]>
Commit | Line | Data |
---|---|---|
651d0aff | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
c90341a1 | 5 | Changes between 0.9.5a and 0.9.6 [xx XXX 2000] |
bbb72003 | 6 | |
54f10e6a BM |
7 | *) New SSL API mode 'SSL_MODE_AUTO_RETRY'. This disables the default |
8 | behaviour that SSL_read may result in SSL_ERROR_WANT_READ (even if | |
9 | the underlying transport is blocking) if a handshake took place. | |
10 | (The default behaviour is needed by applications such as s_client | |
11 | and s_server that use select() to determine when to use SSL_read; | |
12 | but for applications that know in advance when to expect data, it | |
13 | just makes things more complicated.) | |
14 | [Bodo Moeller] | |
15 | ||
2959f292 BL |
16 | *) Add RAND_egd_bytes(), which gives control over the number of bytes read |
17 | from EGD. | |
18 | [Ben Laurie] | |
19 | ||
97d8e82c RL |
20 | *) Add a few more EBCDIC conditionals that make `req' and `x509' |
21 | work better on such systems. | |
22 | [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>] | |
23 | ||
84b65340 DSH |
24 | *) Add two demo programs for PKCS12_parse() and PKCS12_create(). |
25 | Update PKCS12_parse() so it copies the friendlyName and the | |
26 | keyid to the certificates aux info. | |
27 | [Steve Henson] | |
28 | ||
f50c11ca DSH |
29 | *) Fix bug in PKCS7_verify() which caused an infinite loop |
30 | if there was more than one signature. | |
31 | [Sven Uszpelkat <su@celocom.de>] | |
32 | ||
948d0125 RL |
33 | *) Major change in util/mkdef.pl to include extra information |
34 | about each symbol, as well as presentig variables as well | |
35 | as functions. This change means that there's n more need | |
36 | to rebuild the .num files when some algorithms are excluded. | |
37 | [Richard Levitte] | |
38 | ||
bbb72003 DSH |
39 | *) Allow the verify time to be set by an application, |
40 | rather than always using the current time. | |
41 | [Steve Henson] | |
2f043896 | 42 | |
bbb72003 DSH |
43 | *) Phase 2 verify code reorganisation. The certificate |
44 | verify code now looks up an issuer certificate by a | |
45 | number of criteria: subject name, authority key id | |
46 | and key usage. It also verifies self signed certificates | |
47 | by the same criteria. The main comparison function is | |
48 | X509_check_issued() which performs these checks. | |
2f043896 | 49 | |
bbb72003 DSH |
50 | Lot of changes were necessary in order to support this |
51 | without completely rewriting the lookup code. | |
2f043896 | 52 | |
bbb72003 | 53 | Authority and subject key identifier are now cached. |
2f043896 | 54 | |
bbb72003 DSH |
55 | The LHASH 'certs' is X509_STORE has now been replaced |
56 | by a STACK_OF(X509_OBJECT). This is mainly because an | |
57 | LHASH can't store or retrieve multiple objects with | |
58 | the same hash value. | |
c90341a1 | 59 | |
bbb72003 DSH |
60 | As a result various functions (which were all internal |
61 | use only) have changed to handle the new X509_STORE | |
62 | structure. This will break anything that messed round | |
63 | with X509_STORE internally. | |
2f043896 | 64 | |
bbb72003 DSH |
65 | The functions X509_STORE_add_cert() now checks for an |
66 | exact match, rather than just subject name. | |
2f043896 | 67 | |
bbb72003 DSH |
68 | The X509_STORE API doesn't directly support the retrieval |
69 | of multiple certificates matching a given criteria, however | |
70 | this can be worked round by performing a lookup first | |
71 | (which will fill the cache with candidate certificates) | |
72 | and then examining the cache for matches. This is probably | |
73 | the best we can do without throwing out X509_LOOKUP | |
74 | entirely (maybe later...). | |
2f043896 | 75 | |
bbb72003 | 76 | The X509_VERIFY_CTX structure has been enhanced considerably. |
2f043896 | 77 | |
bbb72003 DSH |
78 | All certificate lookup operations now go via a get_issuer() |
79 | callback. Although this currently uses an X509_STORE it | |
80 | can be replaced by custom lookups. This is a simple way | |
81 | to bypass the X509_STORE hackery necessary to make this | |
82 | work and makes it possible to use more efficient techniques | |
83 | in future. A very simple version which uses a simple | |
84 | STACK for its trusted certificate store is also provided | |
85 | using X509_STORE_CTX_trusted_stack(). | |
2f043896 | 86 | |
bbb72003 DSH |
