Commit graph

4387 commits

Author SHA1 Message Date
Lutz Jänicke
e7cf7fcd21 Allow client certificate lists > 16kB ("Douglas E. Engert" <deengert@anl.gov>.) 2001-08-25 11:49:24 +00:00
Lutz Jänicke
bb8aab0211 Wording of comment... 2001-08-25 11:33:34 +00:00
Lutz Jänicke
0fbf5f7102 Needed for build on SunOS 4.1.x with gcc (Jeffrey Hutzelman <jhutz@cmu.edu>). 2001-08-25 11:31:19 +00:00
Lutz Jänicke
f1b2807478 More docs. 2001-08-24 14:29:48 +00:00
Lutz Jänicke
faacb092f8 -passin argument not used when actually loading the key
(found by Massimiliano Pala <madwolf@hackmasters.net>).
2001-08-24 13:33:15 +00:00
Dr. Stephen Henson
b439a74620 Load OCSP responder key before waiting for an incoming
connection so it can prompt for pass phrase on startup
instead of after the first connection.

Add -port switch to usage message.
2001-08-23 23:54:11 +00:00
Dr. Stephen Henson
3132ab8ce6 Add #ifdefs to some devcrypto code 2001-08-23 23:52:38 +00:00
Lutz Jänicke
bfd7bb3eb6 Typo. 2001-08-23 17:41:20 +00:00
Lutz Jänicke
11c8f0b79d More manual pages. Constify. 2001-08-23 17:22:43 +00:00
Lutz Jänicke
c4068186ac As discussed recently on openssl-users. 2001-08-23 15:00:11 +00:00
Lutz Jänicke
0a93a68020 Make clear, that using the compression layer is currently not recommended. 2001-08-23 09:42:12 +00:00
Ulf Möller
f2ab7d1392 typo. 2001-08-22 18:35:17 +00:00
Ben Laurie
c41ab9ade5 More tests. 2001-08-22 16:09:57 +00:00
Lutz Jänicke
141e584998 One more manual page... 2001-08-21 14:54:54 +00:00
Lutz Jänicke
336736ef35 Documentation on how to handle compression methods.
Hopefully it is clear enough, that it is currently not recommended.
2001-08-21 13:02:58 +00:00
Lutz Jänicke
df7cb13525 Checked in from the wrong !@#$%&*() copy... 2001-08-21 07:27:02 +00:00
Lutz Jänicke
d93eb21c7c More interdependencies with respect to shutdown behaviour. 2001-08-20 14:34:16 +00:00
Lutz Jänicke
a403188f92 Alert description strings for TLSv1 and documentation. 2001-08-19 16:20:42 +00:00
Ben Laurie
82b2230527 Add RC4 support to OpenBSD. 2001-08-18 16:04:36 +00:00
Ben Laurie
a8a004987c Add AES tests. 2001-08-18 16:02:52 +00:00
Ben Laurie
0e36019977 Add EVP test program. 2001-08-18 13:53:01 +00:00
Ben Laurie
354c3ace73 Add first cut symmetric crypto support. 2001-08-18 10:22:54 +00:00
Lutz Jänicke
52129c0b0b More details about session timeout settings. 2001-08-17 16:36:51 +00:00
Lutz Jänicke
a52877a2f1 One more function documented. 2001-08-17 15:54:50 +00:00
Lutz Jänicke
cdd7c3ce92 SSL_shutdown() has even more properties... 2001-08-17 15:09:31 +00:00
Lutz Jänicke
c1497b4d19 One more step on the way for complete documentation... 2001-08-17 14:32:38 +00:00
Lutz Jänicke
b2ed462934 Unidirectional shutdown is allowed according to the RFC. 2001-08-17 09:08:32 +00:00
Richard Levitte
bb766a0ad6 Make sure evil file name characters, like spaces or ampersands (!),
don't disturb the rehashing process.
Spotted and suggested patch from Rudo Thomas <rudo@internet.sk>
2001-08-17 04:35:58 +00:00
Dr. Stephen Henson
b65f851318 Make -passin -passout etc work again.
Fix leak in ca.c when using -passin.
2001-08-17 01:09:54 +00:00
Dr. Stephen Henson
35bf35411c Add CRL utility functions to allow CRLs to be
built up without accessing structures directly.

Update ca.c to use new functions.

Fix ca.c so it now build CRLs correctly again.
2001-08-17 00:33:43 +00:00
Lutz Jänicke
54fbc77dc8 Bugfixes provided by "Stephen Hinton" <shinton@netopia.com>. 2001-08-16 15:28:00 +00:00
Lutz Jänicke
9e09eebf94 Better description of the behaviour of SSL_shutdown() as it is now, broken
or not.
2001-08-16 14:27:55 +00:00
Richard Levitte
45a2f93906 gcc 3.0 tells me that -m486 is deprecated. The gcc 2.95 manual tells
me the same and that the correct option is -mcpu=i486.  I'm assuming
-mcpu has been around for some time, and that it's therefore safe to
change all occurences of -m486 to -mcpu=i486.
2001-08-13 14:09:31 +00:00
Geoff Thorpe
6982c0da4e The indexes returned by ***_get_ex_new_index() functions are used when
setting stack (actually, array) values in ex_data. So only increment the
global counters if the underlying CRYPTO_get_ex_new_index() call succeeds.
This change doesn't make "ex_data" right (see the comment at the head of
ex_data.c to know why), but at least makes the source code marginally less
frustrating.
2001-08-12 17:14:35 +00:00
Geoff Thorpe
b7727ee616 The indexes returned by ***_get_ex_new_index() functions are used when
setting stack (actually, array) values in ex_data. So only increment the
global counters if the underlying CRYPTO_get_ex_new_index() call succeeds.
This change doesn't make "ex_data" right (see the comment at the head of
ex_data.c to know why), but at least makes the source code marginally less
frustrating.
2001-08-12 16:52:00 +00:00
Ben Laurie
f0446ca8d7 Move CIPHER_CTX cleanups to _Final routines instead of _Init, which avoids
problems with leaks and uninitialised structures.
2001-08-11 11:32:54 +00:00
Richard Levitte
6bc847e49e Apply the Tru64 patch from Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu>
His comments are:

1) Changes all references for `True64' to be `Tru64', which is the correct
spelling for the OS name.

2) Makes `alpha-cc' be the same as `alpha164-cc', and adds an `alphaold-cc'
entry that is the same as the previous `alpha-cc'.  The reason is that most
people these days are using the newer compiler, so it should be the default.

3) Adds a bit of commentary to Configure, regarding the name changes of
the OS over the years, so it's not so confusing to people that haven't been
with the OS for a while.

4) Adds an `alpha-cc-rpath' target (which is *not* selected automatically
by Configure under any circumstance) that builds an RPATH into the
shared libraries.  This is explained in the comment in Configure.  It's
very very useful for people that want it, and people that don't want it
just shouldn't choose that target.

5) Adds the `-pthread' flag as the best way to get POSIX thread support
from the newer compiler.

6) Updates the Makefile targets, so that when the `alpha164-cc', `alpha-cc',
or `alpha-cc-rpath' target is what Configure is set to use, it uses a Makefile
target that includes the `-msym' option when building the shared library.
This is a performance enhancement.

7) Updates `config' so that if it detects you're running version 4 or 5
of the OS, it automatically selects `alpha-cc', but uses `alphaold-cc'
for versions 1-3 of the OS.

8) Updates the comment in opensslv.h, fixing both the OS name typo and
adding a reference to IRIX 6.x, since the shared library semantics are
virtually identical there.
2001-08-10 15:26:21 +00:00
Bodo Möller
3f1c4e49a3 add missing link 2001-08-08 15:09:06 +00:00
Bodo Möller
37a7cd1a11 Bugfix: larger message size in ssl3_get_key_exchange() because
ServerKeyExchange message may be skipped.

Submitted by:  Petr Lampa <lampa@fee.vutbr.cz>
2001-08-07 09:30:18 +00:00
Lutz Jänicke
3a2d9c4dd0 Fix typos (shinagawa@star.zko.dec.com) 2001-08-07 07:52:53 +00:00
Bodo Möller
e51d1321fc More typedef'd struct names as search targets 2001-08-06 11:57:08 +00:00
Bodo Möller
b9fdb3eb99 Reinsert typedef'ed names for structs to help those trying to read the
sourcecode (including fgrep)
2001-08-06 11:49:31 +00:00
Ben Laurie
d66ace9da5 Start to reduce some of the header bloat. 2001-08-05 18:02:16 +00:00
Ben Laurie
db75357110 Fix memory leak. 2001-08-05 16:13:49 +00:00
Ben Laurie
0713f8abe6 Parameter correction for CIOFSESSION. 2001-08-04 12:16:56 +00:00
Ben Laurie
93d9121a77 Remove extra whitespace. Sorry. 2001-08-03 21:09:21 +00:00
Ben Laurie
92dad6cc84 Reinstate accidentally deleted code. 2001-08-03 19:00:43 +00:00
Ben Laurie
61454a9f8c Get rid of the stuff we, err, got rid of. 2001-08-03 18:52:50 +00:00
Ben Laurie
bb2297a41d Header bloat reduction for EVP_PKEY. 2001-08-03 18:48:35 +00:00
Ben Laurie
75e98d0563 This ghastly hack prevents CVS wars over Kerberos (which is disabled by default). 2001-08-03 18:45:35 +00:00