1: This file contains the changes for the SSLeay library up to version 2: 0.9.0b. For later changes, see the file "CHANGES". 3: 4: SSLeay CHANGES 5: ______________ 6: 7: Changes between 0.8.x and 0.9.0b 8: 9: 10-Apr-1998 10: 11: I said the next version would go out at easter, and so it shall. 12: I expect a 0.9.1 will follow with portability fixes in the next few weeks. 13: 14: This is a quick, meet the deadline. Look to ssl-users for comments on what 15: is new etc. 16: 17: eric (about to go bushwalking for the 4 day easter break :-) 18: 19: 16-Mar-98 20: - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU> 21: - Lots and lots of changes 22: 23: 29-Jan-98 24: - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from 25: Goetz Babin-Ebell <babinebell@trustcenter.de>. 26: - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or 27: TLS1_VERSION. 28: 29: 7-Jan-98 30: - Finally reworked the cipher string to ciphers again, so it 31: works correctly 32: - All the app_data stuff is now ex_data with funcion calls to access. 33: The index is supplied by a function and 'methods' can be setup 34: for the types that are called on XXX_new/XXX_free. This lets 35: applications get notified on creation and destruction. Some of 36: the RSA methods could be implemented this way and I may do so. 37: - Oh yes, SSL under perl5 is working at the basic level. 38: 39: 15-Dec-97 40: - Warning - the gethostbyname cache is not fully thread safe, 41: but it should work well enough. 42: - Major internal reworking of the app_data stuff. More functions 43: but if you were accessing ->app_data directly, things will 44: stop working. 45: - The perlv5 stuff is working. Currently on message digests, 46: ciphers and the bignum library. 47: 48: 9-Dec-97 49: - Modified re-negotiation so that server initated re-neg 50: will cause a SSL_read() to return -1 should retry. 51: The danger otherwise was that the server and the 52: client could end up both trying to read when using non-blocking 53: sockets. 54: 55: 4-Dec-97 56: - Lots of small changes 57: - Fix for binaray mode in Windows for the FILE BIO, thanks to 58: Bob Denny <rdenny@dc3.com> 59: 60: 17-Nov-97 61: - Quite a few internal cleanups, (removal of errno, and using macros 62: defined in e_os.h). 63: - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where 64: the automactic naming out output files was being stuffed up. 65: 66: 29-Oct-97 67: - The Cast5 cipher has been added. MD5 and SHA-1 are now in assember 68: for x86. 69: 70: 21-Oct-97 71: - Fixed a bug in the BIO_gethostbyname() cache. 72: 73: 15-Oct-97 74: - cbc mode for blowfish/des/3des is now in assember. Blowfish asm 75: has also been improved. At this point in time, on the pentium, 76: md5 is %80 faster, the unoptimesed sha-1 is %79 faster, 77: des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc 78: is %62 faster. 79: 80: 12-Oct-97 81: - MEM_BUF_grow() has been fixed so that it always sets the buf->length 82: to the value we are 'growing' to. Think of MEM_BUF_grow() as the 83: way to set the length value correctly. 84: 85: 10-Oct-97 86: - I now hash for certificate lookup on the raw DER encoded RDN (md5). 87: This breaks things again :-(. This is efficent since I cache 88: the DER encoding of the RDN. 89: - The text DN now puts in the numeric OID instead of UNKNOWN. 90: - req can now process arbitary OIDs in the config file. 91: - I've been implementing md5 in x86 asm, much faster :-). 92: - Started sha1 in x86 asm, needs more work. 93: - Quite a few speedups in the BN stuff. RSA public operation 94: has been made faster by caching the BN_MONT_CTX structure. 95: The calulating of the Ai where A*Ai === 1 mod m was rather 96: expensive. Basically a 40-50% speedup on public operations. 97: The RSA speedup is now 15% on pentiums and %20 on pentium 98: pro. 99: 100: 30-Sep-97 101: - After doing some profiling, I added x86 adm for bn_add_words(), 102: which just adds 2 arrays of longs together. A %10 speedup 103: for 512 and 1024 bit RSA on the pentium pro. 104: 105: 29-Sep-97 106: - Converted the x86 bignum assembler to us the perl scripts 107: for generation. 