2004-11-20  tag v3_0beta26

2004-11-20  Dossy Shiobara <dossy@panoptic.com>

	* Makefile (1.44), nsopenssl.c (1.77), sslcontext.c (1.10): Fix
	  memory leak in IssueTmpRSAKey, introducing new NsMakeTmpRSAKey
	  and pre-generating 512-bit and 1024-bit temporary RSA keys at
	  nsopenssl module initialization time.  Closes SF Bug #1069595.

2004-11-02  tag v3_0beta25

2004-11-02  Dossy Shiobara <dossy@panoptic.com>

	* ssl.c (1.68, v3_0beta25): SSL_ERROR_ZERO_RETURN should not be
	  treated as an error as it signifies a proper close notification
	  from the peer in SSLv3/TLSv1 connections (and doing so causes
	  outbound SSL client connections to misbehave).  Closes SF Bug
	  #1059171.

2004-10-27  Dossy Shiobara <dossy@panoptic.com>

	* nsopenssl.c (1.76), nsd.tcl (1.13): Fix crashing bug in SeedPRNG
	  and update sample configs.  The correct module-global config
	  section is called "ns/module/nsopenssl".  Closes SF Bug #1055417.

2004-09-21  tag v3_0beta23

2004-09-21  Dossy Shiobara <dossy@panoptic.com>

	* sslcontext.c (1.9): Fix IssueTmpRSAKey crash when nsopenssl
	  serves Netscape Navigator 4.06 Export Edition with weaker RSA
	  keys.  Closes SF Bug #999089.

2004-08-25  tag v3_0beta22

2004-08-25  Dossy Shiobara <dossy@panoptic.com>

	* ssl.c (1.67), nsopenssl.c (1.75): Cleanup of code and fix a bug
	  relating to "broken" SSL connections being returned to the
	  connection pool for HTTP Keep-Alive when they should be shut down
	  and discarded.  This was resulting in connection threads using up
	  100% of the CPU, trying to read the next HTTP request from a dead
	  socket, then returning it back to the Keep-Alive pool.  Fixes a
	  portion of the SF Bug #1012892.

2004-08-25  Dossy Shiobara <dossy@panoptic.com>

	* README (1.6), nsd.tcl (1.12): If SSLv2 isn't in the list of
	  configured protocols, then it shouldn't be in the list of
	  ciphersuites either -- this can cause the server to crash if a
	  client tries to negotiate a SSLv2 connection (as it's advertised
	  as available in ciphersuites).

2004-06-23  Scott Goodwin  <scott@scottg.net>

        * sslcontext.c, defaults.h: Merged SSLContextCertInit,
        SSLContextKeyFileInit, and the key/cert validate function into one.
        Default certificate and key file paths no longer default to anything:
        you must specify them specifically. Client SSL contexts no longer
        fail to load if there is no certificate defined for it: SSL certs are
        optional for clients.

2004-06-16  Dossy Shiobara <dossy@panoptic.com>

	* https.tcl: throwback from old http.tcl - should use
	  _ns_https_read and not _ns_http_read

2004-06-16  Dossy Shiobara <dossy@panoptic.com>

	* https.tcl: new optional 'body' arg to ns_httpspost so the POST
	  data can be computed before calling ns_httpspost and sent as the
	  request body.

2004-06-12  Scott Goodwin  <scott@scottg.net>

      * https.tcl: fixed to use separate read and write handles again. We
      don't really need a separate read and write sockets (which are both
      wrapped in Tcl channels) since sockets can be bidirectional. I decided
      I'd clean up that code so you'd only need one socket, and thus would
      only be using up one file descriptor instead of two. But doing this made
      the code more complex and would change the number of args.  Ah well,
      live and learn. 

2004-04-14  Scott Goodwin  <scott@scottg.net>

      * nsopenssl.h, ssl.c, tclcmd.c: Restructured Tcl channel process; now
      uses ChanInfo structs to maintain state and to ensure proper closure and
      freeing of sockets, channels and structures.

2004-04-13  Scott Goodwin  <scott@scottg.net>

      * x509.c: Added x509.c to hold certificate management functions.

2004-04-09  Scott Goodwin  <scott@scottg.net>

      * All: Lot's of cleanup, deleting old comments, restructing some code.

      * nsopenssl.h, ssl.c: Merged NsOpenSSLConnSend, NsOpenSSLConnRecv and
      NsOpenSSLConnHandshake into one function, NsOpenSSLConnOp.

      * defaults.h, nsopenssl.h: Pulled default defines out of nsopenssl.h and
      into separate defaults.h file.

      * nsopenssl.h, ssl.c: Added DEBUG_NSOPENSSL define: uncomment it to dump
      more info to log; comment out for production runs.  Recompilation
      necessary.

      * sslcontext: fixed SSLContextCacheInit to take into account the
      context's server / client role.

2004-04-04  Scott Goodwin  <scott@scottg.net>

      * Tagged: 3_0beta19

      * nsopenssl.h, ssl.c, tclcmds.c, https.tcl: Cleaned up CreateTclChannel.
      This affects calls to ns_openssl_sockopen and friends: the number of
      list values is the same and so is there meaning, but list items 1 and 2
      are now the same socket descriptors where in the past they used to be
      separate, one for read and one for write. The benefits besides simpler C
      code are that your web server will use 1 less fd for each connection you
      make using nsopenssl's Tcl API.

