HISTORY 4.9 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126
SSLeay 0.8.1 released.

19-Jul-97
	- Server side initated dynamic renegotiation is broken.  I will fix
	  it when I get back from holidays.

15-Jul-97
	- Quite a few small changes.
	- INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>

09-Jul-97
	- Added 2 new values to the SSL info callback.
	  SSL_CB_START which is passed when the SSL protocol is started
	  and SSL_CB_DONE when it has finished sucsessfully.

08-Jul-97
	- Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
	  that related to DSA public/private keys.
	- Added all the relevent PEM and normal IO functions to support
	  reading and writing RSAPublic keys.
	- Changed makefiles to use ${AR} instead of 'ar r'

07-Jul-97
	- Error in ERR_remove_state() that would leave a dangling reference
	  to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
	- s_client now prints the X509_NAMEs passed from the server
	  when requesting a client cert.
	- Added a ssl->type, which is one of SSL_ST_CONNECT or
	  SSL_ST_ACCEPT.  I had to add it so I could tell if I was
	  a connect or an accept after the handshake had finished.
	- SSL_get_client_CA_list(SSL *s) now returns the CA names
	  passed by the server if called by a client side SSL.

05-Jul-97
	- Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
	  0, not -1 :-(  Fix from Tim Hudson (tjh@cryptsoft.com).

04-Jul-97
	- Fixed some things in X509_NAME_add_entry(), thanks to
	  Matthew Donald <matthew@world.net>.
	- I had a look at the cipher section and though that it was a
	  bit confused, so I've changed it.
	- I was not setting up the RC4-64-MD5 cipher correctly.  It is
	  a MS special that appears in exported MS Money.
	- Error in all my DH ciphers.  Section 7.6.7.3 of the SSLv3
	  spec.  I was missing the two byte length header for the
	  ClientDiffieHellmanPublic value.  This is a packet sent from
	  the client to the server.  The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
	  option will enable SSLeay server side SSLv3 accept either
	  the correct or my 080 packet format.
	- Fixed a few typos in crypto/pem.org.

02-Jul-97
	- Alias mapping for EVP_get_(digest|cipher)byname is now
	  performed before a lookup for actual cipher.  This means
	  that an alias can be used to 're-direct' a cipher or a
	  digest.
	- ASN1_read_bio() had a bug that only showed up when using a
	  memory BIO.  When EOF is reached in the memory BIO, it is
	  reported as a -1 with BIO_should_retry() set to true.

01-Jul-97
	- Fixed an error in X509_verify_cert() caused by my
	  miss-understanding how 'do { contine } while(0);' works.
	  Thanks to Emil Sit <sit@mit.edu> for educating me :-)

30-Jun-97
	- Base64 decoding error.  If the last data line did not end with
	  a '=', sometimes extra data would be returned.
	- Another 'cut and paste' bug in x509.c related to setting up the
	  STDout BIO.

27-Jun-97
	- apps/ciphers.c was not printing due to an editing error.
	- Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
	  a library build error in util/mk1mf.pl

26-Jun-97
	- Still did not have the auto 'experimental' code removal
	  script correct.
	- A few header tweaks for Watcom 11.0 under Win32 from
	  Rolf Lindemann <Lindemann@maz-hh.de>
	- 0 length OCTET_STRING bug in asn1_parse
	- A minor fix with an non-existent function in the MS .def files.
	- A few changes to the PKCS7 stuff.

25-Jun-97
	SSLeay 0.8.0 finally it gets released.

24-Jun-97
	Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
	use a temporary RSA key.  This is experimental and needs some more work.
	Fixed a few Win16 build problems.

23-Jun-97
	SSLv3 bug. I was not doing the 'lookup' of the CERT structure
	correctly. I was taking the SSL->ctx->default_cert when I should
	have been using SSL->cert. The bug was in ssl/s3_srvr.c

20-Jun-97
	X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
	rest of the library. Even though I had the code required to do
	it correctly, apps/req.c was doing the wrong thing.  I have fixed
	and tested everything.

	Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.

19-Jun-97
	Fixed a bug in the SSLv2 server side first packet handling. When
	using the non-blocking test BIO, the ssl->s2->first_packet flag
	was being reset when a would-block failure occurred when reading
	the first 5 bytes of the first packet. This caused the checking
	logic to run at the wrong time and cause an error.

	Fixed a problem with specifying cipher. If RC4-MD5 were used,
	only the SSLv3 version would be picked up.  Now this will pick
	up both SSLv2 and SSLv3 versions. This required changing the
	SSL_CIPHER->mask values so that they only mask the ciphers,
	digests, authentication, export type and key-exchange algorithms.

	I found that when a SSLv23 session is established, a reused
	session, of type SSLv3 was attempting to write the SSLv2 
	ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char 
	method has been modified so it will only write out cipher which
	that method knows about.