root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
7,893 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

141 Commits

Author SHA1 Message Date
Nils Larsch fec38ca4ed fix typos 
PR: 1354, 1355, 1398, 1408
 2006-12-21 21:13:27 +00:00
Nils Larsch da736b31b2 fix documentation 
PR: 1343
 2006-12-06 09:10:59 +00:00
Nils Larsch c2cd422ac6 note that SSL_library_init() is not reentrant 2006-03-12 00:37:55 +00:00
Nils Larsch ddac197404 add initial support for RFC 4279 PSK SSL ciphersuites 
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
 2006-03-10 23:06:27 +00:00
Bodo Möller 72dce7685e Add fixes for CAN-2005-2969. 
(This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.)
 2005-10-26 19:40:45 +00:00
Nils Larsch 4ebb342fcd Let the TLSv1_method() etc. functions return a const SSL_METHOD 
pointer and make the SSL_METHOD parameter in SSL_CTX_new,
SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
 2005-08-14 21:48:33 +00:00
Nils Larsch e248596bac improve docu of SSL_CTX_use_PrivateKey() 2005-04-08 22:49:57 +00:00
Nils Larsch c3e6402857 update docs (recent constification) 2005-03-30 11:50:14 +00:00
Dr. Stephen Henson e27a259696 Doc fixes. 2005-03-22 17:55:33 +00:00
Dr. Stephen Henson 4a64f3d665 PR: 938 
Typo.
 2004-11-14 13:55:16 +00:00
Lutz Jänicke 9f6ea7163b More precise explanation of session id context requirements. 2004-06-14 13:27:28 +00:00
Richard Levitte 6859bb1a22 Make sure the documentation matches reality. 
PR: 755
Notified by: Jakub Bogusz <qboosh@pld-linux.org>
 2003-11-29 10:33:25 +00:00
Lutz Jänicke 9d19fbc4fc Clarify wording of verify_callback() behaviour. 2003-06-26 14:03:03 +00:00
Lutz Jänicke db01746978 Clarify return value of SSL_connect() and SSL_accept() in case of the 
WANT_READ and WANT_WRITE conditions.
 2003-06-03 09:59:44 +00:00
Lutz Jänicke 02b95b7499 Clarify ordering of certificates when using certificate chains 2003-05-30 07:45:07 +00:00
Lutz Jänicke 423b1a840c Add warning about unwanted side effect when calling SSL_CTX_free(): 
sessions in the external session cache might be removed.
Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il>

PR: 547
 2003-03-27 22:04:05 +00:00
Richard Levitte d177e6180d Spelling errors. 
PR: 538
 2003-03-20 11:41:59 +00:00
Lutz Jänicke 532215f2db Missing ")" 
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com>
Reviewed by:
PR:
 2002-12-04 13:30:58 +00:00
Lutz Jänicke 84d828ab70 No such reference to link to (found running pod2latex). 
Submitted by:
Reviewed by:
PR:
 2002-11-14 21:41:54 +00:00
Geoff Thorpe 769fedc3ad Add a HISTORY section to the man page to mention the new flags. 2002-10-29 18:05:16 +00:00
Geoff Thorpe d9ec9d990f The last character of inconsistency in my recent commits is hereby 
squashed.
 2002-10-29 17:51:32 +00:00
Geoff Thorpe e0db2eed8d Correct and enhance the behaviour of "internal" session caching as it 
relates to SSL_CTX flags and the use of "external" session caching. The
existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is
supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE".
The bitwise OR of the two flags is also defined as
"SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most
applications wanting to implement session caching *entirely* by its own
provided callbacks. As the documented behaviour contradicted actual
behaviour up until recently, and since that point behaviour has itself been
inconsistent anyway, this change should not introduce any compatibility
problems. I've adjusted the relevant documentation to elaborate about how
this works.

Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these
anomalies and testing this patch for correctness.

