[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.5a and 0.9.6  [xx XXX 2000]

  *) A demo state-machine implementation was sponsored by
     Nuron (http://www.nuron.com/) and is now available in
     demos/state_machine.
     [Ben Laurie]

  *) New options added to the 'dgst' utility for signature
     generation and verification.
     [Steve Henson]

  *) Unrecognized PKCS#7 content types are now handled via a
     catch all ASN1_TYPE structure. This allows unsupported
     types to be stored as a "blob" and an application can
     encode and decode it manually.
     [Steve Henson]

  *) Fix various signed/unsigned issues to make a_strex.c
     compile under VC++.
     [Oscar Jacobsson <oscar.jacobsson@celocom.com>]

  *) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct
     length if passed a buffer. ASN1_INTEGER_to_BN failed
     if passed a NULL BN and its argument was negative.
     [Steve Henson, pointed out by Sven Heiberg <sven@tartu.cyber.ee>]

  *) Modification to PKCS#7 encoding routines to output definite
     length encoding. Since currently the whole structures are in
     memory there's not real point in using indefinite length 
     constructed encoding. However if OpenSSL is compiled with
     the flag PKCS7_INDEFINITE_ENCODING the old form is used.
     [Steve Henson]

  *) Added BIO_vprintf() and BIO_vsnprintf().
     [Richard Levitte]

  *) Added more prefixes to parse for in the the strings written
     through a logging bio, to cover all the levels that are available
     through syslog.  The prefixes are now:

	PANIC, EMERG, EMR	=>	LOG_EMERG
	ALERT, ALR		=>	LOG_ALERT
	CRIT, CRI		=>	LOG_CRIT
	ERROR, ERR		=>	LOG_ERR
	WARNING, WARN, WAR	=>	LOG_WARNING
	NOTICE, NOTE, NOT	=>	LOG_NOTICE
	INFO, INF		=>	LOG_INFO
	DEBUG, DBG		=>	LOG_DEBUG

     and as before, if none of those prefixes are present at the
     beginning of the string, LOG_ERR is chosen.

     On Win32, the LOG_* levels are mapped according to this:

	LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR	=> EVENTLOG_ERROR_TYPE
	LOG_WARNING				=> EVENTLOG_WARNING_TYPE
	LOG_NOTICE, LOG_INFO, LOG_DEBUG		=> EVENTLOG_INFORMATION_TYPE

     [Richard Levitte]

  *) Made it possible to reconfigure with just the configuration
     argument "reconf" or "reconfigure".  The command line arguments
     are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
     and are retrieved from there when reconfiguring.
     [Richard Levitte]

  *) MD4 implemented.
     [Assar Westerlund <assar@sics.se>, Richard Levitte]

  *) Add the arguments -CAfile and -CApath to the pkcs12 utility.
     [Richard Levitte]

  *) The obj_dat.pl script was messing up the sorting of object
     names. The reason was that it compared the quoted version
     of strings as a result "OCSP" > "OCSP Signing" because
     " > SPACE. Changed script to store unquoted versions of
     names and add quotes on output. It was also omitting some
     names from the lookup table if they were given a default
     value (that is if SN is missing it is given the same
     value as LN and vice versa), these are now added on the
     grounds that if an object has a name we should be able to
     look it up. Finally added warning output when duplicate
     short or long names are found.
     [Steve Henson]

  *) Changes needed for Tandem NSK.
     [Scott Uroff scott@xypro.com]

  *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
     RSA_padding_check_SSLv23(), special padding was never detected
     and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
     version rollback attacks was not effective.

     In s23_clnt.c, don't use special rollback-attack detection padding
     (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
     client; similarly, in s23_srvr.c, don't do the rollback check if
     SSL 2.0 is the only protocol enabled in the server.
     [Bodo Moeller]

  *) Make it possible to get hexdumps of unprintable data with 'openssl
     asn1parse'.  By implication, the functions ASN1_parse_dump() and
     BIO_dump_indent() are added.
     [Richard Levitte]

  *) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
     these print out strings and name structures based on various
     flags including RFC2253 support and proper handling of
     multibyte characters. Added options to the 'x509' utility 
     to allow the various flags to be set.
     [Steve Henson]

  *) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
     Also change the functions X509_cmp_current_time() and
     X509_gmtime_adj() work with an ASN1_TIME structure,
     this will enable certificates using GeneralizedTime in validity
     dates to be checked.
     [Steve Henson]

  *) Make the NEG_PUBKEY_BUG code (which tolerates invalid
     negative public key encodings) on by default,
     NO_NEG_PUBKEY_BUG can be set to disable it.
     [Steve Henson]

  *) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
     content octets. An i2c_ASN1_OBJECT is unnecessary because
     the encoding can be trivially obtained from the structure.
     [Steve Henson]

  *) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
     not read locks (CRYPTO_r_[un]lock).
     [Bodo Moeller]

  *) A first attempt at creating official support for shared
     libraries through configuration.  I've kept it so the
     default is static libraries only, and the OpenSSL programs
     are always statically linked for now, but there are
     preparations for dynamic linking in place.
     This has been tested on Linux and True64.
     [Richard Levitte]

