1
diff -cr openssl6/CHANGES ossl6/CHANGES
2
*** openssl6/CHANGES Wed Sep 3 23:35:53 2003
3
--- ossl6/CHANGES Mon Sep 29 21:22:00 2003
9
! Changes between 0.9.6j and 0.9.6k [xx XXX 2003]
11
*) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
12
if the server requested one: as stated in TLS 1.0 and SSL 3.0
17
! Changes between 0.9.6j and 0.9.6k [30 Sep 2003]
19
! *) Fix various bugs revealed by running the NISCC test suite:
21
! Stop out of bounds reads in the ASN1 code when presented with
22
! invalid tags (CAN-2003-0543 and CAN-2003-0544).
24
! If verify callback ignores invalid public key errors don't try to check
25
! certificate signature with the NULL public key.
29
! *) Fix various bugs revealed by running the NISCC test suite:
31
! Stop out of bounds reads in the ASN1 code when presented with
32
! invalid tags (CAN-2003-0543 and CAN-2003-0544).
34
! If verify callback ignores invalid public key errors don't try to check
35
! certificate signature with the NULL public key.
39
*) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
40
if the server requested one: as stated in TLS 1.0 and SSL 3.0
41
Only in ossl6: CHANGES.orig
42
diff -cr openssl6/FAQ ossl6/FAQ
43
*** openssl6/FAQ Thu Apr 10 20:21:26 2003
44
--- ossl6/FAQ Mon Sep 29 21:22:00 2003
47
* Which is the current version of OpenSSL?
49
The current version is available from <URL: http://www.openssl.org>.
50
! OpenSSL 0.9.7b was released on April 10, 2003.
52
In addition to the current stable release, you can also access daily
53
snapshots of the OpenSSL development version at <URL:
55
* Which is the current version of OpenSSL?
57
The current version is available from <URL: http://www.openssl.org>.
58
! OpenSSL 0.9.7c was released on September 30, 2003.
60
In addition to the current stable release, you can also access daily
61
snapshots of the OpenSSL development version at <URL:
62
diff -cr openssl6/NEWS ossl6/NEWS
63
*** openssl6/NEWS Thu Apr 10 19:33:23 2003
64
--- ossl6/NEWS Mon Sep 29 21:22:00 2003
68
This file gives a brief overview of the major changes between each OpenSSL
69
release. For more details please read the CHANGES file.
71
+ Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k:
73
+ o Security: fix various ASN1 parsing bugs.
74
+ o SSL/TLS protocol fix for unrequested client certificates.
76
Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j:
78
o Security: counter the Klima-Pokorny-Rosa extension of
79
diff -cr openssl6/README ossl6/README
80
*** openssl6/README Thu Apr 10 20:41:01 2003
81
--- ossl6/README Mon Sep 29 21:22:00 2003
85
! OpenSSL 0.9.6k-dev xx XXX 2003
87
Copyright (c) 1998-2003 The OpenSSL Project
88
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
91
! OpenSSL 0.9.6k 30 Sep 2003
93
Copyright (c) 1998-2003 The OpenSSL Project
94
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
95
diff -cr openssl6/STATUS ossl6/STATUS
96
*** openssl6/STATUS Thu Apr 10 20:21:26 2003
97
--- ossl6/STATUS Mon Sep 29 21:22:00 2003
103
o OpenSSL 0.9.8: Under development...
104
+ o OpenSSL 0.9.7c: Released on September 30th, 2003
105
o OpenSSL 0.9.7b: Released on April 10th, 2003
106
o OpenSSL 0.9.7a: Released on February 19th, 2003
107
o OpenSSL 0.9.7: Released on December 31st, 2002
108
+ o OpenSSL 0.9.6k: Released on September 30th, 2003
109
o OpenSSL 0.9.6j: Released on April 10th, 2003
110
o OpenSSL 0.9.6i: Released on February 19th, 2003
111
o OpenSSL 0.9.6h: Released on December 5th, 2002
112
diff -cr openssl6/crypto/asn1/asn1_lib.c ossl6/crypto/asn1/asn1_lib.c
113
*** openssl6/crypto/asn1/asn1_lib.c Fri Aug 2 19:00:21 2002
114
--- ossl6/crypto/asn1/asn1_lib.c Mon Sep 29 21:21:21 2003
120
if (--max == 0) goto err;
121
+ if (l > (INT_MAX >> 7L)) goto err;
126
+ if (--max == 0) goto err;
130
Only in ossl6/crypto/asn1: asn1_lib.c.rej
131
diff -cr openssl6/crypto/opensslv.h ossl6/crypto/opensslv.h
132
*** openssl6/crypto/opensslv.h Thu Apr 10 20:41:02 2003
133
--- ossl6/crypto/opensslv.h Mon Sep 29 21:22:06 2003
136
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
137
* major minor fix final patch/beta)
139
! #define OPENSSL_VERSION_NUMBER 0x009060b0L
140
! #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6k-dev xx XXX 2003"
141
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
145
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
146
* major minor fix final patch/beta)
148
! #define OPENSSL_VERSION_NUMBER 0x009060bfL
149
! #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6k 30 Sep 2003"
150
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
153
diff -cr openssl6/crypto/x509/x509_vfy.c ossl6/crypto/x509/x509_vfy.c
154
*** openssl6/crypto/x509/x509_vfy.c Tue Dec 10 08:28:16 2002
155
--- ossl6/crypto/x509/x509_vfy.c Mon Sep 29 21:21:21 2003
161
! if (X509_verify(xs,pkey) <= 0)
163
ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
164
ctx->current_cert=xs;
169
! else if (X509_verify(xs,pkey) <= 0)
171
ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
172
ctx->current_cert=xs;
173
Only in ossl6/crypto/x509: x509_vfy.c.rej
174
diff -cr openssl6/include/openssl/opensslv.h ossl6/include/openssl/opensslv.h
175
*** openssl6/include/openssl/opensslv.h Thu Apr 10 20:41:02 2003
176
--- ossl6/include/openssl/opensslv.h Mon Sep 29 21:22:06 2003
179
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
180
* major minor fix final patch/beta)
182
! #define OPENSSL_VERSION_NUMBER 0x009060b0L
183
! #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6k-dev xx XXX 2003"
184
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
188
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
189
* major minor fix final patch/beta)
191
! #define OPENSSL_VERSION_NUMBER 0x009060bfL
192
! #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6k 30 Sep 2003"
193
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT