From 2ae9a3ec830f691490b361df47345940bd228ff4 Mon Sep 17 00:00:00 2001 From: cameronrich Date: Tue, 26 Apr 2011 20:33:55 +0000 Subject: [PATCH] Started to implement TLS1.1 (but disabled for now) git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@204 9a5d90b5-6617-0410-8a86-bb477d3ed2e3 --- ssl/Config.in | 2 +- ssl/tls1.c | 40 +++++++++++++++++++++++++++++----------- ssl/tls1.h | 7 +++++++ ssl/tls1_clnt.c | 19 ++++++++++++++----- ssl/tls1_svr.c | 29 +++++++++++++++++------------ www/index.html | 2 +- 6 files changed, 69 insertions(+), 30 deletions(-) diff --git a/ssl/Config.in b/ssl/Config.in index ce2fdbc9b..b8cd8e4be 100644 --- a/ssl/Config.in +++ b/ssl/Config.in @@ -192,7 +192,7 @@ config CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME config CONFIG_SSL_ENABLE_V23_HANDSHAKE bool "Enable v23 Handshake" - default y + default n help Some browsers use the v23 handshake client hello message (an SSL2 format message which all SSL servers can understand). diff --git a/ssl/tls1.c b/ssl/tls1.c index d8bcf239e..ded4c0284 100755 --- a/ssl/tls1.c +++ b/ssl/tls1.c @@ -287,7 +287,6 @@ EXP_FUNC int STDCALL ssl_read(SSL *ssl, uint8_t **in_data) int ret = basic_read(ssl, in_data); /* check for return code so we can send an alert */ - if (ret < SSL_OK && ret != SSL_CLOSE_NOTIFY) { if (ret != SSL_ERROR_CONN_LOST) @@ -695,19 +694,38 @@ static int verify_digest(SSL *ssl, int mode, const uint8_t *buf, int read_len) if (ssl->cipher_info->padding_size) { - hmac_offset = read_len-buf[read_len-1]-ssl->cipher_info->digest_size-1; + int last_blk_size = buf[read_len-1], i; + hmac_offset = read_len-last_blk_size-ssl->cipher_info->digest_size-1; + + /* guard against a timing attack - make sure we do the digest */ + if (hmac_offset < 0 || last_blk_size > ssl->cipher_info->padding_size) + { + hmac_offset = 0; + } + else + { + /* already looked at last byte */ + for (i = 1; i < last_blk_size; i++) + { + if (buf[read_len-i] != last_blk_size) + { + hmac_offset = 0; + break; + } + } + } } else { hmac_offset = read_len - ssl->cipher_info->digest_size; + + if (hmac_offset < 0) + { + hmac_offset = 0; + } } /* sanity check the offset */ - if (hmac_offset < 0) - { - return SSL_ERROR_INVALID_HMAC; - } - ssl->hmac_header[3] = hmac_offset >> 8; /* insert size */ ssl->hmac_header[4] = hmac_offset & 0xff; add_hmac_digest(ssl, mode, ssl->hmac_header, buf, hmac_offset, hmac_buf); @@ -935,8 +953,8 @@ static int send_raw_packet(SSL *ssl, uint8_t protocol) int ret = SSL_OK; rec_buf[0] = protocol; - rec_buf[1] = 0x03; /* version = 3.1 (TLS) */ - rec_buf[2] = 0x01; + rec_buf[1] = 0x03; /* version = 3.1 or higher */ + rec_buf[2] = ssl->version & 0x0f; rec_buf[3] = ssl->bm_index >> 8; rec_buf[4] = ssl->bm_index & 0xff; @@ -1011,8 +1029,8 @@ int send_packet(SSL *ssl, uint8_t protocol, const uint8_t *in, int length) uint8_t hmac_header[SSL_RECORD_SIZE]; hmac_header[0] = protocol; - hmac_header[1] = 0x03; - hmac_header[2] = 0x01; + hmac_header[1] = 0x03; /* version = 3.1 or higher */ + hmac_header[2] = ssl->version & 0x0f; hmac_header[3] = length >> 8; hmac_header[4] = length & 0xff; diff --git a/ssl/tls1.h b/ssl/tls1.h index a1e1bd982..079613530 100755 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -44,6 +44,11 @@ extern "C" { #include "crypto.h" #include "crypto_misc.h" +#define SSL_PROTOCOL_MIN_VERSION 0x31 /* TLS v1.0 */ +//#define SSL_PROTOCOL_MINOR_VERSION 0x02 /* TLS v1.1 */ +#define SSL_PROTOCOL_MINOR_VERSION 0x01 /* TLS v1.0 */ +//#define SSL_PROTOCOL_VERSION 0x32 /* TLS v1.1 */ +#define SSL_PROTOCOL_VERSION 0x31 /* TLS v1.1 */ #define SSL_RANDOM_SIZE 32 #define SSL_SECRET_SIZE 48 #define SSL_FINISHED_HASH_SIZE 12 @@ -160,6 +165,8 @@ struct _SSL uint8_t record_type; uint8_t cipher; uint8_t sess_id_size; + uint8_t version; + uint8_t client_version; int16_t next_state; int16_t hs_status; DISPOSABLE_CTX *dc; /* temporary data which we'll get rid of soon */ diff --git a/ssl/tls1_clnt.c b/ssl/tls1_clnt.c index 3937015e7..33aa1ad60 100644 --- a/ssl/tls1_clnt.c +++ b/ssl/tls1_clnt.c @@ -51,6 +51,7 @@ EXP_FUNC SSL * STDCALL ssl_client_new(SSL_CTX *ssl_ctx, int client_fd, const uint8_t *session_id, uint8_t sess_id_size) { SSL *ssl = ssl_new(ssl_ctx, client_fd); + ssl->version = SSL_PROTOCOL_VERSION; if (session_id && ssl_ctx->num_sessions) { @@ -178,7 +179,7 @@ static int send_client_hello(SSL *ssl) buf[2] = 0; /* byte 3 is calculated later */ buf[4] = 0x03; - buf[5] = 0x01; + buf[5] = ssl->version & 0x0f; /* client random value - spec says that 1st 4 bytes are big endian time */ *tm_ptr++ = (uint8_t)(((long)tm & 0xff000000) >> 24); @@ -227,14 +228,22 @@ static int process_server_hello(SSL *ssl) { uint8_t *buf = ssl->bm_data; int pkt_size = ssl->bm_index; - int version = (buf[4] << 4) + buf[5]; int num_sessions = ssl->ssl_ctx->num_sessions; uint8_t sess_id_size; int offset, ret = SSL_OK; /* check that we are talking to a TLSv1 server */ - if (version != 0x31) - return SSL_ERROR_INVALID_VERSION; + uint8_t version = (buf[4] << 4) + buf[5]; + if (version > SSL_PROTOCOL_VERSION) + version = SSL_PROTOCOL_VERSION; + else if (ssl->version < SSL_PROTOCOL_MIN_VERSION) + { + ret = SSL_ERROR_INVALID_VERSION; + ssl_display_error(ret); + goto error; + } + + ssl->version = version; /* get the server random value */ memcpy(ssl->dc->server_random, &buf[6], SSL_RANDOM_SIZE); @@ -300,7 +309,7 @@ static int send_client_key_xchg(SSL *ssl) buf[1] = 0; premaster_secret[0] = 0x03; /* encode the version number */ - premaster_secret[1] = 0x01; + premaster_secret[1] = SSL_PROTOCOL_MINOR_VERSION; /* must be TLS 1.1 */ get_random(SSL_SECRET_SIZE-2, &premaster_secret[2]); DISPLAY_RSA(ssl, ssl->x509_ctx->rsa_ctx); diff --git a/ssl/tls1_svr.c b/ssl/tls1_svr.c index 742ffd593..53a37b924 100644 --- a/ssl/tls1_svr.c +++ b/ssl/tls1_svr.c @@ -120,17 +120,20 @@ static int process_client_hello(SSL *ssl) uint8_t *record_buf = ssl->hmac_header; int pkt_size = ssl->bm_index; int i, j, cs_len, id_len, offset = 6 + SSL_RANDOM_SIZE; - int version = (record_buf[1] << 4) + record_buf[2]; int ret = SSL_OK; /* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */ - if (version < 0x31) + uint8_t version = (record_buf[1] << 4) + record_buf[2]; + if (version > SSL_PROTOCOL_VERSION) + version = SSL_PROTOCOL_VERSION; + else if (ssl->version < SSL_PROTOCOL_MIN_VERSION) { ret = SSL_ERROR_INVALID_VERSION; ssl_display_error(ret); goto error; } + ssl->version = ssl->client_version = version; memcpy(ssl->dc->client_random, &buf[6], SSL_RANDOM_SIZE); /* process the session id */ @@ -151,10 +154,11 @@ static int process_client_hello(SSL *ssl) PARANOIA_CHECK(pkt_size, offset); - /* work out what cipher suite we are going to use */ - for (j = 0; j < NUM_PROTOCOLS; j++) + /* work out what cipher suite we are going to use - client defines + the preference */ + for (i = 0; i < cs_len; i += 2) { - for (i = 0; i < cs_len; i += 2) + for (j = 0; j < NUM_PROTOCOLS; j++) { if (ssl_prot_prefs[j] == buf[offset+i]) /* got a match? */ { @@ -180,7 +184,6 @@ int process_sslv23_client_hello(SSL *ssl) { uint8_t *buf = ssl->bm_data; int bytes_needed = ((buf[0] & 0x7f) << 8) + buf[1]; - int version = (buf[3] << 4) + buf[4]; int ret = SSL_OK; /* we have already read 3 extra bytes so far */ @@ -193,8 +196,9 @@ int process_sslv23_client_hello(SSL *ssl) DISPLAY_BYTES(ssl, "received %d bytes", buf, read_len, read_len); - /* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */ - if (version < 0x31) + /* should be v3.1 (TLSv1) or better */ + ssl->version = (buf[3] << 4) + buf[4]; + if (ssl->version < SSL_PROTOCOL_MIN_VERSION) { return SSL_ERROR_INVALID_VERSION; } @@ -308,7 +312,7 @@ static int send_server_hello(SSL *ssl) buf[2] = 0; /* byte 3 is calculated later */ buf[4] = 0x03; - buf[5] = 0x01; + buf[5] = ssl->version & 0x0f; /* server random value */ get_random(SSL_RANDOM_SIZE, &buf[6]); @@ -396,11 +400,12 @@ static int process_client_key_xchg(SSL *ssl) SSL_CTX_UNLOCK(ssl->ssl_ctx->mutex); if (premaster_size != SSL_SECRET_SIZE || - premaster_secret[0] != 0x03 || /* check version is 3.1 (TLS) */ - premaster_secret[1] != 0x01) + premaster_secret[0] != 0x03 || /* must be the same as client + offered version */ + premaster_secret[1] != (ssl->client_version & 0x0f)) { /* guard against a Bleichenbacher attack */ - memset(premaster_secret, 0, SSL_SECRET_SIZE); + get_random(SSL_SECRET_SIZE, premaster_secret); /* and continue - will die eventually when checking the mac */ } diff --git a/www/index.html b/www/index.html index 4bfe7c769..0cd96b751 100755 --- a/www/index.html +++ b/www/index.html @@ -7087,7 +7087,7 @@ if (useJavaSaver)
