update FAQ, NEWS

FAQ

@@ -82,7 +82,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 1.0.0f was released on Jan 4th, 2012.
+OpenSSL 1.0.1 was released on Mar 14th, 2012.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:

NEWS

@@ -5,6 +5,19 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1:
+
+      o TLS/DTLS heartbeat support.
+      o SCTP support.
+      o RFC 5705 TLS key material exporter.
+      o RFC 5764 DTLS-SRTP negotiation.
+      o Next Protocol Negotiation.
+      o PSS signatures in certificates, requests and CRLs.
+      o Support for password based recipient info for CMS.
+      o Support TLS v1.2 and TLS v1.1.
+      o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
+      o SRP support.
+
   Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h:
 
       o Fix for CMS/PKCS#7 MMA CVE-2012-0884

apps/s_client.c

@@ -1209,6 +1209,21 @@ bad:
 #endif
 
 	con=SSL_new(ctx);
+#if 0
+{
+int curves[3];
+int rv;
+curves[0] = EC_curve_nist2nid("P-256");
+curves[1] = EC_curve_nist2nid("P-521");
+curves[2] = EC_curve_nist2nid("P-384");
+rv = SSL_set1_curvelist(con, curves, sizeof(curves)/sizeof(int));
+if (rv == 0)
+	{
+	fprintf(stderr, "Error setting curve list\n");
+	exit(1);
+	}
+}
+#endif
 	if (sess_in)
 		{
 		SSL_SESSION *sess;

ssl/s3_lib.c

@@ -3391,6 +3391,94 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		return (int)clistlen;
 		}
 
+	case SSL_CTRL_SET_CURVELIST:
+		{
+		int *nid_list = parg;
+		size_t nid_listlen = larg, i;
+		unsigned char *clist, *p;
+		/* Bitmap of curves included to detect duplicates: only works
+		 * while curve ids < 32 
+		 */
+		unsigned long dup_list = 0;
+		clist = OPENSSL_malloc(nid_listlen * 2);
+		for (i = 0, p = clist; i < nid_listlen; i++)
+			{
+			unsigned long idmask;
+			int id;
+			id = tls1_ec_nid2curve_id(nid_list[i]);
+			idmask = 1L << id;
+			if (!id || (dup_list & idmask))
+				{
+				OPENSSL_free(clist);
+				return 0;
+				}
+			dup_list |= idmask;
+			s2n(id, p);
+			}
+		if (s->tlsext_ellipticcurvelist)
+			OPENSSL_free(s->tlsext_ellipticcurvelist);
+		s->tlsext_ellipticcurvelist = clist;
+		s->tlsext_ellipticcurvelist_length = nid_listlen * 2;
+		return 1;
+		}
+
+	case SSL_CTRL_SHARED_CURVES:
+		{
+		unsigned long mask = 0;
+		unsigned char *pmask, *pref;
+		size_t pmasklen, preflen, i;
+		int nmatch = 0;
+		/* Must be server */
+		if (!s->server)
+			return 0;
+		/* No curves if client didn't sent supported curves extension */
+		if (!s->session->tlsext_ellipticcurvelist)
+			return 0;
+		if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
+			{
+			pref = s->tlsext_ellipticcurvelist;
+			preflen = s->tlsext_ellipticcurvelist_length;
+			pmask = s->session->tlsext_ellipticcurvelist;
+			pmasklen = s->session->tlsext_ellipticcurvelist_length;
+			}
+		else
+			{
+			pref = s->session->tlsext_ellipticcurvelist;
+			preflen = s->session->tlsext_ellipticcurvelist_length;
+			pmask = s->tlsext_ellipticcurvelist;
+			pmasklen = s->tlsext_ellipticcurvelist_length;
+			}
+		/* Build a mask of supported curves */
+		for (i = 0; i < pmasklen; i+=2, pmask+=2)
+			{
+			/* Skip any curves that wont fit in mask */
+			if (pmask[0] || (pmask[1] > 31))
+				continue;
+			mask |= 1L << pmask[1];
+			}
+		/* Check preference order against mask */
+		for (i = 0; i < preflen; i+=2, pref+=2)
+			{
+			if (pref[0] || (pref[1] > 30))
+				continue;
+			/* Search for matching curves in preference order */
+			if (mask & (1L << pref[1]))
+				{
+				int id = tls1_ec_curve_id2nid(pref[1]);
+				if (id && parg && nmatch == larg)
+					{
+					*((int *)parg) = id;
+					return 1;
+					}
+				nmatch++;
+				}
+			}
+		if (parg)
+			return 0;
+		return nmatch;
+
+		}
+
 	default:
 		break;
 		}

ssl/ssl.h

@@ -1619,6 +1619,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_CTRL_CHAIN_CERT			89
 
 #define SSL_CTRL_GET_CURVELIST			90
+#define SSL_CTRL_SET_CURVELIST			91
+#define SSL_CTRL_SHARED_CURVES			92
 
 #define DTLSv1_get_timeout(ssl, arg) \
 	SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
@@ -1680,6 +1682,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 	SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
 #define SSL_get1_curvelist(ctx, s) \
 	SSL_ctrl(ctx,SSL_CTRL_GET_CURVELIST,0,(char *)s)
+#define SSL_set1_curvelist(ctx, clist, clistlen) \
+	SSL_ctrl(ctx,SSL_CTRL_SET_CURVELIST,clistlen,(char *)clist)
 
 
 #ifndef OPENSSL_NO_BIO

ssl/t1_lib.c

@@ -1678,20 +1678,26 @@ int ssl_prepare_clienthello_tlsext(SSL *s)
 		s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
 
 		/* we support all named elliptic curves in draft-ietf-tls-ecc-12 */
-		if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ellipticcurvelist);
-		s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pref_list[0]) * 2;
-		if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
+		if (s->tlsext_ellipticcurvelist == NULL)
 			{
+			unsigned char *clist;
+			size_t clistlen;
 			s->tlsext_ellipticcurvelist_length = 0;
-			SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
-			return -1;
-			}
-		for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i <
-				sizeof(pref_list)/sizeof(pref_list[0]); i++)
-			{
-			int id = tls1_ec_nid2curve_id(pref_list[i]);
-			s2n(id,j);
-			}
+			clistlen = sizeof(pref_list)/sizeof(pref_list[0]) * 2;
+			clist = OPENSSL_malloc(clistlen);
+			if (!clist)
+				{
+				SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
+				return -1;
+				}
+			for (i = 0, j = clist; i < (int)clistlen/2; i++)
+				{
+				int id = tls1_ec_nid2curve_id(pref_list[i]);
+				s2n(id,j);
+				}
+			s->tlsext_ellipticcurvelist = clist;
+			s->tlsext_ellipticcurvelist_length = clistlen;
+			}	
 		}
 #endif /* OPENSSL_NO_EC */