2004-11-20 tag v3_0beta26 2004-11-20 Dossy Shiobara * Makefile (1.44), nsopenssl.c (1.77), sslcontext.c (1.10): Fix memory leak in IssueTmpRSAKey, introducing new NsMakeTmpRSAKey and pre-generating 512-bit and 1024-bit temporary RSA keys at nsopenssl module initialization time. Closes SF Bug #1069595. 2004-11-02 tag v3_0beta25 2004-11-02 Dossy Shiobara * ssl.c (1.68, v3_0beta25): SSL_ERROR_ZERO_RETURN should not be treated as an error as it signifies a proper close notification from the peer in SSLv3/TLSv1 connections (and doing so causes outbound SSL client connections to misbehave). Closes SF Bug #1059171. 2004-10-27 Dossy Shiobara * nsopenssl.c (1.76), nsd.tcl (1.13): Fix crashing bug in SeedPRNG and update sample configs. The correct module-global config section is called "ns/module/nsopenssl". Closes SF Bug #1055417. 2004-09-21 tag v3_0beta23 2004-09-21 Dossy Shiobara * sslcontext.c (1.9): Fix IssueTmpRSAKey crash when nsopenssl serves Netscape Navigator 4.06 Export Edition with weaker RSA keys. Closes SF Bug #999089. 2004-08-25 tag v3_0beta22 2004-08-25 Dossy Shiobara * ssl.c (1.67), nsopenssl.c (1.75): Cleanup of code and fix a bug relating to "broken" SSL connections being returned to the connection pool for HTTP Keep-Alive when they should be shut down and discarded. This was resulting in connection threads using up 100% of the CPU, trying to read the next HTTP request from a dead socket, then returning it back to the Keep-Alive pool. Fixes a portion of the SF Bug #1012892. 2004-08-25 Dossy Shiobara * README (1.6), nsd.tcl (1.12): If SSLv2 isn't in the list of configured protocols, then it shouldn't be in the list of ciphersuites either -- this can cause the server to crash if a client tries to negotiate a SSLv2 connection (as it's advertised as available in ciphersuites). 2004-06-23 Scott Goodwin * sslcontext.c, defaults.h: Merged SSLContextCertInit, SSLContextKeyFileInit, and the key/cert validate function into one. Default certificate and key file paths no longer default to anything: you must specify them specifically. Client SSL contexts no longer fail to load if there is no certificate defined for it: SSL certs are optional for clients. 2004-06-16 Dossy Shiobara * https.tcl: throwback from old http.tcl - should use _ns_https_read and not _ns_http_read 2004-06-16 Dossy Shiobara * https.tcl: new optional 'body' arg to ns_httpspost so the POST data can be computed before calling ns_httpspost and sent as the request body. 2004-06-12 Scott Goodwin * https.tcl: fixed to use separate read and write handles again. We don't really need a separate read and write sockets (which are both wrapped in Tcl channels) since sockets can be bidirectional. I decided I'd clean up that code so you'd only need one socket, and thus would only be using up one file descriptor instead of two. But doing this made the code more complex and would change the number of args. Ah well, live and learn. 2004-04-14 Scott Goodwin * nsopenssl.h, ssl.c, tclcmd.c: Restructured Tcl channel process; now uses ChanInfo structs to maintain state and to ensure proper closure and freeing of sockets, channels and structures. 2004-04-13 Scott Goodwin * x509.c: Added x509.c to hold certificate management functions. 2004-04-09 Scott Goodwin * All: Lot's of cleanup, deleting old comments, restructing some code. * nsopenssl.h, ssl.c: Merged NsOpenSSLConnSend, NsOpenSSLConnRecv and NsOpenSSLConnHandshake into one function, NsOpenSSLConnOp. * defaults.h, nsopenssl.h: Pulled default defines out of nsopenssl.h and into separate defaults.h file. * nsopenssl.h, ssl.c: Added DEBUG_NSOPENSSL define: uncomment it to dump more info to log; comment out for production runs. Recompilation necessary. * sslcontext: fixed SSLContextCacheInit to take into account the context's server / client role. 2004-04-04 Scott Goodwin * Tagged: 3_0beta19 * nsopenssl.h, ssl.c, tclcmds.c, https.tcl: Cleaned up CreateTclChannel. This affects calls to ns_openssl_sockopen and friends: the number of list values is the same and so is there meaning, but list items 1 and 2 are now the same socket descriptors where in the past they used to be separate, one for read and one for write. The benefits besides simpler C code are that your web server will use 1 less fd for each connection you make using nsopenssl's Tcl API. * ssl.c, tclcmds.c: Fixed fd leak when using nsopenssl Tcl API. Have to do a shutdown on the socket for both read/write sides, then ns_sockclose on the socket. 