X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=22ad45b5ff76e7945d13f5d5f9ff0be378714581;hp=7853e6c7d264143084562e2a73ab1da2658bbf73;hb=9c86df6a98bb6099be20a7ef1ee71fb33a2162a9;hpb=b38f9f66c3ac92d7ad1a23f6b951b966c779905c diff --git a/CHANGES b/CHANGES index 7853e6c7d2..22ad45b5ff 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,63 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 1999] + *) Add missing #ifndefs that caused missing symbols when building libssl + as a shared library without RSA. Use #ifndef NO_SSL2 instead of + NO_RSA in ssl/s2*.c. + [Kris Kennaway , modified by Ulf Möller] + + *) Precautions against using the PRNG uninitialized: RAND_bytes() now + has a return value which indicates the quality of the random data + (1 = ok, 0 = not seeded). Also an error is recorded on the thread's + error queue. New function RAND_pseudo_bytes() generates output that is + guaranteed to be unique but not unpredictable. + (TO DO: always check the result of RAND_bytes when it is used in the + library, or use RAND_pseudo_bytes instead, because leaving the + error in the error queue but reporting success in a function that + uses RAND_bytes could confuse things considerably.) + [Ulf Möller] + + *) Do more iterations of Rabin-Miller probable prime test (specifically, + 3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes + instead of only 2 for all lengths; see BN_prime_checks definition + in crypto/bn/bn.h for the complete table). This guarantees a + false-positive rate of at most 2^-80 (actually less because we are + additionally doing trial division) for random input. + [Bodo Moeller] + + *) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs. + [Bodo Moeller] + + *) New function X509_CTX_rget_chain(), this returns the chain + from an X509_CTX structure with a dup of the stack and all + the X509 reference counts upped: so the stack will exist + after X509_CTX_cleanup() has been called. Modify pkcs12.c + to use this. + + Also make SSL_SESSION_print() print out the verify return + code. + [Steve Henson] + + *) Add manpage for the pkcs12 command. Also change the default + behaviour so MAC iteration counts are used unless the new + -nomaciter option is used. This improves file security and + only older versions of MSIE (4.0 for example) need it. + [Steve Henson] + + *) Honor the no-xxx Configure options when creating .DEF files. + [Ulf Möller] + + *) Add PKCS#10 attributes to field table: challengePassword, + unstructuredName and unstructuredAddress. These are taken from + draft PKCS#9 v2.0 but are compatible with v1.2 provided no + international characters are used. + + More changes to X509_ATTRIBUTE code: allow the setting of types + based on strings. Remove the 'loc' parameter when adding + attributes because these will be a SET OF encoding which is sorted + in ASN1 order. + [Steve Henson] + *) Initial changes to the 'req' utility to allow request generation automation. This will allow an application to just generate a template file containing all the field values and have req construct the @@ -13,13 +70,13 @@ used all over the place including certificate requests and PKCS#7 structures. They are currently handled manually where necessary with some primitive wrappers for PKCS#7. The new functions behave in a - manner analagous to the X509 extension functions: they allow + manner analogous to the X509 extension functions: they allow attributes to be looked up by NID and added. Later something similar to the X509V3 code would be desirable to automatically handle the encoding, decoding and printing of the more complex types. The string types like challengePassword can - be handled by the string table fuctions. + be handled by the string table functions. Also modified the multi byte string table handling. Now there is a 'global mask' which masks out certain types. The table itself @@ -43,7 +100,7 @@ *) Enhanced support for Alpha Linux is added. Now ./config checks if the host supports BWX extension and if Compaq C is present on the - $PATH. Just exploiting of the BWX extention results in 20-30% + $PATH. Just exploiting of the BWX extension results in 20-30% performance kick for some algorithms, e.g. DES and RC4 to mention a couple. Compaq C in turn generates ~20% faster code for MD5 and SHA1. @@ -138,11 +195,13 @@ *) Rebuild of the memory allocation routines used by OpenSSL code and possibly others as well. The purpose is to make an interface that provide hooks so anyone can build a separate set of allocation and - deallocation routines to be used by OpenSSL, for example if memory - pool implementations, or something else. The same is provided for - memory debugging code. OpenSSL already comes with code that finds - memory leaks, but this gives people a chance to debug other