changes, notes and errata
Type the text for 'YourName'
-
@@bgcolor(#ff0000):color(#ffffff):Changes for 1.3.2@@\n\n!!__SSL Library__\n* Loading of PEM certificate bundles now loads CA certs properly.\n* ssl_client_new() can now be broken up into an ssl_client_new() and successive ssl_read()'s now by setting the ~SSL_CONNECT_IN_PARTS as an option in ssl_ctx_new().\n* Non-blocked mode is now not a requirement but calls may still be blocked.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.3.1@@\n\n!!__SSL Library__\n* Certificate bundles which contain "invalid" certificates (i.e. invalid digests types etc) are ignored rather than cause failure.\n\n!!__axhttpd__\n* ~HTTPv1.0 packets close a connection upon completion.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.3.0@@\n\n!!__SSL Library__\n* Close notify is now sent as an error code from ssl_read(). Server code should be modified to check for ~SSL_CLOSE_NOTIFY (thanks to ehuman - 3132700).\n* regular_square() issue fixed (3078672)\n* partial_multiply() removed and merged with regular_multiply() (3078372).\n* Invalid session id size now returns ~SSL_ERROR_INVALID_SESSION (thanks to Hardy Griech - 3072881)\n* q-dash issue with Barrett reduction fixed (thanks to Hardy Griech - 3079291).\n* PEM file detection now looks for "-BEGIN" in any part of the file rather than at the start (3123838).\n* 8/16/32 bit native int sizes can be selected in configuration.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.7@@\n\n!!__SSL Library__\n* A fix to find_max_exp_index() (thanks to Hardy Griech).\n* Check is made to get_cipher_info() if the appropriate cipher is not found (thanks to Hardy Griech).\n* Extra x509_free() removed from do_client_connect().\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.5@@\n\n!!__SSL Library__\n* The custom RNG updated to use an entropy pool (with better hooks to use counters).\n\n!!__axhttpd__\n* Headers are case insensitive (thanks to Joe Pruett for this and the following).\n* Child zombie issue fixed.\n* EOF on ~POSTs fixed.\n* Expect is ignored.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.4@@\n\n!!__SSL Library__\n* Client renegotiation now results in an error. This is the result of a security flaw described in this paper http://extendedsubset.com/Renegotiating_TLS.pdf, and also is explained in detail here http://www.cupfighter.net/index.php/2009/11/tls-renegotiation-attack/.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.3@@\n\n!!__SSL Library__\n* v3 certificates with ~SANs now supports (thanks to Carsten Sørensen).\n* axtlswrap added - a port of sslwrap (thanks to Steve Bennett)\n\n!!__axhttpd__\n* shutdown() called before socket close in CGI (thanks to Tom Brown)\n* command-line parameters to specify the http/https port.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.2@@\n\n!!__axhttpd__\n* File uploads over 1kB (but under MAXPOSTDATASIZE) are now supported.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.1@@\n\n!!__SSL Library__\n* Certificate verification now works for Firefox.\n* Extended the openssl API.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.0@@\n\n!!__SSL Library__\n* A self-signed certificate will be verified as ok provided that that it is on the certificate authority list.\n* Certificates are not verified when added as certificate authorities (since self-signed and expired certificates can be added to browsers etc)\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.9@@\n\n!!