X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=cab7143bbfe192f23c61d652d20fdca325741312;hp=98992f5a12d8b7909197f46e15895a07b56227fd;hb=bc1b04d255eb31ba3cf80a82d98adbfbbadf621f;hpb=837e1b6812d53799cff304630bc3a1a9db86b696 diff --git a/CHANGES b/CHANGES index 98992f5a12..cab7143bbf 100644 --- a/CHANGES +++ b/CHANGES @@ -4,11 +4,34 @@ Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] + *) Add FIPS selftest for ECDH algorithm using P-224 and B-233 curves. + [Steve Henson] + + *) Use separate DRBG fields for internal and external flags. New function + FIPS_drbg_health_check() to perform on demand health checking. Add + generation tests to fips_test_suite with reduced health check interval to + demonstrate periodic health checking. Add "nodh" option to + fips_test_suite to skip very slow DH test. + [Steve Henson] + + *) New function FIPS_get_cipherbynid() to lookup FIPS supported ciphers + based on NID. + [Steve Henson] + + *) More extensive health check for DRBG checking many more failure modes. + New function FIPS_selftest_drbg_all() to handle every possible DRBG + combination: call this in fips_test_suite. + [Steve Henson] + + *) Add support for Dual EC DRBG from SP800-90. Update DRBG algorithm test + and POST to handle Dual EC cases. + [Steve Henson] + *) Add support for canonical generation of DSA parameter 'g'. See FIPS 186-3 A.2.3. - *) Add support for HMAC DRBG from SP800-90. Update algorithm and POST - to handle HMAC cases. + *) Add support for HMAC DRBG from SP800-90. Update DRBG algorithm test and + POST to handle HMAC cases. [Steve Henson] *) Add functions FIPS_module_version() and FIPS_module_version_text() @@ -161,16 +184,59 @@ by Google. [Adam Langley and Ben Laurie] - *) Use type ossl_ssize_t instad of ssize_t which isn't available on - all platforms. Move ssize_t definition from e_os.h to the public - header file e_os2.h as it now appears in public header file cms.h - [Steve Henson] - *) New function OPENSSL_gmtime_diff to find the difference in days and seconds between two tm structures. This will be used to provide additional functionality for ASN1_TIME. [Steve Henson] + *) Add -trusted_first option which attempts to find certificates in the + trusted store even if an untrusted chain is also supplied. + [Steve Henson] + + *) Initial experimental support for explicitly trusted non-root CAs. + OpenSSL still tries to build a complete chain to a root but if an + intermediate CA has a trust setting included that is used. The first + setting is used: whether to trust or reject. + [Steve Henson] + + *) New -verify_name option in command line utilities to set verification + parameters by name. + [Steve Henson] + + *) Initial CMAC implementation. WARNING: EXPERIMENTAL, API MAY CHANGE. + Add CMAC pkey methods. + [Steve Henson] + + *) Experimental regnegotiation in s_server -www mode. If the client + browses /reneg connection is renegotiated. If /renegcert it is + renegotiated requesting a certificate. + [Steve Henson] + + *) Add an "external" session cache for debugging purposes to s_server. This + should help trace issues which normally are only apparent in deployed + multi-process servers. + [Steve Henson] + + *) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where + return value is ignored. NB. The functions RAND_add(), RAND_seed(), + BIO_set_cipher() and some obscure PEM functions were changed so they + can now return an error. The RAND changes required a change to the + RAND_METHOD structure. + [Steve Henson] + + *) New macro __owur for "OpenSSL Warn Unused Result". This makes use of + a gcc attribute to warn if the result of a function is ignored. This + is enable if DEBUG_UNUSED is set. Add to several functions in evp.h + whose return value is often ignored. + [Steve Henson] + + Changes between 1.0.0f and 1.0.1 [xx XXX xxxx] + + *) Use type ossl_ssize_t instad of ssize_t which isn't available on + all platforms. Move ssize_t definition from e_os.h to the public + header file e_os2.h as it now appears in public header file cms.h + [Steve Henson] + *) New -sigopt option to the ca, req and x509 utilities. Additional signature parameters can be passed using this option and in particular PSS. @@ -205,36 +271,8 @@ parameters r, s. [Steve Henson] - *) Add -trusted_first option which attempts to find certificates in the - trusted store even if an untrusted chain is also supplied. - [Steve Henson] - - *) Initial experimental support for explicitly trusted non-root CAs. - OpenSSL still tries to build a complete chain to a root but if an - intermediate CA has a trust setting included that is used. The first - setting is used: whether to trust or reject. - [Steve Henson] - - *) New -verify_name option in command line utilities to set verification - parameters by name. - [Steve Henson] - - *) Initial CMAC implementation. WARNING: EXPERIMENTAL, API MAY CHANGE. - Add CMAC pkey methods. - [Steve Henson] - - *) Experiemental regnegotiation in s_server -www mode. If the client - browses /reneg connection is renegotiated. If /renegcert it is - renegotiated requesting a certificate. - [Steve Henson] - - *) Add an "external" session cache for debugging purposes to s_server. This - should help trace issues which normally are only apparent in deployed - multi-process servers. - [Steve Henson] - - *) Experiemental password based recipient info support for CMS library: - implementing RFC3211. + *) Password based recipient info support for CMS library: implementing + RFC3211. [Steve Henson] *) Split password based encryption into PBES2 and PBKDF2 functions. This @@ -243,20 +281,18 @@ password based CMS). [Steve Henson] - *) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where - return value is ignored. NB. The functions RAND_add(), RAND_seed(), - BIO_set_cipher() and some obscure PEM functions were changed so they - can now return an error. The RAND changes required a change to the - RAND_METHOD structure. - [Steve Henson] + *) Session-handling fixes: + - Fix handling of connections that are resuming with a session ID, + but also support Session Tickets. + - Fix a bug that suppressed issuing of a new ticket if the client + presented a ticket with an expired session. + - Try to set the ticket lifetime hint to something reasonable. + - Make tickets shorter by excluding irrelevant information. + - On the client side, don't ignore renewed tickets. + [Adam Langley, Bodo Moeller (Google)] - *) New macro __owur for "OpenSSL Warn Unused Result". This makes use of - a gcc attribute to warn if the result of a function is ignored. This - is enable if DEBUG_UNUSED is set. Add to several functions in evp.h - whose return value is often ignored. - [Steve Henson] - - Changes between 1.0.0e and 1.0.1 [xx XXX xxxx] + *) Fix PSK session representation. + [Bodo Moeller] *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. @@ -416,7 +452,20 @@ Add command line options to s_client/s_server. [Steve Henson] - Changes between 1.0.0d and 1.0.0e [xx XXX xxxx] + Changes between 1.0.0e and 1.0.0f [xx XXX xxxx] + + *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf. + [Bob Buckholz (Google)] + + Changes between 1.0.0d and 1.0.0e [6 Sep 2011] + + *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted + by initialising X509_STORE_CTX properly. (CVE-2011-3207) + [Kaspar Brand ] + + *) Fix SSL memory handling for (EC)DH ciphersuites, in particular + for multi-threaded use of ECDH. (CVE-2011-3210) + [Adam Langley (Google)] *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller] @@ -1315,6 +1364,13 @@ Changes between 0.9.8r and 0.9.8s [xx XXX xxxx] + *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf. + [Bob Buckholz (Google)] + + *) Fix SSL memory handling for (EC)DH ciphersuites, in particular + for multi-threaded use of ECDH. + [Adam Langley (Google)] + *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller]