Richard Levitte
94805c84d1
Add -issuer_hash and make -subject_hash the default way to get the
...
subject hash, with -hash a synonym kept around for backward
compatibility reasons.
PR: 650
2003-07-03 20:45:09 +00:00
Richard Levitte
6f2f534b58
The convenience argumetn for -nameopt and -certopt is ca_default, not
...
default_ca.
PR: 653
2003-07-03 07:46:52 +00:00
Lutz Jänicke
9d19fbc4fc
Clarify wording of verify_callback() behaviour.
2003-06-26 14:03:03 +00:00
Richard Levitte
8fbb2af392
Add documentation for the new crlnumber configuration option.
2003-06-19 17:52:57 +00:00
Richard Levitte
c5aba56c5b
Typo.
2003-06-19 17:50:37 +00:00
Richard Levitte
36bad5cdfd
Add documentation for ERR_set_mark() and ERR_pop_to_mark().
2003-06-11 20:51:49 +00:00
Richard Levitte
40e5b9abeb
Typo
2003-06-09 07:56:18 +00:00
Lutz Jänicke
db01746978
Clarify return value of SSL_connect() and SSL_accept() in case of the
...
WANT_READ and WANT_WRITE conditions.
2003-06-03 09:59:44 +00:00
Lutz Jänicke
02b95b7499
Clarify ordering of certificates when using certificate chains
2003-05-30 07:45:07 +00:00
Lutz Jänicke
4f17dfcd75
Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before)
...
Submitted by: dg@sunet.ru (Daniel Ginsburg)
PR: #613
2003-05-28 20:24:57 +00:00
Richard Levitte
edd55d08f5
Brackets are now allowed, after a small hack in the processing of the
...
docs-on-web.
2003-05-23 09:08:59 +00:00
Dr. Stephen Henson
93c929e411
The square brackets in BIO_s_bio.pod for some
...
reason cause wml to bomb out with the error
message:
** Slice:Error: Some slices were not closed:
** WML:Break: Error in Pass 9 (rc=1).
** WMK:Error: Error in WML (rc=256)
As a workaround delete them for now.
2003-05-19 21:28:49 +00:00
Dr. Stephen Henson
c2dac35a02
Fix docs.
2003-05-18 23:10:46 +00:00
Richard Levitte
d6df2b281f
Add documentation on the added functionality in 'openssl ca'.
2003-04-04 14:39:44 +00:00
Richard Levitte
16b1b03543
Implement self-signing in 'openssl ca'. This makes it easier to have
...
the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.
2003-04-03 22:33:59 +00:00
Richard Levitte
8152d88799
It's recommended to use req rather than x509 to create self-signed certificates
2003-04-03 22:12:48 +00:00
Richard Levitte
4ce4884a5b
Typo correction
2003-04-03 21:55:55 +00:00
Dr. Stephen Henson
4390d66179
Update from stable branch.
2003-03-31 22:29:25 +00:00
Lutz Jänicke
423b1a840c
Add warning about unwanted side effect when calling SSL_CTX_free():
...
sessions in the external session cache might be removed.
Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il>
PR: 547
2003-03-27 22:04:05 +00:00
Dr. Stephen Henson
e5b0508a14
Update ocsp usage message and docs.
2003-03-26 00:46:47 +00:00
Richard Levitte
e986704d24
Add documentation for -starttls (s_client) and -id_prefix (s_server).
...
PR: 542
2003-03-20 16:34:27 +00:00
Richard Levitte
d177e6180d
Spelling errors.
...
PR: 538
2003-03-20 11:41:59 +00:00
Dr. Stephen Henson
6ac26a5ce5
Typo.
2003-02-27 13:02:46 +00:00
Dr. Stephen Henson
4cadedef57
Update docs.
2003-02-15 01:09:55 +00:00
Dr. Stephen Henson
a8f5b2ed50
GeneralString support in mini-ASN1 compiler
2003-02-11 14:06:27 +00:00
Richard Levitte
27a9bf17c7
PKCS#1 has a new RFC, which we do implement
2003-02-06 19:30:06 +00:00
Richard Levitte
bfa3555081
Document -engine where missing.
...
