Changes between 0.9.8g and 0.9.9 [xx XXX xxxx]
- *) Netware support:
+ *) Revamp of LHASH to provide stronger type-checking. Still to come:
+ STACK, TXT_DB, bsearch, qsort.
+ [Ben Laurie]
+
+ *) Not all of this is true any longer.
+ Will have to be updated to reflect all subsequent changes to cryptlib.c.
+ --bodo
- - fixed wrong usage of ioctlsocket() when build for LIBC BSD sockets
- - fixed do_tests.pl to run the test suite with CLIB builds too (CLIB_OPT)
- - added some more tests to do_tests.pl
- - fixed RunningProcess usage so that it works with newer LIBC NDKs too
- - removed usage of BN_LLONG for CLIB builds to avoid runtime dependency
- - added new Configure targets netware-clib-bsdsock, netware-clib-gcc,
- netware-clib-bsdsock-gcc, netware-libc-bsdsock-gcc
- - various changes to netware.pl to enable gcc-cross builds on Win32
- platform
- - changed crypto/bio/b_sock.c to work with macro functions (CLIB BSD)
- - various changes to fix missing prototype warnings
- - fixed x86nasm.pl to create correct asm files for NASM COFF output
- - added AES, WHIRLPOOL and CPUID assembler code to build files
- - added missing AES assembler make rules to mk1mf.pl
- - fixed order of includes in apps/ocsp.c so that e_os.h settings apply
- [Guenter Knauf <eflash@gmx.net>]
+ To support arbitrarily-typed thread IDs, deprecate the existing
+ type-specific APIs for a general purpose CRYPTO_THREADID
+ interface. Applications can choose the thread ID
+ callback type it wishes to register, as before;
+
+ void CRYPTO_set_id_callback(unsigned long (*func)(void));
+ void CRYPTO_set_idptr_callback(void *(*func)(void));
+
+ but retrieval, copies, and comparisons of thread IDs are via
+ type-independent interfaces;
+
+ void CRYPTO_THREADID_set(CRYPTO_THREADID *id);
+ void CRYPTO_THREADID_cmp(const CRYPTO_THREADID *id1,
+ const CRYPTO_THREADID *id2);
+ void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dst,
+ const CRYPTO_THREADID *src);
+
+ Also, for code that needs a thread ID "value" for use in
+ hash-tables or logging, a "hash" is available by;
+
+ unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
+
+ This hash value is likely to be the thread ID anyway, but
+ otherwise it will be unique if possible or as collision-free as
+ possible if uniqueness can't be guaranteed on the target
+ architecture.
+
+ The following functions are deprecated;
+ unsigned long (*CRYPTO_get_id_callback(void))(void);
+ unsigned long CRYPTO_thread_id(void);
+
+ As a consequence of the above, there are similar deprecations of
+ BN_BLINDING functions in favour of CRYPTO_THREADID-based
+ alternatives;
+
+ #ifndef OPENSSL_NO_DEPRECATED
+ unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
+ void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+ #endif
+ void BN_BLINDING_set_thread(BN_BLINDING *);
+ int BN_BLINDING_cmp_thread(const BN_BLINDING *, const
+ CRYPTO_THREADID *);
+
+ Also, the ERR_remove_state(int pid) API has been deprecated;
+
+ #ifndef OPENSSL_NO_DEPRECATED
+ void ERR_remove_state(unsigned long pid)
+ #endif
+ void ERR_remove_thread_state(CRYPTO_THREADID *tid);
+
+ [Geoff Thorpe]
+
+ *) Initial support for Cryptographic Message Syntax (aka CMS) based
+ on RFC3850, RFC3851 and RFC3852. New cms directory and cms utility,
+ support for data, signedData, compressedData, digestedData and
+ encryptedData, envelopedData types included. Scripts to check against
+ RFC4134 examples draft and interop and consistency checks of many
+ content types and variants.
+ [Steve Henson]
+
+ *) Add options to enc utility to support use of zlib compression BIO.
+ [Steve Henson]
+
+ *) Extend mk1mf to support importing of options and assembly language
+ files from Configure script, currently only included in VC-WIN32.
+ The assembly language rules can now optionally generate the source
+ files from the associated perl scripts.
+ [Steve Henson]
*) Implement remaining functionality needed to support GOST ciphersuites.
Interop testing has been performed using CryptoPro implementations.
callback is &errno.
[Bodo Moeller]
+ -- NOTE -- this change has been reverted and replaced with a
+ type-independent wrapper (ie. applications do not have to check
+ two type-specific thread ID representations as implied in this
+ change note). However, the "idptr" callback form described here
+ can still be registered. Please see the more recent CHANGES note
+ regarding CRYPTO_THREADID. [Geoff Thorpe]
+ -- NOTE --
+
*) Change the array representation of binary polynomials: the list
of degrees of non-zero coefficients is now terminated with -1.
Previously it was terminated with 0, which was also part of the
*) Change 'Configure' script to enable Camellia by default.
