]> git.ipfire.org Git - thirdparty/openssl.git/blame - CHANGES.SSLeay
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix unused variable warning of GCC
[thirdparty/openssl.git] / CHANGES.SSLeay
CommitLineData
651d0aff
RE		 1
2 SSLeay CHANGES
3 ______________
4
5Changes between 0.8.x and 0.9.0b
6
710-Apr-1998
8
9I said the next version would go out at easter, and so it shall.
10I expect a 0.9.1 will follow with portability fixes in the next few weeks.
11
12This is a quick, meet the deadline. Look to ssl-users for comments on what
13is new etc.
14
15eric (about to go bushwalking for the 4 day easter break :-)
16
1716-Mar-98
18 - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
19 - Lots and lots of changes
20
2129-Jan-98
22 - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
23 Goetz Babin-Ebell <babinebell@trustcenter.de>.
24 - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
25 TLS1_VERSION.
26
277-Jan-98
28 - Finally reworked the cipher string to ciphers again, so it
29 works correctly
30 - All the app_data stuff is now ex_data with funcion calls to access.
31 The index is supplied by a function and 'methods' can be setup
32 for the types that are called on XXX_new/XXX_free. This lets
33 applications get notified on creation and destruction. Some of
34 the RSA methods could be implemented this way and I may do so.
35 - Oh yes, SSL under perl5 is working at the basic level.
36
3715-Dec-97
38 - Warning - the gethostbyname cache is not fully thread safe,
39 but it should work well enough.
40 - Major internal reworking of the app_data stuff. More functions
41 but if you were accessing ->app_data directly, things will
42 stop working.
43 - The perlv5 stuff is working. Currently on message digests,
44 ciphers and the bignum library.
45
469-Dec-97
47 - Modified re-negotiation so that server initated re-neg
48 will cause a SSL_read() to return -1 should retry.
49 The danger otherwise was that the server and the
50 client could end up both trying to read when using non-blocking
51 sockets.
52
534-Dec-97
54 - Lots of small changes
55 - Fix for binaray mode in Windows for the FILE BIO, thanks to
56 Bob Denny <rdenny@dc3.com>
57
5817-Nov-97
59 - Quite a few internal cleanups, (removal of errno, and using macros
60 defined in e_os.h).
61 - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
62 the automactic naming out output files was being stuffed up.
63
6429-Oct-97
65 - The Cast5 cipher has been added. MD5 and SHA-1 are now in assember
66 for x86.
67
6821-Oct-97
69 - Fixed a bug in the BIO_gethostbyname() cache.
70
7115-Oct-97
72 - cbc mode for blowfish/des/3des is now in assember. Blowfish asm
73 has also been improved. At this point in time, on the pentium,
74 md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
75 des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
76 is %62 faster.
77
7812-Oct-97
79 - MEM_BUF_grow() has been fixed so that it always sets the buf->length
80 to the value we are 'growing' to. Think of MEM_BUF_grow() as the
81 way to set the length value correctly.
82
8310-Oct-97
84 - I now hash for certificate lookup on the raw DER encoded RDN (md5).
85 This breaks things again :-(. This is efficent since I cache
86 the DER encoding of the RDN.
87 - The text DN now puts in the numeric OID instead of UNKNOWN.
88 - req can now process arbitary OIDs in the config file.
89 - I've been implementing md5 in x86 asm, much faster :-).
90 - Started sha1 in x86 asm, needs more work.
91 - Quite a few speedups in the BN stuff. RSA public operation
92 has been made faster by caching the BN_MONT_CTX structure.
93 The calulating of the Ai where A*Ai === 1 mod m was rather
94 expensive. Basically a 40-50% speedup on public operations.
95 The RSA speedup is now 15% on pentiums and %20 on pentium
96 pro.
97
9830-Sep-97
99 - After doing some profiling, I added x86 adm for bn_add_words(),
100 which just adds 2 arrays of longs together. A %10 speedup
101 for 512 and 1024 bit RSA on the pentium pro.
102
10329-Sep-97
104 - Converted the x86 bignum assembler to us the perl scripts
105 for generation.
106
10723-Sep-97
108 - If SSL_set_session() is passed a NULL session, it now clears the
109 current session-id.
110
11122-Sep-97
112 - Added a '-ss_cert file' to apps/ca.c. This will sign selfsigned
113 certificates.
114 - Bug in crypto/evp/encode.c where by decoding of 65 base64
115 encoded lines, one line at a time (via a memory BIO) would report
116 EOF after the first line was decoded.
117 - Fix in X509_find_by_issuer_and_serial() from
118 Dr Stephen Henson <shenson@bigfoot.com>
119
12019-Sep-97
121 - NO_FP_API and NO_STDIO added.
122 - Put in sh config command. It auto runs Configure with the correct
123 parameters.
124
12518-Sep-97
126 - Fix x509.c so if a DSA cert has different parameters to its parent,
127 they are left in place. Not tested yet.
128
12916-Sep-97
130 - ssl_create_cipher_list() had some bugs, fixes from
131 Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
132 - Fixed a bug in the Base64 BIO, where it would return 1 instead
133 of -1 when end of input was encountered but should retry.
134 Basically a Base64/Memory BIO interaction problem.
135 - Added a HMAC set of functions in preporarion for TLS work.
136
13715-Sep-97
138 - Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
139 - Prime generation spead up %25 (512 bit prime, pentium pro linux)
140 by using montgomery multiplication in the prime number test.
141
14211-Sep-97
143 - Ugly bug in ssl3_write_bytes(). Basically if application land
144 does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
145 did not check the size and tried to copy the entire buffer.
146 This would tend to cause memory overwrites since SSLv3 has
147 a maximum packet size of 16k. If your program uses
148 buffers <= 16k, you would probably never see this problem.
149 - Fixed a new errors that were cause by malloc() not returning
150 0 initialised memory..
151 - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
152 SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
153 since this flags stops SSLeay being able to handle client
154 cert requests correctly.
155
15608-Sep-97
157 - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added. When switched
158 on, the SSL server routines will not use a SSL_SESSION that is
159 held in it's cache. This in intended to be used with the session-id
160 callbacks so that while the session-ids are still stored in the
161 cache, the decision to use them and how to look them up can be
162 done by the callbacks. The are the 'new', 'get' and 'remove'
163 callbacks. This can be used to determine the session-id
164 to use depending on information like which port/host the connection
165 is coming from. Since the are also SSL_SESSION_set_app_data() and
166 SSL_SESSION_get_app_data() functions, the application can hold
167 information against the session-id as well.
168
16903-Sep-97
170 - Added lookup of CRLs to the by_dir method,
171 X509_load_crl_file() also added. Basically it means you can
172 lookup CRLs via the same system used to lookup certificates.
173 - Changed things so that the X509_NAME structure can contain
174 ASN.1 BIT_STRINGS which is required for the unique
175 identifier OID.
176 - Fixed some problems with the auto flushing of the session-id
177 cache. It was not occuring on the server side.
178
17902-Sep-97
180 - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
181 which is the maximum number of entries allowed in the
182 session-id cache. This is enforced with a simple FIFO list.
183 The default size is 20*1024 entries which is rather large :-).
184 The Timeout code is still always operating.
185
18601-Sep-97
187 - Added an argument to all the 'generate private key/prime`
188 callbacks. It is the last parameter so this should not
189 break existing code but it is needed for C++.
190 - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
191 BIO. This lets the BIO read and write base64 encoded data
192 without inserting or looking for '\n' characters. The '-A'
193 flag turns this on when using apps/enc.c.
194 - RSA_NO_PADDING added to help BSAFE functionality. This is a
195 very dangerous thing to use, since RSA private key
196 operations without random padding bytes (as PKCS#1 adds) can
197 be attacked such that the private key can be revealed.
198 - ASN.1 bug and rc2-40-cbc and rc4-40 added by
199 Dr Stephen Henson <shenson@bigfoot.com>
200
20131-Aug-97 (stuff added while I was away)
202 - Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
203 - RSA_flags() added allowing bypass of pub/priv match check
204 in ssl/ssl_rsa.c - Tim Hudson.
205 - A few minor bugs.
206
207SSLeay 0.8.1 released.
208
20919-Jul-97
210 - Server side initated dynamic renegotiation is broken. I will fix
211 it when I get back from holidays.
212
21315-Jul-97
214 - Quite a few small changes.
215 - INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
216
21709-Jul-97
218 - Added 2 new values to the SSL info callback.
219 SSL_CB_START which is passed when the SSL protocol is started
220 and SSL_CB_DONE when it has finished sucsessfully.
221
22208-Jul-97
223 - Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
224 that related to DSA public/private keys.
225 - Added all the relevent PEM and normal IO functions to support
226 reading and writing RSAPublic keys.
227 - Changed makefiles to use ${AR} instead of 'ar r'
228
22907-Jul-97
230 - Error in ERR_remove_state() that would leave a dangling reference
231 to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
232 - s_client now prints the X509_NAMEs passed from the server
233 when requesting a client cert.
234 - Added a ssl->type, which is one of SSL_ST_CONNECT or
235 SSL_ST_ACCEPT. I had to add it so I could tell if I was
236 a connect or an accept after the handshake had finished.
237 - SSL_get_client_CA_list(SSL *s) now returns the CA names
238 passed by the server if called by a client side SSL.
239
24005-Jul-97
241 - Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
242 0, not -1 :-( Fix from Tim Hudson (tjh@cryptsoft.com).
243
24404-Jul-97
245 - Fixed some things in X509_NAME_add_entry(), thanks to
246 Matthew Donald <matthew@world.net>.
247 - I had a look at the cipher section and though that it was a
248 bit confused, so I've changed it.
249 - I was not setting up the RC4-64-MD5 cipher correctly. It is
250 a MS special that appears in exported MS Money.
251 - Error in all my DH ciphers. Section 7.6.7.3 of the SSLv3
252 spec. I was missing the two byte length header for the
253 ClientDiffieHellmanPublic value. This is a packet sent from
254 the client to the server. The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
255 option will enable SSLeay server side SSLv3 accept either
256 the correct or my 080 packet format.
