | cc -Iinclude -Issl -c ssl/ssl.c | |
258 | You have just built the SSLeay libraries as 2 object files :-) | |
259 | ||
260 | Have a general rummage around in the bin stall directory and look at | |
261 | what is in there, like CA.sh and c_rehash | |
262 | ||
263 | There are lots more things but it is 12:30am on a Friday night and I'm | |
264 | heading home :-). | |
265 | ||
266 | eric 22-Jun-1996 | |
267 | This version has quite a few major bug fixes and improvements. It DOES NOT | |
268 | do SSLv3 yet. | |
269 | ||
270 | The main things changed | |
271 | - A Few days ago I added the s_mult application to ssleay which is | |
272 | a demo of an SSL server running in an event loop type thing. | |
273 | It supports non-blocking IO, I have finally gotten it right, SSL_accept() | |
274 | can operate in non-blocking IO mode, look at the code to see how :-). | |
275 | Have a read of doc/s_mult as well. This program leaks memory and | |
276 | file descriptors everywhere but I have not cleaned it up yet. | |
277 | This is a demo of how to do non-blocking IO. | |
278 | - The SSL session management has been 'worked over' and there is now | |
279 | quite an expansive set of functions to manipulate them. Have a read of | |
280 | doc/session.doc for some-things I quickly whipped up about how it now works. | |
281 | This assume you know the SSLv2 protocol :-) | |
282 | - I can now read/write the netscape certificate format, use the | |
283 | -inform/-outform 'net' options to the x509 command. I have not put support | |
284 | for this type in the other demo programs, but it would be easy to add. | |
285 | - asn1parse and 'enc' have been modified so that when reading base64 | |
286 | encoded files (pem format), they do not require '-----BEGIN' header lines. | |
287 | The 'enc' program had a buffering bug fixed, it can be used as a general | |
288 | base64 -> binary -> base64 filter by doing 'enc -a -e' and 'enc -a -d' | |
289 | respecivly. Leaving out the '-a' flag in this case makes the 'enc' command | |
290 | into a form of 'cat'. | |
291 | - The 'x509' and 'req' programs have been fixed and modified a little so | |
292 | that they generate self-signed certificates correctly. The test | |
293 | script actually generates a 'CA' certificate and then 'signs' a | |
294 | 'user' certificate. Have a look at this shell script (test/sstest) | |
295 | to see how things work, it tests most possible combinations of what can | |
296 | be done. | |
297 | - The 'SSL_set_pref_cipher()' function has been 'fixed' and the prefered name | |
298 | of SSL_set_cipher_list() is now the correct API (stops confusion :-). | |
299 | If this function is used in the client, only the specified ciphers can | |
300 | be used, with preference given to the order the ciphers were listed. | |
301 | For the server, if this is used, only the specified ciphers will be used | |
302 | to accept connections. If this 'option' is not used, a default set of | |
303 | ciphers will be used. The SSL_CTX_set_cipher_list(SSL_CTX *ctx) sets this | |
304 | list for all ciphers started against the SSL_CTX. So the order is | |
305 | SSL cipher_list, if not present, SSL_CTX cipher list, if not | |
306 | present, then the library default. | |
307 | What this means is that normally ciphers like | |
308 | NULL-MD5 will never be used. The only way this cipher can be used | |
309 | for both ends to specify to use it. | |
310 | To enable or disable ciphers in the library at build time, modify the | |
311 | first field for the cipher in the ssl_ciphers array in ssl/ssl_lib.c. | |
312 | This file also contains the 'pref_cipher' list which is the default | |
313 | cipher preference order. | |
314 | - I'm not currently sure if the 'rsa -inform net' and the 'rsa -outform net' | |
315 | options work. They should, and they enable loading and writing the | |
316 | netscape rsa private key format. I will be re-working this section of | |
317 | SSLeay for the next version. What is currently in place is a quick and | |
318 | dirty hack. | |
319 | - I've re-written parts of the bignum library. This gives speedups | |
320 | for all platforms. I now provide assembler for use under Windows NT. | |
321 | I have not tested the Windows 3.1 assembler but it is quite simple code. | |
322 | This gives RSAprivate_key operation encryption times of 0.047s (512bit key) | |
323 | and 0.230s (1024bit key) on a pentium 100 which I consider reasonable. | |
324 | Basically the times available under linux/solaris x86 can be achieve under | |
325 | Windows NT. I still don't know how these times compare to RSA's BSAFE | |
326 | library but I have been emailing with people and with their help, I should | |
327 | be able to get my library's quite a bit faster still (more algorithm changes). | |
328 | The object file crypto/bn/asm/x86-32.obj should be used when linking | |
329 | under NT. | |
330 | - 'make makefile.one' in the top directory will generate a single makefile | |
331 | called 'makefile.one' This makefile contains no perl references and | |
332 | will build the SSLeay library into the 'tmp' and 'out' directories. | |
333 | util/mk1mf.pl >makefile.one is how this makefile is | |
334 | generated. The mk1mf.pl command take several option to generate the | |
335 | makefile for use with cc, gcc, Visual C++ and Borland C++. This is | |
336 | still under development. I have only build .lib's for NT and MSDOS | |
337 | I will be working on this more. I still need to play with the | |
338 | correct compiler setups for these compilers and add some more stuff but | |
339 | basically if you just want to compile the library | |
340 | on a 'non-unix' platform, this is a very very good file to start with :-). | |
341 | Have a look in the 'microsoft' directory for my current makefiles. | |
342 | I have not yet modified things to link with sockets under Windows NT. | |
343 | You guys should be able to do this since this is actually outside of the | |
