mirror of
				https://github.com/MariaDB/server.git
				synced 2025-10-26 01:18:31 +02:00 
			
		
		
		
	
		
			
				
	
	
		
			778 lines
		
	
	
	
		
			25 KiB
		
	
	
	
		
			Text
		
	
	
	
	
	
			
		
		
	
	
			778 lines
		
	
	
	
		
			25 KiB
		
	
	
	
		
			Text
		
	
	
	
	
	
| *** Note, Please read ***
 | |
| 
 | |
| yaSSL takes a different approach to certificate verification than OpenSSL does.
 | |
| The default policy for the client is to verify the server, this means that if
 | |
| you don't load CAs to verify the server you'll get a connect error, unable to 
 | |
| verify.  It you want to mimic OpenSSL behavior of not verifying the server and
 | |
| reducing security you can do this by calling:
 | |
| 
 | |
| SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
 | |
| 
 | |
| before calling SSL_new();
 | |
| 
 | |
| *** end Note ***
 | |
| 
 | |
| yaSSL Release notes, version 2.4.2 (9/22/2016)
 | |
|     This release of yaSSL fixes a medium security vulnerability. A fix for
 | |
|     potential AES side channel leaks is included that a local user monitoring
 | |
|     the same CPU core cache could exploit.  VM users, hyper-threading users,
 | |
|     and users where potential attackers have access to the CPU cache will need
 | |
|     to update if they utilize AES.
 | |
| 
 | |
|     DSA padding fixes for unusual sizes is included as well.  Users with DSA
 | |
|     certficiates should update.
 | |
| 
 | |
| yaSSL Release notes, version 2.4.0 (5/20/2016)
 | |
|     This release of yaSSL fixes the OpenSSL compatibility function
 | |
|     SSL_CTX_load_verify_locations() when using the path directory to allow
 | |
|     unlimited path sizes.  Minor Windows build fixes are included.
 | |
|     No high level security fixes in this version but we always recommend
 | |
|     updating.
 | |
| 
 | |
| 
 | |
| yaSSL Release notes, version 2.3.9b (2/03/2016)
 | |
|     This release of yaSSL fixes the OpenSSL compatibility function
 | |
|     X509_NAME_get_index_by_NID() to use the actual index of the common name
 | |
|     instead of searching on the format prefix.  Thanks for the report from
 | |
|     yashwant.sahu@oracle.com  .  Anyone using this function should update.
 | |
| 
 | |
| yaSSL Release notes, version 2.3.9 (12/01/2015)
 | |
|     This release of yaSSL fixes two client side Diffie-Hellman problems.
 | |
|     yaSSL was only handling the cases of zero or one leading zeros for the key
 | |
|     agreement instead of potentially any number.  This caused about 1 in 50,000
 | |
|     connections to fail when using DHE cipher suites.  The second problem was
 | |
|     the case where a server would send a public value shorter than the prime
 | |
|     value, causing about 1 in 128 client connections to fail, and also
 | |
|     caused the yaSSL client to read off the end of memory.  All client side
 | |
|     DHE cipher suite users should update.
 | |
|     Thanks to Adam Langely (agl@imperialviolet.org) for the detailed report!
 | |
| 
 | |
| yaSSL Release notes, version 2.3.8 (9/17/2015)
 | |
|     This release of yaSSL fixes a high security vulnerability.  All users
 | |
|     SHOULD update.  If using yaSSL for TLS on the server side with private
 | |
|     RSA keys allowing ephemeral key exchange you MUST update and regenerate
 | |
|     the RSA private keys.  This report is detailed in:
 | |
|     https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf
 | |
|     yaSSL now detects RSA signature faults and returns an error.
 | |
| 
 | |
| yaSSL Patch notes, version 2.3.7e (6/26/2015)
 | |
|     This release of yaSSL includes a fix for Date less than comparison.
 | |
|     Previously yaSSL would return true on less than comparisons if the Dates
 | |
|     were equal. Reported by Oracle. No security problem, but if a cert was
 | |
|     generated right now, a server started using it in the same second, and a
 | |
|     client tried to verify it in the same second it would report not yet valid.
 | |
| 
 | |
| yaSSL Patch notes, version 2.3.7d (6/22/2015)
 | |
|     This release of yaSSL includes a fix for input_buffer set_current with
 | |
|     index 0.  SSL_peek() at front of waiting data could trigger.  Robert
 | |
|     Golebiowski of Oracle identified and suggested a fix, thanks!
 | |
| 
 | |
| yaSSL Patch notes, version 2.3.7c (6/12/2015)
 | |
|     This release of yaSSL does certificate DATE comparisons to the second
 | |
|     instead of to the minute, helpful when using freshly generated certs.
 | |
|     Though keep in mind that time sync differences could still show up.