      * ssl.c, tclcmds.c: Fixed fd leak when using nsopenssl Tcl API. Have to
      do a shutdown on the socket for both read/write sides, then ns_sockclose
      on the socket.

2004-03-27  Scott Goodwin  <scott@scottg.net>

      * nsopenssl.c, tclcmds.c: Fixed fd leak where I wasn't properly cleaning
      up after ns_sockopen etc. Changes involved adding readchan and writechan
      to NsOpenSSLConn struct, unregistering and closing the sockets in
      ChanCloseProc. Thanks to Noah Robin (sitz@aol.net) for reporting the
      problem.

2004-03-12  Scott Goodwin  <scott@scottg.net>

      * nsopenssl.c: Changed couple of STREQ's for STRIEQ's so sslcontext
      could be upper, lower or mixed case. Thanks to Noah Robin (sitz AT
      aol.net).

2004-03-02  Scott Goodwin  <scott@scottg.net>

      * ssl.c: Changed SSL handshake failure to be a warning instead of an
      error.

2004-02-29  Scott Goodwin  <scott@scottg.net>

      * nsopenssl.h, nsopenssl.c, ssl.c: Added code to wait on sockets that
      have nothing ready to read or write. Stops these conns from hogging the
      CPU.

2004-02-16  Scott Goodwin  <scott@scottg.net>

      * nsopenssl.h, ssl.c: Fixed SSL read loop problem; improved processing
      path.

2004-02-15  Scott Goodwin  <scott@scottg.net>

      * ssl.c: Restructured SSL read and write loops; both now take into
      account incomplete reads and track buffer length.
      
      * nsopenssl.h, ssl.c, sslcontext.c: Added microsecond timers to the
      connection structure for OpenSSLTrace to output. This incurs no overhead
      when SSL handshake tracing is turned off. When handshake tracing is
      turned on, the trace output includes times in microseconds for each step
      relative to when the previous step completed. This will assist in doing
      performance analysis and tuning for a particular installation.

      * ssl.c, nsopenssl.h: Removed read/write attempt counts.

2004-02-13  Scott Goodwin  <scott@scottg.net>

      * ssl.c, nsopenssl.h: Added read and write attempt counts; if a conn
      read or write fails 1,000 in a row, we consider the conn dead and return
      an error. Hopefully this is a temporary fix until I can identify a
      better way to resolve this issue in the core server.

2004-01-19  Scott Goodwin  <scott@scottg.net>

      * Makefile: added kerberos headers to CFLAGS to resolve issue when
      OpenSSL has been compile with Kerberos support. This appears to be true
      if you're running RedHat 9, and possibly Fedora. Thanks to C.R. Oldham
      for this fix.

      * nsopenssl.h, nsopenssl.c, ssl.c: Removed rest of BIO stuff in lieu of
      straight SSL calls. Cleaned up NsOpenSSLConnHandshake().

2004-01-17  Scott Goodwin  <scott@scottg.net>

      * nsopenssl.h, ssl.c, tclcmds.c: Ripped out use of BIOs in
      NsOpenSSLConnSend and NsOpenSSLConnRecv and replaced them with straight
      SSL methods.

2004-01-16  Scott Goodwin  <scott@scottg.net>

      * ssl.c, nsopenssl.h: Merged NsOpenSSLConnConnect and
      NsOpenSSLConnAccept into a single NsOpenSSLConnHandshake function. Also
      converted the function to use SSL_* calls directly instead of using
      OpenSSL's BIO abstraction. Subjectively, the handshake does appear to be
      quicker.

2004-01-08  Scott Goodwin  <scott@scottg.net>

      * ssl.c: Fixed bug in Recv and Send procs so that larger files could be
      downloaded and uploaded. 

2003-12-27  Scott Goodwin  <scott@scottg.net>

      * nsopenssl.c, nsopenssl.h: Added changes from Jamie Rasmussen for
      Windows build.

2003-12-24  Scott Goodwin  <scott@scottg.net>

      * all: Lots of cleanup, initializing function variables.

      * sslcontext.c, nsopenssl.c, nsopenssl.h: Added names to mutexes. Added
      MODULE_SHORT to nsopenssl.h as the mutex name length is limited.

2003-12-13  Scott Goodwin  <scott@scottg.net>

      * ssl.c: Changed NsOpenSSLConnSend to use BIO_write instead of
      SSL_write. It's crucial that we call BIO_flush after every write or this
      won't work.

2003-11-24  Scott Goodwin  <scott@scottg.net>

      * ssl.c, nsopenssl.c, tclcmds.c: Fixed problem with SSL conn reference
      counting; conns are now free'd properly when NsOpenSSLDestroy is called
      and the conn's reference count is 0. Tagged v3_0_beta_2.

2003-11-22  Scott Goodwin  <scott@scottg.net>

      * all: Stopped passing *module to all functions; nsopenssl must now be
      called nsopenssl in the config file and nothing else. Merged sslconn.c
      and sslsock.c into ssl.c. Lots of other cleanups.

2003-11-09  Scott Goodwin  <scott@scottg.net>

      * tclcmds.c: 'ns_openssl info' now returns a string instead of a list.

