Richard Levitte
db802c60e3
Explain why RSA_check_key() doesn't work with hard keys.
...
PR: 86
2002-07-18 19:10:57 +00:00
Richard Levitte
503f3b1a21
Add history for documented new functions.
...
PR: 59
2002-07-18 18:54:46 +00:00
Lutz Jänicke
2edcb4ac71
Typos in links between manual pages
...
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
2002-07-10 19:35:54 +00:00
Bodo Möller
cd7562091d
fix synopsis
...
Submitted by: Nils Larsch
2002-07-09 10:51:25 +00:00
Bodo Möller
c21506ba02
New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC
...
vulnerability workaround (included in SSL_OP_ALL).
PR: #90
2002-06-14 12:21:11 +00:00
Lutz Jänicke
8586df1efb
Correct wrong usage information.
...
PR: 95
2002-06-12 20:15:18 +00:00
Richard Levitte
b49053cae2
Documentation bug corrected.
...
PR: 70
2002-06-05 09:31:05 +00:00
Lutz Jänicke
a5200a1b8f
Typo.
...
PR: 72
2002-06-04 20:43:10 +00:00
Richard Levitte
305a1afcf7
a B< that wasn't properly ended.
2002-05-30 16:55:15 +00:00
Lutz Jänicke
9a26adf598
Remove item listed twice <kromJx@crosswinds.net>.
2002-05-28 17:48:54 +00:00
Lutz Jänicke
72da660ddb
Fix incorrect =over 4 location.
...
Submitted by: David Waitzman <djw@bbn.com>
Reviewed by: Lutz Jaenicke
PR: [openssl.org #38 ]
2002-05-16 17:45:37 +00:00
Richard Levitte
21d5ed98d5
Small documentation fix for EVP_CipherFinal or EVP_CipherFinal_ex.
...
Notified by Stella Power <snpower@maths.tcd.ie>.
PR: 24
2002-05-08 15:20:38 +00:00
Lutz Jänicke
c0455cbb18
Fix escaping when using the -subj option of "openssl req", document
...
'hidden' -nameopt support. (Robert Joop <joop@fokus.gmd.de>)
2002-04-30 12:08:18 +00:00
Ulf Möller
592c0e0273
another error discovered by Karsten Braaten. The number was not even
...
prime!
2002-04-13 09:58:50 +00:00
Ulf Möller
4e9ef338fc
error reported by Karsten Braaten
2002-04-07 13:33:16 +00:00
Bodo Möller
2c17323e15
Rephrase statement on the security of two-key 3DES.
...
[Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of
Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776.
Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A
known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
2002-03-05 15:29:30 +00:00
Bodo Möller
023ec151df
Add 'void *' argument to app_verify_callback.
...
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
2002-02-28 10:52:56 +00:00
Lutz Jänicke
ce4b274aa1
SSL_clear != SSL_free/SSL_new
2002-02-27 08:08:57 +00:00
Lutz Jänicke
f0d6ee6be8
Even though it is not really practical people should know about it.
2002-02-15 07:41:42 +00:00
Bodo Möller
a14e2d9dfe
New functions
...
ERR_peek_last_error
ERR_peek_last_error_line
ERR_peek_last_error_line_data
(supersedes ERR_peek_top_error).
Rename OPENSSL_NO_OLD_DES_SUPPORT into OPENSSL_DISABLE_OLD_DES_SUPPORT
because OPENSSL_NO_... indicates disabled algorithms (according to
mkdef.pl).
2002-01-24 16:16:43 +00:00
Lutz Jänicke
6ce46d69f5
Typos (jsyn <jsyn@openbsd.org>).
2002-01-21 18:01:46 +00:00
Bodo Möller
31cafe53c9
add a sentence previously deleted by accident
2002-01-04 15:22:40 +00:00
Bodo Möller
dc4ddcd2bb
add documentation for SSLeay_version(SSLEAY_DIR) and
...
'openssl version -d'
use some descriptions from Lutz' redundant manual page
instead of the previous ones
2002-01-04 15:17:09 +00:00
Lutz Jänicke
5256b021f3
Tsss, SSLeay_version() was already documented, it just was not linked in.
2002-01-04 15:05:51 +00:00
Lutz Jänicke
4ab1e7ceaf
Add information as provided by Richard Levitte on openssl-users :-)
2002-01-04 14:55:38 +00:00
Dr. Stephen Henson
06623ff028
Update PEM docs
2002-01-04 13:35:37 +00:00
Ben Laurie
ff3fa48fc7
Improve back compatibility.
2001-12-09 21:53:31 +00:00
Richard Levitte
8f0edcb3d2
I was recently informed that some people wrongly use ssleay.txt as
...
main documentation, so let's warn them a little more, so the word
"OBSOLETE" really gets understood.
2001-12-04 07:38:17 +00:00
Dr. Stephen Henson
55e42c93a8
EVP_BytesToKey documentation.