108: 109: 23-Sep-97 110: - If SSL_set_session() is passed a NULL session, it now clears the 111: current session-id. 112: 113: 22-Sep-97 114: - Added a '-ss_cert file' to apps/ca.c. This will sign selfsigned 115: certificates. 116: - Bug in crypto/evp/encode.c where by decoding of 65 base64 117: encoded lines, one line at a time (via a memory BIO) would report 118: EOF after the first line was decoded. 119: - Fix in X509_find_by_issuer_and_serial() from 120: Dr Stephen Henson <shenson@bigfoot.com> 121: 122: 19-Sep-97 123: - NO_FP_API and NO_STDIO added. 124: - Put in sh config command. It auto runs Configure with the correct 125: parameters. 126: 127: 18-Sep-97 128: - Fix x509.c so if a DSA cert has different parameters to its parent, 129: they are left in place. Not tested yet. 130: 131: 16-Sep-97 132: - ssl_create_cipher_list() had some bugs, fixes from 133: Patrick Eisenacher <eisenach@stud.uni-frankfurt.de> 134: - Fixed a bug in the Base64 BIO, where it would return 1 instead 135: of -1 when end of input was encountered but should retry. 136: Basically a Base64/Memory BIO interaction problem. 137: - Added a HMAC set of functions in preporarion for TLS work. 138: 139: 15-Sep-97 140: - Top level makefile tweak - Cameron Simpson <cs@zip.com.au> 141: - Prime generation spead up %25 (512 bit prime, pentium pro linux) 142: by using montgomery multiplication in the prime number test. 143: 144: 11-Sep-97 145: - Ugly bug in ssl3_write_bytes(). Basically if application land 146: does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code 147: did not check the size and tried to copy the entire buffer. 148: This would tend to cause memory overwrites since SSLv3 has 149: a maximum packet size of 16k. If your program uses 150: buffers <= 16k, you would probably never see this problem. 151: - Fixed a new errors that were cause by malloc() not returning 152: 0 initialised memory.. 153: - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using 154: SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing 155: since this flags stops SSLeay being able to handle client 156: cert requests correctly. 157: 158: 08-Sep-97 159: - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added. When switched 160: on, the SSL server routines will not use a SSL_SESSION that is 161: held in it's cache. This in intended to be used with the session-id 162: callbacks so that while the session-ids are still stored in the 163: cache, the decision to use them and how to look them up can be 164: done by the callbacks. The are the 'new', 'get' and 'remove' 165: callbacks. This can be used to determine the session-id 166: to use depending on information like which port/host the connection 167: is coming from. Since the are also SSL_SESSION_set_app_data() and 168: SSL_SESSION_get_app_data() functions, the application can hold 169: information against the session-id as well. 170: 171: 03-Sep-97 172: - Added lookup of CRLs to the by_dir method, 173: X509_load_crl_file() also added. Basically it means you can 174: lookup CRLs via the same system used to lookup certificates. 175: - Changed things so that the X509_NAME structure can contain 176: ASN.1 BIT_STRINGS which is required for the unique 177: identifier OID. 178: - Fixed some problems with the auto flushing of the session-id 179: cache. It was not occuring on the server side. 180: 181: 02-Sep-97 182: - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size) 183: which is the maximum number of entries allowed in the 184: session-id cache. This is enforced with a simple FIFO list. 185: The default size is 20*1024 entries which is rather large :-). 186: The Timeout code is still always operating. 187: 188: 01-Sep-97 189: - Added an argument to all the 'generate private key/prime` 190: callbacks. It is the last parameter so this should not 191: break existing code but it is needed for C++. 