257 - Fixed a few typos in crypto/pem.org.
258
25902-Jul-97
260 - Alias mapping for EVP_get_(digest|cipher)byname is now
261 performed before a lookup for actual cipher. This means
262 that an alias can be used to 're-direct' a cipher or a
263 digest.
264 - ASN1_read_bio() had a bug that only showed up when using a
265 memory BIO. When EOF is reached in the memory BIO, it is
266 reported as a -1 with BIO_should_retry() set to true.
267
26801-Jul-97
269 - Fixed an error in X509_verify_cert() caused by my
270 miss-understanding how 'do { contine } while(0);' works.
271 Thanks to Emil Sit <sit@mit.edu> for educating me :-)
272
27330-Jun-97
274 - Base64 decoding error. If the last data line did not end with
275 a '=', sometimes extra data would be returned.
276 - Another 'cut and paste' bug in x509.c related to setting up the
277 STDout BIO.
278
27927-Jun-97
280 - apps/ciphers.c was not printing due to an editing error.
281 - Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
282 a library build error in util/mk1mf.pl
283
28426-Jun-97
285 - Still did not have the auto 'experimental' code removal
286 script correct.
287 - A few header tweaks for Watcom 11.0 under Win32 from
288 Rolf Lindemann <Lindemann@maz-hh.de>
289 - 0 length OCTET_STRING bug in asn1_parse
290 - A minor fix with an non-existent function in the MS .def files.
291 - A few changes to the PKCS7 stuff.
292
29325-Jun-97
294 SSLeay 0.8.0 finally it gets released.
295
29624-Jun-97
297 Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
298 use a temporary RSA key. This is experimental and needs some more work.
299 Fixed a few Win16 build problems.
300
30123-Jun-97
302 SSLv3 bug. I was not doing the 'lookup' of the CERT structure
303 correctly. I was taking the SSL->ctx->default_cert when I should
304 have been using SSL->cert. The bug was in ssl/s3_srvr.c
305
30620-Jun-97
307 X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
308 rest of the library. Even though I had the code required to do
309 it correctly, apps/req.c was doing the wrong thing. I have fixed
310 and tested everything.
311
312 Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
313
31419-Jun-97
315 Fixed a bug in the SSLv2 server side first packet handling. When
316 using the non-blocking test BIO, the ssl->s2->first_packet flag
317 was being reset when a would-block failure occurred when reading
318 the first 5 bytes of the first packet. This caused the checking
319 logic to run at the wrong time and cause an error.
320
321 Fixed a problem with specifying cipher. If RC4-MD5 were used,
322 only the SSLv3 version would be picked up. Now this will pick
323 up both SSLv2 and SSLv3 versions. This required changing the
324 SSL_CIPHER->mask values so that they only mask the ciphers,
325 digests, authentication, export type and key-exchange algorithms.
326
327 I found that when a SSLv23 session is established, a reused
328 session, of type SSLv3 was attempting to write the SSLv2
329 ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char
330 method has been modified so it will only write out cipher which
331 that method knows about.
332
333
334 Changes between 0.8.0 and 0.8.1
335
336 *) Mostly bug fixes.
337 There is an Ephemeral DH cipher problem which is fixed.
338
339 SSLeay 0.8.0
340
341This version of SSLeay has quite a lot of things different from the
342previous version.
343
344Basically check all callback parameters, I will be producing documentation
345about how to use things in th future. Currently I'm just getting 080 out
346the door. Please not that there are several ways to do everything, and
347most of the applications in the apps directory are hybrids, some using old
348methods and some using new methods.
349
350Have a look in demos/bio for some very simple programs and
351apps/s_client.c and apps/s_server.c for some more advanced versions.
352Notes are definitly needed but they are a week or so away.
353
354Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
355---
356Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
357get those people that want to move to using the new code base off to
358a quick start.
359
360Note that Eric has tidied up a lot of the areas of the API that were
361less than desirable and renamed quite a few things (as he had to break
362the API in lots of places anyrate). There are a whole pile of additional
363functions for making dealing with (and creating) certificates a lot
364cleaner.
365
36601-Jul-97
367Tim Hudson
368tjh@cryptsoft.com
369
370---8<---
371
372To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
373use something like the following (assuming you #include "crypto.h" which
374is something that you really should be doing).