87 | The verify_cb() and verify() callbacks now have equivalents |
88 | in the X509_STORE_CTX structure. | |
2f043896 | 89 | |
bbb72003 DSH |
90 | X509_STORE_CTX also has a 'flags' field which can be used |
91 | to customise the verify behaviour. | |
92 | [Steve Henson] | |
2f043896 | 93 | |
34216c04 DSH |
94 | *) Add new PKCS#7 signing option PKCS7_NOSMIMECAP which |
95 | excludes S/MIME capabilities. | |
96 | [Steve Henson] | |
97 | ||
98 | *) When a certificate request is read in keep a copy of the | |
99 | original encoding of the signed data and use it when outputing | |
100 | again. Signatures then use the original encoding rather than | |
101 | a decoded, encoded version which may cause problems if the | |
102 | request is improperly encoded. | |
103 | [Steve Henson] | |
104 | ||
affadbef BM |
105 | *) For consistency with other BIO_puts implementations, call |
106 | buffer_write(b, ...) directly in buffer_puts instead of calling | |
107 | BIO_write(b, ...). | |
22c7ea40 BM |
108 | |
109 | In BIO_puts, increment b->num_write as in BIO_write. | |
affadbef BM |
110 | [Peter.Sylvester@EdelWeb.fr] |
111 | ||
bbb8de09 BM |
112 | *) Fix BN_mul_word for the case where the word is 0. (We have to use |
113 | BN_zero, we may not return a BIGNUM with an array consisting of | |
114 | words set to zero.) | |
115 | [Bodo Moeller] | |
116 | ||
117 | *) Avoid calling abort() from within the library when problems are | |
118 | detected, except if preprocessor symbols have been defined | |
119 | (such as REF_CHECK, BN_DEBUG etc.). | |
120 | [Bodo Moeller] | |
121 | ||
bd08a2bd DSH |
122 | *) New openssl application 'rsautl'. This utility can be |
123 | used for low level RSA operations. DER public key | |
124 | BIO/fp routines also added. | |
125 | [Steve Henson] | |
126 | ||
a545c6f6 BM |
127 | *) New Configure entry and patches for compiling on QNX 4. |
128 | [Andreas Schneider <andreas@ds3.etech.fh-hamburg.de>] | |
129 | ||
7049ef5f BL |
130 | *) A demo state-machine implementation was sponsored by |
131 | Nuron (http://www.nuron.com/) and is now available in | |
132 | demos/state_machine. | |
133 | [Ben Laurie] | |
134 | ||
7df1c720 DSH |
135 | *) New options added to the 'dgst' utility for signature |
136 | generation and verification. | |
137 | [Steve Henson] | |
138 | ||
d096b524 DSH |
139 | *) Unrecognized PKCS#7 content types are now handled via a |
140 | catch all ASN1_TYPE structure. This allows unsupported | |
141 | types to be stored as a "blob" and an application can | |
142 | encode and decode it manually. | |
143 | [Steve Henson] | |
144 | ||
7df1c720 | 145 | *) Fix various signed/unsigned issues to make a_strex.c |
469938cb DSH |
146 | compile under VC++. |
147 | [Oscar Jacobsson <oscar.jacobsson@celocom.com>] | |
148 | ||
149 | *) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct | |
150 | length if passed a buffer. ASN1_INTEGER_to_BN failed | |
151 | if passed a NULL BN and its argument was negative. | |
152 | [Steve Henson, pointed out by Sven Heiberg <sven@tartu.cyber.ee>] | |
153 | ||
eaa28181 DSH |
154 | *) Modification to PKCS#7 encoding routines to output definite |
155 | length encoding. Since currently the whole structures are in | |
156 | memory there's not real point in using indefinite length | |
157 | constructed encoding. However if OpenSSL is compiled with | |
158 | the flag PKCS7_INDEFINITE_ENCODING the old form is used. | |
159 | [Steve Henson] | |
160 | ||
e6629837 RL |
161 | *) Added BIO_vprintf() and BIO_vsnprintf(). |
162 | [Richard Levitte] | |
163 | ||
6fd5a047 RL |
164 | *) Added more prefixes to parse for in the the strings written |
165 | through a logging bio, to cover all the levels that are available | |
166 | through syslog. The prefixes are now: | |
167 | ||
168 | PANIC, EMERG, EMR => LOG_EMERG | |
169 | ALERT, ALR => LOG_ALERT | |
170 | CRIT, CRI => LOG_CRIT | |
171 | ERROR, ERR => LOG_ERR | |
172 | WARNING, WARN, WAR => LOG_WARNING | |
173 | NOTICE, NOTE, NOT => LOG_NOTICE | |
174 | INFO, INF => LOG_INFO | |
175 | DEBUG, DBG => LOG_DEBUG | |
176 | ||
177 | and as before, if none of those prefixes are present at the | |
178 | beginning of the string, LOG_ERR is chosen. | |
179 | ||
180 | On Win32, the LOG_* levels are mapped according to this: | |
181 | ||
182 | LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR => EVENTLOG_ERROR_TYPE | |
