Skip to content
CHANGES 189 KiB
Newer Older
 OpenSSL CHANGES
 Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
Dr. Stephen Henson's avatar
 
Dr. Stephen Henson committed
  *) In BN_div() keep a copy of the sign of 'num' before writing the
     result to 'rm' because if rm==num the value will be overwritten
     and produce the wrong result if 'num' is negative: this caused
     problems with BN_mod() and BN_nnmod().
     [Steve Henson]

Dr. Stephen Henson's avatar
 
Dr. Stephen Henson committed
  *) Function OCSP_request_verify(). This checks the signature on an
     OCSP request and verifies the signer certificate. The signer
     certificate is just checked for a generic purpose and OCSP request
     trust settings.
     [Steve Henson]

  *) Add OCSP_check_validity() function to check the validity of OCSP
     responses. OCSP responses are prepared in real time and may only
     be a few seconds old. Simply checking that the current time lies
     between thisUpdate and nextUpdate max reject otherwise valid responses
     caused by either OCSP responder or client clock innacuracy. Instead
     we allow thisUpdate and nextUpdate to fall within a certain period of
     the current time. The age of the response can also optionally be
     checked. Two new options -validity_period and -status_age added to
     ocsp utility.
     [Steve Henson]

Dr. Stephen Henson's avatar
 
Dr. Stephen Henson committed
  *) If signature or public key algorithm is unrecognized print out its
     OID rather that just UNKOWN.
     [Steve Henson]

  *) Avoid coredump with unsupported or invalid public keys by checking if
     X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
     PKCS7_verify() fails with non detached data.
     [Steve Henson]

  *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and
     OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate
     ID to be generated from the issuer certificate alone which can then be
     passed to OCSP_id_issuer_cmp().
     [Steve Henson]

  *) New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
     ASN1 modules to export functions returning ASN1_ITEM pointers
     instead of the ASN1_ITEM structures themselves. This adds several
     new macros which allow the underlying ASN1 function/structure to
     be accessed transparently. As a result code should not use ASN1_ITEM
     references directly (such as &X509_it) but instead use the relevant
     macros (such as ASN1_ITEM_rptr(X509)). This option is to allow
     use of the new ASN1 code on platforms where exporting structures
     is problematical (for example in shared libraries) but exporting
     functions returning pointers to structures is not.
     [Steve Henson]

  *) Add support for overriding the generation of SSL/TLS session IDs.
     These callbacks can be registered either in an SSL_CTX or per SSL.
     The purpose of this is to allow applications to control, if they wish,
     the arbitrary values chosen for use as session IDs, particularly as it
     can be useful for session caching in multiple-server environments. A
     command-line switch for testing this (and any client code that wishes
     to use such a feature) has been added to "s_server".
     [Geoff Thorpe, Lutz Jaenicke]

  *) Modify mkdef.pl to recognise and parse prprocessor conditionals
     of the form '#if defined(...) || defined(...) || ...' and
     '#if !defined(...) && !defined(...) && ...'.  This also avoids
     the growing number of special cases it was previously handling.
     [Richard Levitte]

Ulf Möller's avatar
Ulf Möller committed
  *) Don't use getenv in library functions when run as setuid/setgid.
     New function OPENSSL_issetugid().
     [Ulf Moeller]

  *) Make all configuration macros available for application by making
     sure they are available in opensslconf.h, by giving them names starting
     with "OPENSSL_" to avoid conflicts with other packages and by making
     sure e_os2.h will cover all platform-specific cases together with
     opensslconf.h.
     Additionally, it is now possible to define configuration/platform-
     specific names (called "system identities").  In the C code, these
     are prefixed with "OPENSSL_SYSNAME_".  e_os2.h will create another
     macro with the name beginning with "OPENSSL_SYS_", which is determined
     from "OPENSSL_SYSNAME_*" or compiler-specific macros depending on
     what is available.
  *) New option -set_serial to 'req' and 'x509' this allows the serial
     number to use to be specified on the command line. Previously self
     signed certificates were hard coded with serial number 0 and the 
     CA options of 'x509' had to use a serial number in a file which was
     auto incremented.
     [Steve Henson]

  *) Avoid false positives in memory leak detection code (crypto/mem_dbg.c)
     due to incorrect handling of multi-threading:

     1. Fix timing glitch in the MemCheck_off() portion of CRYPTO_mem_ctrl().

     2. Fix logical glitch in is_MemCheck_on() aka CRYPTO_is_mem_check_on().

     3. Count how many times MemCheck_off() has been called so that
        nested use can be treated correctly.  This also avoids 
        inband-signalling in the previous code (which relied on the
        assumption that thread ID 0 is impossible).
     [Bodo Moeller]

  *) New options to 'ca' utility to support V2 CRL entry extensions.
     Currently CRL reason, invalidity date and hold instruction are
     supported. Add new CRL extensions to V3 code and some new objects.
     [Steve Henson]

  *) Add "-rand" option also to s_client and s_server.
     [Lutz Jaenicke]

  *) New function EVP_CIPHER_CTX_set_padding() this is used to
     disable standard block padding (aka PKCS#5 padding) in the EVP
     API, which was previously mandatory. This means that the data is
     not padded in any way and so the total length much be a multiple
     of the block size, otherwise an error occurs.
     [Steve Henson]

  *) Initial (incomplete) OCSP SSL support.
     [Steve Henson]

Ulf Möller's avatar
Ulf Möller committed
  *) Fix CPU detection on Irix 6.x.
     [Kurt Hockenbury <khockenb@stevens-tech.edu> and
      "Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]

  *) New function OCSP_parse_url(). This splits up a URL into its host,
     port and path components: primarily to parse OCSP URLs. New -url
     option to ocsp utility.
     [Steve Henson]

  *) New nonce behavior. The return value of OCSP_check_nonce() now 
     reflects the various checks performed. Applications can decide
     whether to tolerate certain situations such as an absent nonce
     in a response when one was present in a request: the ocsp application
     just prints out a warning. New function OCSP_add1_basic_nonce()
     this is to allow responders to include a nonce in a response even if
     the request is nonce-less.
     [Steve Henson]

  *) Use the cached encoding of an X509_NAME structure rather than
     copying it. This is apparently the reason for the libsafe "errors"
     but the code is actually correct.
     [Steve Henson]

  *) Disable stdin buffering in load_cert (apps/apps.c) so that no certs are
     skipped when using openssl x509 multiple times on a single input file,
     e.g. "(openssl x509 -out cert1; openssl x509 -out cert2) <certs".
     [Bodo Moeller]

Dr. Stephen Henson's avatar
 
Dr. Stephen Henson committed
  *) Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string()
     set string type: to handle setting ASN1_TIME structures. Fix ca
     utility to correctly initialize revocation date of CRLs.
     [Steve Henson]

  *) New option SSL_OP_CIPHER_SERVER_PREFERENCE allows the server to override
     the clients preferred ciphersuites and rather use its own preferences.
     Should help to work around M$ SGC (Server Gated Cryptography) bug in
     Internet Explorer by ensuring unchanged hash method during stepup.
     [Lutz Jaenicke]

  *) Make mkdef.pl recognise all DECLARE_ASN1 macros, change rijndael
     to aes and add a new 'exist' option to print out symbols that don't
     appear to exist.
     [Steve Henson]

  *) Additional options to ocsp utility to allow flags to be set and
     additional certificates supplied.
     [Steve Henson]

  *) Add the option -VAfile to 'openssl ocsp', so the user can give the
     OCSP client a number of certificate to only verify the response
     signature against.
     [Richard Levitte]

Ulf Möller's avatar
Ulf Möller committed
  *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
     Bleichenbacher's DSA attack.
     Extend BN_[pseudo_]rand: As before, top=1 forces the highest two bits
     to be set and top=0 forces the highest bit to be set; top=-1 is new
     and leaves the highest bit random.
     [Ulf Moeller, Bodo Moeller]
Dr. Stephen Henson's avatar
 
Dr. Stephen Henson committed
  *) Update Rijndael code to version 3.0 and change EVP AES ciphers to
     handle the new API. Currently only ECB, CBC modes supported. Add new
     AES OIDs. Add TLS AES ciphersuites as described in the "AES Ciphersuites
     for TLS" draft-ietf-tls-ciphersuite-03.txt.
     [Ben Laurie, Steve Henson]

  *) In the NCONF_...-based implementations for CONF_... queries
     (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using
     a temporary CONF structure with the data component set to NULL
     (which gives segmentation faults in lh_retrieve).
     Instead, use NULL for the CONF pointer in CONF_get_string and
     CONF_get_number (which may use environment variables) and directly
     return NULL from CONF_get_section.
     [Bodo Moeller]

Loading full blame...