344 | SSLeay scope :-). I will be doing it for myself soon. | |
345 | util/mk1mf.pl takes quite a few options including no-rc, rsaref and no-sock | |
346 | to build without RC2/RC4, to require RSAref for linking, and to | |
347 | build with no socket code. | |
348 | ||
349 | - Oh yes, the cipher that was reported to be compatible with RSA's RC2 cipher | |
350 | that was posted to sci.crypt has been added to the library and SSL. | |
351 | I take the view that if RC2 is going to be included in a standard, | |
352 | I'll include the cipher to make my package complete. | |
353 | There are NO_RC2, NO_RC4 and NO_IDEA macros to remove these ciphers | |
354 | at compile time. I have not tested this recently but it should all work | |
355 | and if you are in the USA and don't want RSA threatening to sue you, | |
356 | you could probably remove the RC4/RC2 code inside these sections. | |
357 | I may in the future include a perl script that does this code | |
358 | removal automatically for those in the USA :-). | |
359 | - I have removed all references to sed in the makefiles. So basically, | |
360 | the development environment requires perl and sh. The build environment | |
361 | does not (use the makefile.one makefile). | |
362 | The Configure script still requires perl, this will probably stay that way | |
363 | since I have perl for Windows NT :-). | |
364 | ||
365 | eric (03-May-1996) | |
366 | ||
367 | PS Have a look in the VERSION file for more details on the changes and | |
368 | bug fixes. | |
369 | I have fixed a few bugs, added alpha and x86 assembler and generally cleaned | |
370 | things up. This version will be quite stable, mostly because I'm on | |
371 | holidays until 10-March-1996. For any problems in the interum, send email | |
372 | to Tim Hudson <tjh@mincom.oz.au>. | |
373 | ||
374 | SSLeay 0.5.0 | |
375 | ||
376 | 12-12-95 | |
377 | This is going out before it should really be released. | |
378 | ||
379 | I leave for 11 weeks holidays on the 22-12-95 and so I either sit on | |
380 | this for 11 weeks or get things out. It is still going to change a | |
381 | lot in the next week so if you do grab this version, please test and | |
382 | give me feed back ASAP, inculuding questions on how to do things with | |
383 | the library. This will prompt me to write documentation so I don't | |
384 | have to answer the same question again :-). | |
385 | ||
386 | This 'pre' release version is for people who are interested in the | |
387 | library. The applications will have to be changed to use | |
388 | the new version of the SSL interface. I intend to finish more | |
389 | documentation before I leave but until then, look at the programs in | |
390 | the apps directory. As far as code goes, it is much much nicer than | |
391 | the old version. | |
392 | ||
393 | The current library works, has no memory leaks (as far as I can tell) | |
394 | and is far more bug free that 0.4.5d. There are no global variable of | |
395 | consequence (I believe) and I will produce some documentation that | |
396 | tell where to look for those people that do want to do multi-threaded | |
397 | stuff. | |
398 | ||
399 | There should be more documentation. Have a look in the | |
400 | doc directory. I'll be adding more before I leave, it is a start | |
401 | by mostly documents the crypto library. Tim Hudson will update | |
402 | the web page ASAP. The spelling and grammar are crap but | |
403 | it is better than nothing :-) | |
404 | ||
405 | Reasons to start playing with version 0.5.0 | |
406 | - All the programs in the apps directory build into one ssleay binary. | |
407 | - There is a new version of the 'req' program that generates certificate | |
408 | requests, there is even documentation for this one :-) | |
409 | - There is a demo certification authorithy program. Currently it will | |
410 | look at the simple database and update it. It will generate CRL from | |
411 | the data base. You need to edit the database by hand to revoke a | |
412 | certificate, it is my aim to use perl5/Tk but I don't have time to do | |
413 | this right now. It will generate the certificates but the management | |
414 | scripts still need to be written. This is not a hard task. | |
415 | - Things have been cleaned up alot. | |
416 | - Have a look at the enc and dgst programs in the apps directory. | |
417 | - It supports v3 of x509 certiticates. | |
418 | ||
419 | ||
420 | Major things missing. | |
421 | - I have been working on (and thinging about) the distributed x509 | |
422 | hierachy problem. I have not had time to put my solution in place. | |
423 | It will have to wait until I come back. | |
424 | - I have not put in CRL checking in the certificate verification but | |
425 | it would not be hard to do. I was waiting until I could generate my | |
426 | own CRL (which has only been in the last week) and I don't have time | |
427 | to put it in correctly. | |
428 | - Montgomery multiplication need to be implemented. I know the | |
429 | algorithm, just ran out of time. | |
430 | - PKCS#7. I can load and write the DER version. I need to re-work | |
431 | things to support BER (if that means nothing, read the ASN1 spec :-). | |
432 | - Testing of the higher level digital envelope routines. I have not | |
433 | played with the *_seal() and *_open() type functions. They are | |
434 | written but need testing. The *_sign() and *_verify() functions are | |
435 | rock solid. | |
436 | - PEM. Doing this and PKCS#7 have been dependant on the distributed | |
437 | x509 heirachy problem. I started implementing my ideas, got | |
438 | distracted writing a CA program and then ran out of time. I provide | |
439 | the functionality of RSAref at least. | |
440 | - Re work the asm. code for the x86. I've changed by low level bignum | |
441 | interface again, so I really need to tweak the x86 stuff. gcc is | |
442 | good enough for the other boxes. | |
443 |