2003-10-25  Scott Goodwin  <scott@scottg.net>

      * All: Cleaned up SSL context handling, reintegrated
      Ns_OpenSSLSockConnect, adding SSL context passing ability.

2003-10-23  Scott Goodwin  <scott@scottg.net>

      * https.tcl, Makefile: Added back to the code, modified Makefile to
      install it.

2003-10-19  Scott Goodwin  <scott@scottg.net>

      * All: Lots of fixes, added mutexs around SSL contexts structures, fixed
      session cache id generation to be specific to each virtual server.

2003-10-11  Scott Goodwin  <scott@scottg.net>

       * All: Refactored entire codebase by abstracting public functions into
       libnsopenssl.so/dylib and an nsopenssl.so module.

2003-09-30  Scott Goodwin  <scott@scottg.net>

        * All: ripped out all non-comm-driven stuff. nsopenssl module will now
        be focused only on core comm-driven connections. All the rest of the
        stuff (incoming and outgoing SSL conns generated by Tcl API itself) is
        moving into a new module called nshttps.

2003-09-29  Scott Goodwin  <scott@scottg.net>

        * init.c, nsopenssl.h: added default SSL contexts section and
        modified to read from config file..

2003-08-21  Scott Goodwin  <scott@scottg.net>

        * all: Added Ns_OpenSSLContextInit, Ns_OpenSSLContextRelease and other
          C API functions. Refactored rest of C API and other functions.

2003-08-12  Scott Goodwin  <scott@scottg.net>

        * nsopenssl.c: fixed bug when setting protocols; SSL handshake now
        completes successfully.

2003-08-10  Scott Goodwin  <scott@scottg.net>

        * ssl.c: Got rid of SetNonBlocking(); calling Ns_SockSetNonBlocking
        and Ns_SockSetBlocking directly.

2003-08-08  Scott Goodwin  <scott@scottg.net>

        * All:
        - Ripped out AOLserver 3.x comm driver stuff
        - Added Tcl hash to manage nsopenssl state for each virtual server
        - OpenSSL library is initialized at first virtual server init
        - New Ns_DriverInitData structure added (req'd AOLserver mod)
        - Replaced config.c/h by using AOLserver C API config stuff directly

2003-01-08  Scott Goodwin  <scott@scottg.net>

	* All: Committing back to AOLserver SourceForge area prior to ripping
	out AOLserver 3.x support. nsopenssl 3.x will only be supporting
	AOLserver 4.x.

2002-12-22  Scott Goodwin  <scott@scottg.net>

	* thread.c, nsopenss.c:
	Merged thread.c into nsopenssl.c.
	
2002-11-23  Scott Goodwin  <scott@scottg.net>

	* all: Cleaned up the directory; moved some files to the test
	directory.
	
	* config.h, tclcmds.h, thread.h: Merged into nsopenssl.h

	* config.c, nsopenssl.h: Merged config.c into init.c

2002-11-21  Scott Goodwin  <scott@scottg.net>

	* tclcmds.c: ns_sockdup, ns_sockioctl have gone away in AOLserver
	4.x. Changed them to dup and ioctl for both 3.x and 4.x compiles.

	* Makefile: Add a definition for $(CP). AOLserver 4.x uses the
	install program instead of CP like AOLserver 3.x. Need to update
	nsopenssl to compile using the appropriate method for 3.x and 4.x.

	* nsopenssl.h: Moved Ns_OpenSSLConn's 'struct NsOpenSSLDriver
	sdPtr' so that it is used for both 3.x and 4.x

	* nsopenssl.c: Moved declaration of 'static NsOpenSSLDriver
	firstSSLDriverPtr' so it is compiled with both 3.x and 4.x. Moved
	OpenSSLProc's conn initializer outside of the switch statement so
	that it runs first (might be a problem as this should probably
	only pertain to DriverSends and Receives. Changed OpenSSLProc to
	use recvmsg and sendmsg the same way nssock's SockProc does.


2002-10-28  Scott Goodwin  <scott@scottg.net>

	* https.tcl: Added ability to pass multiple files with ns_httpspost:

        "filesets" is a list of ns_sets, each ns_set contains information
	about each file to upload and has four keys:

               name:         the name of the form element for this file
               filename:     the name of the file
               content:      the actual contents of the file
               content-type: the type of contents in the file, such as text/plain
        
        filesets are only used with multipart/form-data

	The filesets parameter has been added to the parameters passed in:
		
	ns_httpspost {url {rqset ""} {qsset ""} {type ""} {filesets ""} {timeout 30}}

	IF YOU USE timeout IN YOUR CURRENT ns_httpspost CODE, YOU MUST
	CHANGE YOUR CALL.

	Also modified ns_httpspost to accept "" to mean the default timeout.

2002-10-18  Scott Goodwin  <scott@scottg.net>

	* ca, tests: Moved the tests and ca to a separate test
	harness. Decided it would be best to keep all tests in the test
	harness rather that the module, at least until tests for all the
	modules and the core server are written. A decision can be made at
	that time whether to integrate the testing framework into the core
	and modules.

2002-10-07  Scott Goodwin  <scott@scottg.net>

	* ca: Created the 'ca' directory to generate and hold test CA
	certs, web server certs, and client certs.

	* tests: Added more files to the tests directory.

2002-10-04  Scott Goodwin  <scott@scottg.net>

	* TODO: Added back to the repository.

