OpenSSL CHANGES
_______________
- Changes between 0.9.8g and 0.9.9 [xx XXX xxxx]
+ Changes between 0.9.8i and 0.9.9 [xx XXX xxxx]
- *) Not all of this is true any longer.
- Will have to be updated to reflect all subsequent changes to cryptlib.c.
- --bodo
+ *) Add support for distinct certificate and CRL paths. The CRL issuer
+ certificate is validated separately in this case. Only enabled if
+ an extended CRL support flag is set: this flag will enable additional
+ CRL functionality in future.
+ This work was sponsored by Google.
+ [Steve Henson]
- To support arbitrarily-typed thread IDs, deprecate the existing
- type-specific APIs for a general purpose CRYPTO_THREADID
- interface. Applications can choose the thread ID
- callback type it wishes to register, as before;
-
- void CRYPTO_set_id_callback(unsigned long (*func)(void));
- void CRYPTO_set_idptr_callback(void *(*func)(void));
+ *) Add support for policy mappings extension.
- but retrieval, copies, and comparisons of thread IDs are via
- type-independent interfaces;
+ This work was sponsored by Google.
+ [Steve Henson]
- void CRYPTO_THREADID_set(CRYPTO_THREADID *id);
- void CRYPTO_THREADID_cmp(const CRYPTO_THREADID *id1,
- const CRYPTO_THREADID *id2);
- void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dst,
- const CRYPTO_THREADID *src);
+ *) Fixes to pathlength constraint, self issued certificate handling,
+ policy processing to align with RFC3280 and PKITS tests.
- Also, for code that needs a thread ID "value" for use in
- hash-tables or logging, a "hash" is available by;
+ This work was sponsored by Google.
+ [Steve Henson]
- unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
+ *) Support for name constraints certificate extension. DN, email, DNS
+ and URI types are currently supported.
- This hash value is likely to be the thread ID anyway, but
- otherwise it will be unique if possible or as collision-free as
- possible if uniqueness can't be guaranteed on the target
- architecture.
+ This work was sponsored by Google.
+ [Steve Henson]
- The following functions are deprecated;
- unsigned long (*CRYPTO_get_id_callback(void))(void);
- unsigned long CRYPTO_thread_id(void);
+ *) To cater for systems that provide a pointer-based thread ID rather
+ than numeric, deprecate the current numeric thread ID mechanism and
+ replace it with a structure and associated callback type. This
+ mechanism allows a numeric "hash" to be extracted from a thread ID in
+ either case, and on platforms where pointers are larger than 'long',
+ mixing is done to help ensure the numeric 'hash' is usable even if it
+ can't be guaranteed unique. The default mechanism is to use "&errno"
+ as a pointer-based thread ID to distinguish between threads.
+
+ Applications that want to provide their own thread IDs should now use
+ CRYPTO_THREADID_set_callback() to register a callback that will call
+ either CRYPTO_THREADID_set_numeric() or CRYPTO_THREADID_set_pointer().
+
+ Note that ERR_remove_state() is now deprecated, because it is tied
+ to the assumption that thread IDs are numeric. ERR_remove_state(0)
+ to free the current thread's error state should be replaced by
+ ERR_remove_thread_state(NULL).
+
+ (This new approach replaces the functions CRYPTO_set_idptr_callback(),
+ CRYPTO_get_idptr_callback(), and CRYPTO_thread_idptr() that existed in
+ OpenSSL 0.9.9-dev between June 2006 and August 2008. Also, if an
+ application was previously providing a numeric thread callback that
+ was inappropriate for distinguishing threads, then uniqueness might
+ have been obtained with &errno that happened immediately in the
+ intermediate development versions of OpenSSL; this is no longer the
+ case, the numeric thread callback will now override the automatic use
+ of &errno.)
+ [Geoff Thorpe, with help from Bodo Moeller]
+
+ *) Initial support for different CRL issuing certificates. This covers a
+ simple case where the self issued certificates in the chain exist and
+ the real CRL issuer is higher in the existing chain.
- As a consequence of the above, there are similar deprecations of
- BN_BLINDING functions in favour of CRYPTO_THREADID-based
- alternatives;
+ This work was sponsored by Google.
+ [Steve Henson]
- #ifndef OPENSSL_NO_DEPRECATED
- unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
- void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
- #endif
- void BN_BLINDING_set_thread(BN_BLINDING *);
- int BN_BLINDING_cmp_thread(const BN_BLINDING *, const
- CRYPTO_THREADID *);
+ *) Removed effectively defunct crypto/store from the build.
+ [Ben Laurie]
- Also, the ERR_remove_state(int pid) API has been deprecated;
+ *) Revamp of STACK to provide stronger type-checking. Still to come:
+ TXT_DB, bsearch(?), OBJ_bsearch, qsort, CRYPTO_EX_DATA, ASN1_VALUE,
+ ASN1_STRING, CONF_VALUE.
