X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=e3b0623c0d7d294fe2a757de79c440c890f3342b;hp=fc57065a6124d4e8761962d8fee96ca852228aaf;hb=078dd1a0f94394632614123af3155866749ff79c;hpb=a907751350f2bec14d413bccd517ab9c724dac3c diff --git a/CHANGES b/CHANGES index fc57065a61..e3b0623c0d 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,74 @@ Changes between 0.9.7c and 0.9.8 [xx XXX xxxx] + *) An audit of the BIGNUM code is underway, for which debugging code is + enabled when BN_DEBUG is defined. This makes stricter enforcements on what + is considered valid when processing BIGNUMs, and causes execution to + assert() when a problem is discovered. If BN_DEBUG_RAND is defined, + further steps are taken to deliberately pollute unused data in BIGNUM + structures to try and expose faulty code further on. For now, openssl will + (in its default mode of operation) continue to tolerate the inconsistent + forms that it has tolerated in the past, but authors and packagers should + consider trying openssl and their own applications when compiled with + these debugging symbols defined. It will help highlight potential bugs in + their own code, and will improve the test coverage for OpenSSL itself. At + some point, these tighter rules will become openssl's default to improve + maintainability, though the assert()s and other overheads will remain only + in debugging configurations. See bn.h for more details. + [Geoff Thorpe] + + *) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure + that can only be obtained through BN_CTX_new() (which implicitly + initialises it). The presence of this function only made it possible + to overwrite an existing structure (and cause memory leaks). + [Geoff Thorpe] + + *) Because of the callback-based approach for implementing LHASH as a + template type, lh_insert() adds opaque objects to hash-tables and + lh_doall() or lh_doall_arg() are typically used with a destructor callback + to clean up those corresponding objects before destroying the hash table + (and losing the object pointers). So some over-zealous constifications in + LHASH have been relaxed so that lh_insert() does not take (nor store) the + objects as "const" and the lh_doall[_arg] callback wrappers are not + prototyped to have "const" restrictions on the object pointers they are + given (and so aren't required to cast them away any more). + [Geoff Thorpe] + + *) The tmdiff.h API was so ugly and minimal that our own timing utility + (speed) prefers to use its own implementation. The two implementations + haven't been consolidated as yet (volunteers?) but the tmdiff API has had + its object type properly exposed (MS_TM) instead of casting to/from "char + *". This may still change yet if someone realises MS_TM and "ms_time_***" + aren't necessarily the greatest nomenclatures - but this is what was used + internally to the implementation so I've used that for now. + [Geoff Thorpe] + + *) Ensure that deprecated functions do not get compiled when + OPENSSL_NO_DEPRECATED is defined. Some "openssl" subcommands and a few of + the self-tests were still using deprecated key-generation functions so + these have been updated also. + [Geoff Thorpe] + + *) Reorganise PKCS#7 code to separate the digest location functionality + into PKCS7_find_digest(), digest addtion into PKCS7_bio_add_digest(). + New function PKCS7_set_digest() to set the digest type for PKCS#7 + digestedData type. Add additional code to correctly generate the + digestedData type and add support for this type in PKCS7 initialization + functions. + [Steve Henson] + + *) New function PKCS7_set0_type_other() this initializes a PKCS7 + structure of type "other". + [Steve Henson] + + *) Fix prime generation loop in crypto/bn/bn_prime.pl by making + sure the loop does correctly stop and breaking ("division by zero") + modulus operations are not performed. The (pre-generated) prime + table crypto/bn/bn_prime.h was already correct, but it could not be + re-generated on some platforms because of the "division by zero" + situation in the script. + [Ralf S. Engelschall] + *) Update support for ECC-based TLS ciphersuites according to draft-ietf-tls-ecc-03.txt: the KDF1 key derivation function with SHA-1 now is only used for "small" curves (where the @@ -547,7 +615,23 @@ differing sizes. [Richard Levitte] - Changes between 0.9.7b and 0.9.7c [xx XXX 2003] + Changes between 0.9.7c and 0.9.7d [xx XXX XXXX] + *) Use the correct content when signing type "other". + [Steve Henson] + + Changes between 0.9.7b and 0.9.7c [30 Sep 2003] + + *) Fix various bugs revealed by running the NISCC test suite: + + Stop out of bounds reads in the ASN1 code when presented with + invalid tags (CAN-2003-0543 and CAN-2003-0544). + + Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545). + + If verify callback ignores invalid public key errors don't try to check + certificate signature with the NULL public key. + + [Steve Henson] *) New -ignore_err option in ocsp application to stop the server exiting on the first error in a request. @@ -2522,7 +2606,27 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *) Clean old EAY MD5 hack from e_os.h. [Richard Levitte] - Changes between 0.9.6j and 0.9.6k [xx XXX 2003] + Changes between 0.9.6j and 0.9.6k [30 Sep 2003] + + *) Fix various bugs revealed by running the NISCC test suite: + + Stop out of bounds reads in the ASN1 code when presented with + invalid tags (CAN-2003-0543 and CAN-2003-0544). + + If verify callback ignores invalid public key errors don't try to check + certificate signature with the NULL public key. + + [Steve Henson] + + *) Fix various bugs revealed by running the NISCC test suite: + + Stop out of bounds reads in the ASN1 code when presented with + invalid tags (CAN-2003-0543 and CAN-2003-0544). + + If verify callback ignores invalid public key errors don't try to check + certificate signature with the NULL public key. + + [Steve Henson] *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate if the server requested one: as stated in TLS 1.0 and SSL 3.0