	* Makefile: Updated with new targets for tagging and releasing
	code (stolen from Rob Mayoff's nscache Makefile :)

2002-05-28  Scott Goodwin  <scott@scottg.net>

	* init.c: added some user-friendly error messages when key fails
	to load in LoadKey routine.

2002-05-27  Scott Goodwin  <scott@scottg.net>

	* ssl.c: in NsOpenSSLDestroyConn, if socket is valid, we shut it
	down before freeing the ccPtr datastructures. Apparently, the
	BIO_free_all causes two bytes to be sent over the socket that
	confuses Win32 clients. Thanks to Piotr Szuca
	<pszuca@radix.com.pl> for this addition.

2002-04-23  Scott Goodwin  <scott@scottg.net>

	* Makefile: added 'install: all' directive that overrides the
	'install: all' directive in Makefile.module so that I can have the
	install process install https.tcl as well (I need to update the
	online docs). Thanks to Pierre Asselin.

2002-03-05  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl.c, nsopenssl.c: cleaned up NsOpenSSLDriver and
	Ns_OpenSSLConn structures some more, and cleaned up the
	initialization of an Ns_OpenSSLConn in SockThread. Some items
	weren't being initialized (they aren't yet being used, but should
	still be initialized). Tag: nsopenssl-2_2_beta_4.

	* nsopenssl.c, nsopenssl.h, tclcmds.c: rearranged the
	NsOpenSSLDriver and Ns_OpenSSLConn structures to make it clearer
	what items needed to be freed by what routines. Also changed port
	to peerport in Ns_OpenSSLConn, and added the 'ns_openssl peerport'
	command, which is the same as the 'ns_openssl port' command.  Tag:
	nsopenssl-2_2_beta_3.

	* all: ran *.c and *.h through indent: indent -i2 -br -brs -ce
	-hnl -psl -sob <filename.c>.

2002-03-04  Scott S. Goodwin  <scott@scottg.net>

	* ssl.c, nsopenssl.c, nsopenssl.h, tclcmds.c: Added 'ns_openssl
	module name' and 'ns_openssl module port' commands. The first
	tells you what the name of the loaded module is for the current
	connection (you may have more than one copy of nsopenssl
	loaded). The second tells you which port your current connection's
	nsopenssl driver is listening on. This would allow you to do
	access control by determining what module name and or module port
	the connection is coming through.

2002-02-18  Scott S. Goodwin  <scott@scottg.net>

	* tclcmds.c: added ns_openssl port command. It returns the
	scPtr->port value, which happens to be the local port the conn is
	using, not the port the server is listening on. I need to do a
	query on the port the server is listening on by grabbing the port
	number from the nsd.tcl based on the module name (as you may have
	multiple instances of nsopenssl up and running).

2002-02-15  Scott S. Goodwin  <scott@scottg.net>

	* ssl.c: I was decrementing towrite by rc bytes. Problem is that
	if rc < 0 which it will be on SSL_write error, towrite will get
	bigger. This was a late night error. The #if'd out debug portion
	worked properly. Adam Zell pointed this out.

	* dumb: The previous two changes were made once before. The
	tclcmd.c fix reverted when I received a fix for some other problem
	in tclcmd.c; I neglected to do a diff between my copy and the
	fixed one that was sent to me. In the case of init.c, I'm
	uncertain how that creeped back in. Thanks to Adam Zell for
	pointing these out. Lessons learned: Always commit your changes
	right after your tests work. Always diff a file sent to you
	against your current working copy from the repository. There may
	be changes you made to your file that aren't in the contributed
	file.

	* init.c: Fixed NsOpenSSLCreateDriver; sdPtr->randomFile wasn't
	set before being possibly used.

	* tclcmds.c: Fixed SSLSockListenCallback so that the interp was
	initialized before it was possibly used.

2002-02-14  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl 2.1 released.

2002-02-13  Scott S. Goodwin  <scott@scottg.net>

	* ssl.c: The nonblocking socket fix in RunServerSSLHandshake fixed
	the Solaris problem. #if'd out debug code in NsOpenSSLSend
	function. Maybe I can go back and retry the BIO_handshake by
	unblocking the socket before I run it.

2002-02-12  Scott S. Goodwin  <scott@scottg.net>

	* ssl.c: made the socket non-blocking at the beginning of
	RunServerSSLHandshake, and set it back to blocking before the
	function returns.

	* ssl.c: took out #if 0 for the SetNonBlocking function. It's
	not used right now, but it had nested #if 0's, which makes me
	nervous.

	* ssl.c: moved SSL_set_app_data call from before to after
	SSL_set_accept_state call, as it was in 1.1c.

	* ssl.c: added some debug code in NsOpenSSLSend to help debug
	Solaris problem.

2002-02-08  Scott S. Goodwin  <scott@scottg.net>

	* ssl.c: reverted NsOpenSSLSend back to the way nsopenssl 1.1c
	worked to try and resolve a problem on Solaris where images and
	possibly pages of certain sizes fail to download
	correctly. Haven't tested yet.

2002-02-08  Scott S. Goodwin  <scott@scottg.net>

	* ssl.c: added some debugging code to log errors when
	NsOpenSSLSend fails. This is to try and debug a Solaris issue.