 | |
| 
 | |
| yaSSL Patch notes, version 2.3.7b (3/18/2015)
 | |
|     This release of yaSSL fixes a potential crash with corrupted private keys.
 | |
|     Also detects bad keys earlier for user.
 | |
| 
 | |
| yaSSL Release notes, version 2.3.7 (12/10/2014)
 | |
|     This release of yaSSL fixes the potential to process duplicate handshake
 | |
|     messages by explicitly marking/checking received handshake messages.
 | |
| 
 | |
| yaSSL Release notes, version 2.3.6 (11/25/2014)
 | |
| 
 | |
|     This release of yaSSL fixes some valgrind warnings/errors including
 | |
|     uninitialized reads and off by one index errors induced from fuzzing
 | |
|     the handshake.  These were reported by Oracle. 
 | |
| 
 | |
| yaSSL Release notes, version 2.3.5 (9/29/2014)
 | |
| 
 | |
|     This release of yaSSL fixes an RSA Padding check vulnerability reported by
 | |
|     Intel Security Advanced Threat Research team
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| yaSSL Release notes, version 2.3.4 (8/15/2014)
 | |
| 
 | |
|     This release of yaSSL adds checking to the input_buffer class itself.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| yaSSL Release notes, version 2.3.2 (7/25/2014)
 | |
| 
 | |
|     This release of yaSSL updates test certs.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 2.3.0 (12/5/2013)
 | |
| 
 | |
|     This release of yaSSL updates asm for newer GCC versions.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 2.2.3 (4/23/2013)
 | |
| 
 | |
|     This release of yaSSL updates the test certificates as they were expired
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 2.2.2d (2/5/2013)
 | |
| 
 | |
|     This release of yaSSL contains countermeasuers for the Lucky 13 TLS 1.1
 | |
|     CBC timing padding attack identified by Nadhem AlFardan and Kenneth Paterson
 | |
|     see: http://www.isg.rhul.ac.uk/tls/
 | |
| 
 | |
|     It also adds SHA2 certificate verification and better checks for malicious
 | |
|     input.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 2.2.2 (7/5/2012)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes and more security checks around
 | |
|     malicious certificates.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 2.1.2 (9/2/2011)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, better non-blocking support with
 | |
|     SSL_write, and OpenSSL RSA public key format support.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 2.0.0 (7/6/2010)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, new testing certs,
 | |
|     and a security patch for a potential heap overflow on forged application
 | |
|     data processing.  Vulnerability discovered by Matthieu Bonetti from VUPEN
 | |
|     Security http://www.vupen.com.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.9.9 (1/26/2010)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, the removal of assert() s and
 | |
|     a security patch for a buffer overflow possibility in certificate name
 | |
|     processing. 
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.9.8 (10/14/09)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes and adds new stream ciphers
 | |
|     Rabbit and HC-128
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.9.6 (11/13/08)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, adds autconf shared library
 | |
|     support and has better server suite detection based on certficate and
 | |
|     private key.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.9.2 (9/24/08)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes and improved certificate verify
 | |
|     callback support. 
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.8.8 (5/7/08)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, and better socket handling. 
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.8.6 (1/31/08)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, and fixes security problems
 | |
|     associated with using SSL 2.0 client hellos and improper input handling.
 | |
|     Please upgrade to this version if you are using a previous one. 
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.7.5 (10/15/07)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, adds MSVC 2005 project support,
 | |
|     GCC 4.2 support, IPV6 support and test, and new test certificates. 
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.7.2 (8/20/07)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes and adds initial OpenVPN support.
 | |
|     Just configure at this point and beginning of build. 
