|
7 | 7 | https://github.com/openssl/openssl/commits/ and pick the appropriate |
8 | 8 | release branch. |
9 | 9 |
|
| 10 | + Changes between 1.1.1d and 1.1.1e [17 Mar 2020] |
| 11 | + *) Properly detect EOF while reading in libssl. Previously if we hit an EOF |
| 12 | + while reading in libssl then we would report an error back to the |
| 13 | + application (SSL_ERROR_SYSCALL) but errno would be 0. We now add |
| 14 | + an error to the stack (which means we instead return SSL_ERROR_SSL) and |
| 15 | + therefore give a hint as to what went wrong. |
| 16 | + [Matt Caswell] |
| 17 | + |
| 18 | + *) Check that ed25519 and ed448 are allowed by the security level. Previously |
| 19 | + signature algorithms not using an MD were not being checked that they were |
| 20 | + allowed by the security level. |
| 21 | + [Kurt Roeckx] |
| 22 | + |
| 23 | + *) Fixed SSL_get_servername() behaviour. The behaviour of SSL_get_servername() |
| 24 | + was not quite right. The behaviour was not consistent between resumption |
| 25 | + and normal handshakes, and also not quite consistent with historical |
| 26 | + behaviour. The behaviour in various scenarios has been clarified and |
| 27 | + it has been updated to make it match historical behaviour as closely as |
| 28 | + possible. |
| 29 | + [Matt Caswell] |
| 30 | + |
| 31 | + *) [VMS only] The header files that the VMS compilers include automatically, |
| 32 | + __DECC_INCLUDE_PROLOGUE.H and __DECC_INCLUDE_EPILOGUE.H, use pragmas that |
| 33 | + the C++ compiler doesn't understand. This is a shortcoming in the |
| 34 | + compiler, but can be worked around with __cplusplus guards. |
| 35 | + |
| 36 | + C++ applications that use OpenSSL libraries must be compiled using the |
| 37 | + qualifier '/NAMES=(AS_IS,SHORTENED)' to be able to use all the OpenSSL |
| 38 | + functions. Otherwise, only functions with symbols of less than 31 |
| 39 | + characters can be used, as the linker will not be able to successfully |
| 40 | + resolve symbols with longer names. |
| 41 | + [Richard Levitte] |
| 42 | + |
| 43 | + *) Corrected the documentation of the return values from the EVP_DigestSign* |
| 44 | + set of functions. The documentation mentioned negative values for some |
| 45 | + errors, but this was never the case, so the mention of negative values |
| 46 | + was removed. |
| 47 | + |
| 48 | + Code that followed the documentation and thereby check with something |
| 49 | + like 'EVP_DigestSignInit(...) <= 0' will continue to work undisturbed. |
| 50 | + [Richard Levitte] |
| 51 | + |
| 52 | + *) Fixed an an overflow bug in the x64_64 Montgomery squaring procedure |
| 53 | + used in exponentiation with 512-bit moduli. No EC algorithms are |
| 54 | + affected. Analysis suggests that attacks against 2-prime RSA1024, |
| 55 | + 3-prime RSA1536, and DSA1024 as a result of this defect would be very |
| 56 | + difficult to perform and are not believed likely. Attacks against DH512 |
| 57 | + are considered just feasible. However, for an attack the target would |
| 58 | + have to re-use the DH512 private key, which is not recommended anyway. |
| 59 | + Also applications directly using the low level API BN_mod_exp may be |
| 60 | + affected if they use BN_FLG_CONSTTIME. |
| 61 | + (CVE-2019-1551) |
| 62 | + [Andy Polyakov] |
| 63 | + |
| 64 | + *) Added a new method to gather entropy on VMS, based on SYS$GET_ENTROPY. |
| 65 | + The presence of this system service is determined at run-time. |
| 66 | + [Richard Levitte] |
| 67 | + |
| 68 | + *) Added newline escaping functionality to a filename when using openssl dgst. |
| 69 | + This output format is to replicate the output format found in the '*sum' |
| 70 | + checksum programs. This aims to preserve backward compatibility. |
| 71 | + [Matt Eaton, Richard Levitte, and Paul Dale] |
| 72 | + |
| 73 | + *) Print all values for a PKCS#12 attribute with 'openssl pkcs12', not just |
| 74 | + the first value. |
| 75 | + [Jon Spillett] |
| 76 | + |
10 | 77 | Changes between 1.1.1c and 1.1.1d [10 Sep 2019] |
11 | 78 |
|
12 | 79 | *) Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random |
|
633 | 700 | bytes long. In theory it is permissible in SSLv3 - TLSv1.2 to fragment such |
634 | 701 | alerts across multiple records (some of which could be empty). In practice |
635 | 702 | it make no sense to send an empty alert record, or to fragment one. TLSv1.3 |