2001-12-27  Scott S. Goodwin  <scott@scottg.net>

	* https.tcl: cleaned up the ns_httpspost proc and got rid of the
	debugging statements.

2001-12-12  Scott S. Goodwin  <scott@scottg.net>

	* https.tcl: form.tcl doesn't respect the fact that a boundary
	value declaration may be wrapped in double quotes. It will work
	with this:

          multipart/form-data, boundary=--123456789

        but not this:

          multipart/form-data, boundary="--123456789"

	Changed https.tcl to work with form.tcl (for now).

2001-12-02  Scott S. Goodwin  <scott@scottg.net>

	* config.h: Added the CONFIG_MODULEDIR to create the ModuleDir
	parameter name.

	* init.c: Altered CheckModuleDir so that the config parameter
	ModuleDir can be used to point to somewhere outside of the
	AOLserver directory area. If ModuleDir is specified, the
	CheckModuleDir does *not* try and create the directory for you but
	assumes if you've already got it set up.

	* config.c: Used Ns_MakePath in place of Ns_DStringVarAppend to
	ensure that slashes always appear between path elements when
	ConfigPathDefault constructs a path.

	* init.c: Renamed MakeModuleDir to CheckModuleDir, and instead of
	passing in *server, *module and **dirp, now only *sdPtr is passed
	in.

2001-11-29  Scott S. Goodwin  <scott@scottg.net>
	
	* https.tcl: Added '--' to prepend the boundary markers in
	ns_httpspost. I should have read the MIME RFC, as a boundary
	marker that is declared as

	    --myboundarymarkerhere

	looks like this when actually used:

	    ----myboundarymarkerhere

2001-11-19  Scott S. Goodwin  <scott@scottg.net>

	* https.tcl: Fixed boundary problem when doing multpart form data
	with ns_httpspost. This code:

	    set qsset [ns_set new qsset]
	    ns_set put $qsset user goodwin
	    ns_set put $qsset pass blahblah
	    set page [ns_httpspost \
	       "https://192.168.0.1:8001/test.cgi" "" \
	       $qsset "multipart/form-data"]

	Posts this content:
	
	-----------------------------16931435195472910531915358310
	Content-Disposition: form-data; name="user"

	goodwin
	-----------------------------16931435195472910531915358310
	Content-Disposition: form-data; name="pass"

	blahblah
	-----------------------------16931435195472910531915358310--

2001-10-13  Scott S. Goodwin  <scott@scottg.net>

	* https.tcl: Added ability for ns_httpspost to do
	multiport/form-data. (Not Yet Tested!!!).

	* ssl.c: The NsOpenSSLSend function simply did an
	SSL_write. Robert Spassky Cabacungan found that this wasn't
	working for long file transfers. Specifically, in his own words:

	The problem is the NsOpenSSLSend() function in ssl.c, in
	nsopenssl-2.0. BIO_write is returning a "resource not available,
	try again" error, but NsOpenSSLSend is not checking for that, and
	so behaves as though it were a non-recoverable error, aborting the
	write instead of trying again.

        A simple loop over the SSL_write() fixes this.  Ironically, there
	is commented out code at the bottom of the function which would
	handle retries.  However, the comment reads "this BIO_write loop
	doesn't work, but seems like it should".  So it looks like Scott
	did consider this possibility, but it kind of slipped through the
	cracks in the final release.  Indeed, NsOpenSSLRecv() does loop
	and handle retries.

	Rob change the SSL_write to be inside of a loop that checks
	BIO_should_retry on the write BIO.

2001-09-28  Scott S. Goodwin  <scott@scottg.net>

	* Makefile: Added better make instructions when OPENSSL var isn't
	set.

	* Makefile: Cleaned up the Makefile considerably so it's easier to
	read and understand.

2001-09-27  Scott S. Goodwin  <scott@scottg.net>

	* tclcmds.c: Bug fixes contributed by Rich Fredericks, AOL Local
	Technology group. In his own words: "As I said on the phone, All I
	really did was make sure NsTclOpenSSLCmd returns out (TCL_ERROR)
	if the argc req isn't met (line 205) and add a check for NULL on
	scPtr (lines 220-223). I also moved the "scPtr =
	NsOpenSSLGetConn(interp)" statement to below the code for the
	"info" option to the tcl ns_openssl command (previously it was
	executed first), since that specific variant of the command does
	not require an SSL conn context." Thanks, Rich!

2001-08-29  Scott S. Goodwin  <scott@scottg.net>

	* https.tcl: made fixes to ns_httpspost per Rick Lansky at
	bom.com. He also suggested I allow the Content-type to be passed
	in as a parameter, so I've added that too.

2001-08-27  Soctt S. Goodwin  <scott@scottg.net>

	* https.tcl: added ns_httpspost, that is called with url, rqset,
	qsset and timeout. The qsset is an ns_set with key/values that
	will be turned into user=scottg&pass=1234, for example, and passed
	as content in the POST.

2001-08-21  Scott S. Goodwin  <scott@scottg.net>

	* https.tcl: removed some debugging statements; commented out the
	debug notice that the url was local.

	* https.tcl: fixed a bug that was fixed once before but apparently
	I got my files mixed up. rqset wasn't being passed from
	ns_httpsget to ns_httpsopen.