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.6.8 (4/16/07)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes and adds SHA-256, SHA-512, SHA-224,
 | |
|     and SHA-384.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.6.0 (2/22/07)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, portability enhancements, and
 | |
|     better X509 support.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.5.8 (1/10/07)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, portability enhancements, and
 | |
|     support for GCC 4.1.1 and vs2005 sp1.
 | |
| 
 | |
| 
 | |
| 
 | |
|     Since yaSSL now supports zlib, as does libcurl, the libcurl build test can
 | |
|     fail if yaSSL is built with zlib support since the zlib library isn't 
 | |
|     passed.  You can do two things to fix this: 
 | |
| 
 | |
|         1) build yaSSL w/o zlib --without-zlib
 | |
|         2) or add flags to curl configure LDFLAGS="-lm -lz"
 | |
| 
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.5.0 (11/09/06)
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, portability enhancements,
 | |
|     and full TLS 1.1 support.  Use the functions:
 | |
| 
 | |
|         SSL_METHOD *TLSv1_1_server_method(void);
 | |
|         SSL_METHOD *TLSv1_1_client_method(void);
 | |
|     
 | |
|     or the SSLv23 versions (even though yaSSL doesn't support SSL 2.0 the v23
 | |
|     means to pick the highest of SSL 3.0, TLS 1.0, or TLS 1.1).
 | |
| 
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0.
 | |
| 
 | |
| 
 | |
| 
 | |
| ****************yaSSL Release notes, version 1.4.5 (10/15/06)
 | |
| 
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, portability enhancements,
 | |
|     zlib compression support, removal of assembly instructions at runtime if
 | |
|     not supported, and initial TLS 1.1 support.
 | |
| 
 | |
| 
 | |
|     Compression Notes:  yaSSL uses zlib for compression and the compression
 | |
|     should only be used if yaSSL is at both ends because the implementation
 | |
|     details aren't yet standard.  If you'd like to turn compression on use
 | |
|     the SSL_set_compression() function on the client before calling
 | |
|     SSL_connect().  If both the client and server were built with zlib support
 | |
|     then the connection will use compression.  If the client isn't built with
 | |
|     support then SSL_set_compression() will return an error (-1).
 | |
| 
 | |
|     To build yaSSL with zlib support on Unix simply have zlib support on your
 | |
|     system and configure will find it if it's in the standard locations.  If
 | |
|     it's somewhere else use the option ./configure --with-zlib=DIR.  If you'd
 | |
|     like to disable compression support in yaSSL use ./configure --without-zlib.
 | |
| 
 | |
|     To build yaSSL with zlib support on Windows:
 | |
| 
 | |
|         1) download zlib from http://www.zlib.net/
 | |
|         2) follow the instructions in zlib from projects/visualc6/README.txt
 | |
|            for how to add the zlib project into the yaSSL workspace noting that
 | |
|            you'll need to add configuration support for "Win32 Debug" and
 | |
|            "Win32 Release" in note 3 under "To use:". 
 | |
|         3) define HAVE_LIBZ when building yaSSL
 | |
| 
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0.
 | |
| 
 | |
| 
 | |
| ********************yaSSL Release notes, version 1.4.0 (08/13/06)
 | |
| 
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, portability enhancements,
 | |
|     nonblocking connect and accept, better OpenSSL error mapping, and 
 | |
|     certificate caching for session resumption.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0.
 | |
| 
 | |
| 
 | |
| ********************yaSSL Release notes, version 1.3.7 (06/26/06)
 | |
| 
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, portability enhancements,
 | |
|     and libcurl 7.15.4 support (any newer versions may not build). 
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0.
 | |
| 
 | |
| 
 | |
| ********************yaSSL Release notes, version 1.3.5 (06/01/06)
 | |
| 
 | |
| 
 | |
|     This release of yaSSL contains bug fixes, portability enhancements,
 | |
|     better libcurl support, and improved non-blocking I/O.
 | |
| 
 | |
| See normal  build instructions below under 1.0.6.
 | |
| See libcurl build instructions below under 1.3.0.
 | |
| 
 | |
| 
 | |
| ********************yaSSL Release notes, version 1.3.0 (04/26/06)
 | |
| 
 | |
| 
 | |
|     This release of yaSSL contains minor bug fixes, portability enhancements,
 | |
