X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=CHANGES;h=c5c50787cdbd051ce959af1b3a7977f05a42ea5b;hb=2aa2a5775f7f4c008f958141c1e05c1c9bcdd135;hp=d4426974ead67b6c78f3f50dbfd8d38e88488e50;hpb=7398053149ca6f86584baec02fd71e2e99a737f2;p=oweals%2Fopenssl.git diff --git a/CHANGES b/CHANGES index d4426974ea..c5c50787cd 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,81 @@ Changes between 0.9.8g and 0.9.9 [xx XXX xxxx] + *) Expand ENGINE to support engine supplied SSL client certificate functions. + [Steve Henson] + + *) Revamp of LHASH to provide stronger type-checking. Still to come: + STACK, TXT_DB, bsearch, qsort. + [Ben Laurie] + + *) Not all of this is true any longer. + Will have to be updated to reflect all subsequent changes to cryptlib.c. + --bodo + + + To support arbitrarily-typed thread IDs, deprecate the existing + type-specific APIs for a general purpose CRYPTO_THREADID + interface. Applications can choose the thread ID + callback type it wishes to register, as before; + + void CRYPTO_set_id_callback(unsigned long (*func)(void)); + void CRYPTO_set_idptr_callback(void *(*func)(void)); + + but retrieval, copies, and comparisons of thread IDs are via + type-independent interfaces; + + void CRYPTO_THREADID_set(CRYPTO_THREADID *id); + void CRYPTO_THREADID_cmp(const CRYPTO_THREADID *id1, + const CRYPTO_THREADID *id2); + void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dst, + const CRYPTO_THREADID *src); + + Also, for code that needs a thread ID "value" for use in + hash-tables or logging, a "hash" is available by; + + unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id); + + This hash value is likely to be the thread ID anyway, but + otherwise it will be unique if possible or as collision-free as + possible if uniqueness can't be guaranteed on the target + architecture. + + The following functions are deprecated; + unsigned long (*CRYPTO_get_id_callback(void))(void); + unsigned long CRYPTO_thread_id(void); + + As a consequence of the above, there are similar deprecations of + BN_BLINDING functions in favour of CRYPTO_THREADID-based + alternatives; + + #ifndef OPENSSL_NO_DEPRECATED + unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); + void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); + #endif + void BN_BLINDING_set_thread(BN_BLINDING *); + int BN_BLINDING_cmp_thread(const BN_BLINDING *, const + CRYPTO_THREADID *); + + Also, the ERR_remove_state(int pid) API has been deprecated; + + #ifndef OPENSSL_NO_DEPRECATED + void ERR_remove_state(unsigned long pid) + #endif + void ERR_remove_thread_state(CRYPTO_THREADID *tid); + + [Geoff Thorpe] + + *) Initial support for Cryptographic Message Syntax (aka CMS) based + on RFC3850, RFC3851 and RFC3852. New cms directory and cms utility, + support for data, signedData, compressedData, digestedData and + encryptedData, envelopedData types included. Scripts to check against + RFC4134 examples draft and interop and consistency checks of many + content types and variants. + [Steve Henson] + + *) Add options to enc utility to support use of zlib compression BIO. + [Steve Henson] + *) Extend mk1mf to support importing of options and assembly language files from Configure script, currently only included in VC-WIN32. The assembly language rules can now optionally generate the source @@ -299,6 +374,14 @@ callback is &errno. [Bodo Moeller] + -- NOTE -- this change has been reverted and replaced with a + type-independent wrapper (ie. applications do not have to check + two type-specific thread ID representations as implied in this + change note). However, the "idptr" callback form described here + can still be registered. Please see the more recent CHANGES note + regarding CRYPTO_THREADID. [Geoff Thorpe] + -- NOTE -- + *) Change the array representation of binary polynomials: the list of degrees of non-zero coefficients is now terminated with -1. Previously it was terminated with 0, which was also part of the @@ -608,8 +691,83 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] - Changes between 0.9.8g and 0.9.8h [xx XXX xxxx] + Changes between 0.9.8g and 0.9.8h [28 May 2008] + + *) Fix flaw if 'Server Key exchange message' is omitted from a TLS + handshake which could lead to a cilent crash as found using the + Codenomicon TLS test suite (CVE-2008-1672) + [Steve Henson, Mark Cox] + + *) Fix double free in TLS server name extensions which could lead to + a remote crash found by Codenomicon TLS test suite (CVE-2008-0891) + [Joe Orton] + + *) Clear error queue in SSL_CTX_use_certificate_chain_file() + + Clear the error queue to ensure that error entries left from + older function calls do not interfere with the correct operation. + [Lutz Jaenicke, Erik de Castro Lopo] + + *) Remove root CA certificates of commercial CAs: + + The OpenSSL project does not recommend any specific CA and does not + have any policy with respect to including or excluding any CA. + Therefore it does not make any sense to ship an arbitrary selection + of root CA certificates with the OpenSSL software. + [Lutz Jaenicke] + + *) RSA OAEP patches to fix two separate invalid memory reads. + The first one involves inputs when 'lzero' is greater than + 'SHA_DIGEST_LENGTH' (it would read about SHA_DIGEST_LENGTH bytes + before the beginning of from). The second one involves inputs where + the 'db' section contains nothing but zeroes (there is a one-byte + invalid read after the end of 'db'). + [Ivan Nestlerode ] + + *) Add TLS session ticket callback. This allows an application to set + TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed + values. This is useful for key rollover for example where several key + sets may exist with different names. + [Steve Henson] + + *) Reverse ENGINE-internal logic for caching default ENGINE handles. + This was broken until now in 0.9.8 releases, such that the only way + a registered ENGINE could be used (assuming it initialises + successfully on the host) was to explicitly set it as the default + for the relevant algorithms. This is in contradiction with 0.9.7 + behaviour and the documentation. With this fix, when an ENGINE is + registered into a given algorithm's table of implementations, the + 'uptodate' flag is reset so that auto-discovery will be used next + time a new context for that algorithm attempts to select an + implementation. + [Ian Lister (tweaked by Geoff Thorpe)] + + *) Update the GMP engine glue to do direct copies between BIGNUM and + mpz_t when openssl and GMP use the same limb size. Otherwise the + existing "conversion via a text string export" trick is still used. + [Paul Sheer , Geoff Thorpe] + + *) Zlib compression BIO. This is a filter BIO which compressed and + uncompresses any data passed through it. + [Steve Henson] + + *) Add AES_wrap_key() and AES_unwrap_key() functions to implement + RFC3394 compatible AES key wrapping. + [Steve Henson] + *) Add utility functions to handle ASN1 structures. ASN1_STRING_set0(): + sets string data without copying. X509_ALGOR_set0() and + X509_ALGOR_get0(): set and retrieve X509_ALGOR (AlgorithmIdentifier) + data. Attribute function X509at_get0_data_by_OBJ(): retrieves data + from an X509_ATTRIBUTE structure optionally checking it occurs only + once. ASN1_TYPE_set1(): set and ASN1_TYPE structure copying supplied + data. + [Steve Henson] + + *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set() + to get the expected BN_FLG_CONSTTIME behavior. + [Bodo Moeller (Google)] + *) Netware support: - fixed wrong usage of ioctlsocket() when build for LIBC BSD sockets