[NTT]
- Changes between 0.9.8g and 0.9.8h [xx XXX xxxx]
+ Changes between 0.9.8g and 0.9.8h [28 May 2008]
+
+ *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
+ handshake which could lead to a cilent crash as found using the
+ Codenomicon TLS test suite (CVE-2008-1672)
+ [Steve Henson, Mark Cox]
+
+ *) Fix double free in TLS server name extensions which could lead to
+ a remote crash found by Codenomicon TLS test suite (CVE-2008-0891)
+ [Joe Orton]
+
+ *) Clear error queue in SSL_CTX_use_certificate_chain_file()
+
+ Clear the error queue to ensure that error entries left from
+ older function calls do not interfere with the correct operation.
+ [Lutz Jaenicke, Erik de Castro Lopo]
+
+ *) Remove root CA certificates of commercial CAs:
+
+ The OpenSSL project does not recommend any specific CA and does not
+ have any policy with respect to including or excluding any CA.
+ Therefore it does not make any sense to ship an arbitrary selection
+ of root CA certificates with the OpenSSL software.
+ [Lutz Jaenicke]
+
+ *) RSA OAEP patches to fix two separate invalid memory reads.
+ The first one involves inputs when 'lzero' is greater than
+ 'SHA_DIGEST_LENGTH' (it would read about SHA_DIGEST_LENGTH bytes
+ before the beginning of from). The second one involves inputs where
+ the 'db' section contains nothing but zeroes (there is a one-byte
+ invalid read after the end of 'db').
+ [Ivan Nestlerode <inestlerode@us.ibm.com>]
+
+ *) Add TLS session ticket callback. This allows an application to set
+ TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed
+ values. This is useful for key rollover for example where several key
+ sets may exist with different names.
+ [Steve Henson]
+
+ *) Reverse ENGINE-internal logic for caching default ENGINE handles.
+ This was broken until now in 0.9.8 releases, such that the only way
+ a registered ENGINE could be used (assuming it initialises
+ successfully on the host) was to explicitly set it as the default
+ for the relevant algorithms. This is in contradiction with 0.9.7
+ behaviour and the documentation. With this fix, when an ENGINE is
+ registered into a given algorithm's table of implementations, the
+ 'uptodate' flag is reset so that auto-discovery will be used next
+ time a new context for that algorithm attempts to select an
+ implementation.
+ [Ian Lister (tweaked by Geoff Thorpe)]
+
+ *) Update the GMP engine glue to do direct copies between BIGNUM and
+ mpz_t when openssl and GMP use the same limb size. Otherwise the
+ existing "conversion via a text string export" trick is still used.
+ [Paul Sheer <paulsheer@gmail.com>, Geoff Thorpe]
+
+ *) Zlib compression BIO. This is a filter BIO which compressed and
+ uncompresses any data passed through it.
+ [Steve Henson]
+
+ *) Add AES_wrap_key() and AES_unwrap_key() functions to implement
+ RFC3394 compatible AES key wrapping.
+ [Steve Henson]
+
+ *) Add utility functions to handle ASN1 structures. ASN1_STRING_set0():
+ sets string data without copying. X509_ALGOR_set0() and
+ X509_ALGOR_get0(): set and retrieve X509_ALGOR (AlgorithmIdentifier)
+ data. Attribute function X509at_get0_data_by_OBJ(): retrieves data
+ from an X509_ATTRIBUTE structure optionally checking it occurs only
+ once. ASN1_TYPE_set1(): set and ASN1_TYPE structure copying supplied
+ data.
+ [Steve Henson]
+
+ *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
+ to get the expected BN_FLG_CONSTTIME behavior.
+ [Bodo Moeller (Google)]
+
+ *) Netware support:
+
+ - fixed wrong usage of ioctlsocket() when build for LIBC BSD sockets
+ - fixed do_tests.pl to run the test suite with CLIB builds too (CLIB_OPT)
+ - added some more tests to do_tests.pl
+ - fixed RunningProcess usage so that it works with newer LIBC NDKs too
+ - removed usage of BN_LLONG for CLIB builds to avoid runtime dependency
+ - added new Configure targets netware-clib-bsdsock, netware-clib-gcc,
+ netware-clib-bsdsock-gcc, netware-libc-bsdsock-gcc
+ - various changes to netware.pl to enable gcc-cross builds on Win32
+ platform
+ - changed crypto/bio/b_sock.c to work with macro functions (CLIB BSD)
+ - various changes to fix missing prototype warnings
+ - fixed x86nasm.pl to create correct asm files for NASM COFF output
+ - added AES, WHIRLPOOL and CPUID assembler code to build files
+ - added missing AES assembler make rules to mk1mf.pl
+ - fixed order of includes in apps/ocsp.c so that e_os.h settings apply
+ [Guenter Knauf <eflash@gmx.net>]
*) Implement certificate status request TLS extension defined in RFC3546.
A client can set the appropriate parameters and receive the encoded