192: - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64() 193: BIO. This lets the BIO read and write base64 encoded data 194: without inserting or looking for '\n' characters. The '-A' 195: flag turns this on when using apps/enc.c. 196: - RSA_NO_PADDING added to help BSAFE functionality. This is a 197: very dangerous thing to use, since RSA private key 198: operations without random padding bytes (as PKCS#1 adds) can 199: be attacked such that the private key can be revealed. 200: - ASN.1 bug and rc2-40-cbc and rc4-40 added by 201: Dr Stephen Henson <shenson@bigfoot.com> 202: 203: 31-Aug-97 (stuff added while I was away) 204: - Linux pthreads by Tim Hudson (tjh@cryptsoft.com). 205: - RSA_flags() added allowing bypass of pub/priv match check 206: in ssl/ssl_rsa.c - Tim Hudson. 207: - A few minor bugs. 208: 209: SSLeay 0.8.1 released. 210: 211: 19-Jul-97 212: - Server side initated dynamic renegotiation is broken. I will fix 213: it when I get back from holidays. 214: 215: 15-Jul-97 216: - Quite a few small changes. 217: - INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk> 218: 219: 09-Jul-97 220: - Added 2 new values to the SSL info callback. 221: SSL_CB_START which is passed when the SSL protocol is started 222: and SSL_CB_DONE when it has finished sucsessfully. 223: 224: 08-Jul-97 225: - Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c 226: that related to DSA public/private keys. 227: - Added all the relevent PEM and normal IO functions to support 228: reading and writing RSAPublic keys. 229: - Changed makefiles to use ${AR} instead of 'ar r' 230: 231: 07-Jul-97 232: - Error in ERR_remove_state() that would leave a dangling reference 233: to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk> 234: - s_client now prints the X509_NAMEs passed from the server 235: when requesting a client cert. 236: - Added a ssl->type, which is one of SSL_ST_CONNECT or 237: SSL_ST_ACCEPT. I had to add it so I could tell if I was 238: a connect or an accept after the handshake had finished. 239: - SSL_get_client_CA_list(SSL *s) now returns the CA names 240: passed by the server if called by a client side SSL. 241: 242: 05-Jul-97 243: - Bug in X509_NAME_get_text_by_OBJ(), looking starting at index 244: 0, not -1 :-( Fix from Tim Hudson (tjh@cryptsoft.com). 245: 246: 04-Jul-97 247: - Fixed some things in X509_NAME_add_entry(), thanks to 248: Matthew Donald <matthew@world.net>. 249: - I had a look at the cipher section and though that it was a 250: bit confused, so I've changed it. 251: - I was not setting up the RC4-64-MD5 cipher correctly. It is 252: a MS special that appears in exported MS Money. 253: - Error in all my DH ciphers. Section 7.6.7.3 of the SSLv3 254: spec. I was missing the two byte length header for the 255: ClientDiffieHellmanPublic value. This is a packet sent from 256: the client to the server. The SSL_OP_SSLEAY_080_CLIENT_DH_BUG 257: option will enable SSLeay server side SSLv3 accept either 258: the correct or my 080 packet format. 259: - Fixed a few typos in crypto/pem.org. 260: 261: 02-Jul-97 262: - Alias mapping for EVP_get_(digest|cipher)byname is now 263: performed before a lookup for actual cipher. This means 264: that an alias can be used to 're-direct' a cipher or a 265: digest. 266: - ASN1_read_bio() had a bug that only showed up when using a 267: memory BIO. When EOF is reached in the memory BIO, it is 268: reported as a -1 with BIO_should_retry() set to true. 269: 270: 01-Jul-97 271: - Fixed an error in X509_verify_cert() caused by my 272: miss-understanding how 'do { contine } while(0);' works. 273: Thanks to Emil Sit <sit@mit.edu> for educating me :-) 274: 275: 30-Jun-97 276: - Base64 decoding error. If the last data line did not end with 277: a '=', sometimes extra data would be returned. 278: - Another 'cut and paste' bug in x509.c related to setting up the 279: STDout BIO. 280: 281: 27-Jun-97 282: - apps/ciphers.c was not printing due to an editing error. 283: - Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for 284: a library build error in util/mk1mf.pl 285: 286: 26-Jun-97 287: - Still did not have the auto 'experimental' code removal 288: script correct. 