183 | LOG_WARNING => EVENTLOG_WARNING_TYPE | |
184 | LOG_NOTICE, LOG_INFO, LOG_DEBUG => EVENTLOG_INFORMATION_TYPE | |
185 | ||
186 | [Richard Levitte] | |
187 | ||
368f8554 RL |
188 | *) Made it possible to reconfigure with just the configuration |
189 | argument "reconf" or "reconfigure". The command line arguments | |
190 | are stored in Makefile.ssl in the variable CONFIGURE_ARGS, | |
191 | and are retrieved from there when reconfiguring. | |
192 | [Richard Levitte] | |
193 | ||
3009458e | 194 | *) MD4 implemented. |
bb531a0a | 195 | [Assar Westerlund <assar@sics.se>, Richard Levitte] |
3009458e | 196 | |
88364bc2 RL |
197 | *) Add the arguments -CAfile and -CApath to the pkcs12 utility. |
198 | [Richard Levitte] | |
199 | ||
d4fbe318 DSH |
200 | *) The obj_dat.pl script was messing up the sorting of object |
201 | names. The reason was that it compared the quoted version | |
202 | of strings as a result "OCSP" > "OCSP Signing" because | |
203 | " > SPACE. Changed script to store unquoted versions of | |
204 | names and add quotes on output. It was also omitting some | |
205 | names from the lookup table if they were given a default | |
206 | value (that is if SN is missing it is given the same | |
207 | value as LN and vice versa), these are now added on the | |
208 | grounds that if an object has a name we should be able to | |
209 | look it up. Finally added warning output when duplicate | |
210 | short or long names are found. | |
211 | [Steve Henson] | |
212 | ||
2d978cbd | 213 | *) Changes needed for Tandem NSK. |
d4fbe318 | 214 | [Scott Uroff scott@xypro.com] |
2d978cbd | 215 | |
aa826d88 BM |
216 | *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in |
217 | RSA_padding_check_SSLv23(), special padding was never detected | |
218 | and thus the SSL 3.0/TLS 1.0 countermeasure against protocol | |
219 | version rollback attacks was not effective. | |
220 | ||
37569e64 BM |
221 | In s23_clnt.c, don't use special rollback-attack detection padding |
222 | (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the | |
223 | client; similarly, in s23_srvr.c, don't do the rollback check if | |
224 | SSL 2.0 is the only protocol enabled in the server. | |
225 | [Bodo Moeller] | |
226 | ||
ca1e465f RL |
227 | *) Make it possible to get hexdumps of unprintable data with 'openssl |
228 | asn1parse'. By implication, the functions ASN1_parse_dump() and | |
229 | BIO_dump_indent() are added. | |
230 | [Richard Levitte] | |
231 | ||
a657546f DSH |
232 | *) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex() |
233 | these print out strings and name structures based on various | |
234 | flags including RFC2253 support and proper handling of | |
235 | multibyte characters. Added options to the 'x509' utility | |
236 | to allow the various flags to be set. | |
237 | [Steve Henson] | |
238 | ||
284ef5f3 DSH |
239 | *) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME. |
240 | Also change the functions X509_cmp_current_time() and | |
241 | X509_gmtime_adj() work with an ASN1_TIME structure, | |
242 | this will enable certificates using GeneralizedTime in validity | |
243 | dates to be checked. | |
244 | [Steve Henson] | |
245 | ||
246 | *) Make the NEG_PUBKEY_BUG code (which tolerates invalid | |
247 | negative public key encodings) on by default, | |
248 | NO_NEG_PUBKEY_BUG can be set to disable it. | |
249 | [Steve Henson] | |
250 | ||
251 | *) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT | |
252 | content octets. An i2c_ASN1_OBJECT is unnecessary because | |
253 | the encoding can be trivially obtained from the structure. | |
254 | [Steve Henson] | |
255 | ||
fa729135 BM |
256 | *) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock), |
257 | not read locks (CRYPTO_r_[un]lock). | |
258 | [Bodo Moeller] | |
259 | ||
b436a982 RL |
260 | *) A first attempt at creating official support for shared |
261 | libraries through configuration. I've kept it so the | |
262 | default is static libraries only, and the OpenSSL programs | |
263 | are always statically linked for now, but there are | |
264 | preparations for dynamic linking in place. | |
265 | This has been tested on Linux and True64. | |
266 | [Richard Levitte] | |
267 | ||
c0722725 UM |
268 | *) Randomness polling function for Win9x, as described in: |
269 | Peter Gutmann, Software Generation of Practically Strong | |
270 | Random Numbers. | |
271 |