__SSL Library__\n* Now support MS IIS resource kit certificates (thanks to Carsten Sørensen).\n* Fixed a memory leak when freeing more than one CA certificate.\n* The bigint library had a problem with squaring which affected classical reduction (thanks to Manuel Klimek).\n\n!!__axhttpd__\n* Brought back setuid()/setgid() as an option.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.8@@\n\n!!__SSL Library__\n* Now using a BSD style license.\n* Self-signed certificates can now be automatically generated (the keys still need to be provided).\n* A new API call //ssl_x509_create()// can be used to programatically create the certificate.\n* Certificate/keys can be loaded automatically given a file location.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.7@@\n\n!!__SSL Library__\n\n* Variable sized session id's is now better handled for session caching. It has meant a new API call //ssl_get_session_id_size()// and a change to //ssl_client_new()// to define the session id size.\n* Muliple records with a single header are now better supported (thanks to Hervé Sibert).\n* ~MD2 added for Verisign root cert verification (thanks to Byron Rakitzis).\n* The ~MD5/~SHA1 digests are calculated incrementally to reduce memory (thanks to Byron Rakitzis).\n* The bigint cache is now cleared regularly to reduce memory.\n\n!!__axhttpd__\n\n* Improved the POST handling (thanks to Christian Melki).\n* CSS files now work properly.\n* Lua's CGI launcher location is configurable.\n* //vfork()// is now used for CGI for performance reasons.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.6@@\n\n!!__SSL Library__\n\n* ~RC4 speed improvements\n* Lua samples/bindings now work properly\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.5@@\n\n!!__SSL Library__\n\n* Session id's can now be variable lengths in server hello messages.\n* 0 length client certificates are now supported.\n* ssl_version() now returns just the version and not the date.\n* ssl_write() was not sending complete packets under load.\n\n!!__axhttpd__\n\n* Completely updated the CGI code.\n* Lua now integrated - Lua scripts and Lua Pages now run.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.4@@\n\n!!__SSL Library__\n\n* Fixed a Win32 crypto library issue with non-Administrator users\n* Removed compiler warnings that showed up in ~FC6.\n* GNU TLS certificates are now accepted.\n* Separated the send/receive headers for HMAC calculations.\n* Fixed a compilation problem with swig/perl/~FC6.\n* Fixed an issue with loading PEM CA certificates.\n\n!!__axhttpd__\n\n* Made //setuid()/setgid()// call an mconf option.\n* Made //chroot()// an mconf option. Default to //chdir()// instead.\n* Removed optional permissions checking.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.1@@\n\n!!__SSL Library__\n\n* AES should now work on 16bit processors (there was an alignment problem).\n* Various freed objects are cleared before freeing.\n* Header files now installed in ///usr/local/include/axTLS//.\n* -DCYGWIN replaced with -~DCONFIG_PLATFORM_CYGWIN (and the same for Solaris).\n* removed "-noextern" option in Swig. Fixed some other warnings in Win32.\n* SSLCTX changed to ~SSL_CTX (to be consistent with openssl). SSLCTX still exists for backwards compatibility.\n* malloc() and friends call abort() on failure.\n* Fixed a memory leak in directory listings.\n* Added openssl() compatibility functions.\n* Fixed Cygwin 'make install' issue.\n\n!!__axhttpd__\n\n* main.c now becomes axhttpd.c.\n* Header file issue fixed (in mime_types.c).\n* //chroot()// now used for better security.\n* Basic authentication implemented (via .htpasswd).\n* SSL access/denial protection implemented (via .htaccess).\n* Directory access protection implemented (via .htaccess).\n* Can now have more than one CGI file extension in mconf.\n* "~If-Modified-Since" request now handled properly.\n* Performance tweaks to remove //ssl_find()//.