289: - A few header tweaks for Watcom 11.0 under Win32 from 290: Rolf Lindemann <Lindemann@maz-hh.de> 291: - 0 length OCTET_STRING bug in asn1_parse 292: - A minor fix with an non-existent function in the MS .def files. 293: - A few changes to the PKCS7 stuff. 294: 295: 25-Jun-97 296: SSLeay 0.8.0 finally it gets released. 297: 298: 24-Jun-97 299: Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to 300: use a temporary RSA key. This is experimental and needs some more work. 301: Fixed a few Win16 build problems. 302: 303: 23-Jun-97 304: SSLv3 bug. I was not doing the 'lookup' of the CERT structure 305: correctly. I was taking the SSL->ctx->default_cert when I should 306: have been using SSL->cert. The bug was in ssl/s3_srvr.c 307: 308: 20-Jun-97 309: X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the 310: rest of the library. Even though I had the code required to do 311: it correctly, apps/req.c was doing the wrong thing. I have fixed 312: and tested everything. 313: 314: Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c. 315: 316: 19-Jun-97 317: Fixed a bug in the SSLv2 server side first packet handling. When 318: using the non-blocking test BIO, the ssl->s2->first_packet flag 319: was being reset when a would-block failure occurred when reading 320: the first 5 bytes of the first packet. This caused the checking 321: logic to run at the wrong time and cause an error. 322: 323: Fixed a problem with specifying cipher. If RC4-MD5 were used, 324: only the SSLv3 version would be picked up. Now this will pick 325: up both SSLv2 and SSLv3 versions. This required changing the 326: SSL_CIPHER->mask values so that they only mask the ciphers, 327: digests, authentication, export type and key-exchange algorithms. 328: 329: I found that when a SSLv23 session is established, a reused 330: session, of type SSLv3 was attempting to write the SSLv2 331: ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char 332: method has been modified so it will only write out cipher which 333: that method knows about. 334: 335: 336: Changes between 0.8.0 and 0.8.1 337: 338: *) Mostly bug fixes. 339: There is an Ephemeral DH cipher problem which is fixed. 340: 341: SSLeay 0.8.0 342: 343: This version of SSLeay has quite a lot of things different from the 344: previous version. 345: 346: Basically check all callback parameters, I will be producing documentation 347: about how to use things in th future. Currently I'm just getting 080 out 348: the door. Please not that there are several ways to do everything, and 349: most of the applications in the apps directory are hybrids, some using old 350: methods and some using new methods. 351: 352: Have a look in demos/bio for some very simple programs and 353: apps/s_client.c and apps/s_server.c for some more advanced versions. 354: Notes are definitly needed but they are a week or so away. 355: 356: Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com) 357: --- 358: Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to 359: get those people that want to move to using the new code base off to 360: a quick start. 361: 362: Note that Eric has tidied up a lot of the areas of the API that were 363: less than desirable and renamed quite a few things (as he had to break 364: the API in lots of places anyrate). There are a whole pile of additional 365: functions for making dealing with (and creating) certificates a lot 366: cleaner. 367: 368: 01-Jul-97 369: Tim Hudson 370: tjh@cryptsoft.com 371: 372: ---8<--- 373: 374: To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could 375: use something like the following (assuming you #include "crypto.h" which 376: is something that you really should be doing). 