2001-12-03 03:07:37 +00:00
Dr. Stephen Henson
21a85f1977
Add -pubkey option to req command.
2001-12-01 23:03:30 +00:00
Bodo Möller
8a0a9392ab
discuss -name and default_ca more correctly (I hope)
2001-11-26 12:13:50 +00:00
Lutz Jänicke
a7ce69dbd7
Clarify reference count handling/removal of session
...
(shinagawa@star.zko.dec.com ).
2001-11-19 11:11:23 +00:00
Bodo Möller
65123f8064
remove incorrect 'callback' prototype
2001-11-10 02:12:56 +00:00
Bodo Möller
1d8634b110
msg_callback documentation
2001-11-10 02:12:09 +00:00
Bodo Möller
45582d1e2b
clarify
2001-11-08 14:54:21 +00:00
Dr. Stephen Henson
1fc6d41bf6
New options to allow req to accept UTF8 strings as input.
2001-10-26 12:40:38 +00:00
Ulf Möller
a41477f92e
remove compatibility notes that no longer apply
2001-10-25 17:45:25 +00:00
Richard Levitte
5f68c5feef
Correct some links...
2001-10-25 16:56:06 +00:00
Richard Levitte
ee84a5a7fb
Change the DES documentation to reflect the current status. Note that
...
some password reading functions are really part of the UI
compatibility library...
2001-10-25 16:55:17 +00:00
Bodo Möller
2a9aca32dc
mention des_old.h
2001-10-25 08:44:10 +00:00
Bodo Möller
89da653fa6
Add '-noemailDN' option to 'openssl ca'. This prevents inclusion of
...
the e-mail address in the DN (i.e., it will go into a certificate
extension only). The new configuration file option 'email_in_dn = no'
has the same effect.
Submitted by: Massimiliano Pala madwolf@openca.org
2001-10-25 08:25:19 +00:00
Richard Levitte
ce15d5a9dc
Remove DES_random_seed() but retain des_random_seed() for now. Change
...
the docs to reflect this change and correct libeay.num.
2001-10-25 06:46:22 +00:00
Richard Levitte
c2e4f17c1a
Due to an increasing number of clashes between modern OpenSSL and
...
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_. Compatibility routines are provided and declared by including
openssl/des_old.h. Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.
The compatibility functions will be removed in some future release, at
the latest in version 1.0.
2001-10-24 21:21:12 +00:00
Bodo Möller
a661b65357
New functions SSL[_CTX]_set_msg_callback().
...
New macros SSL[_CTX]_set_msg_callback_arg().
Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).
New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).
Add/update some OpenSSL copyright notices.
2001-10-20 17:56:36 +00:00
Bodo Möller
51008ffce1
document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
2001-10-17 11:56:26 +00:00
Dr. Stephen Henson
3811eed8d5
Update docs.
2001-10-17 01:50:32 +00:00
Dr. Stephen Henson
e72d734d5f
Update docs.
2001-10-16 02:22:59 +00:00
Lutz Jänicke
56fa8e69cf
Update information as a partial response to the post
...
From: "Chris D. Peterson" <cpeterson@aventail.com>
Subject: Implementation Issues with OpenSSL
To: openssl-users@openssl.org
Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!
2001-10-12 12:29:16 +00:00
Lutz Jänicke
e1c279b63d
Small documentation fixes (Howard Lum <howard@pumpkin.canada.sun.com>)
2001-10-08 08:37:24 +00:00
Lutz Jänicke
d300bcca7f
Typo.
2001-09-13 15:18:51 +00:00
Lutz Jänicke
d59c3e5046
One more manual page.
2001-09-13 15:05:42 +00:00
Lutz Jänicke
6d8566f2eb
Rework section about return values another time (based on hints from
...
Bodo Moeller).
2001-09-13 13:21:38 +00:00
Lutz Jänicke
c0f5dd070b
Make maximum certifcate chain size accepted from the peer application
...
settable (proposed by "Douglas E. Engert" <deengert@anl.gov>).
2001-09-11 13:08:51 +00:00
Ulf Möller
3b80e3aa9e
ispell
2001-09-07 06:13:40 +00:00
Bodo Möller
983495c4b2
Use uniformly chosen witnesses for Miller-Rabin test
...
(by using new BN_pseudo_rand_range function)
2001-09-03 12:58:16 +00:00
Lutz Jänicke
f1b2807478
More docs.
2001-08-24 14:29:48 +00:00
Lutz Jänicke
bfd7bb3eb6
Typo.
2001-08-23 17:41:20 +00:00
Lutz Jänicke
11c8f0b79d
More manual pages. Constify.
2001-08-23 17:22:43 +00:00
Lutz Jänicke
c4068186ac
As discussed recently on openssl-users.