+ [Ben Laurie]
- #ifndef OPENSSL_NO_DEPRECATED
- void ERR_remove_state(unsigned long pid)
- #endif
- void ERR_remove_thread_state(CRYPTO_THREADID *tid);
+ *) Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer
+ RAM on SSL connections. This option can save about 34k per idle SSL.
+ [Nick Mathewson]
- [Geoff Thorpe]
+ *) Revamp of LHASH to provide stronger type-checking. Still to come:
+ STACK, TXT_DB, bsearch, qsort.
+ [Ben Laurie]
*) Initial support for Cryptographic Message Syntax (aka CMS) based
on RFC3850, RFC3851 and RFC3852. New cms directory and cms utility,
list-message-digest-algorithms and list-cipher-algorithms.
[Steve Henson]
- *) In addition to the numerical (unsigned long) thread ID, provide
- for a pointer (void *) thread ID. This helps accomodate systems
- that do not provide an unsigned long thread ID. OpenSSL assumes
- it is in the same thread iff both the numerical and the pointer
- thread ID agree; so applications are just required to define one
- of them appropriately (e.g., by using a pointer to a per-thread
- memory object malloc()ed by the application for the pointer-type
- thread ID). Exactly analoguous to the existing functions
-
- void CRYPTO_set_id_callback(unsigned long (*func)(void));
- unsigned long (*CRYPTO_get_id_callback(void))(void);
- unsigned long CRYPTO_thread_id(void);
-
- we now have additional functions
-
- void CRYPTO_set_idptr_callback(void *(*func)(void));
- void *(*CRYPTO_get_idptr_callback(void))(void);
- void *CRYPTO_thread_idptr(void);
-
- also in <openssl/crypto.h>. The default value for
- CRYPTO_thread_idptr() if the application has not provided its own
- callback is &errno.
- [Bodo Moeller]
-
- -- NOTE -- this change has been reverted and replaced with a
- type-independent wrapper (ie. applications do not have to check
- two type-specific thread ID representations as implied in this
- change note). However, the "idptr" callback form described here
- can still be registered. Please see the more recent CHANGES note
- regarding CRYPTO_THREADID. [Geoff Thorpe]
- -- NOTE --
-
*) Change the array representation of binary polynomials: the list
of degrees of non-zero coefficients is now terminated with -1.
Previously it was terminated with 0, which was also part of the
*) Change 'Configure' script to enable Camellia by default.
[NTT]
- Changes between 0.9.8g and 0.9.8h [xx XXX xxxx]
+ Changes between 0.9.8h and 0.9.8i [xx XXX xxxx]
+
+ *) Add support for Local Machine Keyset attribute in PKCS#12 files.
+ [Steve Henson]
+
+ *) Fix BN_GF2m_mod_arr() top-bit cleanup code.
+ [Huang Ying]
+
+ *) Expand ENGINE to support engine supplied SSL client certificate functions.
+
+ This work was sponsored by Logica.
+ [Steve Henson]
+
+ *) Add CryptoAPI ENGINE to support use of RSA and DSA keys held in Windows
+ keystores. Support for SSL/TLS client authentication too.
+ Not compiled unless enable-capieng specified to Configure.
+
+ This work was sponsored by Logica.
+ [Steve Henson]
+
+ Changes between 0.9.8g and 0.9.8h [28 May 2008]
+
+ *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
+ handshake which could lead to a cilent crash as found using the
+ Codenomicon TLS test suite (CVE-2008-1672)
+ [Steve Henson, Mark Cox]
+
+ *) Fix double free in TLS server name extensions which could lead to
+ a remote crash found by Codenomicon TLS test suite (CVE-2008-0891)
+ [Joe Orton]
+
+ *) Clear error queue in SSL_CTX_use_certificate_chain_file()
+
+ Clear the error queue to ensure that error entries left from
+ older function calls do not interfere with the correct operation.
+ [Lutz Jaenicke, Erik de Castro Lopo]
+
+ *) Remove root CA certificates of commercial CAs:
+
+ The OpenSSL project does not recommend any specific CA and does not
+ have any policy with respect to including or excluding any CA.
+ Therefore it does not make any sense to ship an arbitrary selection
+ of root CA certificates with the OpenSSL software.
+ [Lutz Jaenicke]
*) RSA OAEP patches to fix two separate invalid memory reads.
The first one involves inputs when 'lzero' is greater than
before the beginning of from). The second one involves inputs where
the 'db' section contains nothing but zeroes (there is a one-byte
invalid read after the end of 'db').
- [Ivan Nesterlode <inestlerode@us.ibm.com>]
+ [Ivan Nestlerode <inestlerode@us.ibm.com>]
*) Add TLS session ticket callback. This allows an application to set
TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed
projects / openssl.git / blobdiff