377: 378: #if SSLEAY_VERSION_NUMBER >= 0x0800 379: #define SSLEAY8 380: #endif 381: 382: buffer.h -> splits into buffer.h and bio.h so you need to include bio.h 383: too if you are working with BIO internal stuff (as distinct 384: from simply using the interface in an opaque manner) 385: 386: #include "bio.h" - required along with "buffer.h" if you write 387: your own BIO routines as the buffer and bio 388: stuff that was intermixed has been separated 389: out 390: 391: envelope.h -> evp.h (which should have been done ages ago) 392: 393: Initialisation ... don't forget these or you end up with code that 394: is missing the bits required to do useful things (like ciphers): 395: 396: SSLeay_add_ssl_algorithms() 397: (probably also want SSL_load_error_strings() too but you should have 398: already had that call in place) 399: 400: SSL_CTX_new() - requires an extra method parameter 401: SSL_CTX_new(SSLv23_method()) 402: SSL_CTX_new(SSLv2_method()) 403: SSL_CTX_new(SSLv3_method()) 404: 405: OR to only have the server or the client code 406: SSL_CTX_new(SSLv23_server_method()) 407: SSL_CTX_new(SSLv2_server_method()) 408: SSL_CTX_new(SSLv3_server_method()) 409: or 410: SSL_CTX_new(SSLv23_client_method()) 411: SSL_CTX_new(SSLv2_client_method()) 412: SSL_CTX_new(SSLv3_client_method()) 413: 414: SSL_set_default_verify_paths() ... renamed to the more appropriate 415: SSL_CTX_set_default_verify_paths() 416: 417: If you want to use client certificates then you have to add in a bit 418: of extra stuff in that a SSLv3 server sends a list of those CAs that 419: it will accept certificates from ... so you have to provide a list to 420: SSLeay otherwise certain browsers will not send client certs. 421: 422: SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file)); 423: 424: 425: X509_NAME_oneline(X) -> X509_NAME_oneline(X,NULL,0) 426: or provide a buffer and size to copy the 427: result into 428: 429: X509_add_cert -> X509_STORE_add_cert (and you might want to read the 430: notes on X509_NAME structure changes too) 431: 432: 433: VERIFICATION CODE 434: ================= 435: 436: The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to 437: more accurately reflect things. 438: 439: The verification callback args are now packaged differently so that 440: extra fields for verification can be added easily in future without 441: having to break things by adding extra parameters each release :-) 442: 443: X509_cert_verify_error_string -> X509_verify_cert_error_string 444: 445: 446: BIO INTERNALS 447: ============= 448: 449: Eric has fixed things so that extra flags can be introduced in 450: the BIO layer in future without having to play with all the BIO 451: modules by adding in some macros. 452: 453: The ugly stuff using 454: b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY) 455: becomes 456: BIO_clear_retry_flags(b) 457: 458: b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY) 459: becomes 460: BIO_set_retry_read(b) 461: 462: Also ... BIO_get_retry_flags(b), BIO_set_flags(b) 463: 464: 465: 466: OTHER THINGS 467: ============ 468: 469: X509_NAME has been altered so that it isn't just a STACK ... the STACK 470: is now in the "entries" field ... and there are a pile of nice functions 471: for getting at the details in a much cleaner manner. 472: 473: SSL_CTX has been altered ... "cert" is no longer a direct member of this 474: structure ... things are now down under "cert_store" (see x509_vfy.h) and 475: things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE. 476: If your code "knows" about this level of detail then it will need some 477: surgery. 478: 479: If you depending on the incorrect spelling of a number of the error codes 480: then you will have to change your code as these have been fixed. 481: 482: ENV_CIPHER "type" got renamed to "nid" and as that is what it actually 483: has been all along so this makes things clearer. 484: ify_cert_error_string(ctx->error)); 485: 486: SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST 487: and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 488: 489: 490: 491: Changes between 0.7.x and 0.8.0 492: 493: *) There have been lots of changes, mostly the addition of SSLv3. 494: There have been many additions from people and amongst 495: others, C2Net has assisted greatly. 496: 497: Changes between 0.7.x and 0.7.x 498: 499: *) Internal development version only 500: 501: SSLeay 0.6.6 13-Jan-1997 502: 503: The main additions are 504: 505: - assember for x86 DES improvments. 