PR: 424
2003-01-30 22:02:27 +00:00
Dr. Stephen Henson
da45180de4
Correct EVP_SealInit() documentation, iv is an output
...
parameter.
2003-01-26 13:38:56 +00:00
Richard Levitte
cdc5b4a41e
Extend the HOWTO on creating certificates, and add a HOWTO in creating keys.
...
PR: 422
2003-01-14 15:42:16 +00:00
Richard Levitte
c653b56937
Correct an example that has a few typos.
...
PR: 458
2003-01-14 13:56:38 +00:00
Bodo Möller
bda2fa364d
Typo.
...
NB: This and other manual pages should be updated for the new
BN_GENCB interface.
2003-01-13 13:18:22 +00:00
Richard Levitte
e68cb95d84
Add documentation on how to handle the shared libaries.
...
PR: 423
2003-01-10 16:14:32 +00:00
Richard Levitte
360e506710
Typos corrected.
...
PR: 445
2003-01-10 08:54:01 +00:00
Lutz Jänicke
44fcd3ef3e
Add information about AES cipher suites to ciphers manual page.
...
If no authentication method is mentioned in the cipher suite name (e.g.
AES128-SHA), RSA authentication is used (PR #396 ).
2002-12-29 21:24:50 +00:00
Richard Levitte
b5beb13abb
Add SPKM among the related stanrds.
2002-12-26 22:35:04 +00:00
Richard Levitte
59c0dd56ab
Update our list of implemented and related standards.
2002-12-26 00:21:53 +00:00
Richard Levitte
dcf19c173c
Update our list of implemented and related standards.
2002-12-26 00:17:46 +00:00
Richard Levitte
18be6c4116
BIO_new_bio_pair() was unnecessarily described in it's own page as well as in
...
BIO_s_bio.pod. The most logical is to move everything needed from
BIO_new_bio_pair.pod to BIO_s_bio.pod (including the nice example)
and toss BIO_new_bio_pair.pod. I hope I got all the info over properly.
PR: 370
2002-12-12 22:12:02 +00:00
Richard Levitte
dad1535f7a
BIO_set_nbio() is enumerated, but not explained. Remove it from enumeration
...
since it's both enumerated and explained in BIO_s_connect.pod.
PR: 370
2002-12-12 22:08:49 +00:00
Lutz Jänicke
532215f2db
Missing ")"
...
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com>
Reviewed by:
PR:
2002-12-04 13:30:58 +00:00
Richard Levitte
5e4a75e79f
Correct some names.
2002-11-29 14:21:54 +00:00
Lutz Jänicke
32d21c1ef6
Better workaround to the "=head1 NAME OPTIONS" pod2latex problem:
...
NAME OPTIONS are a subset of OPTIONS, so just make it =head2!
Submitted by:
Reviewed by:
PR: 333
2002-11-18 08:15:45 +00:00
Dr. Stephen Henson
d78254aa28
Add SETWRAP modifier to ASN1 generate.
2002-11-15 00:26:07 +00:00
Lutz Jänicke
56dc24d483
Use =back to finish =over (found using pod2latex).
...
Submitted by:
Reviewed by:
PR:
2002-11-14 21:50:30 +00:00
Lutz Jänicke
84d828ab70
No such reference to link to (found running pod2latex).
...
Submitted by:
Reviewed by:
PR:
2002-11-14 21:41:54 +00:00
Dr. Stephen Henson
cfae3d94e9
Fix documentation of i2d_X509_fp and i2d_X509_bio.
2002-11-14 18:15:52 +00:00
Lutz Jänicke
1f30946481
Don't declare 2 WARNINGS sections
...
Submitted by:
Reviewed by:
PR:
2002-11-14 11:13:01 +00:00
Lutz Jänicke
b1697f189b
Opportunistic change to work around pod2latex bug: rename NAME OPTIONS
...
section to SUBJECT AND ISSUER NAME OPTIONS
Submitted by:
Reviewed by:
PR: 333
2002-11-14 11:09:07 +00:00
Lutz Jänicke
17a202add7
Correct reference to section name.
...
Submitted by:
Reviewed by:
PR:
2002-11-14 11:03:30 +00:00
Lutz Jänicke
eaad02a747
Missing =back
...