2004-03-27 Scott Goodwin * nsopenssl.c, tclcmds.c: Fixed fd leak where I wasn't properly cleaning up after ns_sockopen etc. Changes involved adding readchan and writechan to NsOpenSSLConn struct, unregistering and closing the sockets in ChanCloseProc. Thanks to Noah Robin (sitz@aol.net) for reporting the problem. 2004-03-12 Scott Goodwin * nsopenssl.c: Changed couple of STREQ's for STRIEQ's so sslcontext could be upper, lower or mixed case. Thanks to Noah Robin (sitz AT aol.net). 2004-03-02 Scott Goodwin * ssl.c: Changed SSL handshake failure to be a warning instead of an error. 2004-02-29 Scott Goodwin * nsopenssl.h, nsopenssl.c, ssl.c: Added code to wait on sockets that have nothing ready to read or write. Stops these conns from hogging the CPU. 2004-02-16 Scott Goodwin * nsopenssl.h, ssl.c: Fixed SSL read loop problem; improved processing path. 2004-02-15 Scott Goodwin * ssl.c: Restructured SSL read and write loops; both now take into account incomplete reads and track buffer length. * nsopenssl.h, ssl.c, sslcontext.c: Added microsecond timers to the connection structure for OpenSSLTrace to output. This incurs no overhead when SSL handshake tracing is turned off. When handshake tracing is turned on, the trace output includes times in microseconds for each step relative to when the previous step completed. This will assist in doing performance analysis and tuning for a particular installation. * ssl.c, nsopenssl.h: Removed read/write attempt counts. 2004-02-13 Scott Goodwin * ssl.c, nsopenssl.h: Added read and write attempt counts; if a conn read or write fails 1,000 in a row, we consider the conn dead and return an error. Hopefully this is a temporary fix until I can identify a better way to resolve this issue in the core server. 2004-01-19 Scott Goodwin * Makefile: added kerberos headers to CFLAGS to resolve issue when OpenSSL has been compile with Kerberos support. This appears to be true if you're running RedHat 9, and possibly Fedora. Thanks to C.R. Oldham for this fix. * nsopenssl.h, nsopenssl.c, ssl.c: Removed rest of BIO stuff in lieu of straight SSL calls. Cleaned up NsOpenSSLConnHandshake(). 2004-01-17 Scott Goodwin * nsopenssl.h, ssl.c, tclcmds.c: Ripped out use of BIOs in NsOpenSSLConnSend and NsOpenSSLConnRecv and replaced them with straight SSL methods. 2004-01-16 Scott Goodwin * ssl.c, nsopenssl.h: Merged NsOpenSSLConnConnect and NsOpenSSLConnAccept into a single NsOpenSSLConnHandshake function. Also converted the function to use SSL_* calls directly instead of using OpenSSL's BIO abstraction. Subjectively, the handshake does appear to be quicker. 2004-01-08 Scott Goodwin * ssl.c: Fixed bug in Recv and Send procs so that larger files could be downloaded and uploaded. 2003-12-27 Scott Goodwin * nsopenssl.c, nsopenssl.h: Added changes from Jamie Rasmussen for Windows build. 2003-12-24 Scott Goodwin * all: Lots of cleanup, initializing function variables. * sslcontext.c, nsopenssl.c, nsopenssl.h: Added names to mutexes. Added MODULE_SHORT to nsopenssl.h as the mutex name length is limited. 2003-12-13 Scott Goodwin * ssl.c: Changed NsOpenSSLConnSend to use BIO_write instead of SSL_write. It's crucial that we call BIO_flush after every write or this won't work. 2003-11-24 Scott Goodwin * ssl.c, nsopenssl.c, tclcmds.c: Fixed problem with SSL conn reference counting; conns are now free'd properly when NsOpenSSLDestroy is called and the conn's reference count is 0. Tagged v3_0_beta_2. 2003-11-22 Scott Goodwin * all: Stopped passing *module to all functions; nsopenssl must now be called nsopenssl in the config file and nothing else. Merged sslconn.c and sslsock.c into ssl.c. Lots of other cleanups. 2003-11-09 Scott Goodwin * tclcmds.c: 'ns_openssl info' now returns a string instead of a list. 2003-10-25 Scott Goodwin * All: Cleaned up SSL context handling, reintegrated Ns_OpenSSLSockConnect, adding SSL context passing ability. 2003-10-23 Scott Goodwin * https.tcl, Makefile: Added back to the code, modified Makefile to install it. 2003-10-19 Scott Goodwin * All: Lots of fixes, added mutexs around SSL contexts structures, fixed session cache id generation to be specific to each virtual server. 2003-10-11 Scott Goodwin * All: Refactored entire codebase by abstracting public functions into libnsopenssl.so/dylib and an nsopenssl.so module. 2003-09-30 Scott Goodwin * All: ripped out all non-comm-driven stuff. nsopenssl module will now be focused only on core comm-driven connections. All the rest of the stuff (incoming and outgoing SSL conns generated by Tcl API itself) is moving into a new module called nshttps. 