506: From 191,000 per second on a pentium 100, I now get 281,000. The inner 507: loop and the IP/FP modifications are from 508: Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. Many thanks for his 509: contribution. 510: - The 'DES macros' introduced in 0.6.5 now have 3 types. 511: DES_PTR1, DES_PTR2 and 'normal'. As per before, des_opts reports which 512: is best and there is a summery of mine in crypto/des/options.txt 513: - A few bug fixes. 514: - Added blowfish. It is not used by SSL but all the other stuff that 515: deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes. 516: There are 3 options for optimising Blowfish. BF_PTR, BF_PTR2 and 'normal'. 517: BF_PTR2 is pentium/x86 specific. The correct option is setup in 518: the 'Configure' script. 519: - There is now a 'get client certificate' callback which can be 520: 'non-blocking'. If more details are required, let me know. It will 521: documented more in SSLv3 when I finish it. 522: - Bug fixes from 0.6.5 including the infamous 'ca' bug. The 'make test' 523: now tests the ca program. 524: - Lots of little things modified and tweaked. 525: 526: SSLeay 0.6.5 527: 528: After quite some time (3 months), the new release. I have been very busy 529: for the last few months and so this is mostly bug fixes and improvments. 530: 531: The main additions are 532: 533: - assember for x86 DES. For all those gcc based systems, this is a big 534: improvement. From 117,000 DES operation a second on a pentium 100, 535: I now get 191,000. I have also reworked the C version so it 536: now gives 148,000 DESs per second. 537: - As mentioned above, the inner DES macros now have some more variant that 538: sometimes help, sometimes hinder performance. There are now 3 options 539: DES_PTR (ptr vs array lookup), DES_UNROLL (full vs partial loop unrolling) 540: and DES_RISC (a more register intensive version of the inner macro). 541: The crypto/des/des_opts.c program, when compiled and run, will give 542: an indication of the correct options to use. 543: - The BIO stuff has been improved. Read doc/bio.doc. There are now 544: modules for encryption and base64 encoding and a BIO_printf() function. 545: - The CA program will accept simple one line X509v3 extensions in the 546: ssleay.cnf file. Have a look at the example. Currently this just 547: puts the text into the certificate as an OCTET_STRING so currently 548: the more advanced X509v3 data types are not handled but this is enough 549: for the netscape extensions. 550: - There is the start of a nicer higher level interface to the X509 551: strucutre. 552: - Quite a lot of bug fixes. 553: - CRYPTO_malloc_init() (or CRYPTO_set_mem_functions()) can be used 554: to define the malloc(), free() and realloc() routines to use 555: (look in crypto/crypto.h). This is mostly needed for Windows NT/95 when 556: using DLLs and mixing CRT libraries. 557: 558: In general, read the 'VERSION' file for changes and be aware that some of 559: the new stuff may not have been tested quite enough yet, so don't just plonk 560: in SSLeay 0.6.5 when 0.6.4 used to work and expect nothing to break. 561: 562: SSLeay 0.6.4 30/08/96 eay 563: 564: I've just finished some test builds on Windows NT, Windows 3.1, Solaris 2.3, 565: Solaris 2.5, Linux, IRIX, HPUX 10 and everthing seems to work :-). 566: 567: The main changes in this release 568: 569: - Thread safe. have a read of doc/threads.doc and play in the mt directory. 570: For anyone using 0.6.3 with threads, I found 2 major errors so consider 571: moving to 0.6.4. I have a test program that builds under NT and 572: solaris. 573: - The get session-id callback has changed. Have a read of doc/callback.doc. 574: - The X509_cert_verify callback (the SSL_verify callback) now 575: has another argument. Have a read of doc/callback.doc 576: - 'ca -preserve', sign without re-ordering the DN. Not tested much. 577: - VMS support. 578: - Compile time memory leak detection can now be built into SSLeay. 