Submitted by:
Reviewed by:
PR:
2002-11-14 10:51:54 +00:00
Dr. Stephen Henson
2d780dfd81
Typo
2002-11-13 14:07:37 +00:00
Dr. Stephen Henson
04f0a6ba39
Update docs
2002-11-13 13:18:14 +00:00
Dr. Stephen Henson
d479dc1d02
Put NAME in right place, fix typo
2002-11-13 01:20:43 +00:00
Dr. Stephen Henson
137e7e3aa1
Update docs
2002-11-13 00:14:15 +00:00
Dr. Stephen Henson
ba36b61d3d
Initial ASN1 generation documentation.
2002-11-12 18:20:28 +00:00
Lutz Jänicke
7d80b27949
Typo.
...
Submitted by: assar <assar@kth.se>
Reviewed by:
PR:
2002-11-11 11:19:15 +00:00
Dr. Stephen Henson
a8c125550c
Typo
2002-11-09 18:05:33 +00:00
Richard Levitte
d6257073aa
-CAcreateserial doesn't take a filename argument.
...
PR: 332
2002-11-08 21:51:09 +00:00
Dr. Stephen Henson
d618f703ec
CRL reason code docs.
2002-11-06 01:28:55 +00:00
Geoff Thorpe
769fedc3ad
Add a HISTORY section to the man page to mention the new flags.
2002-10-29 18:05:16 +00:00
Geoff Thorpe
d9ec9d990f
The last character of inconsistency in my recent commits is hereby
...
squashed.
2002-10-29 17:51:32 +00:00
Richard Levitte
6aba658cd8
Revert, that was an incorrect change.
...
PR: 156
2002-10-29 04:34:43 +00:00
Richard Levitte
accb0c6edb
A small detail: since 0.9.7, DH_new_method() and DSA_new_method()
...
don't take an ENGINE* as parameter any more.
PR: 156
2002-10-29 04:31:46 +00:00
Geoff Thorpe
e0db2eed8d
Correct and enhance the behaviour of "internal" session caching as it
...
relates to SSL_CTX flags and the use of "external" session caching. The
existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is
supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE".
The bitwise OR of the two flags is also defined as
"SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most
applications wanting to implement session caching *entirely* by its own
provided callbacks. As the documented behaviour contradicted actual
behaviour up until recently, and since that point behaviour has itself been
inconsistent anyway, this change should not introduce any compatibility
problems. I've adjusted the relevant documentation to elaborate about how
this works.
Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these
anomalies and testing this patch for correctness.
PR: 311
2002-10-29 00:33:04 +00:00
Bodo Möller
e1c191fe44
I don't like c-tab-always-indent ...
2002-10-23 13:09:19 +00:00
Dr. Stephen Henson
0711be1696
New docs.
2002-10-20 13:20:57 +00:00
Geoff Thorpe
7521ab3d0b
Make pod2man happier.
2002-10-18 22:04:26 +00:00
Lutz Jänicke
284b216b3a
Corrected exchanged parameters in example for EVP_EncryptInit_ex()
...
Submitted by: "Marcus Carey" <marcus.carey@verizon.net>
Reviewed by:
PR: 265
2002-10-18 09:47:14 +00:00
Bodo Möller
05dbe6ee1f
change Emacs indentation style to make it easier to insert
...
tabs manually
Submitted by: Pierre Bacquet <pbacquet@delta.fr>
2002-10-17 09:16:02 +00:00
Dr. Stephen Henson
29e48c18b7
More docs.
2002-10-09 17:19:59 +00:00
Dr. Stephen Henson
982dfb7d10
Typo.
2002-10-09 17:15:35 +00:00
Dr. Stephen Henson
8c4b69d3ab
Update docs.
2002-10-09 17:05:05 +00:00
Dr. Stephen Henson
ec8ad2bb96
PKCS12_parse manual page.
2002-10-09 13:10:23 +00:00
Dr. Stephen Henson
5fbb02fcb1
PKCS12_create manual page
2002-10-09 12:06:58 +00:00
Dr. Stephen Henson
4e1b50e219
More man pages.
2002-10-09 12:06:12 +00:00
Dr. Stephen Henson
7e9db7cefc
PKCS7_verify() docs.