375
376#if SSLEAY_VERSION_NUMBER >= 0x0800
377#define SSLEAY8
378#endif
379
380buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
381 too if you are working with BIO internal stuff (as distinct
382 from simply using the interface in an opaque manner)
383
384#include "bio.h" - required along with "buffer.h" if you write
385 your own BIO routines as the buffer and bio
386 stuff that was intermixed has been separated
387 out
388
389envelope.h -> evp.h (which should have been done ages ago)
390
391Initialisation ... don't forget these or you end up with code that
392is missing the bits required to do useful things (like ciphers):
393
394SSLeay_add_ssl_algorithms()
395(probably also want SSL_load_error_strings() too but you should have
396 already had that call in place)
397
398SSL_CTX_new() - requires an extra method parameter
399 SSL_CTX_new(SSLv23_method())
400 SSL_CTX_new(SSLv2_method())
401 SSL_CTX_new(SSLv3_method())
402
403 OR to only have the server or the client code
404 SSL_CTX_new(SSLv23_server_method())
405 SSL_CTX_new(SSLv2_server_method())
406 SSL_CTX_new(SSLv3_server_method())
407 or
408 SSL_CTX_new(SSLv23_client_method())
409 SSL_CTX_new(SSLv2_client_method())
410 SSL_CTX_new(SSLv3_client_method())
411
412SSL_set_default_verify_paths() ... renamed to the more appropriate
413SSL_CTX_set_default_verify_paths()
414
415If you want to use client certificates then you have to add in a bit
416of extra stuff in that a SSLv3 server sends a list of those CAs that
417it will accept certificates from ... so you have to provide a list to
418SSLeay otherwise certain browsers will not send client certs.
419
420SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
421
422
423X509_NAME_oneline(X) -> X509_NAME_oneline(X,NULL,0)
424 or provide a buffer and size to copy the
425 result into
426
427X509_add_cert -> X509_STORE_add_cert (and you might want to read the
428 notes on X509_NAME structure changes too)
429
430
431VERIFICATION CODE
432=================
433
434The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
435more accurately reflect things.
436
437The verification callback args are now packaged differently so that
438extra fields for verification can be added easily in future without
439having to break things by adding extra parameters each release :-)
440
441X509_cert_verify_error_string -> X509_verify_cert_error_string
442
443
444BIO INTERNALS
445=============
446
447Eric has fixed things so that extra flags can be introduced in
448the BIO layer in future without having to play with all the BIO
449modules by adding in some macros.
450
451The ugly stuff using
452 b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
453becomes
454 BIO_clear_retry_flags(b)
455
456 b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
457becomes
458 BIO_set_retry_read(b)
459
460Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
461
462
463
464OTHER THINGS
465============
466
467X509_NAME has been altered so that it isn't just a STACK ... the STACK
468is now in the "entries" field ... and there are a pile of nice functions
469for getting at the details in a much cleaner manner.
470
471SSL_CTX has been altered ... "cert" is no longer a direct member of this
472structure ... things are now down under "cert_store" (see x509_vfy.h) and
473things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
474If your code "knows" about this level of detail then it will need some
475surgery.
476
477If you depending on the incorrect spelling of a number of the error codes
478then you will have to change your code as these have been fixed.
479
480ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
481has been all along so this makes things clearer.
482ify_cert_error_string(ctx->error));
483
484SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
485 and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
486
487
488
489 Changes between 0.7.x and 0.8.0
490
491 *) There have been lots of changes, mostly the addition of SSLv3.
492 There have been many additions from people and amongst
493 others, C2Net has assisted greatly.
494
495 Changes between 0.7.x and 0.7.x
496
497 *) Internal development version only
498
499SSLeay 0.6.6 13-Jan-1997
500
501The main additions are
502
503- assember for x86 DES improvments.
504 From 191,000 per second on a pentium 100, I now get 281,000. The inner
505 loop and the IP/FP modifications are from
506 Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. Many thanks for his
507 contribution.
508- The 'DES macros' introduced in 0.6.5 now have 3 types.
509 DES_PTR1, DES_PTR2 and 'normal'. As per before, des_opts reports which
510 is best and there is a summery of mine in crypto/des/options.txt
511- A few bug fixes.
512- Added blowfish. It is not used by SSL but all the other stuff that
513 deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
514 There are 3 options for optimising Blowfish. BF_PTR, BF_PTR2 and 'normal'.
515 BF_PTR2 is pentium/x86 specific. The correct option is setup in
516 the 'Configure' script.
517- There is now a 'get client certificate' callback which can be
518 'non-blocking'. If more details are required, let me know. It will
519 documented more in SSLv3 when I finish it.
520- Bug fixes from 0.6.5 including the infamous 'ca' bug. The 'make test'
521 now tests the ca program.
522- Lots of little things modified and tweaked.
523
524 SSLeay 0.6.5
d02b48c6
RE		 525
526After quite some time (3 months), the new release. I have been very busy
527for the last few months and so this is mostly bug fixes and improvments.
528
529The main additions are
530
531- assember for x86 DES. For all those gcc based systems, this is a big
532 improvement. From 117,000 DES operation a second on a pentium 100,
533 I now get 191,000. I have also reworked the C version so it
534 now gives 148,000 DESs per second.
535- As mentioned above, the inner DES macros now have some more variant that
536 sometimes help, sometimes hinder performance. There are now 3 options
537 DES_PTR (ptr vs array lookup), DES_UNROLL (full vs partial loop unrolling)
538 and DES_RISC (a more register intensive version of the inner macro).
539 The crypto/des/des_opts.c program, when compiled and run, will give
540 an indication of the correct options to use.