|     and libcurl support.
 | |
| 
 | |
| See normal build instructions below under 1.0.6.
 | |
| 
 | |
| 
 | |
| --To build for libcurl on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
 | |
| 
 | |
|   To build for libcurl the library needs to be built without C++ globals since
 | |
|   the linker will be called in a C context, also libcurl configure will expect
 | |
|   OpenSSL library names so some symbolic links are created.
 | |
| 
 | |
|     ./configure --enable-pure-c
 | |
|     make
 | |
|     make openssl-links
 | |
| 
 | |
|     (then go to your libcurl home and tell libcurl about yaSSL build dir)
 | |
|     ./configure --with-ssl=/yaSSL-BuildDir LDFLAGS=-lm
 | |
|     make
 | |
| 
 | |
| 
 | |
| --To build for libcurl on Win32:
 | |
| 
 | |
|     Simply add the yaSSL project as a dependency to libcurl, add 
 | |
|     yaSSL-Home\include and yaSSL-Home\include\openssl to the include list, and
 | |
|     define USE_SSLEAY and USE_OPENSSL
 | |
| 
 | |
|     please email todd@yassl.com if you have any questions.
 | |
|     
 | |
| 
 | |
| *******************yaSSL Release notes, version 1.2.2 (03/27/06)
 | |
| 
 | |
| 
 | |
|     This release of yaSSL contains minor bug fixes and portability enhancements.
 | |
| 
 | |
| See build instructions below under 1.0.6:
 | |
| 
 | |
| 
 | |
| 
 | |
| *******************yaSSL Release notes, version 1.2.0
 | |
| 
 | |
| 
 | |
|     This release of yaSSL contains minor bug fixes, portability enhancements,
 | |
|     Diffie-Hellman compatibility fixes for other servers and client,
 | |
|     optimization improvements, and x86 ASM changes.
 | |
| 
 | |
| See build instructions below under 1.0.6:
 | |
| 
 | |
| 
 | |
| 
 | |
| *****************yaSSL Release notes, version 1.1.5
 | |
| 
 | |
|     This release of yaSSL contains minor bug fixes, portability enhancements,
 | |
|     and user requested changes including the ability to add all certificates in
 | |
|     a directory, more robust socket handling, no new overloading unless
 | |
|     requested, and an SSL_VERIFY_NONE option.
 | |
| 
 | |
| 
 | |
| See build instructions below under 1.0.6:
 | |
| 
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 1.0.6
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, portability enhancements,
 | |
| x86 assembly for ARC4, SHA, MD5, and RIPEMD, --enable-ia32-asm configure
 | |
| option, and a security patch for certificate chain processing.
 | |
| 
 | |
| --To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
 | |
| 
 | |
|     ./configure
 | |
|     make
 | |
| 
 | |
|     run testsuite from yaSSL-Home/testsuite to test the build
 | |
| 
 | |
| to make a release build:
 | |
| 
 | |
|     ./configure --disable-debug
 | |
|     make
 | |
| 
 | |
|     run testsuite from yaSSL-Home/testsuite to test the build
 | |
| 
 | |
| 
 | |
| --To build on Win32
 | |
| 
 | |
| Choose (Re)Build All from the project workspace
 | |
| 
 | |
| run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build
 | |
| 
 | |
| 
 | |
| 
 | |
| ***************** yaSSL Release notes, version 1.0.5
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, portability enhancements,
 | |
| x86 assembly for AES, 3DES, BLOWFISH, and TWOFISH, --without-debug configure
 | |
| option, and --enable-kernel-mode configure option for using TaoCrypt with
 | |
| kernel modules.
 | |
| 
 | |
| --To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
 | |
| 
 | |
|     ./configure
 | |
|     make
 | |
| 
 | |
|     run testsuite from yaSSL-Home/testsuite to test the build
 | |
| 
 | |
| to make a release build:
 | |
| 
 | |
|     ./configure --without-debug
 | |
|     make
 | |
| 
 | |
|     run testsuite from yaSSL-Home/testsuite to test the build
 | |
| 
 | |
| 
 | |
| --To build on Win32
 | |
| 
 | |
| Choose (Re)Build All from the project workspace
 | |
| 
 | |
| run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 1.0.1
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, portability enhancements,
 | |
| GCC 3.4.4 support, MSVC 2003 support, and more documentation.
 | |
| 
 | |
| Please see build instructions in the release notes for 0.9.6 below.
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 1.0
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, portability enhancements,
 | |
| GCC 4.0 support, testsuite, improvements, and API additions.
 | |
| 
 | |
| Please see build instructions in the release notes for 0.9.6 below.
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.9.9
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, portability enchancements,
 | |