2003-09-29 Scott Goodwin * init.c, nsopenssl.h: added default SSL contexts section and modified to read from config file.. 2003-08-21 Scott Goodwin * all: Added Ns_OpenSSLContextInit, Ns_OpenSSLContextRelease and other C API functions. Refactored rest of C API and other functions. 2003-08-12 Scott Goodwin * nsopenssl.c: fixed bug when setting protocols; SSL handshake now completes successfully. 2003-08-10 Scott Goodwin * ssl.c: Got rid of SetNonBlocking(); calling Ns_SockSetNonBlocking and Ns_SockSetBlocking directly. 2003-08-08 Scott Goodwin * All: - Ripped out AOLserver 3.x comm driver stuff - Added Tcl hash to manage nsopenssl state for each virtual server - OpenSSL library is initialized at first virtual server init - New Ns_DriverInitData structure added (req'd AOLserver mod) - Replaced config.c/h by using AOLserver C API config stuff directly 2003-01-08 Scott Goodwin * All: Committing back to AOLserver SourceForge area prior to ripping out AOLserver 3.x support. nsopenssl 3.x will only be supporting AOLserver 4.x. 2002-12-22 Scott Goodwin * thread.c, nsopenss.c: Merged thread.c into nsopenssl.c. 2002-11-23 Scott Goodwin * all: Cleaned up the directory; moved some files to the test directory. * config.h, tclcmds.h, thread.h: Merged into nsopenssl.h * config.c, nsopenssl.h: Merged config.c into init.c 2002-11-21 Scott Goodwin * tclcmds.c: ns_sockdup, ns_sockioctl have gone away in AOLserver 4.x. Changed them to dup and ioctl for both 3.x and 4.x compiles. * Makefile: Add a definition for $(CP). AOLserver 4.x uses the install program instead of CP like AOLserver 3.x. Need to update nsopenssl to compile using the appropriate method for 3.x and 4.x. * nsopenssl.h: Moved Ns_OpenSSLConn's 'struct NsOpenSSLDriver sdPtr' so that it is used for both 3.x and 4.x * nsopenssl.c: Moved declaration of 'static NsOpenSSLDriver firstSSLDriverPtr' so it is compiled with both 3.x and 4.x. Moved OpenSSLProc's conn initializer outside of the switch statement so that it runs first (might be a problem as this should probably only pertain to DriverSends and Receives. Changed OpenSSLProc to use recvmsg and sendmsg the same way nssock's SockProc does. 2002-10-28 Scott Goodwin * https.tcl: Added ability to pass multiple files with ns_httpspost: "filesets" is a list of ns_sets, each ns_set contains information about each file to upload and has four keys: name: the name of the form element for this file filename: the name of the file content: the actual contents of the file content-type: the type of contents in the file, such as text/plain filesets are only used with multipart/form-data The filesets parameter has been added to the parameters passed in: ns_httpspost {url {rqset ""} {qsset ""} {type ""} {filesets ""} {timeout 30}} IF YOU USE timeout IN YOUR CURRENT ns_httpspost CODE, YOU MUST CHANGE YOUR CALL. Also modified ns_httpspost to accept "" to mean the default timeout. 2002-10-18 Scott Goodwin * ca, tests: Moved the tests and ca to a separate test harness. Decided it would be best to keep all tests in the test harness rather that the module, at least until tests for all the modules and the core server are written. A decision can be made at that time whether to integrate the testing framework into the core and modules. 2002-10-07 Scott Goodwin * ca: Created the 'ca' directory to generate and hold test CA certs, web server certs, and client certs. * tests: Added more files to the tests directory. 2002-10-04 Scott Goodwin * TODO: Added back to the repository. * Makefile: Updated with new targets for tagging and releasing code (stolen from Rob Mayoff's nscache Makefile :) 2002-05-28 Scott Goodwin * init.c: added some user-friendly error messages when key fails to load in LoadKey routine. 2002-05-27 Scott Goodwin * ssl.c: in NsOpenSSLDestroyConn, if socket is valid, we shut it down before freeing the ccPtr datastructures. Apparently, the BIO_free_all causes two bytes to be sent over the socket that confuses Win32 clients. Thanks to Piotr Szuca for this addition. 2002-04-23 Scott Goodwin * Makefile: added 'install: all' directive that overrides the 'install: all' directive in Makefile.module so that I can have the install process install https.tcl as well (I need to update the online docs). Thanks to Pierre Asselin. 