2001-08-23 15:00:11 +00:00
Lutz Jänicke
0a93a68020
Make clear, that using the compression layer is currently not recommended.
2001-08-23 09:42:12 +00:00
Ulf Möller
f2ab7d1392
typo.
2001-08-22 18:35:17 +00:00
Lutz Jänicke
141e584998
One more manual page...
2001-08-21 14:54:54 +00:00
Lutz Jänicke
336736ef35
Documentation on how to handle compression methods.
...
Hopefully it is clear enough, that it is currently not recommended.
2001-08-21 13:02:58 +00:00
Lutz Jänicke
d93eb21c7c
More interdependencies with respect to shutdown behaviour.
2001-08-20 14:34:16 +00:00
Lutz Jänicke
a403188f92
Alert description strings for TLSv1 and documentation.
2001-08-19 16:20:42 +00:00
Lutz Jänicke
52129c0b0b
More details about session timeout settings.
2001-08-17 16:36:51 +00:00
Lutz Jänicke
a52877a2f1
One more function documented.
2001-08-17 15:54:50 +00:00
Lutz Jänicke
cdd7c3ce92
SSL_shutdown() has even more properties...
2001-08-17 15:09:31 +00:00
Lutz Jänicke
c1497b4d19
One more step on the way for complete documentation...
2001-08-17 14:32:38 +00:00
Lutz Jänicke
b2ed462934
Unidirectional shutdown is allowed according to the RFC.
2001-08-17 09:08:32 +00:00
Lutz Jänicke
9e09eebf94
Better description of the behaviour of SSL_shutdown() as it is now, broken
...
or not.
2001-08-16 14:27:55 +00:00
Bodo Möller
3f1c4e49a3
add missing link
2001-08-08 15:09:06 +00:00
Lutz Jänicke
06da6e4977
Don't disable rollback attack detection as a recommended bug workaround.
2001-08-03 08:45:13 +00:00
Lutz Jänicke
37f599bcec
Reworked manual pages with a lot of input from Bodo Moeller.
2001-07-31 15:04:50 +00:00
Ben Laurie
8408f4fbc7
Document DES changes better.
2001-07-31 13:33:58 +00:00
Bodo Möller
924875e53b
Undo DH_generate_key() change: s3_srvr.c was using it correctly
2001-07-27 22:34:25 +00:00
Bodo Möller
6aecef815c
Don't preserve existing keys in DH_generate_key.
2001-07-25 17:20:34 +00:00
Lutz Jänicke
7abe76e1bd
Fix wrong information about SSL_set_connect_state()...
2001-07-25 12:12:51 +00:00
Lutz Jänicke
3e3dac9f97
Additional inline reference.
2001-07-23 12:57:37 +00:00
Lutz Jänicke
397ba0f08a
Add missing reference.
2001-07-23 12:52:05 +00:00
Lutz Jänicke
4db48ec0bd
Documentation about ephemeral key exchange
2001-07-21 11:02:17 +00:00
Lutz Jänicke
6d3dec92fb
Updated explanation.
2001-07-20 19:23:43 +00:00
Lutz Jänicke
2d3b6a5be7
Some more documentation bits.
2001-07-20 18:57:15 +00:00
Dr. Stephen Henson
534a1ed0cb
Allow OCSP server to handle multiple requests.
...
Document new OCSP options.
2001-07-13 13:13:44 +00:00
Lutz Jänicke
a1a63a4239
Clarify! (based on recent mailing-list discussions)
2001-07-11 15:10:28 +00:00
Bodo Möller
e9ad0d2c31
Fix PRNG.
2001-07-10 10:49:34 +00:00
Lutz Jänicke
43f9391bcc
When only the key is given to "enc", the IV is undefined
...
(found by Andy Brown <logic@warthog.com>).
2001-07-03 10:31:11 +00:00
Dr. Stephen Henson
181355616e
Add examples to EVP_EncryptInit manual page.
2001-05-17 13:03:20 +00:00
Lutz Jänicke
74daa124c2
Add missing item(s) SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT.
2001-05-16 09:43:51 +00:00
Lutz Jänicke
5892855c5f
Typos.
2001-05-14 09:52:44 +00:00
Lutz Jänicke
a6e859e9ec
One more point to clarify, pointed out by "Greg Stark" <ghstark@pobox.com>
2001-05-14 09:02:38 +00:00
Lutz Jänicke
33ab4699ba
Clarify behaviour with respect to SSL/TLS records.
2001-05-12 09:49:02 +00:00
Lutz Jänicke
4b3270f78e
Clarify behaviour of SSL_write() by mentioning SSL_MODE_ENABLE_PARTIAL_WRITE
...
flag as discussed on the mailing list.
2001-05-11 09:53:10 +00:00
Lutz Jänicke
0ea659475c
Typo (reported by Petr Lancaric <Petr.Lancaric@ips-ag.cz>)
2001-04-25 15:24:47 +00:00
Lutz Jänicke
197322455d
Clarify request of client certificates. This is a FAQ.