| MSVC 7 support, memory improvements, and API additions.
 | |
| 
 | |
| Please see build instructions in the release notes for 0.9.6 below.
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.9.8
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes and portability enchancements.
 | |
| 
 | |
| Please see build instructions in the release notes for 0.9.6 below.
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.9.6
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, removal of STL support, and
 | |
| removal of exceptions and rtti so that the library can be linked without the
 | |
| std c++ library.
 | |
| 
 | |
| --To build on Linux, Solaris, FreeBSD, Mac OS X, or Cygwin
 | |
| 
 | |
| ./configure
 | |
| make
 | |
| 
 | |
| run testsuite from yaSSL-Home/testsuite to test the build
 | |
| 
 | |
| 
 | |
| --To build on Win32
 | |
| 
 | |
| Choose (Re)Build All from the project workspace
 | |
| 
 | |
| run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build
 | |
| 
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.9.2
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, expanded certificate
 | |
| verification and chaining, and improved documentation.
 | |
| 
 | |
| Please see build instructions in release notes 0.3.0.
 | |
| 
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.9.0
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, client verification handling,
 | |
| hex and base64 encoing/decoding, and an improved test suite.
 | |
| 
 | |
| Please see build instructions in release notes 0.3.0.
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.8.0
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, and initial porting effort to
 | |
| 64bit, BigEndian, and more UNIX systems.
 | |
| 
 | |
| Please see build instructions in release notes 0.3.0.
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.6.0
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, source cleanup, and binary beta
 | |
| (1) of the yaSSL libraries.
 | |
| 
 | |
| Please see build instructions in release notes 0.3.0.
 | |
| 
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.5.0
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, full session resumption
 | |
| support, and initial testing suite support.
 | |
| 
 | |
| 
 | |
| 
 | |
| Please see build instructions in release notes 0.3.0.
 | |
| 
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.4.0
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, an optional memory tracker,
 | |
| an echo client and server with input/output redirection for load testing, 
 | |
| and initial session caching support. 
 | |
| 
 | |
| 
 | |
| Please see build instructions in release notes 0.3.0.
 | |
| 
 | |
| 
 | |
| ******************yaSSL Release notes, version 0.3.5
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes and extensions to the crypto
 | |
| library including a full test suite.
 | |
| 
 | |
| 
 | |
| *******************yaSSL Release notes, version 0.3.0
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes and extensions to the crypto
 | |
| library including AES and an improved random number generator.  GNU autoconf
 | |
| and automake are now used to simplify the build process on Linux.
 | |
| 
 | |
| *** Linux Build process
 | |
| 
 | |
| ./configure
 | |
| make
 | |
| 
 | |
| *** Windows Build process
 | |
| 
 | |
| open the yassl workspace and build the project
 | |
| 
 | |
| 
 | |
| *******************yaSSL Release notes, version 0.2.9
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes and extensions to the crypto
 | |
| library.
 | |
| 
 | |
| See the notes at the bottom of this page for build instructions.
 | |
| 
 | |
| 
 | |
| *******************yaSSL Release notes, version 0.2.5
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes and a beta binary of the yaSSL
 | |
| libraries for win32 and linux.
 | |
| 
 | |
| See the notes at the bottom of this page for build instructions.
 | |
| 
 | |
| 
 | |
| 
 | |
| *******************yaSSL Release notes, version 0.2.0
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes and initial alternate crypto
 | |
| functionality. 
 | |
| 
 | |
| *** Complete Build ***
 | |
| 
 | |
| See the notes in Readme.txt for build instructions.
 | |
| 
 | |
| *** Update Build ***
 | |
| 
 | |
| If you have already done a complete build of yaSSL as described in the release
 | |
| 0.0.1 - 0.1.0 notes and downloaded the update to 0.2.0, place the update file
 | |
| yassl-update-0.2.0.tar.gz in the yaSSL home directory and issue the command:
 | |
| 
 | |
| gzip -cd yassl-update-0.2.0.tar.gz | tar xvf -