579: Read doc/memory.doc 580: - CONF routines now understand '\', '\n', '\r' etc. What this means is that 581: the SPKAC object mentioned in doc/ns-ca.doc can be on multiple lines. 582: - 'ssleay ciphers' added, lists the default cipher list for SSLeay. 583: - RC2 key setup is now compatable with Netscape. 584: - Modifed server side of SSL implementation, big performance difference when 585: using session-id reuse. 586: 587: 0.6.3 588: 589: Bug fixes and the addition of some nice stuff to the 'ca' program. 590: Have a read of doc/ns-ca.doc for how hit has been modified so 591: it can be driven from a CGI script. The CGI script is not provided, 592: but that is just being left as an excersize for the reader :-). 593: 594: 0.6.2 595: 596: This is most bug fixes and functionality improvements. 597: 598: Additions are 599: - More thread debugging patches, the thread stuff is still being 600: tested, but for those keep to play with stuff, have a look in 601: crypto/cryptlib.c. The application needs to define 1 (or optionaly 602: a second) callback that is used to implement locking. Compiling 603: with LOCK_DEBUG spits out lots of locking crud :-). 604: This is what I'm currently working on. 605: - SSL_CTX_set_default_passwd_cb() can be used to define the callback 606: function used in the SSL*_file() functions used to load keys. I was 607: always of the opinion that people should call 608: PEM_read_RSAPrivateKey() and pass the callback they want to use, but 609: it appears they just want to use the SSL_*_file() function() :-(. 610: - 'enc' now has a -kfile so a key can be read from a file. This is 611: mostly used so that the passwd does not appear when using 'ps', 612: which appears imposible to stop under solaris. 613: - X509v3 certificates now work correctly. I even have more examples 614: in my tests :-). There is now a X509_EXTENSION type that is used in 615: X509v3 certificates and CRLv2. 616: - Fixed that signature type error :-( 617: - Fixed quite a few potential memory leaks and problems when reusing 618: X509, CRL and REQ structures. 619: - EVP_set_pw_prompt() now sets the library wide default password 620: prompt. 621: - The 'pkcs7' command will now, given the -print_certs flag, output in 622: pem format, all certificates and CRL contained within. This is more 623: of a pre-emtive thing for the new verisign distribution method. I 624: should also note, that this also gives and example in code, of how 625: to do this :-), or for that matter, what is involved in going the 626: other way (list of certs and crl -> pkcs7). 627: - Added RSA's DESX to the DES library. It is also available via the 628: EVP_desx_cbc() method and via 'enc desx'. 629: 630: SSLeay 0.6.1 631: 632: The main functional changes since 0.6.0 are as follows 633: - Bad news, the Microsoft 060 DLL's are not compatable, but the good news is 634: that from now on, I'll keep the .def numbers the same so they will be. 635: - RSA private key operations are about 2 times faster that 0.6.0 636: - The SSL_CTX now has more fields so default values can be put against 637: it. When an SSL structure is created, these default values are used 638: but can be overwritten. There are defaults for cipher, certificate, 639: private key, verify mode and callback. This means SSL session 640: creation can now be 641: ssl=SSL_new() 642: SSL_set_fd(ssl,sock); 643: SSL_accept(ssl) 644: .... 645: All the other uglyness with having to keep a global copy of the 646: private key and certificate/verify mode in the server is now gone. 647: - ssl/ssltest.c - one process talking SSL to its self for testing. 648: - Storage of Session-id's can be controled via a session_cache_mode 649: flag. There is also now an automatic default flushing of 650: old session-id's. 651: - The X509_cert_verify() function now has another parameter, this 652: should not effect most people but it now means that the reason for 653: the failure to verify is now available via SSL_get_verify_result(ssl). 654: You don't have to use a global variable. 