2001-04-17 13:18:56 +00:00
Lutz Jänicke
cb2a0e1319
Missing link ("Greg Stark" <gstark@ethentica.com>)
2001-04-12 21:11:31 +00:00
Lutz Jänicke
638b0d4277
Fix wrong information with respect to CAs listed to the client
...
(follows from technical discussion with Amit Chopra <amitc@pspl.co.in>).
2001-04-12 16:02:34 +00:00
Lutz Jänicke
f7181a9179
Typo (Jun-ichiro itojun Hagino <itojun@iijlab.net>)
2001-04-12 11:45:42 +00:00
Bodo Möller
fba9046490
Update docs.
2001-03-21 15:25:56 +00:00
Dr. Stephen Henson
02ee8626fb
Fix PKCS#12 key generation bug.
2001-03-18 02:11:42 +00:00
Dr. Stephen Henson
791bd0cd2b
Add copy_extensions option to 'ca' utility.
2001-03-16 02:04:17 +00:00
Dr. Stephen Henson
e890dcdb19
Add 'align' option to nameopt.
...
Add default values for display by the 'ca' utility
to openssl.cnf
Update docs.
2001-03-15 22:45:20 +00:00
Lutz Jänicke
eb272ac0b0
Forgot "cvs add", so only the surrounding changes made it... sigh.
2001-03-15 12:42:04 +00:00
Dr. Stephen Henson
0a3ea5d34a
Document the -certopt option to the x509 utility.
...
Add no_issuer option.
Fix X509_print_ex() so it prints out newlines when
certain fields are omitted.
2001-03-15 01:15:54 +00:00
Dr. Stephen Henson
a29d78e90b
Initial docs for PEM routines.
2001-03-11 20:29:28 +00:00
Richard Levitte
7b8250053b
Document the change.
2001-03-10 16:28:49 +00:00
Dr. Stephen Henson
cc5ba6a7b6
Update docs.
2001-03-09 13:57:14 +00:00
Bodo Möller
e34cfcf7e1
Consistently use 'void *' for SSL read, peek and write functions.
2001-03-09 10:09:20 +00:00
Dr. Stephen Henson
1358835050
Change the EVP_somecipher() and EVP_somedigest()
...
functions to return constant EVP_MD and EVP_CIPHER
pointers.
Update docs.
2001-03-09 02:51:02 +00:00
Lutz Jänicke
b72ff47037
Add newly learned knowledge from yesterday's discussion.
2001-03-08 17:24:02 +00:00
Bodo Möller
98499135d7
Constify BN_value_one.
2001-03-08 13:58:09 +00:00
Bodo Möller
bad4058574
New option '-subj arg' for 'openssl req' and 'openssl ca'. This
...
sets the subject name for a new request or supersedes the
subject name in a given request.
Add options '-batch' and '-verbose' to 'openssl req'.
Submitted by: Massimiliano Pala <madwolf@hackmasters.net>
Reviewed by: Bodo Moeller
2001-03-05 11:09:43 +00:00
Lutz Jänicke
45ecfb1973
Typo, spotted by "Greg Stark" <gstark@ethentica.com>.
2001-03-01 16:50:11 +00:00
Lutz Jänicke
3cdc8ad07a
Describe new callback for session id generation.
2001-02-23 21:38:42 +00:00
Lutz Jänicke
2c1571b4ff
SSL_get_version() was an easy one :-)
2001-02-23 21:05:56 +00:00
Ulf Möller
335c4f0966
BN_rand_range() needs a BN_rand() variant that doesn't set the MSB.
2001-02-20 00:23:07 +00:00
Richard Levitte
cf1b7d9664
Make all configuration macros available for application by making
...
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Ulf Möller
52d160d85d
ispell
2001-02-16 02:09:53 +00:00
Ulf Möller
54ff1e6ae5
pod format error
2001-02-16 01:44:24 +00:00
Lutz Jänicke
52b621db88
Add "-rand" option to s_client and s_server.
2001-02-15 10:22:07 +00:00
Dr. Stephen Henson
f2e5ca84d4
Option to disable standard block padding with EVP API.
...
Add -nopad option to enc command.
Update docs.
2001-02-14 02:11:52 +00:00
Lutz Jänicke
8e495e4ac7
Finish first round of session cache documentation.
2001-02-13 14:00:09 +00:00
Lutz Jänicke
f282ca7413
New manual page: SSL_CTX_set_mode.
2001-02-13 11:43:11 +00:00
Lutz Jänicke
41ecaba97e
More about session caching.
2001-02-11 17:01:36 +00:00
Lutz Jänicke
96dfab9e0e
Include information that automatic query is a new feature.
2001-02-10 19:10:36 +00:00
Lutz Jänicke
1b65ce7db3
Update for 0.9.7 with SSL_OP_CIPHER_SERVER_PREFERENCE.