541- The BIO stuff has been improved. Read doc/bio.doc. There are now
542 modules for encryption and base64 encoding and a BIO_printf() function.
543- The CA program will accept simple one line X509v3 extensions in the
544 ssleay.cnf file. Have a look at the example. Currently this just
545 puts the text into the certificate as an OCTET_STRING so currently
546 the more advanced X509v3 data types are not handled but this is enough
547 for the netscape extensions.
548- There is the start of a nicer higher level interface to the X509
549 strucutre.
550- Quite a lot of bug fixes.
551- CRYPTO_malloc_init() (or CRYPTO_set_mem_functions()) can be used
552 to define the malloc(), free() and realloc() routines to use
553 (look in crypto/crypto.h). This is mostly needed for Windows NT/95 when
554 using DLLs and mixing CRT libraries.
555
556In general, read the 'VERSION' file for changes and be aware that some of
557the new stuff may not have been tested quite enough yet, so don't just plonk
558in SSLeay 0.6.5 when 0.6.4 used to work and expect nothing to break.
559
560SSLeay 0.6.4 30/08/96 eay
561
562I've just finished some test builds on Windows NT, Windows 3.1, Solaris 2.3,
563Solaris 2.5, Linux, IRIX, HPUX 10 and everthing seems to work :-).
564
565The main changes in this release
566
567- Thread safe. have a read of doc/threads.doc and play in the mt directory.
568 For anyone using 0.6.3 with threads, I found 2 major errors so consider
569 moving to 0.6.4. I have a test program that builds under NT and
570 solaris.
571- The get session-id callback has changed. Have a read of doc/callback.doc.
572- The X509_cert_verify callback (the SSL_verify callback) now
573 has another argument. Have a read of doc/callback.doc
574- 'ca -preserve', sign without re-ordering the DN. Not tested much.
575- VMS support.
576- Compile time memory leak detection can now be built into SSLeay.
577 Read doc/memory.doc
578- CONF routines now understand '\', '\n', '\r' etc. What this means is that
579 the SPKAC object mentioned in doc/ns-ca.doc can be on multiple lines.
580- 'ssleay ciphers' added, lists the default cipher list for SSLeay.
581- RC2 key setup is now compatable with Netscape.
582- Modifed server side of SSL implementation, big performance difference when
651d0aff 583 using session-id reuse.
d02b48c6
RE		 584
5850.6.3
586
587Bug fixes and the addition of some nice stuff to the 'ca' program.
588Have a read of doc/ns-ca.doc for how hit has been modified so
589it can be driven from a CGI script. The CGI script is not provided,
590but that is just being left as an excersize for the reader :-).
591
5920.6.2
593
594This is most bug fixes and functionality improvements.
595
596Additions are
597- More thread debugging patches, the thread stuff is still being
598 tested, but for those keep to play with stuff, have a look in
599 crypto/cryptlib.c. The application needs to define 1 (or optionaly
600 a second) callback that is used to implement locking. Compiling
601 with LOCK_DEBUG spits out lots of locking crud :-).
602 This is what I'm currently working on.
603- SSL_CTX_set_default_passwd_cb() can be used to define the callback
604 function used in the SSL*_file() functions used to load keys. I was
605 always of the opinion that people should call
606 PEM_read_RSAPrivateKey() and pass the callback they want to use, but
607 it appears they just want to use the SSL_*_file() function() :-(.
608- 'enc' now has a -kfile so a key can be read from a file. This is
609 mostly used so that the passwd does not appear when using 'ps',
610 which appears imposible to stop under solaris.
611- X509v3 certificates now work correctly. I even have more examples
612 in my tests :-). There is now a X509_EXTENSION type that is used in
613 X509v3 certificates and CRLv2.
614- Fixed that signature type error :-(
615- Fixed quite a few potential memory leaks and problems when reusing
616 X509, CRL and REQ structures.
617- EVP_set_pw_prompt() now sets the library wide default password
618 prompt.
619- The 'pkcs7' command will now, given the -print_certs flag, output in
620 pem format, all certificates and CRL contained within. This is more
621 of a pre-emtive thing for the new verisign distribution method. I
622 should also note, that this also gives and example in code, of how
623 to do this :-), or for that matter, what is involved in going the
624 other way (list of certs and crl -> pkcs7).
625- Added RSA's DESX to the DES library. It is also available via the
626 EVP_desx_cbc() method and via 'enc desx'.
627
628SSLeay 0.6.1
629
630The main functional changes since 0.6.0 are as follows
631- Bad news, the Microsoft 060 DLL's are not compatable, but the good news is
632 that from now on, I'll keep the .def numbers the same so they will be.
633- RSA private key operations are about 2 times faster that 0.6.0
634- The SSL_CTX now has more fields so default values can be put against
635 it. When an SSL structure is created, these default values are used
636 but can be overwritten. There are defaults for cipher, certificate,
637 private key, verify mode and callback. This means SSL session
638 creation can now be
639 ssl=SSL_new()
640 SSL_set_fd(ssl,sock);
641 SSL_accept(ssl)
642 ....