2002-03-05 Scott S. Goodwin * nsopenssl.c, nsopenssl.c: cleaned up NsOpenSSLDriver and Ns_OpenSSLConn structures some more, and cleaned up the initialization of an Ns_OpenSSLConn in SockThread. Some items weren't being initialized (they aren't yet being used, but should still be initialized). Tag: nsopenssl-2_2_beta_4. * nsopenssl.c, nsopenssl.h, tclcmds.c: rearranged the NsOpenSSLDriver and Ns_OpenSSLConn structures to make it clearer what items needed to be freed by what routines. Also changed port to peerport in Ns_OpenSSLConn, and added the 'ns_openssl peerport' command, which is the same as the 'ns_openssl port' command. Tag: nsopenssl-2_2_beta_3. * all: ran *.c and *.h through indent: indent -i2 -br -brs -ce -hnl -psl -sob . 2002-03-04 Scott S. Goodwin * ssl.c, nsopenssl.c, nsopenssl.h, tclcmds.c: Added 'ns_openssl module name' and 'ns_openssl module port' commands. The first tells you what the name of the loaded module is for the current connection (you may have more than one copy of nsopenssl loaded). The second tells you which port your current connection's nsopenssl driver is listening on. This would allow you to do access control by determining what module name and or module port the connection is coming through. 2002-02-18 Scott S. Goodwin * tclcmds.c: added ns_openssl port command. It returns the scPtr->port value, which happens to be the local port the conn is using, not the port the server is listening on. I need to do a query on the port the server is listening on by grabbing the port number from the nsd.tcl based on the module name (as you may have multiple instances of nsopenssl up and running). 2002-02-15 Scott S. Goodwin * ssl.c: I was decrementing towrite by rc bytes. Problem is that if rc < 0 which it will be on SSL_write error, towrite will get bigger. This was a late night error. The #if'd out debug portion worked properly. Adam Zell pointed this out. * dumb: The previous two changes were made once before. The tclcmd.c fix reverted when I received a fix for some other problem in tclcmd.c; I neglected to do a diff between my copy and the fixed one that was sent to me. In the case of init.c, I'm uncertain how that creeped back in. Thanks to Adam Zell for pointing these out. Lessons learned: Always commit your changes right after your tests work. Always diff a file sent to you against your current working copy from the repository. There may be changes you made to your file that aren't in the contributed file. * init.c: Fixed NsOpenSSLCreateDriver; sdPtr->randomFile wasn't set before being possibly used. * tclcmds.c: Fixed SSLSockListenCallback so that the interp was initialized before it was possibly used. 2002-02-14 Scott S. Goodwin * nsopenssl 2.1 released. 2002-02-13 Scott S. Goodwin * ssl.c: The nonblocking socket fix in RunServerSSLHandshake fixed the Solaris problem. #if'd out debug code in NsOpenSSLSend function. Maybe I can go back and retry the BIO_handshake by unblocking the socket before I run it. 2002-02-12 Scott S. Goodwin * ssl.c: made the socket non-blocking at the beginning of RunServerSSLHandshake, and set it back to blocking before the function returns. * ssl.c: took out #if 0 for the SetNonBlocking function. It's not used right now, but it had nested #if 0's, which makes me nervous. * ssl.c: moved SSL_set_app_data call from before to after SSL_set_accept_state call, as it was in 1.1c. * ssl.c: added some debug code in NsOpenSSLSend to help debug Solaris problem. 2002-02-08 Scott S. Goodwin * ssl.c: reverted NsOpenSSLSend back to the way nsopenssl 1.1c worked to try and resolve a problem on Solaris where images and possibly pages of certain sizes fail to download correctly. Haven't tested yet. 2002-02-08 Scott S. Goodwin * ssl.c: added some debugging code to log errors when NsOpenSSLSend fails. This is to try and debug a Solaris issue. 2001-12-27 Scott S. Goodwin * https.tcl: cleaned up the ns_httpspost proc and got rid of the debugging statements. 2001-12-12 Scott S. Goodwin * https.tcl: form.tcl doesn't respect the fact that a boundary value declaration may be wrapped in double quotes. It will work with this: multipart/form-data, boundary=--123456789 but not this: multipart/form-data, boundary="--123456789" Changed https.tcl to work with form.tcl (for now). 