2001-02-10 16:21:38 +00:00
Lutz Jänicke
7b9cb4a224
Manual page for SSL_CTX_set_options(). Unfortunately for some of the
...
options someone much longer working with OpenSSL/SSLeay is needed.
2001-02-10 16:18:35 +00:00
Bodo Möller
e306892994
Simplify BN_rand_range
2001-02-10 00:34:02 +00:00
Lutz Jänicke
b5f6d9dc6e
Fix "wierd" typo as submitted by Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>.
2001-02-09 19:03:53 +00:00
Ulf Möller
466e4249ab
Note that EGD is used automatically.
2001-02-08 17:16:44 +00:00
Ulf Möller
9fbc45b159
cleanup
2001-02-08 17:14:07 +00:00
Bodo Möller
35ed8cb8b6
Integrate my implementation of a countermeasure against
...
Bleichenbacher's DSA attack. With this implementation, the expected
number of iterations never exceeds 2.
New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
2001-02-08 12:14:51 +00:00
Lutz Jänicke
420125f996
Update documentation to match the state at 0.9.6 _and_ the recent changes.
2001-02-08 10:42:01 +00:00
Ulf Möller
57e7d3ce15
Bleichenbacher's DSA attack
2001-02-07 22:24:35 +00:00
Lutz Jänicke
0bc6597d4d
Documenting session caching, 2nd step.
2001-02-04 18:05:27 +00:00
Lutz Jänicke
7403c34b0b
Clarify why SSL_CTX_use_certificate_chain_file() should be preferred.
2001-02-03 15:15:00 +00:00
Lutz Jänicke
9022f2403b
Typo: on my screen it nicely wrapped around at 80 :-)
2001-02-03 11:02:02 +00:00
Lutz Jänicke
8cbceba610
Document session caching, first step.
2001-02-02 14:40:52 +00:00
Lutz Jänicke
cd6aa710b5
New manual page for a hardly known but important item :-)
2001-01-31 14:14:20 +00:00
Geoff Thorpe
67c3cf0675
Insert a missing space to stop pod2man giving stroppy "malformed" warnings.
2001-01-25 02:26:58 +00:00
Lutz Jänicke
e58d808a4c
Copy over just written manpage to the ones still missing.
2001-01-23 11:04:52 +00:00
Lutz Jänicke
751b5e8ff2
Add entries for new manpages...
2001-01-23 10:47:41 +00:00
Ulf Möller
9756da13dd
Use the correct number of arguments in the example.
2001-01-21 19:46:50 +00:00
Lutz Jänicke
b5a6f0a92d
Documentation about SSL_get_ex_data_X509_STORE_CTX_idx and
...
SSL_get_ex_new_index() functionality. Extended verify_callback()
example to show the usage.
2001-01-20 16:22:43 +00:00
Dr. Stephen Henson
bfcec27d61
Update ocsp utility documentation.
2001-01-20 01:26:28 +00:00
Ulf Möller
a068630a20
link to the new manpage.
2001-01-15 22:19:30 +00:00
Bodo Möller
dfebac32c0
New '-extfile' option for 'openssl ca'.
...
This allows keeping extensions in a separate configuration file.
Submitted by: Massimiliano Pala <madwolf@comune.modena.it>
2001-01-15 11:35:24 +00:00
Geoff Thorpe
ab5db00717
Update the LHASH man page.
...
* Correct some prototypes and macros with respect to "const"ness.
* Add the extra macros and examples due to the lh_doall[_arg] modifications
made recently. The existing example is also reworked for consistency.
* Rewrite, tweak, and supplement bits of the existing comments that seemed
(IMHO) to be a little convoluted and misleading.
* Add a NOTE section that explains the use of macros and avoiding function
casts (ie. generate a wrapper as with the macros, or prototype any
callback functions exactly to not require casting). Also, explain the
"const" approach taken in LHASH for the purposes of API comprehensibility
and also application code auditing.
2001-01-14 23:37:42 +00:00
Dr. Stephen Henson
b4b1bdd5d3
Preliminary ocsp utility documentation.
...
Fix ocsp usage message.
2001-01-14 00:52:19 +00:00
Bodo Möller
d199858e89
New -newreq-nodes option to CA.pl.
...
Submitted by: Damien Miller <djm@mindrot.org>
2001-01-11 13:23:19 +00:00
Bodo Möller
b62a0c4cab
Add a pointer to digest options in the description of -fingerprint.
2001-01-10 14:35:20 +00:00
Bodo Möller
a0aae68cf6
Fix SSL_peek and SSL_pending.
2000-12-25 18:40:46 +00:00
Ulf Möller
4ce7894c4a
c&p error spotted by Martin Forssen
2000-12-13 23:00:33 +00:00
Lutz Jänicke
cc93ae3ef4
Add description of SSL_[CTX_]_check_private_key().