2001-08-20  Scott S. Goodwin  <scott@scottg.net>

	* https.tcl: changed ns_httpsopen such that when it's passed a url
	that does not begin with "https://", it will first try to prepend
	the ServerLocation param, then the ServerHostname param, then the
	ServerAddress param. If all of them fail, it will log an error,
	but continue processing. Should probably make it a fatal error for
	nsopenssl to load if one or more of these parameters are not set.

	* ssl.c: bug fix: trying to use module and type from ccPtr after
	ccPtr had been destroyed.

2001-08-17  Scott S. Goodwin  <scott@scottg.net>

	* ssl.c: tested the sock client and sockserver's ability to
	validate their peer's certificate. Tested nsdserver's ability to
	validate client's certificate.

	* nsopenssl.h: defined version for OpenSSL 0.9.6b.

        * https.tcl: made rqset the second to last arg passed to
        ns_httpsget.

2001-08-16  Scott S. Goodwin  <scott@scottg.net>

        * init.c: turned on the peerVerify code for SSL sock server and
        sock clients (as opposed to NSD-driven conns). Need to test.

        * tclcmds.c: was using an interp before it was allocated. Pretty
        amazing. Adam Zell pointed this out.

        * init.c: boneheadedly #if 0'd out the client cert verification
        code for NSD-driven conns. Works now. Sean Yamamoto noticed the
        problem.

        * init.c: should have been initializin sdPtr->randomFile *before*
        calling SeedPRNG. Also should have been freeing randomFile when
        freein the driver. Thanks to Adam Zell for pointing these out.

2001-08-15  Scott S. Goodwin  <scott@scottg.net>

        * https.tcl: add the rqset parameter to ns_httpsget so that
        cookies can be used.

2001-08-09  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl 2.0 released.

	* tests: tested with OpenSSL 0.9.6a Solaris.

	* tests: tested with OpenSSL 0.9.6, 0.9.6a and 0.9.6b on Linux.

	* ssl.c: Had to return to the non-BIO method of running the SSL
	server handshake. Solaris *hates* the BIO method. Where normally
	it'll try to read the client cert twice (even if you've told it
	not to ask for a client cert!), with the BIO method, it attempts
	to read the client cert up to 60 times!

2001-08-08  Scott S. Goodwin  <scott@scottg.net>

	* init.c: the OpenSSL PRNG is now seeded at start time when
        NsOpenSSLCreateDriver is run. This will have no effect on Linux,
        but it will hopefully ease the pain of Solaris and other users.

	* docs: go see http://scottg.net for the new documentation on
	nsopenssl.

	* All: added ns_openssl_sock* commands and C API. The C API isn't
	ready for prime time, and there's more work to do on how the Tcl
	commands are going to use cert validation, but it can make
	outgoing SSL conns and set up SSL ports to listen on, from Tcl or
	C.

        * TODO: removed this file from distribution. Will host
        it on http://scottg.net.

2001-08-08  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl 1.1c released.

	* all: Bug fix. If a file upload is interrupted, the connection
	doesn't go away, and the thread continues consuming CPU and
	memory. This fix checks to see if the client has gone away and
	forces an error, at which point the connection is cleaned up
	properly.

2001-06-20  Scott S. Goodwin  <scott@scottg.net>

	* init.c: changed SetProtocols to allow putting all protocols on
	one line instead of one per line.

2001-06-15  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl 1.1b released.

	* all: Updated to allow the server to pass its certificate chain
	to the client. To use this feature, simply append your certificate
	chain to the end of your server certificate PEM file and start
	your server.
	
	
2001-06-08  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl 1.1a released.

	* all: Bug fix to allow session caching and client certificate
	verification to work at the same time. Session caching is on by
	default in version 1.1, but client verify is not.

2001-05-05  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl 1.1 released.
 
2001-05-04  Scott S. Goodwin  <scott@scottg.net>

	* ssl.c: Now checking for errors returned by BIO_flush in
	NsOpenSSLFlush; we don't return an error though from the function
	though, we just report it in the log.

	* init.c, config.h: made seedbytes a config parameter, which
	allows you to set the number of bytes that will be used to seed
	the PRNG.

2001-05-03  Scott S. Goodwin  <scott@scottg.net>

	* test.adp: renamed test.adp to nsopenssl-tests.adp.

	* init.c: cleanup code; moved PRNG functions to bottom;
	cleaned up NsOpenSSLInitSessionCache.

2001-05-01  Scott S. Goodwin  <scott@scottg.net>

	* init.c: Solaris problem: SeedPRNG failed because I wasn't
	adding enough randomness; I bumped up the number of bytes
	from 16 to 1024 and it's working now. Yay!

2001-04-30  Scott S. Goodwin  <scott@scottg.net>

	* nsd.tcl: added ns_param RandomFile.
	
	* 40-bit export browsers now work!!! The recent changes you see
	were to fix problems with 40-bit export browsers, which could not
	connect when your server certificate had 1024 public key (which
	most if not all server certs do).

	* TODO: added link to nsopenssl release info on my site.

	* tclcmds.c, test.adp: Added new Tcl commands to report protocol
	and cipher name, strength:

	   ns_openssl protocol
	   ns_openssl cipher name
	   ns_openssl cipher strength

	* init.c: initialized sdPtr->randomFile from the RandomFile
	nsd.tcl parameter in NsOpenSSLCreateDriver(). Added
	AddEntropyFromRandomFile(), PRNGIsSeeded(), SeedPRNG() and
	IssueTmpRSAKey().