643 All the other uglyness with having to keep a global copy of the
644 private key and certificate/verify mode in the server is now gone.
645- ssl/ssltest.c - one process talking SSL to its self for testing.
646- Storage of Session-id's can be controled via a session_cache_mode
647 flag. There is also now an automatic default flushing of
648 old session-id's.
649- The X509_cert_verify() function now has another parameter, this
650 should not effect most people but it now means that the reason for
651 the failure to verify is now available via SSL_get_verify_result(ssl).
652 You don't have to use a global variable.
653- SSL_get_app_data() and SSL_set_app_data() can be used to keep some
654 application data against the SSL structure. It is upto the application
655 to free the data. I don't use it, but it is available.
656- SSL_CTX_set_cert_verify_callback() can be used to specify a
657 verify callback function that completly replaces my certificate
658 verification code. Xcert should be able to use this :-).
659 The callback is of the form int app_verify_callback(arg,ssl,cert).
660 This needs to be documented more.
661- I have started playing with shared library builds, have a look in
662 the shlib directory. It is very simple. If you need a numbered
663 list of functions, have a look at misc/crypto.num and misc/ssl.num.
664- There is some stuff to do locking to make the library thread safe.
665 I have only started this stuff and have not finished. If anyone is
666 keen to do so, please send me the patches when finished.
667
668So I have finally made most of the additions to the SSL interface that
669I thought were needed.
670
671There will probably be a pause before I make any non-bug/documentation
672related changes to SSLeay since I'm feeling like a bit of a break.
673
674eric - 12 Jul 1996
675I saw recently a comment by some-one that we now seem to be entering
676the age of perpetual Beta software.
677Pioneered by packages like linux but refined to an art form by
678netscape.
679
680I too wish to join this trend with the anouncement of SSLeay 0.6.0 :-).
681
682There are quite a large number of sections that are 'works in
683progress' in this package. I will also list the major changes and
684what files you should read.
685
686BIO - this is the new IO structure being used everywhere in SSLeay. I
687started out developing this because of microsoft, I wanted a mechanism
688to callback to the application for all IO, so Windows 3.1 DLL
689perversion could be hidden from me and the 15 different ways to write
690to a file under NT would also not be dictated by me at library build
691time. What the 'package' is is an API for a data structure containing
692functions. IO interfaces can be written to conform to the
693specification. This in not intended to hide the underlying data type
694from the application, but to hide it from SSLeay :-).
695I have only really finished testing the FILE * and socket/fd modules.
696There are also 'filter' BIO's. Currently I have only implemented
697message digests, and it is in use in the dgst application. This
698functionality will allow base64/encrypto/buffering modules to be
699'push' into a BIO without it affecting the semantics. I'm also
700working on an SSL BIO which will hide the SSL_accept()/SLL_connet()
701from an event loop which uses the interface.
702It is also possible to 'attach' callbacks to a BIO so they get called
703before and after each operation, alowing extensive debug output
704to be generated (try running dgst with -d).
705
706Unfortunaly in the conversion from 0.5.x to 0.6.0, quite a few
707functions that used to take FILE *, now take BIO *.
708The wrappers are easy to write
709
710function_fp(fp,x)
711FILE *fp;
651d0aff
RE		 712 {
713 BIO *b;
714 int ret;
715
716 if ((b=BIO_new(BIO_s_file())) == NULL) error.....
717 BIO_set_fp(b,fp,BIO_NOCLOSE);
718 ret=function_bio(b,x);
719 BIO_free(b);
720 return(ret);
721 }
d02b48c6
RE		 722Remember, there are no functions that take FILE * in SSLeay when
723compiled for Windows 3.1 DLL's.
724
725--
726I have added a general EVP_PKEY type that can hold a public/private
727key. This is now what is used by the EVP_ functions and is passed
728around internally. I still have not done the PKCS#8 stuff, but
729X509_PKEY is defined and waiting :-)
730
731--
732For a full function name listings, have a look at ms/crypt32.def and
733ms/ssl32.def. These are auto-generated but are complete.
734Things like ASN1_INTEGER_get() have been added and are in here if you
735look. I have renamed a few things, again, have a look through the
736function list and you will probably find what you are after. I intend
737to at least put a one line descrition for each one.....
738
739--
740Microsoft - thats what this release is about, read the MICROSOFT file.
741
742--
743Multi-threading support. I have started hunting through the code and
744flaging where things need to be done. In a state of work but high on
745the list.
746
747--
748For random numbers, edit e_os.h and set DEVRANDOM (it's near the top)
749be be you random data device, otherwise 'RFILE' in e_os.h
750will be used, in your home directory. It will be updated
751periodically. The environment variable RANDFILE will override this
752choice and read/write to that file instead. DEVRANDOM is used in
753conjunction to the RFILE/RANDFILE. If you wish to 'seed' the random
754number generator, pick on one of these files.
755
756--
757
758The list of things to read and do
759
760dgst -d
761s_client -state (this uses a callback placed in the SSL state loop and
651d0aff
RE		 762 will be used else-where to help debug/monitor what
763 is happening.)
d02b48c6
RE		 764
765doc/why.doc
766doc/bio.doc <- hmmm, needs lots of work.