2000-12-12 21:06:29 +00:00
Lutz Jänicke
66ebbb6a56
Add manual pages for certficate/key loading and friends.
2000-12-08 14:29:13 +00:00
Richard Levitte
1435ccfba1
Update the internal docs.
2000-12-05 19:18:51 +00:00
Lutz Jänicke
d766a23deb
Typo and additional information about cert-chain building.
2000-12-05 16:47:22 +00:00
Lutz Jänicke
b1e21f8fac
Add EXAMPLES for SSL_CIPHER_description() output.
2000-12-05 16:45:26 +00:00
Geoff Thorpe
ebff44b83a
Sync up with a minor change in lhash.h
2000-12-04 04:54:59 +00:00
Geoff Thorpe
733777275b
Update the documentation to the current state of the LHASH changes. There
...
will probably be more when the lh_doall[_arg] callbacks are similarly
tidied up, but this 'pod' should now be current.
2000-12-04 04:35:04 +00:00
Richard Levitte
862e973b50
Write a first HOWTO on how to create certificates. This is currently
...
a draft.
2000-12-01 17:44:33 +00:00
Ulf Möller
06676624fc
Add a warning about the usage of the montgomery functions (if the inputs
...
are not reduced modulo m, the outputs won't be either).
2000-11-29 22:37:14 +00:00
Bodo Möller
5acaa49504
More BN_mod_... functions.
2000-11-26 18:31:32 +00:00
Bodo Möller
535b9b5724
Add bn_mod.c (should have happend in the previous commit ...).
...
BN_swap manual page.
2000-11-26 16:46:57 +00:00
Bodo Möller
78a0c1f18d
modular arithmetics
...
"make update"
2000-11-26 16:42:38 +00:00
Bodo Möller
b1d6e3f551
Documentation on using the SSL library with non-blocking I/O.
2000-11-17 10:25:46 +00:00
Bodo Möller
db70a3fd6e
Improve usability of 'openssl passwd' by including
...
password verification where it makes sense.
2000-11-17 09:03:02 +00:00
Lutz Jänicke
803e4e93d4
Fill in missing information about the string returned from
...
SSL_CIPHER_description(), as there is no other API function to find
out details about the cipher used besides the number of bits or protocol used.
2000-11-15 18:42:41 +00:00
Bodo Möller
2984b0ae24
Additional explanations for SSL_ERROR_WANT_READ/WRITE.
2000-11-12 19:17:22 +00:00
Bodo Möller
cb4ae6c0d3
Point to SSL_set_bio(3) early because that manpage provides
...
information that is essential for using BIO pairs.
2000-11-10 07:50:18 +00:00
Bodo Möller
359fd02fec
add missing word
2000-11-10 07:46:11 +00:00
Richard Levitte
ccb9643f02
Remove references to RSAref. The glue library is but a memory to fade
...
away now...
2000-11-08 17:51:37 +00:00
Ulf Möller
458d356db9
looks like a cut&paste error
2000-11-06 21:28:38 +00:00
Richard Levitte
1d833a9910
Update the standards list to the current status
2000-11-02 22:55:14 +00:00
Richard Levitte
5270e7025e
Merge the engine branch into the main trunk. All conflicts resolved.
...
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Ulf Möller
a2bbe59401
s_server not s_client
2000-10-23 19:13:35 +00:00
Ulf Möller
0fa504b68d
Correction from Tani Hosokawa <unknown@riverstyx.net>
2000-10-23 14:02:02 +00:00
Ulf Möller
bbdc9c98a8
give pseudo prototypes instead of macro definitions for better clarity
2000-10-19 22:02:21 +00:00
Ulf Möller
11b62699a1
"DESCRIPTION" is required.
2000-10-19 19:40:35 +00:00
Ulf Möller
14a74a21f0
correction from Lutz
2000-10-19 15:19:41 +00:00
Ulf Möller
9bd3bd227f
Add short overview, move header files section further down.
2000-10-18 23:08:55 +00:00
Ulf Möller
d0ef53bd2d
cosmetic changes
2000-10-18 22:51:34 +00:00
Ulf Möller
8d3f155a66
cosmetic change
2000-10-18 22:01:47 +00:00
Richard Levitte
553615f500
New docs and new facts in older docs.
...
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-10-12 09:56:36 +00:00
Dr. Stephen Henson
924046ce75
Make non blocking I/O work for accept BIOs.
2000-10-12 01:50:33 +00:00
Richard Levitte
53fe8d5be5
A few small corrections to the SSL documentation.
...
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-10-10 09:15:47 +00:00
Richard Levitte
356c06c776
More SSL functions documented. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-10-03 22:02:28 +00:00
Ulf Möller
a87aa87bcc
The des_modes manpage is in section 7.