	* config.h: added CONFIG_RANDOM parameter; uses "RandomFile" in
	nsd.tcl to allow you to specify a file to use as a source of
	random bits for seeding the PRNG.

	* config.c: modified ConfigPathDefault to allow NULL as a default.

	* nsopenssl.h: removed Ns_Cache pointer from nsopenssl driver
	structure. Added pointer to file specified with the RandomFile
	parameter.

2001-04-17  scottg  <scott@scottg.net>

	* TODO: Updated.

        * config.h: Session caching is now on by default.
	
	* Makefile: Updated to reflect absence of cache.c.
	
	* cache.c, cache.h: Removed these files. See item below.
	
	* init.c, cache.c: Moved NsOpenSSLInitSessionCache from cache.c to
	init.c and removed the callback setups. We don't need to use our
	own caching mechanism; OpenSSL already has one
	built-in. Apparently when the nsopenssl module was created, it was
	based on mod_ssl which needs an external, disk-based session
	caching mechanism because Apache isn't multithreaded.

2001-03-12  root  <scott@scottg.net>

	* tclcmds.c: Replaced Ns_GetConn with Ns_TclGetConn. Latest
	AOLserver 4.x no longer offers Ns_GetConn.

2000-12-12  root  <scott@scottg.net>

	* nsopenssl.c: made it a fatal error to bind to a socket already
	in use. What sometimes happens is someone will forget to take out
	nsssl at startup and it'll bind to the https socket
	first. nsopenssl would just log the error but most people would
	assume it was working since they could connect via SSL.

	* sock.c: somehow this file was left lying around. All of these
	functions are in nsopenssl.c, so I removed sock.c.

2000-11-18  root  <scott@scottg.net>

	* nsopenssl.h: changed library version to 0.9.6. Gotta find a way
	to automatically set this based on what version of OpenSSL you
	compile against. Right now, OpenSSL 0.9.6 is required. Shouldn't
	be difficult to make this module work with 0.9.5a if you really
	want.

2000-11-18  root  <scott@scottg.net>

	* production-ready: Although there is still more to do (see below
	and the TODO file), I have done extensive load-testing on RedHat
	6.2 and Debian 2.2 and consider this code to be
	production-ready. Note that I haven't had time to run load tests
	on a Solaris box yet.

	* init.c: fixed LoadCACerts; the CA directory was forced to NULL
	when calling SSL_CTX_load_verify_locations.

	* all: Rob Mayoff has taken the module and really done an
	excellent job of refactoring and cleaning it up. Most notable changes:

	Extensive reformatting to bring code (mostly) in line with
	AOLserver standards.

        Consolidated structures.  Now there is a single struct
	representing the driver and a single struct for each connection,
	instead of two in each case.

	Driver initialization factored mostly into init.c.

	Implemented timeout during SSL handshake.

	Revised Makefile.  Now detects OPENSSL not set in a way that
	doesn't involve bracketing the whole Makefile in an ifdef.

	I modified the cache code extensively; however, it probably
	doesn't manage reference counts quite right.  See next item
	anyway.

	The cache is disabled by default. This code was (I assume) blindly
	modelled on mod_ssl's cache. The reason mod_ssl needs it is
	because the Apache children don't share one SSL_CTX. Since nsd
	threads do share one SSL_CTX, and the SSL_CTX has its own session
	cache anyway, there's no point in building our own in this way.

	Config utilities in config.c.  All config #defines in config.h.

	Added thread (mutex) callbacks in thread.c.

	If the client sends an invalid certificate, the connection is
	still accepted.  I added a new command, [ns_openssl clientcert
	valid], that returns 1 if the client sent a certificate AND we
	were able to verify it.

2000-11-05  root  <scott@scottg.net>

	* tclcmds.c: added 'ns_openssl clientcert exists' command.

	* readme.txt: updated with Tcl interface and with parameters for
	nsd.tcl.

	* nsopenssl.c: left it in SSL_VERIFY_PEER mode by mistake. It now
	uses the config file parameter ClientVerify properly. Also did
	some cleanup.

	* sock.c: the 'ssl' command has been changed to 'ns_openssl'.

2000-11-04  root  <scott@scottg.net>

	* tclcmds: Changed the tcl command names. All nsopenssl Tcl
	commands now start with 'ssl'; all new commands should also start
	with 'ssl':

          ssl info
          ssl clientcert version
	  ssl clientcert serial
	  ssl clientcert subject
	  ssl clientcert issuer
	  ssl clientcert notbefore
	  ssl clientcert notafter
	  ssl clientcert signature_algorithm
	  ssl clientcert key_algorithm
	  ssl clientcert pem
		
	* nsopenssl.c, sock.c: Moved default ca chain processing from
	nsopenssl.c to sock.c.

	* nsopenssl.c: took out FIONBIO ifdef'd code.

2000-10-30  [ ROOT I ]  <scott@scottg.net>

	* nsd.tcl, nsopenssl.h, nsopenssl.c, sock.c: added CACertPath and
	CACertFile parameters to config file processing; these now get
	passed from nsd.tcl to Ns_SSLCreateServer.