  *) Randomness polling function for Win9x, as described in:
     Peter Gutmann, Software Generation of Practically Strong
     Random Numbers.
Commit	Line	Data
	1
	2	OpenSSL CHANGES
	3	_______________
	4
	5	Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
	6
	7	*) A demo state-machine implementation was sponsored by
	8	Nuron (http://www.nuron.com/) and is now available in
	9	demos/state_machine.
	10	[Ben Laurie]
	11
	12	*) New options added to the 'dgst' utility for signature
	13	generation and verification.
	14	[Steve Henson]
	15
	16	*) Unrecognized PKCS#7 content types are now handled via a
	17	catch all ASN1_TYPE structure. This allows unsupported
	18	types to be stored as a "blob" and an application can
	19	encode and decode it manually.
	20	[Steve Henson]
	21
	22	*) Fix various signed/unsigned issues to make a_strex.c
	23	compile under VC++.
	24	[Oscar Jacobsson <oscar.jacobsson@celocom.com>]
	25
	26	*) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct
	27	length if passed a buffer. ASN1_INTEGER_to_BN failed
	28	if passed a NULL BN and its argument was negative.
	29	[Steve Henson, pointed out by Sven Heiberg <sven@tartu.cyber.ee>]
	30
	31	*) Modification to PKCS#7 encoding routines to output definite
	32	length encoding. Since currently the whole structures are in
	33	memory there's not real point in using indefinite length
	34	constructed encoding. However if OpenSSL is compiled with
	35	the flag PKCS7_INDEFINITE_ENCODING the old form is used.
	36	[Steve Henson]
	37
	38	*) Added BIO_vprintf() and BIO_vsnprintf().
	39	[Richard Levitte]
	40
	41	*) Added more prefixes to parse for in the the strings written
	42	through a logging bio, to cover all the levels that are available
	43	through syslog. The prefixes are now:
	44
	45	PANIC, EMERG, EMR => LOG_EMERG
	46	ALERT, ALR => LOG_ALERT
	47	CRIT, CRI => LOG_CRIT
	48	ERROR, ERR => LOG_ERR
	49	WARNING, WARN, WAR => LOG_WARNING
	50	NOTICE, NOTE, NOT => LOG_NOTICE
	51	INFO, INF => LOG_INFO
	52	DEBUG, DBG => LOG_DEBUG
	53
	54	and as before, if none of those prefixes are present at the
	55	beginning of the string, LOG_ERR is chosen.
	56
	57	On Win32, the LOG_* levels are mapped according to this:
	58
	59	LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR => EVENTLOG_ERROR_TYPE
	60	LOG_WARNING => EVENTLOG_WARNING_TYPE
	61	LOG_NOTICE, LOG_INFO, LOG_DEBUG => EVENTLOG_INFORMATION_TYPE
	62
	63	[Richard Levitte]
	64
	65	*) Made it possible to reconfigure with just the configuration
	66	argument "reconf" or "reconfigure". The command line arguments
	67	are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
	68	and are retrieved from there when reconfiguring.
	69	[Richard Levitte]
	70
	71	*) MD4 implemented.
	72	[Assar Westerlund <assar@sics.se>, Richard Levitte]
	73
	74	*) Add the arguments -CAfile and -CApath to the pkcs12 utility.
	75	[Richard Levitte]
	76
	77	*) The obj_dat.pl script was messing up the sorting of object
	78	names. The reason was that it compared the quoted version
	79	of strings as a result "OCSP" > "OCSP Signing" because
	80	" > SPACE. Changed script to store unquoted versions of
	81	names and add quotes on output. It was also omitting some
	82	names from the lookup table if they were given a default
	83	value (that is if SN is missing it is given the same
	84	value as LN and vice versa), these are now added on the
	85	grounds that if an object has a name we should be able to
	86	look it up. Finally added warning output when duplicate
	87	short or long names are found.
	88	[Steve Henson]
	89
	90	*) Changes needed for Tandem NSK.
	91	[Scott Uroff scott@xypro.com]
	92
	93	*) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
	94	RSA_padding_check_SSLv23(), special padding was never detected
	95	and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
	96	version rollback attacks was not effective.
	97
	98	In s23_clnt.c, don't use special rollback-attack detection padding
	99	(RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
	100	client; similarly, in s23_srvr.c, don't do the rollback check if
	101	SSL 2.0 is the only protocol enabled in the server.
	102	[Bodo Moeller]
	103
	104	*) Make it possible to get hexdumps of unprintable data with 'openssl
	105	asn1parse'. By implication, the functions ASN1_parse_dump() and
	106	BIO_dump_indent() are added.
	107	[Richard Levitte]
	108
	109	*) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
	110	these print out strings and name structures based on various
	111	flags including RFC2253 support and proper handling of
	112	multibyte characters. Added options to the 'x509' utility
	113	to allow the various flags to be set.
	114	[Steve Henson]
	115
	116	*) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
	117	Also change the functions X509_cmp_current_time() and
	118	X509_gmtime_adj() work with an ASN1_TIME structure,
	119	this will enable certificates using GeneralizedTime in validity
	120	dates to be checked.
	121	[Steve Henson]
	122
	123	*) Make the NEG_PUBKEY_BUG code (which tolerates invalid
	124	negative public key encodings) on by default,
	125	NO_NEG_PUBKEY_BUG can be set to disable it.
	126	[Steve Henson]
	127
	128	*) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
	129	content octets. An i2c_ASN1_OBJECT is unnecessary because
	130	the encoding can be trivially obtained from the structure.
	131	[Steve Henson]
	132
	133	*) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
	134	not read locks (CRYPTO_r_[un]lock).
	135	[Bodo Moeller]
	136
	137	*) A first attempt at creating official support for shared
	138	libraries through configuration. I've kept it so the
	139	default is static libraries only, and the OpenSSL programs
	140	are always statically linked for now, but there are
	141	preparations for dynamic linking in place.
	142	This has been tested on Linux and True64.
	143	[Richard Levitte]
	144
	145	*) Randomness polling function for Win9x, as described in:
	146	Peter Gutmann, Software Generation of Practically Strong
	147	Random Numbers.
	148