+
@@bgcolor(#ff0000):color(#ffffff):Changes for 1.4.0@@\n\n!!__SSL Library__\n* Support for TLS 1.1\n* SSL 2.0 client hello is turned off by default as per RFC 4346 Appendix E.\n* Client determines the cipher suite selected rather than the server as per RFC 4346 7.4.1.2.\n* Guard against timing HMAC timing attacks as per RFC 4346 6.2.3.2.\n* Fixed ~SOCKET_WRITE buffer issue (thanks Hardy Griech - 3177419)\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.3.2@@\n\n!!__SSL Library__\n* Loading of PEM certificate bundles now loads CA certs properly.\n* ssl_client_new() can now be broken up into an ssl_client_new() and successive ssl_read()'s now by setting the ~SSL_CONNECT_IN_PARTS as an option in ssl_ctx_new().\n* Non-blocked mode is now not a requirement but calls may still be blocked.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.3.1@@\n\n!!__SSL Library__\n* Certificate bundles which contain "invalid" certificates (i.e. invalid digests types etc) are ignored rather than cause failure.\n\n!!__axhttpd__\n* ~HTTPv1.0 packets close a connection upon completion.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.3.0@@\n\n!!__SSL Library__\n* Close notify is now sent as an error code from ssl_read(). Server code should be modified to check for ~SSL_CLOSE_NOTIFY (thanks to Eric Hu - 3132700).\n* regular_square() issue fixed (3078672)\n* partial_multiply() removed and merged with regular_multiply() (3078372).\n* Invalid session id size now returns ~SSL_ERROR_INVALID_SESSION (thanks to Hardy Griech - 3072881)\n* q-dash issue with Barrett reduction fixed (thanks to Hardy Griech - 3079291).\n* PEM file detection now looks for "-BEGIN" in any part of the file rather than at the start (3123838).\n* 8/16/32 bit native int sizes can be selected in configuration.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.7@@\n\n!!__SSL Library__\n* A fix to find_max_exp_index() (thanks to Hardy Griech).\n* Check is made to get_cipher_info() if the appropriate cipher is not found (thanks to Hardy Griech).\n* Extra x509_free() removed from do_client_connect().\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.5@@\n\n!!__SSL Library__\n* The custom RNG updated to use an entropy pool (with better hooks to use counters).\n\n!!__axhttpd__\n* Headers are case insensitive (thanks to Joe Pruett for this and the following).\n* Child zombie issue fixed.\n* EOF on ~POSTs fixed.\n* Expect is ignored.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.4@@\n\n!!__SSL Library__\n* Client renegotiation now results in an error. This is the result of a security flaw described in this paper http://extendedsubset.com/Renegotiating_TLS.pdf, and also is explained in detail here http://www.cupfighter.net/index.php/2009/11/tls-renegotiation-attack/.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.3@@\n\n!!__SSL Library__\n* v3 certificates with ~SANs now supports (thanks to Carsten Sørensen).\n* axtlswrap added - a port of sslwrap (thanks to Steve Bennett)\n\n!!__axhttpd__\n* shutdown() called before socket close in CGI (thanks to Tom Brown)\n* command-line parameters to specify the http/https port.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.2@@\n\n!!__axhttpd__\n* File uploads over 1kB (but under MAXPOSTDATASIZE) are now supported.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.1@@\n\n!!__SSL Library__\n* Certificate verification now works for Firefox.\n* Extended the openssl API.\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.2.0@@\n\n!!__SSL Library__\n* A self-signed certificate will be verified as ok provided that that it is on the certificate authority list.\n* Certificates are not verified when added as certificate authorities (since self-signed and expired certificates can be added to browsers etc)\n\n@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.9@@\n\n!!__SSL Library__\n* Now support MS IIS resource kit certificates (thanks to Carsten Sørensen).\n* Fixed a memory leak when freeing more than one CA certificate.\n* The bigint library had a problem with squaring which affected classical reduction (thanks to Manuel Klimek).\n\n!!__axhttpd__\n* Brought back setuid()/setgid() as an option.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.8@@\n\n!!__SSL Library__\n* Now using a BSD style license.\n* Self-signed certificates can now be automatically generated (the keys still need to be provided).\n* A new API call //ssl_x509_create()// can be used to programatically create the certificate.\n* Certificate/keys can be loaded automatically given a file location.