767doc/bss_file.doc <- one that is working :-)
768doc/session.doc <- it has changed
769doc/speed.doc
770 also play with ssleay version -a. I have now added a SSLeay()
771 function that returns a version number, eg 0600 for this release
772 which is primarily to be used to check DLL version against the
773 application.
774util/* Quite a few will not interest people, but some may, like
775 mk1mf.pl, mkdef.pl,
776util/do_ms.sh
777
778try
779cc -Iinclude -Icrypto -c crypto/crypto.c
780cc -Iinclude -Issl -c ssl/ssl.c
781You have just built the SSLeay libraries as 2 object files :-)
782
783Have a general rummage around in the bin stall directory and look at
784what is in there, like CA.sh and c_rehash
785
786There are lots more things but it is 12:30am on a Friday night and I'm
787heading home :-).
788
789eric 22-Jun-1996
790This version has quite a few major bug fixes and improvements. It DOES NOT
791do SSLv3 yet.
792
793The main things changed
794- A Few days ago I added the s_mult application to ssleay which is
795 a demo of an SSL server running in an event loop type thing.
796 It supports non-blocking IO, I have finally gotten it right, SSL_accept()
797 can operate in non-blocking IO mode, look at the code to see how :-).
798 Have a read of doc/s_mult as well. This program leaks memory and
799 file descriptors everywhere but I have not cleaned it up yet.
800 This is a demo of how to do non-blocking IO.
801- The SSL session management has been 'worked over' and there is now
802 quite an expansive set of functions to manipulate them. Have a read of
803 doc/session.doc for some-things I quickly whipped up about how it now works.
804 This assume you know the SSLv2 protocol :-)
805- I can now read/write the netscape certificate format, use the
806 -inform/-outform 'net' options to the x509 command. I have not put support
807 for this type in the other demo programs, but it would be easy to add.
808- asn1parse and 'enc' have been modified so that when reading base64
809 encoded files (pem format), they do not require '-----BEGIN' header lines.
810 The 'enc' program had a buffering bug fixed, it can be used as a general
811 base64 -> binary -> base64 filter by doing 'enc -a -e' and 'enc -a -d'
812 respecivly. Leaving out the '-a' flag in this case makes the 'enc' command
813 into a form of 'cat'.
814- The 'x509' and 'req' programs have been fixed and modified a little so
815 that they generate self-signed certificates correctly. The test
816 script actually generates a 'CA' certificate and then 'signs' a
817 'user' certificate. Have a look at this shell script (test/sstest)
818 to see how things work, it tests most possible combinations of what can
819 be done.
820- The 'SSL_set_pref_cipher()' function has been 'fixed' and the prefered name
821 of SSL_set_cipher_list() is now the correct API (stops confusion :-).
822 If this function is used in the client, only the specified ciphers can
823 be used, with preference given to the order the ciphers were listed.
824 For the server, if this is used, only the specified ciphers will be used
825 to accept connections. If this 'option' is not used, a default set of
826 ciphers will be used. The SSL_CTX_set_cipher_list(SSL_CTX *ctx) sets this
827 list for all ciphers started against the SSL_CTX. So the order is
828 SSL cipher_list, if not present, SSL_CTX cipher list, if not
829 present, then the library default.
830 What this means is that normally ciphers like
831 NULL-MD5 will never be used. The only way this cipher can be used
832 for both ends to specify to use it.
833 To enable or disable ciphers in the library at build time, modify the
834 first field for the cipher in the ssl_ciphers array in ssl/ssl_lib.c.
835 This file also contains the 'pref_cipher' list which is the default
836 cipher preference order.
837- I'm not currently sure if the 'rsa -inform net' and the 'rsa -outform net'
838 options work. They should, and they enable loading and writing the
839 netscape rsa private key format. I will be re-working this section of
840 SSLeay for the next version. What is currently in place is a quick and
841 dirty hack.
842- I've re-written parts of the bignum library. This gives speedups
843 for all platforms. I now provide assembler for use under Windows NT.
844 I have not tested the Windows 3.1 assembler but it is quite simple code.
845 This gives RSAprivate_key operation encryption times of 0.047s (512bit key)
846 and 0.230s (1024bit key) on a pentium 100 which I consider reasonable.
847 Basically the times available under linux/solaris x86 can be achieve under
848 Windows NT. I still don't know how these times compare to RSA's BSAFE
849 library but I have been emailing with people and with their help, I should
850 be able to get my library's quite a bit faster still (more algorithm changes).
851 The object file crypto/bn/asm/x86-32.obj should be used when linking
852 under NT.
853- 'make makefile.one' in the top directory will generate a single makefile
854 called 'makefile.one' This makefile contains no perl references and
855 will build the SSLeay library into the 'tmp' and 'out' directories.
856 util/mk1mf.pl >makefile.one is how this makefile is
857 generated. The mk1mf.pl command take several option to generate the
858 makefile for use with cc, gcc, Visual C++ and Borland C++. This is
859 still under development. I have only build .lib's for NT and MSDOS
860 I will be working on this more. I still need to play with the
861 correct compiler setups for these compilers and add some more stuff but
862 basically if you just want to compile the library
863 on a 'non-unix' platform, this is a very very good file to start with :-).
864 Have a look in the 'microsoft' directory for my current makefiles.
865 I have not yet modified things to link with sockets under Windows NT.
866 You guys should be able to do this since this is actually outside of the
867 SSLeay scope :-). I will be doing it for myself soon.
868 util/mk1mf.pl takes quite a few options including no-rc, rsaref and no-sock
869 to build without RC2/RC4, to require RSAref for linking, and to
870 build with no socket code.
871
872- Oh yes, the cipher that was reported to be compatible with RSA's RC2 cipher
873 that was posted to sci.crypt has been added to the library and SSL.
874 I take the view that if RC2 is going to be included in a standard,
875 I'll include the cipher to make my package complete.
876 There are NO_RC2, NO_RC4 and NO_IDEA macros to remove these ciphers
877 at compile time. I have not tested this recently but it should all work
878 and if you are in the USA and don't want RSA threatening to sue you,
879 you could probably remove the RC4/RC2 code inside these sections.
880 I may in the future include a perl script that does this code
881 removal automatically for those in the USA :-).
882- I have removed all references to sed in the makefiles. So basically,
883 the development environment requires perl and sh. The build environment
884 does not (use the makefile.one makefile).
885 The Configure script still requires perl, this will probably stay that way
886 since I have perl for Windows NT :-).
887
888eric (03-May-1996)
889
890PS Have a look in the VERSION file for more details on the changes and
891 bug fixes.
892I have fixed a few bugs, added alpha and x86 assembler and generally cleaned
893things up. This version will be quite stable, mostly because I'm on
894holidays until 10-March-1996. For any problems in the interum, send email
895to Tim Hudson <tjh@mincom.oz.au>.
896
897SSLeay 0.5.0
898
89912-12-95
900This is going out before it should really be released.
901
902I leave for 11 weeks holidays on the 22-12-95 and so I either sit on
903this for 11 weeks or get things out. It is still going to change a
904lot in the next week so if you do grab this version, please test and
905give me feed back ASAP, inculuding questions on how to do things with
906the library. This will prompt me to write documentation so I don't
907have to answer the same question again :-).
908
909This 'pre' release version is for people who are interested in the
910library. The applications will have to be changed to use
911the new version of the SSL interface. I intend to finish more
912documentation before I leave but until then, look at the programs in
913the apps directory. As far as code goes, it is much much nicer than
914the old version.
915
916The current library works, has no memory leaks (as far as I can tell)
917and is far more bug free that 0.4.5d. There are no global variable of
918consequence (I believe) and I will produce some documentation that
919tell where to look for those people that do want to do multi-threaded
920stuff.
921
922There should be more documentation. Have a look in the
923doc directory. I'll be adding more before I leave, it is a start
924by mostly documents the crypto library. Tim Hudson will update
925the web page ASAP. The spelling and grammar are crap but
926it is better than nothing :-)
927
928Reasons to start playing with version 0.5.0
929- All the programs in the apps directory build into one ssleay binary.
930- There is a new version of the 'req' program that generates certificate
931 requests, there is even documentation for this one :-)
932- There is a demo certification authorithy program. Currently it will
933 look at the simple database and update it. It will generate CRL from
934 the data base. You need to edit the database by hand to revoke a
935 certificate, it is my aim to use perl5/Tk but I don't have time to do
936 this right now. It will generate the certificates but the management
937 scripts still need to be written. This is not a hard task.
938- Things have been cleaned up alot.
939- Have a look at the enc and dgst programs in the apps directory.
940- It supports v3 of x509 certiticates.
941
942
943Major things missing.
944- I have been working on (and thinging about) the distributed x509
945 hierachy problem. I have not had time to put my solution in place.
946 It will have to wait until I come back.
947- I have not put in CRL checking in the certificate verification but
948 it would not be hard to do. I was waiting until I could generate my
949 own CRL (which has only been in the last week) and I don't have time
950 to put it in correctly.
951- Montgomery multiplication need to be implemented. I know the
952 algorithm, just ran out of time.
953- PKCS#7. I can load and write the DER version. I need to re-work
954 things to support BER (if that means nothing, read the ASN1 spec :-).
955- Testing of the higher level digital envelope routines. I have not
956 played with the *_seal() and *_open() type functions. They are
957 written but need testing. The *_sign() and *_verify() functions are
958 rock solid.
959- PEM. Doing this and PKCS#7 have been dependant on the distributed
960 x509 heirachy problem. I started implementing my ideas, got
961 distracted writing a CA program and then ran out of time. I provide
962 the functionality of RSAref at least.
963- Re work the asm. code for the x86. I've changed by low level bignum
964 interface again, so I really need to tweak the x86 stuff. gcc is
965 good enough for the other boxes.
966
A mirror of the official openssl repository