2001-12-02 Scott S. Goodwin * config.h: Added the CONFIG_MODULEDIR to create the ModuleDir parameter name. * init.c: Altered CheckModuleDir so that the config parameter ModuleDir can be used to point to somewhere outside of the AOLserver directory area. If ModuleDir is specified, the CheckModuleDir does *not* try and create the directory for you but assumes if you've already got it set up. * config.c: Used Ns_MakePath in place of Ns_DStringVarAppend to ensure that slashes always appear between path elements when ConfigPathDefault constructs a path. * init.c: Renamed MakeModuleDir to CheckModuleDir, and instead of passing in *server, *module and **dirp, now only *sdPtr is passed in. 2001-11-29 Scott S. Goodwin * https.tcl: Added '--' to prepend the boundary markers in ns_httpspost. I should have read the MIME RFC, as a boundary marker that is declared as --myboundarymarkerhere looks like this when actually used: ----myboundarymarkerhere 2001-11-19 Scott S. Goodwin * https.tcl: Fixed boundary problem when doing multpart form data with ns_httpspost. This code: set qsset [ns_set new qsset] ns_set put $qsset user goodwin ns_set put $qsset pass blahblah set page [ns_httpspost \ "https://192.168.0.1:8001/test.cgi" "" \ $qsset "multipart/form-data"] Posts this content: -----------------------------16931435195472910531915358310 Content-Disposition: form-data; name="user" goodwin -----------------------------16931435195472910531915358310 Content-Disposition: form-data; name="pass" blahblah -----------------------------16931435195472910531915358310-- 2001-10-13 Scott S. Goodwin * https.tcl: Added ability for ns_httpspost to do multiport/form-data. (Not Yet Tested!!!). * ssl.c: The NsOpenSSLSend function simply did an SSL_write. Robert Spassky Cabacungan found that this wasn't working for long file transfers. Specifically, in his own words: The problem is the NsOpenSSLSend() function in ssl.c, in nsopenssl-2.0. BIO_write is returning a "resource not available, try again" error, but NsOpenSSLSend is not checking for that, and so behaves as though it were a non-recoverable error, aborting the write instead of trying again. A simple loop over the SSL_write() fixes this. Ironically, there is commented out code at the bottom of the function which would handle retries. However, the comment reads "this BIO_write loop doesn't work, but seems like it should". So it looks like Scott did consider this possibility, but it kind of slipped through the cracks in the final release. Indeed, NsOpenSSLRecv() does loop and handle retries. Rob change the SSL_write to be inside of a loop that checks BIO_should_retry on the write BIO. 2001-09-28 Scott S. Goodwin * Makefile: Added better make instructions when OPENSSL var isn't set. * Makefile: Cleaned up the Makefile considerably so it's easier to read and understand. 2001-09-27 Scott S. Goodwin * tclcmds.c: Bug fixes contributed by Rich Fredericks, AOL Local Technology group. In his own words: "As I said on the phone, All I really did was make sure NsTclOpenSSLCmd returns out (TCL_ERROR) if the argc req isn't met (line 205) and add a check for NULL on scPtr (lines 220-223). I also moved the "scPtr = NsOpenSSLGetConn(interp)" statement to below the code for the "info" option to the tcl ns_openssl command (previously it was executed first), since that specific variant of the command does not require an SSL conn context." Thanks, Rich! 2001-08-29 Scott S. Goodwin * https.tcl: made fixes to ns_httpspost per Rick Lansky at bom.com. He also suggested I allow the Content-type to be passed in as a parameter, so I've added that too. 2001-08-27 Soctt S. Goodwin * https.tcl: added ns_httpspost, that is called with url, rqset, qsset and timeout. The qsset is an ns_set with key/values that will be turned into user=scottg&pass=1234, for example, and passed as content in the POST. 2001-08-21 Scott S. Goodwin * https.tcl: removed some debugging statements; commented out the debug notice that the url was local. * https.tcl: fixed a bug that was fixed once before but apparently I got my files mixed up. rqset wasn't being passed from ns_httpsget to ns_httpsopen. 2001-08-20 Scott S. Goodwin * https.tcl: changed ns_httpsopen such that when it's passed a url that does not begin with "https://", it will first try to prepend the ServerLocation param, then the ServerHostname param, then the ServerAddress param. If all of them fail, it will log an error, but continue processing. Should probably make it a fatal error for nsopenssl to load if one or more of these parameters are not set. * ssl.c: bug fix: trying to use module and type from ccPtr after ccPtr had been destroyed. 2001-08-17 Scott S. Goodwin * ssl.c: tested the sock client and sockserver's ability to validate their peer's certificate. Tested nsdserver's ability to validate client's certificate. * nsopenssl.h: defined version for OpenSSL 0.9.6b. * https.tcl: made rqset the second to last arg passed to ns_httpsget. 