X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=32a7c7b46a167db0316d572bddb9b8a389331f01;hp=3d91a6bc0f04758ace56abae3a88a802c35ff963;hb=c72b8e069de6a8863123d5be05e41b833abe09ee;hpb=4a8e9c22f42065e603ecdac7fd4691e6c3c06b72 diff --git a/CHANGES b/CHANGES index 3d91a6bc0f..32a7c7b46a 100644 --- a/CHANGES +++ b/CHANGES @@ -2,9 +2,70 @@ OpenSSL CHANGES _______________ - Changes between 1.0.2g and 1.1.0 [xx XXX xxxx] + Changes between 1.0.2h and 1.1.0 [xx XXX xxxx] + + *) The method for finding the storage location for the Windows RAND seed file + has changed. First we check %RANDFILE%. If that is not set then we check + the directories %HOME%, %USERPROFILE% and %SYSTEMROOT% in that order. If + all else fails we fall back to C:\. + [Matt Caswell] + + *) The EVP_EncryptUpdate() function has had its return type changed from void + to int. A return of 0 indicates and error while a return of 1 indicates + success. + [Matt Caswell] + + *) The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and + DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch + off the constant time implementation for RSA, DSA and DH have been made + no-ops and deprecated. + [Matt Caswell] + + *) Windows RAND implementation was simplified to only get entropy by + calling CryptGenRandom(). Various other RAND-related tickets + were also closed. + [Joseph Wylie Yandle, Rich Salz] + + *) The stack and lhash API's were renamed to start with OPENSSL_SK_ + and OPENSSL_LH_, respectively. The old names are available + with API compatibility. They new names are now completely documented. + [Rich Salz] + + *) Unify TYPE_up_ref(obj) methods signature. + SSL_CTX_up_ref(), SSL_up_ref(), X509_up_ref(), EVP_PKEY_up_ref(), + X509_CRL_up_ref(), X509_OBJECT_up_ref_count() methods are now returning an + int (instead of void) like all others TYPE_up_ref() methods. + So now these methods also check the return value of CRYPTO_atomic_add(), + and the validity of object reference counter. + [fdasilvayy@gmail.com] + + *) With Windows Visual Studio builds, the .pdb files are installed + alongside the installed libraries and executables. For a static + library installation, ossl_static.pdb is the associate compiler + generated .pdb file to be used when linking programs. + [Richard Levitte] + + *) Remove openssl.spec. Packaging files belong with the packagers. + [Richard Levitte] + + *) Automatic Darwin/OSX configuration has had a refresh, it will now + recognise x86_64 architectures automatically. You can still decide + to build for a different bitness with the environment variable + KERNEL_BITS (can be 32 or 64), for example: + + KERNEL_BITS=32 ./config + + [Richard Levitte] + + *) Change default algorithms in pkcs8 utility to use PKCS#5 v2.0, + 256 bit AES and HMAC with SHA256. + [Steve Henson] + + *) Remove support for MIPS o32 ABI on IRIX (and IRIX only). + [Andy Polyakov] *) Triple-DES ciphers have been moved from HIGH to MEDIUM. + [Rich Salz] *) To enable users to have their own config files and build file templates, Configure looks in the directory indicated by the environment variable @@ -139,19 +200,13 @@ [Emilia Käsper] *) Add X25519 support. - Integrate support for X25519 into EC library. This includes support + Add ASN.1 and EVP_PKEY methods for X25519. This includes support for public and private key encoding using the format documented in - draft-josefsson-pkix-newcurves-01: specifically X25519 uses the - OID from that draft, encodes public keys using little endian - format in the ECPoint structure and private keys using - little endian form in the privateKey field of the ECPrivateKey - structure. TLS support complies with draft-ietf-tls-rfc4492bis-06 - and uses X25519(29). + draft-ietf-curdle-pkix-02. The coresponding EVP_PKEY method supports + key generation and key derivation. - Note: the current version supports key generation, public and - private key encoding and ECDH key agreement using the EC API. - Low level point operations such as EC_POINT_add(), EC_POINT_mul() - are NOT supported. + TLS support complies with draft-ietf-tls-rfc4492bis-08 and uses + X25519(29). [Steve Henson] *) Deprecate SRP_VBASE_get_by_user. @@ -1761,7 +1816,7 @@ possible to have different stores per SSL structure or one store in the parent SSL_CTX. Include distinct stores for certificate chain verification and chain building. New ctrl SSL_CTRL_BUILD_CERT_CHAIN - to build and store a certificate chain in CERT structure: returing + to build and store a certificate chain in CERT structure: returning an error if the chain cannot be built: this will allow applications to test if a chain is correctly configured. @@ -2004,7 +2059,7 @@ 3. Check DSA/ECDSA signatures use DER. - Reencode DSA/ECDSA signatures and compare with the original received + Re-encode DSA/ECDSA signatures and compare with the original received signature. Return an error if there is a mismatch. This will reject various cases including garbage after signature @@ -2094,7 +2149,7 @@ *) Add additional DigestInfo checks. - Reencode DigestInto in DER and check against the original when + Re-encode DigestInto in DER and check against the original when verifying RSA signature: this will reject any improperly encoded DigestInfo structures. @@ -2691,7 +2746,7 @@ in CMS and PKCS7 code. When RSA decryption fails use a random key for content decryption and always return the same error. Note: this attack needs on average 2^20 messages so it only affects automated senders. The - old behaviour can be reenabled in the CMS code by setting the + old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where