	* nsopenssl.h, nsopenssl.c, sock.c: Created SSLConf data
	structure to hold config parameters that are passed from
	Ns_ModuleInit to Ns_SSLCreateServer. Changed all 'keyfile'
	variable name types to 'config->keyfile'. This seems like
	double-duty since the SSLServer data structure contains some of
	the same information. To get rid of SSLConf we'd have to move the
	code that's currently in Ns_SSLCreateServer into Ns_ModuleInit
	which wouldn't be wise. First, you want to factor out any code you
	can to keep each function as simple as possible. Second, we might
	want to create multiple servers using Ns_SSLCreateServer
	(say for virtual hosting); having it a separate function that you
	pass these parameters to is useful, I think.

2000-10-27  Scott S. Goodwin  <scott@scottg.net>

	* tclcmds.c: added CertInfoCmd which is called in Tcl as:

	  client_cert_info version
	  client_cert_info serial
	  client_cert_info subject
	  client_cert_info issuer
	  client_cert_info notbefore
	  client_cert_info notafter
	  client_cert_info sig_algorithm
	  client_cert_info key_algorithm
	  client_cert_info pem_certificate

	I also added three functions to support the above Tcl commands:
	ValidTime, which is used to return the notbefore and notafter
	strings in the format "Aug 28 20:00:38 2000 GMT"; SerialNumber
	which returns the serial number as a string (serial number is in
	hex); and PEMCertificate, which returns the PEM format of the
	client certificate.

2000-10-25  Scott S. Goodwin  <scott@scottg.net>

	* tclcmds.c: added InfoCmd which returns a true Tcl list with the
	SSL library name (OpenSSL), version (0.9.5a), crypto library name
	(OpenSSL, but could be BSAFE/Crypto-C), and crypto library version
	(0.9.5a). It's called as 'openssl_info' from Tcl (though this may
	change to ssl_info later -- I didn't want to clash with nssock's
	ssl_info Tcl command).

2000-10-24  Scott S. Goodwin  <scott@scottg.net>

	* all: ifdef'd all client verification specific code so they won't
	be included in a normal compile. Eventually all of this code
	should be conditionally run if the config file says to do client
	verification. To use it, set VERIFY_CLIENT=1 as a make argument.

2000-10-23  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl.c: Went back to "standard" SSL handshaking
	loop. Freddie's explicit select loop *works* better in that it
	allows more connections before it gets balled up (probably due to
	a threading problem) but that problem still exists. I'm still
	learning C, and I'm using the Apache/mod_ssl combo as my
	reference, as well as RSA's SSL-C toolkit, so for now I want to
	use the "standard" method until I can get the other stuff fixed
	and I understand what's going on. I'll then check to see if
	Freddie's changes improve performance without sacrificing
	maintainability across platforms and put it back in.
	
2000-10-17  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl.c: BIO_free'd conPtr->ssl_bio in
	NsSSLCreateConn. Should I be using SSL_free() here instead???
	Nope, that makes it crash. Ok.

2000-10-13  Scott S. Goodwin  <scott@scottg.net>

	* sock.c: Added protocol parameter parsing in NsModuleInit. You
	specify protocols thusly: "SSLv2, SSLv3, TLSv1, ALL". Case doesn't
	matter, order doesn't matter. Commas are necessary. When the
	protocol parser sees 'ALL', none of the others are parsed (unlike
	Apache -- see the comments in the code).

	* sock.c: Ns_ModuleInit was changing the config file ciphersuite
	parameter in memory -- that's probably a no-no. Now it mallocs if
	the ciphersuite paramater doesn't exist, and strdup's if it does.
	
2000-10-02  Scott S. Goodwin  <scott@scottg.net>

	* .c, .h: replaced all ConfigGet calls with ConfigGetValue;
	ConfigGet is obsolete.

	* debug: Why were we using our own debug variable? I took out all
	of the 'if (debug)' statements so Debug to the log file works like
	the rest of aolserver's debug statements.

2000-09-30  Scott S. Goodwin  <scott@scottg.net>

	* Split Files: I've split the code into four files: nsopenssl.h,
	nsopenssl.c, sock.c and cache.c. Fewer pages to print when all I
	really want to see right now is the SSL portion of the code :)

2000-21-12  Scott S. Goodwin  <scott@scottg.net>

	* logging: Added more debug log statements

2000-09-12  Scott S. Goodwin  <scott@scottg.net>

	* nsopenssl.c: Integrated changes made by Freddie Mendoza
	(avm@satori.com). These included: changed NsSSLRecv and
	NsSSLCreateConn to use OpenSSL BIO routines, added more debugging
	in the SSL negotiations, changes made to make caching work better,
	removed some redundant functions that are now part of the
	AOLserver core. He tested his changes with OpenSSL 0.9.5a and
	0.9.4. I'm using it with 0.9.5a without any problems.

	* Makefile: Added ability to pass BSAFE directory as a parameter
	to make. This allows you to compile OpenSSL with BSAFE. See the
	readme.txt file.

	* readme.txt: Added notes on how to compile with BSAFE.
		
2000-08-20  Kriston J. Rehberg  <Kriston@AOL.NET>

	* readme.txt: Updated build and installation instructions.  Added
	notes about -fPIC and no-asm options when building the OpenSSL
	library.
	
	* Added to $TOP/nsopenssl with new Makefile.