From ecd007b2873b1a14b011aecbc3ed4b8b9873cf3f Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 10 Aug 2012 09:38:56 -0700 Subject: [PATCH 1/2] 2.3.0 release --- README | 20 +++++++++++++++++++- configure.ac | 4 ++-- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/README b/README index 20fe9e40f..a3a0089ba 100644 --- a/README +++ b/README @@ -34,7 +34,25 @@ before calling SSL_new(); Though it's not recommended. *** end Note *** -CyaSSL Release 2.2.0 (5/18/2012) +CyaSSL Release 2.3.0 (8/10/2012) + +Release 2.3.0 CyaSSL has bug fixes and a few new features including: +- AES-GCM crypto and cipher suites +- make test cipher suite checks +- Subject AltName processing +- Command line support for client/server examples +- Sniffer SessionTicket support +- SHA-384 cipher suites +- Verify cipher suite validity when user overrides +- CRL dir monitoring + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + + +***************CyaSSL Release 2.2.0 (5/18/2012) Release 2.2.0 CyaSSL has bug fixes and a few new features including: - Initial CRL support (--enable-crl) diff --git a/configure.ac b/configure.ac index 2c07da120..88a368dec 100644 --- a/configure.ac +++ b/configure.ac @@ -1,12 +1,12 @@ # configure.ac # -# Copyright (C) 2006-2011 Sawtooth Consulting Ltd. +# Copyright (C) 2006-2012 Sawtooth Consulting Ltd. # # This file is part of CyaSSL. # # -AC_INIT([cyassl],[2.2.6],[http://www.yassl.com]) +AC_INIT([cyassl],[2.3.0],[http://www.yassl.com]) AC_CONFIG_AUX_DIR(config) From 8343317e1b15a7e92fdb64b7791f4460554dece8 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 10 Aug 2012 10:15:37 -0700 Subject: [PATCH 2/2] make domain name cert check an option on client --- README | 1 + examples/client/client.c | 10 ++++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/README b/README index a3a0089ba..a88a90ab9 100644 --- a/README +++ b/README @@ -45,6 +45,7 @@ Release 2.3.0 CyaSSL has bug fixes and a few new features including: - SHA-384 cipher suites - Verify cipher suite validity when user overrides - CRL dir monitoring +- DTLS Cookie support, reliability coming soon The CyaSSL manual is available at: http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions diff --git a/examples/client/client.c b/examples/client/client.c index e6df2d716..ff03d340b 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -88,6 +88,7 @@ static void Usage(void) printf("-d Disable peer checks\n"); printf("-g Send server HTTP GET\n"); printf("-u Use UDP DTLS\n"); + printf("-m Match domain name in cert\n"); } @@ -121,6 +122,7 @@ void client_test(void* args) int sendGET = 0; int benchmark = 0; int doDTLS = 0; + int matchName = 0; int doPeerCheck = 1; char* cipherList = NULL; char* verifyCert = (char*)caCert; @@ -132,7 +134,7 @@ void client_test(void* args) ((func_args*)args)->return_code = -1; /* error state */ - while ((ch = mygetopt(argc, argv, "?gdush:p:v:l:A:c:k:b:")) != -1) { + while ((ch = mygetopt(argc, argv, "?gdusmh:p:v:l:A:c:k:b:")) != -1) { switch (ch) { case '?' : Usage(); @@ -155,6 +157,10 @@ void client_test(void* args) usePsk = 1; break; + case 'm' : + matchName = 1; + break; + case 'h' : host = myoptarg; domain = myoptarg; @@ -325,7 +331,7 @@ void client_test(void* args) CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0); CyaSSL_SetCRL_Cb(ssl, CRL_CallBack); #endif - if (doPeerCheck) + if (matchName && doPeerCheck) CyaSSL_check_domain_name(ssl, domain); #ifdef NON_BLOCKING tcp_set_nonblocking(&sockfd);