memory - problems. + deallocation routines to be used by OpenSSL, for example memory + pool implementations, or something else, which was previously hard + since Malloc(), Realloc() and Free() were defined as macros having + the values malloc, realloc and free, respectively (except for Win32 + compilations). The same is provided for memory debugging code. + OpenSSL already comes with functionality to find memory leaks, but + this gives people a chance to debug other memory problems. With these changes, a new set of functions and macros have appeared: @@ -150,12 +209,18 @@ CRYPTO_get_mem_debug_functions() [F] CRYPTO_dbg_set_options() [F] CRYPTO_dbg_get_options() [F] - CRYPTO_melloc_debug_init() [M] + CRYPTO_malloc_debug_init() [M] The memory debug functions are NULL by default, unless the library is compiled with CRYPTO_MDEBUG or friends is defined. If someone - wants to debug memory anyway, CRYPTO_malloc_debug_init() or - CRYPTO_set_mem_debug_functions() must be used. + wants to debug memory anyway, CRYPTO_malloc_debug_init() (which + gives the standard debugging functions that come with OpenSSL) or + CRYPTO_set_mem_debug_functions() (tells OpenSSL to use functions + provided by the library user) must be used. When the standard + debugging functions are used, CRYPTO_dbg_set_options can be used to + request additional information: + CRYPTO_dbg_set_options(V_CYRPTO_MDEBUG_xxx) corresponds to setting + the CRYPTO_MDEBUG_xxx macro when compiling the library. Also, things like CRYPTO_set_mem_functions will always give the expected result (the new set of functions is used for allocation @@ -170,7 +235,7 @@ CRYPTO_dbg_free() All macros of value have retained their old syntax. - [Richard Levitte] + [Richard Levitte and Bodo Moeller] *) Some S/MIME fixes. The OID for SMIMECapabilities was wrong, the ordering of SMIMECapabilities wasn't in "strength order" and there @@ -382,8 +447,11 @@ *) Add the possibility to add extra information to the memory leak detecting output, to form tracebacks, showing from where each - allocation was originated. Also updated sid code to be multi- - thread-safe. + allocation was originated: CRYPTO_push_info("constant string") adds + the string plus current file name and line number to a per-thread + stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info() + is like calling CYRPTO_pop_info() until the stack is empty. + Also updated memory leak detection code to be multi-thread-safe. [Richard Levitte] *) Add options -text and -noout to pkcs7 utility and delete the @@ -419,11 +487,11 @@ for all purposes. [Steve Henson] - *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The - problem was that one of the replacement routines had not been working since - SSLeay releases. For now the offending routine has been replaced with - non-optimised assembler. Even so, this now gives around 95% performance - improvement for 1024 bit RSA signs. + *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). + The problem was that one of the replacement routines had not been working + since SSLeay releases. For now the offending routine has been replaced + with non-optimised assembler. Even so, this now gives around 95% + performance improvement for 1024 bit RSA signs. [Mark Cox] *) Hack to fix PKCS#7 decryption when used with some unorthodox RC2 @@ -431,7 +499,7 @@ the key length in bits: so a 40 bit RC2 key uses a 40 bit (5 byte) key. A few however don't do this and instead use the size of the decrypted key to determine the RC2 key length and the AlgorithmIdentifier to determine - the effective key length. In this case the effective key lenth can still + the effective key length. In this case the effective key length can still be 40 bits but the key length can be 168 bits for example. This is fixed by manually forcing an RC2 key into the EVP_PKEY structure because the EVP code can't currently handle unusual RC2 key sizes: it always assumes @@ -600,7 +668,7 @@ *) Add new -verify -CAfile and -CApath options to the crl program, these will lookup a CRL issuers certificate and verify the signature in a similar way to the verify program. Tidy up the crl program so it - no longer acesses structures directly. Make the ASN1 CRL parsing a bit + no longer accesses structures directly. Make the ASN1 CRL parsing a bit less strict. It will now permit CRL extensions even if it is not a V2 CRL: this will allow it to tolerate some broken CRLs. [Steve Henson] @@ -694,7 +762,7 @@ copies of the data and an O(n^2) reading algorithm. There is a new function BIO_new_mem_buf() which creates a read only memory BIO from an area of memory. Also modified the PKCS#7 routines to use read only - memory BIOSs. + memory BIOs. [Steve Henson] *) Bugfix: ssl23_get_client_hello did not work properly when called in