 | |
| 
 | |
| to update the previous release.
 | |
| 
 | |
| Then issue the make command on linux or rebuild the yaSSL project on Windows. 
 | |
| 
 | |
| *******************yaSSL Release notes, version 0.1.0
 | |
| 
 | |
| This release of yaSSL contains minor bug fixes, full client and server TLSv1
 | |
| support including full ephemeral Diffie-Hellman support, SSL type RSA and DSS
 | |
| signing and verification, and initial stunnel 4.05 build support.
 | |
| 
 | |
| 
 | |
| 
 | |
| *********************yaSSL Release notes, version 0.0.3
 | |
| 
 | |
| The third release of yaSSL contains minor bug fixes, client certificate
 | |
| enhancements, and initial ephemeral Diffie-Hellman integration:
 | |
| 
 | |
| 
 | |
| 
 | |
| *********************
 | |
| 
 | |
| yaSSL Release notes, version 0.0.2
 | |
| 
 | |
| The second release of yaSSL contains minor bug fixes, client certificate
 | |
| enhancements, session resumption, and improved TLS support including:
 | |
| 
 | |
| - HMAC for MD5 and SHA-1
 | |
| - PRF (pseudo random function)
 | |
| - Master Secret and Key derivation routines
 | |
| - Record Authentication codes
 | |
| - Finish verify data check
 | |
| 
 | |
| Once ephemeral RSA and DH are added yaSSL will be fully complaint with TLS.
 | |
| 
 | |
| 
 | |
| 
 | |
| **********************
 | |
| 
 | |
| yassl Release notes, version 0.0.1
 | |
| 
 | |
| The first release of yassl supports normal RSA mode SSLv3 connections with
 | |
| support for SHA-1 and MD5 digests.  Ciphers include DES, 3DES, and RC4.
 | |
| 
 | |
| yassl uses the CryptoPP library for cryptography, the source is available at
 | |
| www.cryptopp.com .
 | |
| 
 | |
| yassl uses CML (the Certificate Management Library) for x509 support.  More
 | |
| features will be in future versions.  The CML source is available for download
 | |
| from www.digitalnet.com/knowledge/cml_home.htm .
 | |
| 
 | |
| The next release of yassl will support the 3 lesser-used SSL connection modes;
 | |
| HandShake resumption, Ephemeral RSA (or DH), and Client Authentication as well
 | |
| as full support for TLS.  Backwards support for SSLv2 is not planned at this
 | |
| time.
 | |
| 
 | |
| 
 | |
| **********************
 | |
| 
 | |
| Building yassl on linux:
 | |
| 
 | |
| use the ./buildall script to build everything.
 | |
| 
 | |
| buildall will configure and build CML, CryptoPP, and yassl.  Testing was 
 | |
| preformed with gcc version 3.3.2 on kernel 2.4.22.
 | |
| 
 | |
| 
 | |
| **********************
 | |
| 
 | |
| Building yassl on Windows:
 | |
| 
 | |
| Testing was preformed on Windows 2000 with Visual C++ 6 sp5.
 | |
| 
 | |
| 1) decompress esnacc_r16.tgz in place, see buildall for syntax if unsure
 | |
| 
 | |
| 2) decompress smp_r23.tgz in place
 | |
| 
 | |
| 3) unzip cryptopp51/crypto51.zip in place
 | |
| 
 | |
| 4) Build SNACC (part of CML) using snacc_builds.dsw in the SNACC directory
 | |
| 
 | |
| 5) Build SMP (part of CMP) using smp.dsw in the smp directory
 | |
| 
 | |
| 6) Build yassl using yassl.dsw
 | |
| 
 | |
| 
 | |
| **********************
 | |
| 
 | |
| examples, server and client:
 | |
| 
 | |
| Please see the server and client examples in both versions to see how to link
 | |
| to yassl and the support libraries.  On linux do 'make server' and 'make
 | |
| client' to build them. On Windows you will find the example projects in the
 | |
| main workspace, yassl.dsw.
 | |
| 
 | |
| The example server and client are compatible with openssl.
 | |
| 
 | |
| 
 | |
| **********************
 | |
| 
 | |
| Building yassl into mysql on linux:
 | |
| 
 | |
| Testing was done using mysql version 4.0.17.
 | |
| 
 | |
| alter openssl_libs in the configure file, line 21056. Change '-lssl -lcrypto'
 | |
| to '-lyassl -lcryptopp -lcmapi -lcmlasn -lctil -lc++asn1'.
 | |
| 
 | |
| see build/config_command for the configure command used to configure mysql
 | |
| please change /home/touska/ to the relevant directory of course.
 | |
| 
 | |
| add yassl/lib to the LD_LIBRARY_PATH because libmysql/conf_to_src does not
 | |
| use the ssl lib directory though it does use the ssl libraries.
 | |
| 
 | |
| make
 | |
| 
 | |
| make install
 | |
| 
 | |
| 
 | |
| *********************
 | |
| 
 | |
| License:  yassl is currently under the GPL, please see license information
 | |
| in the source and include files.
 | |
| 
 | |
| 
 | |
| *********************
 | |
| 
 | |
| Contact: please send comments or questions to Todd A Ouska at todd@yassl.com
 | |
| and/or Larry Stefonic at larry@yassl.com.
 | |
| 
 | |
| 
 | |
| 
 | 
