]>
Commit | Line | Data |
---|---|---|
81a6c781 | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
a9d2bc49 | 5 | Changes between 0.9.6 and 0.9.7 [xx XXX 2001] |
a43cf9fa | 6 | |
e9ad0d2c | 7 | OpenSSL 0.9.6a/0.9.6b (bugfix releases, 5 Apr 2001 and 9 July 2001) |
e3fefbfd | 8 | and OpenSSL 0.9.7 were developed in parallel, based on OpenSSL 0.9.6. |
e9ad0d2c | 9 | |
a9d2bc49 | 10 | Change log entries are tagged as follows: |
daba492c BM |
11 | -) applies to 0.9.6a/0.9.6b/0.9.6c only |
12 | *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 | |
a9d2bc49 BM |
13 | +) applies to 0.9.7 only |
14 | ||
6b0e9fac BM |
15 | +) New function SSL_renegotiate_pending(). This returns true once |
16 | renegotiation has been requested (either SSL_renegotiate() call | |
17 | or HelloRequest/ClientHello receveived from the peer) and becomes | |
18 | false once a handshake has been completed. | |
19 | (For servers, SSL_renegotiate() followed by SSL_do_handshake() | |
20 | sends a HelloRequest, but does not ensure that a handshake takes | |
21 | place. SSL_renegotiate_pending() is useful for checking if the | |
22 | client has followed the request.) | |
23 | [Bodo Moeller] | |
24 | ||
25 | +) New SSL option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION. | |
26 | By default, clients may request session resumption even during | |
27 | renegotiation (if session ID contexts permit); with this option, | |
28 | session resumption is possible only in the first handshake. | |
29 | [Bodo Moeller] | |
30 | ||
8e2f6b79 BM |
31 | *) Fix ssl3_accept (ssl/s3_srvr.c): Do not call ssl_init_wbio_buffer() |
32 | when just sending a HelloRequest as this could interfere with | |
33 | application data writes (and is totally unnecessary). | |
34 | [Bodo Moeller; bug pointed out by Eric Rescorla <ekr@rtfm.com>] | |
35 | ||
ee60d9fb BM |
36 | *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't |
37 | reveal whether illegal block cipher padding was found or a MAC | |
38 | verification error occured. (Neither SSLerr() codes nor alerts | |
39 | are directly visible to potential attackers, but the information | |
40 | may leak via logfiles.) | |
41 | ||
42 | Similar changes are not required for the SSL 2.0 implementation | |
43 | because the number of padding bytes is sent in clear for SSL 2.0, | |
44 | and the extra bytes are just ignored. However ssl/s2_pkt.c | |
45 | failed to verify that the purported number of padding bytes is in | |
46 | the legal range. | |
47 | [Bodo Moeller] | |
48 | ||
96bd6f73 DSH |
49 | +) Add some demos for certificate and certificate request creation. |
50 | [Steve Henson] | |
51 | ||
c0f5dd07 LJ |
52 | +) Make maximum certificate chain size accepted from the peer application |
53 | settable (SSL*_get/set_max_cert_list()), as proposed by | |
54 | "Douglas E. Engert" <deengert@anl.gov>. | |
55 | [Lutz Jaenicke] | |
56 | ||
6c36f7a9 LJ |
57 | +) Add support for shared libraries for Unixware-7 and support including |
58 | shared libraries for OpenUNIX-8 (Boyd Lynn Gerber <gerberb@zenez.com>). | |
59 | [Lutz Jaenicke] | |
60 | ||
a9ed4da8 BM |
61 | *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid |
62 | 'wristwatch attack' using huge encoding parameters (cf. | |
63 | James H. Manger's CRYPTO 2001 paper). Note that the | |
64 | RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use | |
e3fefbfd | 65 | encoding parameters and hence was not vulnerable. |
a9ed4da8 BM |
66 | [Bodo Moeller] |
67 | ||
4450107a | 68 | +) Add a "destroy" handler to ENGINEs that allows structural cleanup to |
908efd3b GT |
69 | be done prior to destruction. Use this to unload error strings from |
70 | ENGINEs that load their own error strings. NB: This adds two new API | |
71 | functions to "get" and "set" this destroy handler in an ENGINE. | |
a9ed4da8 | 72 | [Geoff Thorpe] |
908efd3b | 73 | |
4450107a | 74 | +) Alter all existing ENGINE implementations (except "openssl" and |
541814c4 GT |
75 | "openbsd") to dynamically instantiate their own error strings. This |
76 | makes them more flexible to be built both as statically-linked ENGINEs | |
77 | and self-contained shared-libraries loadable via the "dynamic" ENGINE. | |
78 | Also, add stub code to each that makes building them as self-contained | |
79 | shared-libraries easier (see README.ENGINE). | |
80 | [Geoff Thorpe] | |
81 | ||
4450107a | 82 | +) Add a "dynamic" ENGINE that provides a mechanism for binding ENGINE |
541814c4 GT |
83 | implementations into applications that are completely implemented in |
84 | self-contained shared-libraries. The "dynamic" ENGINE exposes control | |
85 | commands that can be used to configure what shared-library to load and | |
86 | to control aspects of the way it is handled. Also, made an update to | |
87 | the README.ENGINE file that brings its information up-to-date and | |
88 | provides some information and instructions on the "dynamic" ENGINE | |
89 | (ie. how to use it, how to build "dynamic"-loadable ENGINEs, etc). | |
90 | [Geoff Thorpe] | |
91 | ||
d98a4b73 UM |
92 | *) BN_sqr() bug fix. |
93 |