636 | | - prohibts this altogether and other libraries (BoringSSL, NSS) do not |
| 703 | + prohibits this altogether and other libraries (BoringSSL, NSS) do not |
637 | 704 | support this at all. Supporting it adds significant complexity to the |
638 | | - record layer, and its removal is unlikely to cause inter-operability |
| 705 | + record layer, and its removal is unlikely to cause interoperability |
639 | 706 | issues. |
640 | 707 | [Matt Caswell] |
641 | 708 |
|
|
3652 | 3719 | implementations). |
3653 | 3720 | [Emilia Käsper, Adam Langley, Bodo Moeller (Google)] |
3654 | 3721 |
|
3655 | | - *) Use type ossl_ssize_t instad of ssize_t which isn't available on |
| 3722 | + *) Use type ossl_ssize_t instead of ssize_t which isn't available on |
3656 | 3723 | all platforms. Move ssize_t definition from e_os.h to the public |
3657 | 3724 | header file e_os2.h as it now appears in public header file cms.h |
3658 | 3725 | [Steve Henson] |
@@ -8373,7 +8440,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k |
8373 | 8440 |
|
8374 | 8441 | *) New OCSP utility. Allows OCSP requests to be generated or |
8375 | 8442 | read. The request can be sent to a responder and the output |
8376 | | - parsed, outputed or printed in text form. Not complete yet: |
| 8443 | + parsed, outputted or printed in text form. Not complete yet: |
8377 | 8444 | still needs to check the OCSP response validity. |
8378 | 8445 | [Steve Henson] |
8379 | 8446 |
|
@@ -9368,7 +9435,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k |
9368 | 9435 | [Andy Polyakov] |
9369 | 9436 |
|
9370 | 9437 | *) Modified SSL library such that the verify_callback that has been set |
9371 | | - specificly for an SSL object with SSL_set_verify() is actually being |
| 9438 | + specifically for an SSL object with SSL_set_verify() is actually being |
9372 | 9439 | used. Before the change, a verify_callback set with this function was |
9373 | 9440 | ignored and the verify_callback() set in the SSL_CTX at the time of |
9374 | 9441 | the call was used. New function X509_STORE_CTX_set_verify_cb() introduced |
@@ -10485,10 +10552,10 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k |
10485 | 10552 | as other interfaces in OpenSSL, like the BIO interface. |
10486 | 10553 | NCONF_dump_* dump the internal storage of the configuration file, |
10487 | 10554 | which is useful for debugging. All other functions take the same |
10488 | | - arguments as the old CONF_* functions wth the exception of the |
| 10555 | + arguments as the old CONF_* functions with the exception of the |
10489 | 10556 | first that must be a `CONF *' instead of a `LHASH *'. |
10490 | 10557 |
|
10491 | | - To make it easer to use the new classes with the old CONF_* functions, |
| 10558 | + To make it easier to use the new classes with the old CONF_* functions, |
10492 | 10559 | the function CONF_set_default_method is provided. |
10493 | 10560 | [Richard Levitte] |
10494 | 10561 |
|
@@ -12331,7 +12398,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k |
12331 | 12398 | than the old method: it now uses a modified version of Ulf's parser to |
12332 | 12399 | read the ANSI prototypes in all header files (thus the old K&R definitions |
12333 | 12400 | aren't needed for error creation any more) and do a better job of |
12334 | | - translating function codes into names. The old 'ASN1 error code imbedded |
| 12401 | + translating function codes into names. The old 'ASN1 error code embedded |
12335 | 12402 | in a comment' is no longer necessary and it doesn't use .err files which |
12336 | 12403 | have now been deleted. Also the error code call doesn't have to appear all |
12337 | 12404 | on one line (which resulted in some large lines...). |
@@ -12632,7 +12699,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k |
12632 | 12699 |
|
12633 | 12700 | *) Add a useful kludge to allow package maintainers to specify compiler and |
12634 | 12701 | other platforms details on the command line without having to patch the |
12635 | | - Configure script everytime: One now can use ``perl Configure |
| 12702 | + Configure script every time: One now can use ``perl Configure |
12636 | 12703 | <id>:<details>'', i.e. platform ids are allowed to have details appended |
12637 | 12704 | to them (separated by colons). This is treated as there would be a static |
12638 | 12705 | pre-configured entry in Configure's %table under key <id> with value |
|
0 commit comments