2002-10-08 00:40:58 +00:00
Dr. Stephen Henson
d30e4c5b0b
More docs.
2002-10-07 17:31:00 +00:00
Dr. Stephen Henson
9de6bb8abc
More d2i/i2d manual pages.
2002-10-07 13:07:00 +00:00
Dr. Stephen Henson
72e04bd13f
Document "0" and "1" naming convention.
2002-10-06 12:59:25 +00:00
Dr. Stephen Henson
4ec0448122
Update docs.
2002-10-06 12:40:31 +00:00
Dr. Stephen Henson
842d8e209b
Update docs.
2002-10-06 12:34:06 +00:00
Dr. Stephen Henson
292fcd5c7b
Update DH parameter docs.
2002-10-06 12:24:09 +00:00
Dr. Stephen Henson
1e976bdc46
Update RSAPublicKey manual page...
2002-10-06 00:03:20 +00:00
Dr. Stephen Henson
9946fceb9d
Some docs relating to X509 ASN1 functions.
...
Many other ASN1 functions are identical other
than the actual structure being handled.
2002-10-05 23:30:10 +00:00
Richard Levitte
70e96dcf59
Document should match reality :-).
...
PR: 255
2002-10-04 12:59:00 +00:00
Richard Levitte
6859cf7459
It makes more sense to refer to specific function manuals than the concept
...
manual when the specific function is refered to in the current manual text.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
2002-09-25 13:33:28 +00:00
Richard Levitte
2018681b33
Remove *all* references to RSA_PKCS1_RSAref, since it doesn't exist any more.
...
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
2002-09-25 13:26:36 +00:00
Richard Levitte
e204516178
Remove reference to RSA_PKCS1_RSAref, since it doesn't exist any more.
...
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
2002-09-25 13:25:44 +00:00
Richard Levitte
153aecf91a
It makes more sense to refer to specific function manuals than the concept
...
manual when the specific function is refered to in the current manual text.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
2002-09-25 13:11:12 +00:00
Lutz Jänicke
3403caf3da
Consequently use term URI instead of URL
...
Submitted by: TJ Saunders <tj@castaglia.org>
Reviewed by:
PR: 268
2002-09-05 07:52:05 +00:00
Bodo Möller
1fd0338b49
fix manpage
2002-08-15 14:23:23 +00:00
Richard Levitte
37f5fcf85c
Missing =back.
...
Part of PR 196
2002-08-15 10:59:55 +00:00
Geoff Thorpe
5bf738737d
These are updates/fixes to DH/DSA/RAND docs based on the fixes to the RSA
...
docs. There were a couple of other places (including RSA) where the docs
were not quite synchronised with the API that are now fixed. One or two
still remain to be fixed though ...
2002-08-05 16:27:01 +00:00
Geoff Thorpe
415e03aa6f
typo fix
2002-08-05 02:54:57 +00:00
Geoff Thorpe
ac120e20e3
Various parts of the RSA documentation were inaccurate and out of date and
...
this fixes those that I'm currently aware of. In particular, the ENGINE
interference in the RSA API has hopefully been clarified. This still needs
to be done for other areas of the API ...
2002-08-04 21:08:36 +00:00
Geoff Thorpe
3f90e45079
A single monolithic man page for the ENGINE stuff. This is a rough
...
first-cut but provides better documentation than having nothing on the
ENGINE API.
2002-08-04 20:57:19 +00:00
Bodo Möller
02750ff56f
mention SSL_do_handshake()
2002-07-29 12:35:19 +00:00
Bodo Möller
8be4e173e8
fix a typo and clarify
2002-07-22 09:04:36 +00:00
Lutz Jänicke
c6ccf055ba
New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT.
...
Submitted by:
Reviewed by:
PR: 127
2002-07-19 19:55:34 +00:00
Lutz Jänicke
20adcfa058
The behaviour is undefined when calling SSL_write() with num=0.
...
Submitted by:
Reviewed by:
PR: 141
2002-07-19 11:53:54 +00:00
Lutz Jänicke
02b7ec88bb
Manual page for SSL_do_handshake().
...