2000-09-27 21:45:20 +00:00
Bodo Möller
b7af080fb1
Add BUGS section.
2000-09-26 12:15:53 +00:00
Ulf Möller
393e826ec3
typo
2000-09-25 05:55:19 +00:00
Ulf Möller
8fdec3e558
stop perlpod from complaining.
2000-09-23 07:30:28 +00:00
Ulf Möller
69431c2998
more manpage links.
2000-09-23 07:16:17 +00:00
Dr. Stephen Henson
dbba890cf1
Only use the new informational verify codes if we
...
specifically ask for them.
Fix typo in docs.
2000-09-22 21:32:08 +00:00
Richard Levitte
4aa4f333ed
Change IMPORTANT to WARNING for greater emphasis.
2000-09-21 17:21:15 +00:00
Richard Levitte
c19b6c922a
Clarifications and new documents.
...
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-21 06:46:15 +00:00
Richard Levitte
4759abc5f2
New documents. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-20 16:55:26 +00:00
Richard Levitte
e31e385ce3
Mistakes corrected. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-20 16:52:05 +00:00
Ulf Möller
18edda0f92
Malloc() -> OPENSSL_malloc() etc.
2000-09-20 03:28:54 +00:00
Ulf Möller
89681b183d
The RSA patent will have expired when the next version is released...
2000-09-20 03:25:33 +00:00
Ulf Möller
c8973693ab
ispell.
2000-09-20 03:24:36 +00:00
Dr. Stephen Henson
4e87e05b25
Add docs for X509_get_ext_d2i() function.
...
Add some major changes to NEWS...
2000-09-20 00:50:25 +00:00
Richard Levitte
933f32cc4d
Document SSL_library_init() and it's aliases. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-19 23:12:57 +00:00
Richard Levitte
c6def253b4
Type correction. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-19 23:11:42 +00:00
Richard Levitte
dd3430a6e9
Extend the docs on setting the cipher list. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-19 23:10:32 +00:00
Richard Levitte
c15602f48e
Reorder the Blowfish documentation so the low-level routines do not get so prominent, and make sure to say out loud what they expect.
2000-09-19 06:15:33 +00:00
Dr. Stephen Henson
3b2cbbcb9a
Clarify the BIO_seek() mess and related issues.
...
Buffering BIO docs.
2000-09-18 23:05:33 +00:00
Ulf Möller
c69c47b9fe
ispell
2000-09-18 22:58:02 +00:00
Richard Levitte
615513ba52
New documentation about things related to SSL_CIPHER. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-18 16:42:30 +00:00
Richard Levitte
e17b712894
Restore the descriptions to conform with the rest of the
...
documentation. We'll work on better documents after the release of
0.9.6.
2000-09-17 19:20:17 +00:00
Bodo Möller
07fcf422a1
Rename new BIO_set_shutdown_wr macro to just BIO_shutdown_wr
...
(it's similar to the shutdown(..., SHUT_WR) system call
for sockets).
2000-09-17 01:23:53 +00:00
Richard Levitte
da542e1bf7
Move text that isn't really descriptions of the functions in the page
...
to the NOTES section, and add references to the functions mentioned
(and perhaps a few more).
2000-09-16 23:32:33 +00:00
Richard Levitte
93fe6e13a3
Add BIO_seek() and BIO_tell() to the BIO control functions manual.
2000-09-16 23:31:03 +00:00
Dr. Stephen Henson
2c281ebb6c
New macro BIO_set_shutdown_wr().
...
Update docs.
2000-09-16 21:21:01 +00:00
Bodo Möller
37b08e8365
SSL => TLS/SSL
2000-09-16 16:05:34 +00:00
Bodo Möller
318f962928
TLS => TLS/SSL
2000-09-16 16:02:35 +00:00
Bodo Möller
acb5b34328
Change spelling back to "behaviour" and "flavour" instead of the
...
American variants.
2000-09-16 16:00:38 +00:00
Bodo Möller
c1629c9ea2
Clarification.
2000-09-16 15:55:57 +00:00
Ulf Möller
1e4e549296
ispell and some other nit-picking
2000-09-16 15:39:28 +00:00
Dr. Stephen Henson
439fb8e1e0
Remove redundant manpages and references to them.
2000-09-16 12:01:38 +00:00
Ulf Möller
53e44d90c7
add links to the new BIO and SSL manpages to make them visible on the web.
2000-09-16 06:04:43 +00:00
Dr. Stephen Henson
32751b8ab1
BIO_f_ssl() docs.
2000-09-16 01:32:42 +00:00
Dr. Stephen Henson
68a1c6b0d9
Accept BIO docs.
2000-09-15 17:31:47 +00:00
Dr. Stephen Henson
2273d6b657
Update BIO_s_connect().
2000-09-15 00:28:47 +00:00
Bodo Möller
e39c194387
Some small clarifications.