2001-08-16 Scott S. Goodwin * init.c: turned on the peerVerify code for SSL sock server and sock clients (as opposed to NSD-driven conns). Need to test. * tclcmds.c: was using an interp before it was allocated. Pretty amazing. Adam Zell pointed this out. * init.c: boneheadedly #if 0'd out the client cert verification code for NSD-driven conns. Works now. Sean Yamamoto noticed the problem. * init.c: should have been initializin sdPtr->randomFile *before* calling SeedPRNG. Also should have been freeing randomFile when freein the driver. Thanks to Adam Zell for pointing these out. 2001-08-15 Scott S. Goodwin * https.tcl: add the rqset parameter to ns_httpsget so that cookies can be used. 2001-08-09 Scott S. Goodwin * nsopenssl 2.0 released. * tests: tested with OpenSSL 0.9.6a Solaris. * tests: tested with OpenSSL 0.9.6, 0.9.6a and 0.9.6b on Linux. * ssl.c: Had to return to the non-BIO method of running the SSL server handshake. Solaris *hates* the BIO method. Where normally it'll try to read the client cert twice (even if you've told it not to ask for a client cert!), with the BIO method, it attempts to read the client cert up to 60 times! 2001-08-08 Scott S. Goodwin * init.c: the OpenSSL PRNG is now seeded at start time when NsOpenSSLCreateDriver is run. This will have no effect on Linux, but it will hopefully ease the pain of Solaris and other users. * docs: go see http://scottg.net for the new documentation on nsopenssl. * All: added ns_openssl_sock* commands and C API. The C API isn't ready for prime time, and there's more work to do on how the Tcl commands are going to use cert validation, but it can make outgoing SSL conns and set up SSL ports to listen on, from Tcl or C. * TODO: removed this file from distribution. Will host it on http://scottg.net. 2001-08-08 Scott S. Goodwin * nsopenssl 1.1c released. * all: Bug fix. If a file upload is interrupted, the connection doesn't go away, and the thread continues consuming CPU and memory. This fix checks to see if the client has gone away and forces an error, at which point the connection is cleaned up properly. 2001-06-20 Scott S. Goodwin * init.c: changed SetProtocols to allow putting all protocols on one line instead of one per line. 2001-06-15 Scott S. Goodwin * nsopenssl 1.1b released. * all: Updated to allow the server to pass its certificate chain to the client. To use this feature, simply append your certificate chain to the end of your server certificate PEM file and start your server. 2001-06-08 Scott S. Goodwin * nsopenssl 1.1a released. * all: Bug fix to allow session caching and client certificate verification to work at the same time. Session caching is on by default in version 1.1, but client verify is not. 2001-05-05 Scott S. Goodwin * nsopenssl 1.1 released. 2001-05-04 Scott S. Goodwin * ssl.c: Now checking for errors returned by BIO_flush in NsOpenSSLFlush; we don't return an error though from the function though, we just report it in the log. * init.c, config.h: made seedbytes a config parameter, which allows you to set the number of bytes that will be used to seed the PRNG. 2001-05-03 Scott S. Goodwin * test.adp: renamed test.adp to nsopenssl-tests.adp. * init.c: cleanup code; moved PRNG functions to bottom; cleaned up NsOpenSSLInitSessionCache. 2001-05-01 Scott S. Goodwin * init.c: Solaris problem: SeedPRNG failed because I wasn't adding enough randomness; I bumped up the number of bytes from 16 to 1024 and it's working now. Yay! 2001-04-30 Scott S. Goodwin * nsd.tcl: added ns_param RandomFile. * 40-bit export browsers now work!!! The recent changes you see were to fix problems with 40-bit export browsers, which could not connect when your server certificate had 1024 public key (which most if not all server certs do). * TODO: added link to nsopenssl release info on my site. * tclcmds.c, test.adp: Added new Tcl commands to report protocol and cipher name, strength: ns_openssl protocol ns_openssl cipher name ns_openssl cipher strength * init.c: initialized sdPtr->randomFile from the RandomFile nsd.tcl parameter in NsOpenSSLCreateDriver(). Added AddEntropyFromRandomFile(), PRNGIsSeeded(), SeedPRNG() and IssueTmpRSAKey(). * config.h: added CONFIG_RANDOM parameter; uses "RandomFile" in nsd.tcl to allow you to specify a file to use as a source of random bits for seeding the PRNG. * config.c: modified ConfigPathDefault to allow NULL as a default. * nsopenssl.h: removed Ns_Cache pointer from nsopenssl driver structure. Added pointer to file specified with the RandomFile parameter. 