Submitted by: Martin Sjögren <martin@strakt.com>
PR: 137
2002-07-19 11:05:50 +00:00
Geoff Thorpe
0af9a89cef
This documentation change was being written at the same time as Richard's
...
changes. So I'm committing this version to overwrite his changes for now,
and he can always take his turn to overwrite my words if he wants :-)
PR: 86
2002-07-18 20:59:22 +00:00
Richard Levitte
db802c60e3
Explain why RSA_check_key() doesn't work with hard keys.
...
PR: 86
2002-07-18 19:10:57 +00:00
Richard Levitte
503f3b1a21
Add history for documented new functions.
...
PR: 59
2002-07-18 18:54:46 +00:00
Lutz Jänicke
2edcb4ac71
Typos in links between manual pages
...
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
2002-07-10 19:35:54 +00:00
Bodo Möller
cd7562091d
fix synopsis
...
Submitted by: Nils Larsch
2002-07-09 10:51:25 +00:00
Bodo Möller
c21506ba02
New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC
...
vulnerability workaround (included in SSL_OP_ALL).
PR: #90
2002-06-14 12:21:11 +00:00
Lutz Jänicke
8586df1efb
Correct wrong usage information.
...
PR: 95
2002-06-12 20:15:18 +00:00
Richard Levitte
b49053cae2
Documentation bug corrected.
...
PR: 70
2002-06-05 09:31:05 +00:00
Lutz Jänicke
a5200a1b8f
Typo.
...
PR: 72
2002-06-04 20:43:10 +00:00
Richard Levitte
305a1afcf7
a B< that wasn't properly ended.
2002-05-30 16:55:15 +00:00
Lutz Jänicke
9a26adf598
Remove item listed twice <kromJx@crosswinds.net>.
2002-05-28 17:48:54 +00:00
Lutz Jänicke
72da660ddb
Fix incorrect =over 4 location.
...
Submitted by: David Waitzman <djw@bbn.com>
Reviewed by: Lutz Jaenicke
PR: [openssl.org #38 ]
2002-05-16 17:45:37 +00:00
Richard Levitte
21d5ed98d5
Small documentation fix for EVP_CipherFinal or EVP_CipherFinal_ex.
...
Notified by Stella Power <snpower@maths.tcd.ie>.
PR: 24
2002-05-08 15:20:38 +00:00
Lutz Jänicke
c0455cbb18
Fix escaping when using the -subj option of "openssl req", document
...
'hidden' -nameopt support. (Robert Joop <joop@fokus.gmd.de>)
2002-04-30 12:08:18 +00:00
Ulf Möller
592c0e0273
another error discovered by Karsten Braaten. The number was not even
...
prime!
2002-04-13 09:58:50 +00:00
Ulf Möller
4e9ef338fc
error reported by Karsten Braaten
2002-04-07 13:33:16 +00:00
Bodo Möller
2c17323e15
Rephrase statement on the security of two-key 3DES.
...
[Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of
Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776.
Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A
known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
2002-03-05 15:29:30 +00:00
Bodo Möller
023ec151df
Add 'void *' argument to app_verify_callback.
...
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
2002-02-28 10:52:56 +00:00
Lutz Jänicke
ce4b274aa1
SSL_clear != SSL_free/SSL_new
2002-02-27 08:08:57 +00:00
Lutz Jänicke
f0d6ee6be8
Even though it is not really practical people should know about it.
2002-02-15 07:41:42 +00:00
Bodo Möller
a14e2d9dfe
New functions
...
ERR_peek_last_error
ERR_peek_last_error_line
ERR_peek_last_error_line_data
(supersedes ERR_peek_top_error).
Rename OPENSSL_NO_OLD_DES_SUPPORT into OPENSSL_DISABLE_OLD_DES_SUPPORT
because OPENSSL_NO_... indicates disabled algorithms (according to
mkdef.pl).
2002-01-24 16:16:43 +00:00
Lutz Jänicke
6ce46d69f5
Typos (jsyn <jsyn@openbsd.org>).
2002-01-21 18:01:46 +00:00
Bodo Möller
31cafe53c9
add a sentence previously deleted by accident
2002-01-04 15:22:40 +00:00
Bodo Möller
dc4ddcd2bb
add documentation for SSLeay_version(SSLEAY_DIR) and
...
