Changes between 1.0.0 and 1.1.0 [xx XXX xxxx]
+ *) Improve forward-security support: add functions
+
+ void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx, int (*cb)(SSL *ssl, int is_forward_secure))
+ void SSL_set_not_resumable_session_callback(SSL *ssl, int (*cb)(SSL *ssl, int is_forward_secure))
+
+ for use by SSL/TLS servers; the callback function will be called whenever a
+ new session is created, and gets to decide whether the session may be
+ cached to make it resumable (return 0) or not (return 1). (As by the
+ SSL/TLS protocol specifications, the session_id sent by the server will be
+ empty to indicate that the session is not resumable; also, the server will
+ not generate RFC 4507 (RFC 5077) session tickets.)
+
+ A simple reasonable callback implementation is to return is_forward_secure.
+ This parameter will be set to 1 or 0 depending on the ciphersuite selected
+ by the SSL/TLS server library, indicating whether it can provide forward
+ security.
+ [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
+
*) Add Next Protocol Negotiation,
http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
disabled with a no-npn flag to config or Configure. Code donated
whose return value is often ignored.
[Steve Henson]
- Changes between 1.0.0 and 1.0.1 [xx XXX xxxx]
+ Changes between 1.0.0a and 1.0.1 [xx XXX xxxx]
+
+ *) Add EC_GFp_nistp224_method(), a 64-bit optimized implementation for
+ elliptic curve NIST-P224 with constant-time single point multiplication on
+ typical inputs. EC_GROUP_new_by_curve_name() will automatically use this
+ (while EC_GROUP_new_curve_GFp() currently won't and prefers the more
+ flexible implementations).
+
+ The implementation requires support for the nonstandard type __uint128_t,
+ and so is disabled by default. To include this in your build of OpenSSL,
+ use -DEC_NISTP224_64_GCC_128 on the Configure (or config) command line,
+ and run "make depend" (or "make update").
+ [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
+
+ *) Permit abbreviated handshakes when renegotiating using the function
+ SSL_renegotiate_abbreviated().
+ [Robin Seggelmann <seggelmann@fh-muenster.de>]
*) Add call to ENGINE_register_all_complete() to
ENGINE_load_builtin_engines(), so some implementations get used
Changes between 1.0.0a and 1.0.0b [xx XXX xxxx]
-
*) Fix WIN32 build system to correctly link an ENGINE directory into
a DLL.
[Steve Henson]
- Changes between 1.0.0 and 1.0.0a [xx XXX xxxx]
-
+ Changes between 1.0.0 and 1.0.0a [01 Jun 2010]
+
*) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
(CVE-2010-1633)
[Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
- Changes between 0.9.8n and 1.0.0 [xx XXX xxxx]
+ Changes between 0.9.8n and 1.0.0 [29 Mar 2010]
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
context. The operation can be customised via the ctrl mechanism in
*) Change 'Configure' script to enable Camellia by default.
[NTT]
- Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
+ Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
+
+ *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
+ is also one of the inputs.
+ [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
+
+ *) Don't repeatedly append PBE algorithms to table if they already exist.
+ Sort table on each new add. This effectively makes the table read only
+ after all algorithms are added and subsequent calls to PKCS12_pbe_add
+ etc are non-op.
+ [Steve Henson]
+
+ Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
+
+ [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
+ OpenSSL 1.0.0.]
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
access or freeing data twice (CVE-2010-0742)
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
[Steve Henson]
+ *) VMS fixes:
+ Reduce copying into .apps and .test in makevms.com
+ Don't try to use blank CA certificate in CA.com
+ Allow use of C files from original directories in maketests.com
+ [Steven M. Schweda" <sms@antinode.info>]
+
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
the previous behavior could result in a read attempt at NULL when
receiving specific incorrect SSL/TLS records once record payload
- protection is active. (CVE-2010-####)
- [Bodo Moeller, Adam Langley]
+ protection is active. (CVE-2010-0740)
+ [Bodo Moeller, Adam Langley <agl@chromium.org>]
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
projects / openssl.git / blobdiff