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.7@@\n\n!!__SSL Library__\n\n* Variable sized session id's is now better handled for session caching. It has meant a new API call //ssl_get_session_id_size()// and a change to //ssl_client_new()// to define the session id size.\n* Muliple records with a single header are now better supported (thanks to Hervé Sibert).\n* ~MD2 added for Verisign root cert verification (thanks to Byron Rakitzis).\n* The ~MD5/~SHA1 digests are calculated incrementally to reduce memory (thanks to Byron Rakitzis).\n* The bigint cache is now cleared regularly to reduce memory.\n\n!!__axhttpd__\n\n* Improved the POST handling (thanks to Christian Melki).\n* CSS files now work properly.\n* Lua's CGI launcher location is configurable.\n* //vfork()// is now used for CGI for performance reasons.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.6@@\n\n!!__SSL Library__\n\n* ~RC4 speed improvements\n* Lua samples/bindings now work properly\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.5@@\n\n!!__SSL Library__\n\n* Session id's can now be variable lengths in server hello messages.\n* 0 length client certificates are now supported.\n* ssl_version() now returns just the version and not the date.\n* ssl_write() was not sending complete packets under load.\n\n!!__axhttpd__\n\n* Completely updated the CGI code.\n* Lua now integrated - Lua scripts and Lua Pages now run.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.4@@\n\n!!__SSL Library__\n\n* Fixed a Win32 crypto library issue with non-Administrator users\n* Removed compiler warnings that showed up in ~FC6.\n* GNU TLS certificates are now accepted.\n* Separated the send/receive headers for HMAC calculations.\n* Fixed a compilation problem with swig/perl/~FC6.\n* Fixed an issue with loading PEM CA certificates.\n\n!!__axhttpd__\n\n* Made //setuid()/setgid()// call an mconf option.\n* Made //chroot()// an mconf option. Default to //chdir()// instead.\n* Removed optional permissions checking.\n\n!@@bgcolor(#ff0000):color(#ffffff):Changes for 1.1.1@@\n\n!!__SSL Library__\n\n* AES should now work on 16bit processors (there was an alignment problem).\n* Various freed objects are cleared before freeing.\n* Header files now installed in ///usr/local/include/axTLS//.\n* -DCYGWIN replaced with -~DCONFIG_PLATFORM_CYGWIN (and the same for Solaris).\n* removed "-noextern" option in Swig. Fixed some other warnings in Win32.\n* SSLCTX changed to ~SSL_CTX (to be consistent with openssl). SSLCTX still exists for backwards compatibility.\n* malloc() and friends call abort() on failure.\n* Fixed a memory leak in directory listings.\n* Added openssl() compatibility functions.\n* Fixed Cygwin 'make install' issue.\n\n!!__axhttpd__\n\n* main.c now becomes axhttpd.c.\n* Header file issue fixed (in mime_types.c).\n* //chroot()// now used for better security.\n* Basic authentication implemented (via .htpasswd).\n* SSL access/denial protection implemented (via .htaccess).\n* Directory access protection implemented (via .htaccess).\n* Can now have more than one CGI file extension in mconf.\n* "~If-Modified-Since" request now handled properly.\n* Performance tweaks to remove //ssl_find()//.
[[Read Me]]
axTLS uses a BSD style license:\n\nCopyright (c) 2008, Cameron Rich All rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are met:\n\nRedistributions of source code must retain the above copyright notice, this\nlist of conditions and the following disclaimer. Redistributions in binary\nform must reproduce the above copyright notice, this list of conditions and\nthe following disclaimer in the documentation and/or other materials\nprovided with the distribution. Neither the name of the axTLS Project nor\nthe names of its contributors may be used to endorse or promote products\nderived from this software without specific prior written permission. \n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"\nAND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\nIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE\nARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR\nANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\nDAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\nSERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER\nCAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT\nLIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY\nOUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH\nDAMAGE.
[[Read Me]] \n[[Changelog]]\n[[axhttpd]]\n[[License]]