'openssl version -d'
use some descriptions from Lutz' redundant manual page
instead of the previous ones
2002-01-04 15:17:09 +00:00
Lutz Jänicke
5256b021f3
Tsss, SSLeay_version() was already documented, it just was not linked in.
2002-01-04 15:05:51 +00:00
Lutz Jänicke
4ab1e7ceaf
Add information as provided by Richard Levitte on openssl-users :-)
2002-01-04 14:55:38 +00:00
Dr. Stephen Henson
06623ff028
Update PEM docs
2002-01-04 13:35:37 +00:00
Ben Laurie
ff3fa48fc7
Improve back compatibility.
2001-12-09 21:53:31 +00:00
Richard Levitte
8f0edcb3d2
I was recently informed that some people wrongly use ssleay.txt as
...
main documentation, so let's warn them a little more, so the word
"OBSOLETE" really gets understood.
2001-12-04 07:38:17 +00:00
Dr. Stephen Henson
55e42c93a8
EVP_BytesToKey documentation.
2001-12-03 03:07:37 +00:00
Dr. Stephen Henson
21a85f1977
Add -pubkey option to req command.
2001-12-01 23:03:30 +00:00
Bodo Möller
8a0a9392ab
discuss -name and default_ca more correctly (I hope)
2001-11-26 12:13:50 +00:00
Lutz Jänicke
a7ce69dbd7
Clarify reference count handling/removal of session
...
(shinagawa@star.zko.dec.com ).
2001-11-19 11:11:23 +00:00
Bodo Möller
65123f8064
remove incorrect 'callback' prototype
2001-11-10 02:12:56 +00:00
Bodo Möller
1d8634b110
msg_callback documentation
2001-11-10 02:12:09 +00:00
Bodo Möller
45582d1e2b
clarify
2001-11-08 14:54:21 +00:00
Dr. Stephen Henson
1fc6d41bf6
New options to allow req to accept UTF8 strings as input.
2001-10-26 12:40:38 +00:00
Ulf Möller
a41477f92e
remove compatibility notes that no longer apply
2001-10-25 17:45:25 +00:00
Richard Levitte
5f68c5feef
Correct some links...
2001-10-25 16:56:06 +00:00
Richard Levitte
ee84a5a7fb
Change the DES documentation to reflect the current status. Note that
...
some password reading functions are really part of the UI
compatibility library...
2001-10-25 16:55:17 +00:00
Bodo Möller
2a9aca32dc
mention des_old.h
2001-10-25 08:44:10 +00:00
Bodo Möller
89da653fa6
Add '-noemailDN' option to 'openssl ca'. This prevents inclusion of
...
the e-mail address in the DN (i.e., it will go into a certificate
extension only). The new configuration file option 'email_in_dn = no'
has the same effect.
Submitted by: Massimiliano Pala madwolf@openca.org
2001-10-25 08:25:19 +00:00
Richard Levitte
ce15d5a9dc
Remove DES_random_seed() but retain des_random_seed() for now. Change
...
the docs to reflect this change and correct libeay.num.
2001-10-25 06:46:22 +00:00
Richard Levitte
c2e4f17c1a
Due to an increasing number of clashes between modern OpenSSL and
...
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_. Compatibility routines are provided and declared by including
openssl/des_old.h. Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.
The compatibility functions will be removed in some future release, at
the latest in version 1.0.
2001-10-24 21:21:12 +00:00
Bodo Möller
a661b65357
New functions SSL[_CTX]_set_msg_callback().
...
New macros SSL[_CTX]_set_msg_callback_arg().
Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).
New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).
Add/update some OpenSSL copyright notices.
2001-10-20 17:56:36 +00:00
Bodo Möller
51008ffce1
document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
2001-10-17 11:56:26 +00:00
Dr. Stephen Henson
3811eed8d5
Update docs.
2001-10-17 01:50:32 +00:00
Dr. Stephen Henson
e72d734d5f
Update docs.
2001-10-16 02:22:59 +00:00
Lutz Jänicke
56fa8e69cf
Update information as a partial response to the post
...
From: "Chris D. Peterson" <cpeterson@aventail.com>
Subject: Implementation Issues with OpenSSL
To: openssl-users@openssl.org
Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!
2001-10-12 12:29:16 +00:00