2000-09-14 22:09:55 +00:00
Richard Levitte
e1b78bc64d
In the name section, all the functions described shoud be enumerated.
...
This will also make it much simpler to generate softlinks name like
each function to man-pages containing the info.
2000-09-14 21:23:28 +00:00
Richard Levitte
e65c84abb0
Update the info on version numbering
2000-09-14 21:22:19 +00:00
Richard Levitte
8eec1389fb
BIO_seed() and BIO_tell() were documented in two other documents,
...
which is redundant. They are now in their own document.
Also, in the name section, all the functions described shoud be
enumerated. This will also make it much simpler to generate softlinks
name like each function to man-pages containing the info.
2000-09-14 20:24:56 +00:00
Richard Levitte
e38dabbc0c
BIO_seed() and BIO_tell() were documented in two other documents,
...
which is redundant. Instead, move them to their own page.
2000-09-14 20:23:17 +00:00
Richard Levitte
54731d75d7
Items without a =over and a =back are ignored.
2000-09-14 20:22:14 +00:00
Dr. Stephen Henson
18f2259499
BIO_s_bio() manual page detailing BIO pair.
...
This combines several manual pages provided by
Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>,
various comments by Bodo to the lists and a bit
of source examination by me.
2000-09-14 18:55:39 +00:00
Richard Levitte
7fcc8326e3
Remove indentation in the NAME section. There's really no need to
...
indent there, especially since the pod2* scripts will regard that as
preformated text. In one case, indent a code section one step.
2000-09-14 13:17:55 +00:00
Richard Levitte
cc99526db1
Add a number of documentation files, mostly for SSL routines, but also
...
for a few BIO routines.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-14 13:11:56 +00:00
Dr. Stephen Henson
bace212474
Initial connect BIO docs.
2000-09-14 12:44:34 +00:00
Richard Levitte
e117a890ca
Remove indentation in the NAME section. There's really no need to
...
indent there, especially since the pod2* scripts will regard that as
preformated text. In one case, indent a code section one step.
2000-09-14 12:14:41 +00:00
Dr. Stephen Henson
6dcbaf5857
Docs for socket BIO.
2000-09-14 00:05:50 +00:00
Dr. Stephen Henson
02ef611ef3
BIO_s_fd() manual page.
2000-09-13 17:27:42 +00:00
Dr. Stephen Henson
4041156461
Clarify some of the I/O issues.
...
Add case of using select() and blocking I/O with
BIOs and why you shouldn't (thanks Bodo!).
2000-09-13 00:20:24 +00:00
Dr. Stephen Henson
d572cb6c1c
More BIO docs.
2000-09-12 01:56:56 +00:00
Dr. Stephen Henson
b1ccd57b18
Docs for cipher and base64 BIOs.
2000-09-11 01:04:09 +00:00
Dr. Stephen Henson
5fd0cd9a9b
More new BIO docs, correct some old ones.
2000-09-10 17:36:15 +00:00
Dr. Stephen Henson
d7b9c76c72
More preliminary BIO docs...
...
Incomplete and possibly inaccurate. Hope somone is
checking these :-)
2000-09-10 01:52:26 +00:00
Dr. Stephen Henson
b144a5e907
Really add BIO_read this time...
2000-09-09 01:01:35 +00:00
Dr. Stephen Henson
c5a3b7e790
Add BIO_read() (etc.) docs.
...
Add an ASN1 FAQ because I'm sick of answering it :-)
2000-09-09 00:59:37 +00:00
Dr. Stephen Henson
709e85953d
Update verify docs.
...
New option to verify program to print out diagnostics.
2000-09-08 00:53:58 +00:00
Dr. Stephen Henson
84b65340e1
Two new PKCS#12 demo programs.
...
Update PKCS12_parse().
Make the keyid in certificate aux info more usable.
2000-09-07 23:14:26 +00:00
Dr. Stephen Henson
f50c11ca40
Ugh, BIO_find_type() cannot be passed a NULL.
...
Fix doc example, and fix BIO_find_type().
Fix PKCS7_verify(). It was using 'i' for both the
loop variable and the verify return value.
2000-09-07 17:42:25 +00:00
Dr. Stephen Henson
cfd3bb1785
Add docs for BIO_find_type() and friends.
...
Added function BIO_next() otherwise you can't
traverse a chain without accessing BIO internals.
2000-09-07 13:04:27 +00:00
Bodo Möller
1974a58fe0
clarification (source/sink BIOs are usually *both* source and sink)
2000-09-07 08:07:55 +00:00
Dr. Stephen Henson
47770c4dfb
Some BIO docs, incomplete, more to follow.
...
Hmmm I didn't realise BIO_pop() did that:
isn't source wonderful?
2000-09-07 00:22:31 +00:00
Bodo Möller
2b40660ec1
Add OAEP. Seed the PRNG.
2000-09-06 11:49:43 +00:00