Commit graph

836 commits

Author SHA1 Message Date
Dr. Stephen Henson
c2c49969e2 Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
2010-02-17 18:38:31 +00:00
Dr. Stephen Henson
f959598866 update references to new RI RFC 2010-02-12 21:59:31 +00:00
Dr. Stephen Henson
9fb6fd34f8 reword RI description 2010-01-27 18:53:33 +00:00
Dr. Stephen Henson
99b36a8c31 update documentation to reflect new renegotiation options 2010-01-27 17:46:24 +00:00
Dr. Stephen Henson
1e27847d4e PR: 2157
Submitted by: "Green, Paul" <Paul.Green@stratus.com>

Typo.
2010-01-27 12:54:58 +00:00
Dr. Stephen Henson
3243698f1d typo 2010-01-21 18:46:15 +00:00
Dr. Stephen Henson
0e0c6821fa PR: 2136
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
2010-01-12 17:29:34 +00:00
Dr. Stephen Henson
2a30fec786 Typo 2010-01-05 17:49:49 +00:00
Dr. Stephen Henson
6084c797a8 Remove tabs on blank lines: they produce warnings in pod2man 2010-01-05 17:16:54 +00:00
Dr. Stephen Henson
b5c002d5a8 clarify docs 2009-12-09 18:16:50 +00:00
Dr. Stephen Henson
4db82571ba Document option clearning functions.
Initial secure renegotiation documentation.
2009-12-09 17:59:29 +00:00
Dr. Stephen Henson
c2f0203da0 typo 2009-11-29 13:45:42 +00:00
Andy Polyakov
cca3ea1e71 OPENSSL_ia32cap.pod update. 2009-11-15 17:34:24 +00:00
Dr. Stephen Henson
d6245b8952 PR: 2078
Submitted by: Dale Anderson <dra@redevised.net>
Approved by: steve@openssl.org

Corrections to bn_internal documentation.
2009-10-28 13:52:07 +00:00
Dr. Stephen Henson
1e6b8d39f1 Document more error codes. 2009-10-18 14:01:17 +00:00
Dr. Stephen Henson
e05d6c7d3c Verification callback functions. 2009-10-18 13:26:08 +00:00
Dr. Stephen Henson
9074df8684 Clarification. 2009-10-17 23:08:32 +00:00
Dr. Stephen Henson
6c17629f91 Preliminary documentation for X509_VERIFY_PARAM. 2009-10-17 23:00:18 +00:00
Dr. Stephen Henson
db57663241 Add docs for X509_STORE_CTX_new() and related functions. 2009-10-17 18:05:53 +00:00
Dr. Stephen Henson
53246488bd More X509 verification docs. 2009-10-17 17:07:17 +00:00
Dr. Stephen Henson
1f164f5ed9 Typo. 2009-10-17 17:06:19 +00:00
Dr. Stephen Henson
b8c182a499 Manual page for X509_verify_cert() 2009-10-17 12:46:52 +00:00
Dr. Stephen Henson
11c4c02ce3 PR: 2074
Submitted by: Bram Neijt <bneijt@gmail.com>
Approved by: steve@openssl.org

Typo: "contet".
2009-10-16 15:30:13 +00:00
Dr. Stephen Henson
fb552ac616 Change version from 0.9.9 to 1.0.0 in docs 2009-09-30 23:43:01 +00:00
Dr. Stephen Henson
94480b57db PR: 2023
Submitted by: James Beckett <jmb.openssl@nospam.hackery.net>, steve
Approved by: steve@openssl.org

Fix documentation errors in d2i_X509 manual pages.
2009-09-12 23:34:41 +00:00
Dr. Stephen Henson
7689ed34d3 PR: 2025
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Constify SSL_CIPHER_description
2009-09-12 23:17:39 +00:00
Dr. Stephen Henson
88a3dd7896 Correction: salt is now default 2009-09-04 12:27:12 +00:00
Dr. Stephen Henson
3fa39ed723 Document removal of digest+signature algorithm link. 2009-07-24 13:01:40 +00:00
Dr. Stephen Henson
55a4a77a52 Update from 0.9.8-stable 2009-07-11 22:36:59 +00:00
Dr. Stephen Henson
f3be6c7b7d Update from 1.0.0-stable. 2009-06-26 11:29:26 +00:00
Dr. Stephen Henson
e30dd20c0e Update from 1.0.0-stable 2009-06-25 11:29:30 +00:00
Dr. Stephen Henson
f0288f05b9 Submitted by: Artem Chuprina <ran@cryptocom.ru>
Reviewed by: steve@openssl.org

Various GOST ciphersuite and ENGINE fixes. Including...

Allow EVP_PKEY_set_derive_peerkey() in encryption operations.

New flag when certificate verify should be omitted in client key exchange.
2009-06-16 16:38:47 +00:00
Dr. Stephen Henson
ff6e530359 PR: 1938
Submitted by: Mark Phalan <Mark.Phalan@Sun.COM>
Reviewed by: steve@openssl.org

Patch to pem and hmac manual pages NAME sections.
2009-06-02 11:05:33 +00:00
Dr. Stephen Henson
16cd15e688 Update from 1.0.0-stable. 2009-05-17 14:48:31 +00:00
Andy Polyakov
e303f55fc7 Expand OPENSS_ia32cap to 64 bits. 2009-04-26 17:49:41 +00:00
Dr. Stephen Henson
8711efb498 Updates from 1.0.0-stable branch. 2009-04-20 11:33:12 +00:00
Dr. Stephen Henson
e5fa864f62 Updates from 1.0.0-stable. 2009-04-15 15:27:03 +00:00
Dr. Stephen Henson
cc7399e79c Changes from 1.0.0-stable. 2009-04-07 16:33:26 +00:00
Dr. Stephen Henson
14023fe352 Merge from 1.0.0-stable branch. 2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
c28a9165f2 PR: 1862
Typo.
2009-03-12 17:13:15 +00:00
Dr. Stephen Henson
2a0ff7ad20 Typo. 2009-03-08 12:01:20 +00:00
Dr. Stephen Henson
477fd4596f PR: 1835
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org

Fix various typos.
2009-02-14 21:49:38 +00:00
Bodo Möller
7ca1cfbac3 -hex option for openssl rand
PR: 1831
Submitted by: Damien Miller
2009-02-02 00:01:28 +00:00
Lutz Jänicke
706c5a4d35 Clarify (non-)blocking behavior of EGD socket interface used by RAND_egd(). 2008-11-10 11:26:44 +00:00
Dr. Stephen Henson
87d52468aa Update HMAC functions to return an error where relevant. 2008-11-02 16:00:39 +00:00
Geoff Thorpe
ab9c689ad3 Correct the FAQ and the threads man page re: CRYPTO_THREADID changes. 2008-08-06 16:41:50 +00:00
Geoff Thorpe
4c3296960d Remove the dual-callback scheme for numeric and pointer thread IDs,
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).

Thanks to Bodo, for invaluable review and feedback.
2008-08-06 15:54:15 +00:00
Lutz Jänicke
787287af40 Refer to SSL_pending from the man page for SSL_read 2008-08-01 15:03:20 +00:00
Dr. Stephen Henson
db50661fce X509 verification fixes.
Ignore self issued certificates when checking path length constraints.

Duplicate OIDs in policy tree in case they are allocated.

Use anyPolicy from certificate cache and not current tree level.
2008-07-13 14:25:36 +00:00
Geoff Thorpe
5f834ab123 Revert my earlier CRYPTO_THREADID commit, I will commit a reworked
version some time soon.
2008-07-03 19:59:25 +00:00