2001-04-17 scottg * TODO: Updated. * config.h: Session caching is now on by default. * Makefile: Updated to reflect absence of cache.c. * cache.c, cache.h: Removed these files. See item below. * init.c, cache.c: Moved NsOpenSSLInitSessionCache from cache.c to init.c and removed the callback setups. We don't need to use our own caching mechanism; OpenSSL already has one built-in. Apparently when the nsopenssl module was created, it was based on mod_ssl which needs an external, disk-based session caching mechanism because Apache isn't multithreaded. 2001-03-12 root * tclcmds.c: Replaced Ns_GetConn with Ns_TclGetConn. Latest AOLserver 4.x no longer offers Ns_GetConn. 2000-12-12 root * nsopenssl.c: made it a fatal error to bind to a socket already in use. What sometimes happens is someone will forget to take out nsssl at startup and it'll bind to the https socket first. nsopenssl would just log the error but most people would assume it was working since they could connect via SSL. * sock.c: somehow this file was left lying around. All of these functions are in nsopenssl.c, so I removed sock.c. 2000-11-18 root * nsopenssl.h: changed library version to 0.9.6. Gotta find a way to automatically set this based on what version of OpenSSL you compile against. Right now, OpenSSL 0.9.6 is required. Shouldn't be difficult to make this module work with 0.9.5a if you really want. 2000-11-18 root * production-ready: Although there is still more to do (see below and the TODO file), I have done extensive load-testing on RedHat 6.2 and Debian 2.2 and consider this code to be production-ready. Note that I haven't had time to run load tests on a Solaris box yet. * init.c: fixed LoadCACerts; the CA directory was forced to NULL when calling SSL_CTX_load_verify_locations. * all: Rob Mayoff has taken the module and really done an excellent job of refactoring and cleaning it up. Most notable changes: Extensive reformatting to bring code (mostly) in line with AOLserver standards. Consolidated structures. Now there is a single struct representing the driver and a single struct for each connection, instead of two in each case. Driver initialization factored mostly into init.c. Implemented timeout during SSL handshake. Revised Makefile. Now detects OPENSSL not set in a way that doesn't involve bracketing the whole Makefile in an ifdef. I modified the cache code extensively; however, it probably doesn't manage reference counts quite right. See next item anyway. The cache is disabled by default. This code was (I assume) blindly modelled on mod_ssl's cache. The reason mod_ssl needs it is because the Apache children don't share one SSL_CTX. Since nsd threads do share one SSL_CTX, and the SSL_CTX has its own session cache anyway, there's no point in building our own in this way. Config utilities in config.c. All config #defines in config.h. Added thread (mutex) callbacks in thread.c. If the client sends an invalid certificate, the connection is still accepted. I added a new command, [ns_openssl clientcert valid], that returns 1 if the client sent a certificate AND we were able to verify it. 2000-11-05 root * tclcmds.c: added 'ns_openssl clientcert exists' command. * readme.txt: updated with Tcl interface and with parameters for nsd.tcl. * nsopenssl.c: left it in SSL_VERIFY_PEER mode by mistake. It now uses the config file parameter ClientVerify properly. Also did some cleanup. * sock.c: the 'ssl' command has been changed to 'ns_openssl'. 2000-11-04 root * tclcmds: Changed the tcl command names. All nsopenssl Tcl commands now start with 'ssl'; all new commands should also start with 'ssl': ssl info ssl clientcert version ssl clientcert serial ssl clientcert subject ssl clientcert issuer ssl clientcert notbefore ssl clientcert notafter ssl clientcert signature_algorithm ssl clientcert key_algorithm ssl clientcert pem * nsopenssl.c, sock.c: Moved default ca chain processing from nsopenssl.c to sock.c. * nsopenssl.c: took out FIONBIO ifdef'd code. 2000-10-30 [ ROOT I ] * nsd.tcl, nsopenssl.h, nsopenssl.c, sock.c: added CACertPath and CACertFile parameters to config file processing; these now get passed from nsd.tcl to Ns_SSLCreateServer. * nsopenssl.h, nsopenssl.c, sock.c: Created SSLConf data structure to hold config parameters that are passed from Ns_ModuleInit to Ns_SSLCreateServer. Changed all 'keyfile' variable name types to 'config->keyfile'. This seems like double-duty since the SSLServer data structure contains some of the same information. To get rid of SSLConf we'd have to move the code that's currently in Ns_SSLCreateServer into Ns_ModuleInit which wouldn't be wise. First, you want to factor out any code you can to keep each function as simple as possible. Second, we might want to create multiple servers using Ns_SSLCreateServer (say for virtual hosting); having it a separate function that you pass these parameters to is useful, I think. 