655: - SSL_get_app_data() and SSL_set_app_data() can be used to keep some 656: application data against the SSL structure. It is upto the application 657: to free the data. I don't use it, but it is available. 658: - SSL_CTX_set_cert_verify_callback() can be used to specify a 659: verify callback function that completly replaces my certificate 660: verification code. Xcert should be able to use this :-). 661: The callback is of the form int app_verify_callback(arg,ssl,cert). 662: This needs to be documented more. 663: - I have started playing with shared library builds, have a look in 664: the shlib directory. It is very simple. If you need a numbered 665: list of functions, have a look at misc/crypto.num and misc/ssl.num. 666: - There is some stuff to do locking to make the library thread safe. 667: I have only started this stuff and have not finished. If anyone is 668: keen to do so, please send me the patches when finished. 669: 670: So I have finally made most of the additions to the SSL interface that 671: I thought were needed. 672: 673: There will probably be a pause before I make any non-bug/documentation 674: related changes to SSLeay since I'm feeling like a bit of a break. 675: 676: eric - 12 Jul 1996 677: I saw recently a comment by some-one that we now seem to be entering 678: the age of perpetual Beta software. 679: Pioneered by packages like linux but refined to an art form by 680: netscape. 681: 682: I too wish to join this trend with the anouncement of SSLeay 0.6.0 :-). 683: 684: There are quite a large number of sections that are 'works in 685: progress' in this package. I will also list the major changes and 686: what files you should read. 687: 688: BIO - this is the new IO structure being used everywhere in SSLeay. I 689: started out developing this because of microsoft, I wanted a mechanism 690: to callback to the application for all IO, so Windows 3.1 DLL 691: perversion could be hidden from me and the 15 different ways to write 692: to a file under NT would also not be dictated by me at library build 693: time. What the 'package' is is an API for a data structure containing 694: functions. IO interfaces can be written to conform to the 695: specification. This in not intended to hide the underlying data type 696: from the application, but to hide it from SSLeay :-). 697: I have only really finished testing the FILE * and socket/fd modules. 698: There are also 'filter' BIO's. Currently I have only implemented 699: message digests, and it is in use in the dgst application. This 700: functionality will allow base64/encrypto/buffering modules to be 701: 'push' into a BIO without it affecting the semantics. I'm also 702: working on an SSL BIO which will hide the SSL_accept()/SLL_connet() 703: from an event loop which uses the interface. 704: It is also possible to 'attach' callbacks to a BIO so they get called 705: before and after each operation, alowing extensive debug output 706: to be generated (try running dgst with -d). 707: 708: Unfortunaly in the conversion from 0.5.x to 0.6.0, quite a few 709: functions that used to take FILE *, now take BIO *. 710: The wrappers are easy to write 711: 712: function_fp(fp,x) 713: FILE *fp; 714: { 715: BIO *b; 716: int ret; 717: 718: if ((b=BIO_new(BIO_s_file())) == NULL) error..... 719: BIO_set_fp(b,fp,BIO_NOCLOSE); 720: ret=function_bio(b,x); 721: BIO_free(b); 722: return(ret); 723: } 724: Remember, there are no functions that take FILE * in SSLeay when 725: compiled for Windows 3.1 DLL's. 726: 727: -- 728: I have added a general EVP_PKEY type that can hold a public/private 729: key. This is now what is used by the EVP_ functions and is passed 730: around internally. I still have not done the PKCS#8 stuff, but 731: X509_PKEY is defined and waiting :-) 732: 733: -- 734: For a full function name listings, have a look at ms/crypt32.def and 735: ms/ssl32.def. These are auto-generated but are complete. 736: Things like ASN1_INTEGER_get() have been added and are in here if you 737: look. I have renamed a few things, again, have a look through the</