PR: 311
 2002-10-29 00:33:04 +00:00
Richard Levitte 37f5fcf85c Missing =back. 
Part of PR 196
 2002-08-15 10:59:55 +00:00
Bodo Möller 02750ff56f mention SSL_do_handshake() 2002-07-29 12:35:19 +00:00
Lutz Jänicke 20adcfa058 The behaviour is undefined when calling SSL_write() with num=0. 
Submitted by:
Reviewed by:
PR: 141
 2002-07-19 11:53:54 +00:00
Lutz Jänicke 02b7ec88bb Manual page for SSL_do_handshake(). 
Submitted by: Martin Sjögren <martin@strakt.com>
PR: 137
 2002-07-19 11:05:50 +00:00
Lutz Jänicke 2edcb4ac71 Typos in links between manual pages 
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
 2002-07-10 19:35:54 +00:00
Bodo Möller c21506ba02 New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC 
vulnerability workaround (included in SSL_OP_ALL).

PR: #90
 2002-06-14 12:21:11 +00:00
Lutz Jänicke 8586df1efb Correct wrong usage information. 
PR: 95
 2002-06-12 20:15:18 +00:00
Lutz Jänicke a5200a1b8f Typo. 
PR: 72
 2002-06-04 20:43:10 +00:00
Bodo Möller 023ec151df Add 'void *' argument to app_verify_callback. 
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
 2002-02-28 10:52:56 +00:00
Lutz Jänicke ce4b274aa1 SSL_clear != SSL_free/SSL_new 2002-02-27 08:08:57 +00:00
Lutz Jänicke f0d6ee6be8 Even though it is not really practical people should know about it. 2002-02-15 07:41:42 +00:00
Lutz Jänicke a7ce69dbd7 Clarify reference count handling/removal of session 
(shinagawa@star.zko.dec.com).
 2001-11-19 11:11:23 +00:00
Bodo Möller 65123f8064 remove incorrect 'callback' prototype 2001-11-10 02:12:56 +00:00
Bodo Möller 1d8634b110 msg_callback documentation 2001-11-10 02:12:09 +00:00
Bodo Möller a661b65357 New functions SSL[_CTX]_set_msg_callback(). 
New macros SSL[_CTX]_set_msg_callback_arg().

Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).

New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.


In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.

Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).

Add/update some OpenSSL copyright notices.
 2001-10-20 17:56:36 +00:00
Bodo Möller 51008ffce1 document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 2001-10-17 11:56:26 +00:00
Lutz Jänicke 56fa8e69cf Update information as a partial response to the post 
From: "Chris D. Peterson" <cpeterson@aventail.com>
  Subject: Implementation Issues with OpenSSL
  To: openssl-users@openssl.org
  Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!
 2001-10-12 12:29:16 +00:00
Lutz Jänicke d300bcca7f Typo. 2001-09-13 15:18:51 +00:00
Lutz Jänicke d59c3e5046 One more manual page. 2001-09-13 15:05:42 +00:00
Lutz Jänicke 6d8566f2eb Rework section about return values another time (based on hints from 
Bodo Moeller).
 2001-09-13 13:21:38 +00:00
Lutz Jänicke c0f5dd070b Make maximum certifcate chain size accepted from the peer application 
settable (proposed by "Douglas E. Engert" <deengert@anl.gov>).
 2001-09-11 13:08:51 +00:00
Ulf Möller 3b80e3aa9e ispell 2001-09-07 06:13:40 +00:00
Lutz Jänicke f1b2807478 More docs. 2001-08-24 14:29:48 +00:00
Lutz Jänicke bfd7bb3eb6 Typo. 2001-08-23 17:41:20 +00:00
Lutz Jänicke 11c8f0b79d More manual pages. Constify. 2001-08-23 17:22:43 +00:00
Lutz Jänicke c4068186ac As discussed recently on openssl-users. 2001-08-23 15:00:11 +00:00
Lutz Jänicke 0a93a68020 Make clear, that using the compression layer is currently not recommended. 2001-08-23 09:42:12 +00:00
Ulf Möller f2ab7d1392 typo. 2001-08-22 18:35:17 +00:00