2000-10-27 Scott S. Goodwin * tclcmds.c: added CertInfoCmd which is called in Tcl as: client_cert_info version client_cert_info serial client_cert_info subject client_cert_info issuer client_cert_info notbefore client_cert_info notafter client_cert_info sig_algorithm client_cert_info key_algorithm client_cert_info pem_certificate I also added three functions to support the above Tcl commands: ValidTime, which is used to return the notbefore and notafter strings in the format "Aug 28 20:00:38 2000 GMT"; SerialNumber which returns the serial number as a string (serial number is in hex); and PEMCertificate, which returns the PEM format of the client certificate. 2000-10-25 Scott S. Goodwin * tclcmds.c: added InfoCmd which returns a true Tcl list with the SSL library name (OpenSSL), version (0.9.5a), crypto library name (OpenSSL, but could be BSAFE/Crypto-C), and crypto library version (0.9.5a). It's called as 'openssl_info' from Tcl (though this may change to ssl_info later -- I didn't want to clash with nssock's ssl_info Tcl command). 2000-10-24 Scott S. Goodwin * all: ifdef'd all client verification specific code so they won't be included in a normal compile. Eventually all of this code should be conditionally run if the config file says to do client verification. To use it, set VERIFY_CLIENT=1 as a make argument. 2000-10-23 Scott S. Goodwin * nsopenssl.c: Went back to "standard" SSL handshaking loop. Freddie's explicit select loop *works* better in that it allows more connections before it gets balled up (probably due to a threading problem) but that problem still exists. I'm still learning C, and I'm using the Apache/mod_ssl combo as my reference, as well as RSA's SSL-C toolkit, so for now I want to use the "standard" method until I can get the other stuff fixed and I understand what's going on. I'll then check to see if Freddie's changes improve performance without sacrificing maintainability across platforms and put it back in. 2000-10-17 Scott S. Goodwin * nsopenssl.c: BIO_free'd conPtr->ssl_bio in NsSSLCreateConn. Should I be using SSL_free() here instead??? Nope, that makes it crash. Ok. 2000-10-13 Scott S. Goodwin * sock.c: Added protocol parameter parsing in NsModuleInit. You specify protocols thusly: "SSLv2, SSLv3, TLSv1, ALL". Case doesn't matter, order doesn't matter. Commas are necessary. When the protocol parser sees 'ALL', none of the others are parsed (unlike Apache -- see the comments in the code). * sock.c: Ns_ModuleInit was changing the config file ciphersuite parameter in memory -- that's probably a no-no. Now it mallocs if the ciphersuite paramater doesn't exist, and strdup's if it does. 2000-10-02 Scott S. Goodwin * .c, .h: replaced all ConfigGet calls with ConfigGetValue; ConfigGet is obsolete. * debug: Why were we using our own debug variable? I took out all of the 'if (debug)' statements so Debug to the log file works like the rest of aolserver's debug statements. 2000-09-30 Scott S. Goodwin * Split Files: I've split the code into four files: nsopenssl.h, nsopenssl.c, sock.c and cache.c. Fewer pages to print when all I really want to see right now is the SSL portion of the code :) 2000-21-12 Scott S. Goodwin * logging: Added more debug log statements 2000-09-12 Scott S. Goodwin * nsopenssl.c: Integrated changes made by Freddie Mendoza (avm@satori.com). These included: changed NsSSLRecv and NsSSLCreateConn to use OpenSSL BIO routines, added more debugging in the SSL negotiations, changes made to make caching work better, removed some redundant functions that are now part of the AOLserver core. He tested his changes with OpenSSL 0.9.5a and 0.9.4. I'm using it with 0.9.5a without any problems. * Makefile: Added ability to pass BSAFE directory as a parameter to make. This allows you to compile OpenSSL with BSAFE. See the readme.txt file. * readme.txt: Added notes on how to compile with BSAFE. 2000-08-20 Kriston J. Rehberg * readme.txt: Updated build and installation instructions. Added notes about -fPIC and no-asm options when building the OpenSSL library. * Added to $TOP/nsopenssl with new Makefile.