]>
Commit | Line | Data |
---|---|---|
81a6c781 | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
a9d2bc49 | 5 | Changes between 0.9.6 and 0.9.7 [xx XXX 2001] |
a43cf9fa | 6 | |
e9ad0d2c | 7 | OpenSSL 0.9.6a/0.9.6b (bugfix releases, 5 Apr 2001 and 9 July 2001) |
e3fefbfd | 8 | and OpenSSL 0.9.7 were developed in parallel, based on OpenSSL 0.9.6. |
e9ad0d2c | 9 | |
a9d2bc49 | 10 | Change log entries are tagged as follows: |
daba492c BM |
11 | -) applies to 0.9.6a/0.9.6b/0.9.6c only |
12 | *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 | |
a9d2bc49 BM |
13 | +) applies to 0.9.7 only |
14 | ||
3b0b5aba BM |
15 | *) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a |
16 | client receives HelloRequest while in a handshake. | |
17 | [Bodo Moeller; bug noticed by Andy Schneider <andy.schneider@bjss.co.uk>] | |
18 | ||
6b0e9fac BM |
19 | +) New function SSL_renegotiate_pending(). This returns true once |
20 | renegotiation has been requested (either SSL_renegotiate() call | |
21 | or HelloRequest/ClientHello receveived from the peer) and becomes | |
22 | false once a handshake has been completed. | |
23 | (For servers, SSL_renegotiate() followed by SSL_do_handshake() | |
24 | sends a HelloRequest, but does not ensure that a handshake takes | |
25 | place. SSL_renegotiate_pending() is useful for checking if the | |
26 | client has followed the request.) | |
27 | [Bodo Moeller] | |
28 | ||
29 | +) New SSL option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION. | |
30 | By default, clients may request session resumption even during | |
31 | renegotiation (if session ID contexts permit); with this option, | |
32 | session resumption is possible only in the first handshake. | |
33 | [Bodo Moeller] | |
34 | ||
2260ad21 BM |
35 | *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C |
36 | should end in 'break', not 'goto end' which circuments various | |
b49124f6 BM |
37 | cleanups done in state SSL_ST_OK. But session related stuff |
38 | must be disabled for SSL_ST_OK in the case that we just sent a | |
39 | HelloRequest. | |
2260ad21 BM |
40 | |
41 | Also avoid some overhead by not calling ssl_init_wbio_buffer() | |
42 | before just sending a HelloRequest. | |
b49124f6 | 43 | [Bodo Moeller, Eric Rescorla <ekr@rtfm.com>] |
8e2f6b79 | 44 | |
ee60d9fb BM |
45 | *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't |
46 | reveal whether illegal block cipher padding was found or a MAC | |
47 | verification error occured. (Neither SSLerr() codes nor alerts | |
48 | are directly visible to potential attackers, but the information | |
49 | may leak via logfiles.) | |
50 | ||
51 | Similar changes are not required for the SSL 2.0 implementation | |
52 | because the number of padding bytes is sent in clear for SSL 2.0, | |
53 | and the extra bytes are just ignored. However ssl/s2_pkt.c | |
54 | failed to verify that the purported number of padding bytes is in | |
55 | the legal range. | |
56 | [Bodo Moeller] | |
57 | ||
96bd6f73 DSH |
58 | +) Add some demos for certificate and certificate request creation. |
59 | [Steve Henson] | |
60 | ||
c0f5dd07 LJ |
61 | +) Make maximum certificate chain size accepted from the peer application |
62 | settable (SSL*_get/set_max_cert_list()), as proposed by | |
63 | "Douglas E. Engert" <deengert@anl.gov>. | |
64 | [Lutz Jaenicke] | |
65 | ||
6c36f7a9 LJ |
66 | +) Add support for shared libraries for Unixware-7 and support including |
67 | shared libraries for OpenUNIX-8 (Boyd Lynn Gerber <gerberb@zenez.com>). | |
68 | [Lutz Jaenicke] | |
69 | ||
a9ed4da8 BM |
70 | *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid |
71 | 'wristwatch attack' using huge encoding parameters (cf. | |
72 | James H. Manger's CRYPTO 2001 paper). Note that the | |
73 | RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use | |
e3fefbfd | 74 | encoding parameters and hence was not vulnerable. |
a9ed4da8 BM |
75 | [Bodo Moeller] |
76 | ||
4450107a | 77 | +) Add a "destroy" handler to ENGINEs that allows structural cleanup to |
908efd3b GT |
78 | be done prior to destruction. Use this to unload error strings from |
79 | ENGINEs that load their own error strings. NB: This adds two new API | |
80 | functions to "get" and "set" this destroy handler in an ENGINE. | |
a9ed4da8 | 81 | [Geoff Thorpe] |
908efd3b | 82 | |
4450107a | 83 | +) Alter all existing ENGINE implementations (except "openssl" and |
541814c4 GT |
84 | "openbsd") to dynamically instantiate their own error strings. This |
85 | makes them more flexible to be built both as statically-linked ENGINEs | |
86 | and self-contained shared-libraries loadable via the "dynamic" ENGINE. | |
87 | Also, add stub code to each that makes building them as self-contained | |
88 | shared-libraries easier (see README.ENGINE). | |
89 | [Geoff Thorpe] | |
90 | ||
4450107a | 91 | +) Add a "dynamic" ENGINE that provides a mechanism for binding ENGINE |
541814c4 GT |
92 | implementations into applications that are completely implemented in |
93 | self-contained shared-libraries. The "dynamic" ENGINE exposes control | |
94 | commands that can be used to configure what shared-library to load and | |
95 | to control aspects of the way it is handled. Also, made an update to | |
96 | the README.ENGINE file that brings its information up-to-date and | |
97 | provides some information and instructions on the "dynamic" ENGINE | |
98 | (ie. how to use it, how to build "dynamic"-loadable ENGINEs, etc). | |
99 | [Geoff Thorpe] | |
100 | ||
d98a4b73 UM |
101 | *) BN_sqr() bug fix. |
102 |