an MMA defence is not necessary. Thanks to Ivan Nestlerode for discovering @@ -2987,7 +3042,7 @@ as part of the CRL checking and indicate a new error "CRL path validation error" in this case. Applications wanting additional details can use the verify callback and check the new "parent" field. If this is not - NULL CRL path validation is taking place. Existing applications wont + NULL CRL path validation is taking place. Existing applications won't see this because it requires extended CRL support which is off by default. @@ -4000,9 +4055,9 @@ This work was sponsored by Logica. [Steve Henson] - *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using + *) Fix bug in X509_ATTRIBUTE creation: don't set attribute using ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain - attribute creation routines such as certifcate requests and PKCS#12 + attribute creation routines such as certificate requests and PKCS#12 files. [Steve Henson] @@ -4077,7 +4132,7 @@ [Ian Lister (tweaked by Geoff Thorpe)] *) Backport of CMS code to OpenSSL 0.9.8. This differs from the 0.9.9 - implemention in the following ways: + implementation in the following ways: Lack of EVP_PKEY_ASN1_METHOD means algorithm parameters have to be hard coded. @@ -4275,7 +4330,7 @@ implementation in BN_mod_exp_mont_consttime().) The old name remains as a deprecated alias. - Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general + Similarly, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses constant-time implementations for more than just exponentiation. Here too the old name is kept as a deprecated alias. @@ -4979,7 +5034,7 @@ *) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD and DH_METHOD (eg. by ENGINE implementations) to override the normal software implementations. For DSA and DH, parameter generation can - also be overriden by providing the appropriate method callbacks. + also be overridden by providing the appropriate method callbacks. [Geoff Thorpe] *) Change the "progress" mechanism used in key-generation and @@ -5062,7 +5117,7 @@ the "shared" options was given to ./Configure or ./config. Otherwise, they are inserted in libcrypto.a. /usr/local/ssl/engines is the default directory for dynamic - engines, but that can be overriden at configure time through + engines, but that can be overridden at configure time through the usual use of --prefix and/or --openssldir, and at run time with the environment variable OPENSSL_ENGINES. [Geoff Thorpe and Richard Levitte] @@ -5597,8 +5652,8 @@ [Steve Henson] *) Perform some character comparisons of different types in X509_NAME_cmp: - this is needed for some certificates that reencode DNs into UTF8Strings - (in violation of RFC3280) and can't or wont issue name rollover + this is needed for some certificates that re-encode DNs into UTF8Strings + (in violation of RFC3280) and can't or won't issue name rollover certificates. [Steve Henson] @@ -6656,7 +6711,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k const ASN1_ITEM *it = &ASN1_INTEGER_it; - wont compile. This is used by the any applications that need to + won't compile. This is used by the any applications that need to declare their own ASN1 modules. This was fixed by adding the option EXPORT_VAR_AS_FN to all Win32 platforms, although this isn't strictly needed for static libraries under Win32. @@ -7257,7 +7312,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k entropy, EGD style sockets (served by EGD or PRNGD) will automatically be queried. The locations /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool, and - /etc/entropy will be queried once each in this sequence, quering stops + /etc/entropy will be queried once each in this sequence, querying stops when enough entropy was collected without querying more sockets. [Lutz Jaenicke] @@ -7285,7 +7340,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k information from an OCSP_CERTID structure (which will be created when the request structure is built). These are built from lower level functions which work on OCSP_SINGLERESP structures but - wont normally be used unless the application wishes to examine + won't normally be used unless the application wishes to examine extensions in the OCSP response for example. Replace nonce routines with a pair of functions. @@ -7361,7 +7416,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *) New function X509V3_add1_i2d(). This automatically encodes and adds an extension. Its behaviour can be customised with various flags to append, replace or delete. Various wrappers added for - certifcates and CRLs. + certificates and CRLs. [Steve Henson] *) Fix to avoid calling the underlying ASN1 print routine when @@ -7906,7 +7961,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k [Nils Larsch ] *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines: - an end-of-file condition would erronously be flagged, when the CRLF + an end-of-file condition would erroneously be flagged, when the CRLF was just at the end of a processed block. The bug was discovered when processing data through a buffering memory BIO handing the data to a BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov @@ -8836,7 +8891,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k [Steve Henson] *) When a certificate request is read in keep a copy of the - original encoding of the signed data and use it when outputing + original encoding of the signed data and use it when outputting again. Signatures then use the original encoding rather than a decoded, encoded version which may cause problems if the request is improperly encoded.