wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
23383 commits 20 branches 302 tags 153 MiB
Commit graph

2397 commits

Author SHA1 Message Date
Lutz Jänicke
5286db697f Fix typo on blowfish manual page 
PR: 1010
Submitted by: Marc Balmer <mbalmer@openbsd.org>
 2005-02-19 10:26:18 +00:00
Geoff Thorpe
627bd6709c Fix typos in the ecparam doc. 
Submitted by: Nils Larsch
 2004-12-17 05:42:00 +00:00
Dr. Stephen Henson
5b40d7dd97 Add -passin argument to dgst command. 2004-12-03 12:26:56 +00:00
Dr. Stephen Henson
59c7029862 Typo. 2004-11-26 01:04:55 +00:00
Dr. Stephen Henson
1582a4073e Add errstr manual page 2004-11-25 18:21:26 +00:00
Dr. Stephen Henson
401ee37a3e Allow alternative manual sections to be embedded in .pod file comments. 2004-11-25 17:47:31 +00:00
Dr. Stephen Henson
cb26a20cb1 Update docs 2004-11-25 14:14:25 +00:00
Dr. Stephen Henson
82c4674e47 Update docs. 2004-11-25 14:11:25 +00:00
Andy Polyakov
376729e130 RC4 tune-up for Intel P4 core, both 32- and 64-bit ones. As it's 
apparently impossible to compose blended code with would perform
satisfactory on all x86 and x86_64 cores, an extra RC4_CHAR
code-path is introduced and P4 core is detected at run-time. This
way we keep original performance on non-P4 implementations and
turbo-charge P4 performance by factor of 2.8x (on 32-bit core).
 2004-11-21 10:36:25 +00:00
Dr. Stephen Henson
5dd87981bf Update X509v3 doc. 2004-11-17 00:55:43 +00:00
Dr. Stephen Henson
37dccd8ff2 Update X509v3 docs. 2004-11-16 17:45:13 +00:00
Dr. Stephen Henson
826a42a088 PR: 910 
Add command line options -certform, -keyform and -pass to s_client and
s_server. This supports the use of alternative passphrase sources, key formats
and keys handled by an ENGINE.

Update docs.
 2004-11-16 17:30:59 +00:00
Dr. Stephen Henson
19f39703f7 Initial pod documentation of X509V3 config file format. 2004-11-16 14:09:12 +00:00
Dr. Stephen Henson
4451c2558e PR: 923 
Typo.
 2004-11-14 15:11:37 +00:00
Dr. Stephen Henson
4a64f3d665 PR: 938 
Typo.
 2004-11-14 13:55:16 +00:00
Dr. Stephen Henson
521aaafc6a PR: 969 
Submitted by: David Holmes <davidh@3blackdogs.com>
 2004-11-13 13:38:34 +00:00
Andy Polyakov
2b247cf81f OPENSSL_ia32cap final touches. Note that OPENSSL_ia32cap is no longer a 
symbol, but a macro expanded as (*(OPENSSL_ia32cap_loc())). The latter
is the only one to be exported to application.
 2004-08-29 16:36:05 +00:00
Richard Levitte
e544b0dc2a 'compatibility', not 'computability' :-)... 2004-08-18 15:48:33 +00:00
Andy Polyakov
14e21f863a Add framework for yet another assembler module dubbed "cpuid." Idea 
is to have a placeholder to small routines, which can be written only
in assembler. In IA-32 case this includes processor capability
identification and access to Time-Stamp Counter. As discussed earlier
OPENSSL_ia32cap is introduced to control recently added SSE2 code
pathes (see docs/crypto/OPENSSL_ia32cap.pod). For the moment the
code is operational on ELF platforms only. I haven't checked it yet,
but I have all reasons to believe that Windows build should fail to
link too. I'll be looking into it shortly...
 2004-07-26 20:18:55 +00:00
Richard Levitte
70696f4525 Explain a little better what BN_num_bits() and BN_num_bits_word() do. 
Add a note as to how these functions do not always return the key size, and
how one can deal with that.

PR: 907
 2004-07-01 12:33:39 +00:00
Geoff Thorpe
6a6592962c Attempt to bring the 'engine' documentation up to date w.r.t missing 
prototypes, etc. Also, some fairly significant edits were made to the text
(who wrote this crap anyway? oh wait ...), removing stuff which is
overkill, rewriting stuff that was opaque, correcting things that were just
downright false, etc.
 2004-06-17 23:40:14 +00:00
Lutz Jänicke
9f6ea7163b More precise explanation of session id context requirements. 2004-06-14 13:27:28 +00:00
Andy Polyakov
6577e16920 Documentation note for Win32 glue between BIO layer and compiler run-time. 2004-05-25 20:32:17 +00:00
Andy Polyakov
109d3123c3 While size_t-fying let's not forget to update documentation:-) 2004-05-20 21:39:50 +00:00
Dr. Stephen Henson
6446e0c3c8 Extend OID config module format. 2004-03-27 13:30:14 +00:00
Richard Levitte
f46e76ef50 Make it clear that for RSA_NO_PADDING, flen must be RSA_size(rsa) 2004-03-23 21:01:34 +00:00
Richard Levitte
9449e38504 Correct minor spelling error. 
PR: 845
 2004-03-21 23:03:52 +00:00
Ulf Möller
2457c19df1 typo 2004-03-06 08:43:36 +00:00
Dr. Stephen Henson
f82bb9cb9c Config docs. 2004-03-02 13:31:32 +00:00
Dr. Stephen Henson
5a8922aed5 Documentation of the KISS autoconfig functions. 2004-03-02 01:01:11 +00:00
Dr. Stephen Henson
f2c1812560 More autoconfig docs. 2004-03-01 19:15:24 +00:00
Dr. Stephen Henson
a30af36c77 Initial docs for the OpenSSL library configuration via openssl.cnf 2004-03-01 01:04:40 +00:00
Geoff Thorpe
5075521e75 Add ECDSA documentation. 
Submitted by: Nils Larsch
 2004-02-27 23:03:23 +00:00
Richard Levitte
ee3a47a994 AES is spelled AES, not ASE. Oops... 2004-02-27 02:24:49 +00:00
Richard Levitte
8bb0c8522a Document the AES options for 'openssl smime'. 
PR: 834
 2004-02-26 21:44:41 +00:00
Lutz Jänicke
fc56b52924 Updates to s_time manual page 
PR: #570
Submitted by: Martin Witzel <MWITZEL@de.ibm.com>
 2004-01-08 07:38:15 +00:00
Lutz Jänicke
a32fc687de Add s_time manual page 
Submitted by: "Martin Witzel" <MWITZEL@de.ibm.com>

PR: #570
 2004-01-04 18:59:14 +00:00
Richard Levitte
112341031b Correct documentation typos. 
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 15:04:54 +00:00
Dr. Stephen Henson
e88c577738 Typos. 2003-12-20 22:48:21 +00:00
Richard Levitte
4775944f81 Document that you need to include x509.h (to get [i2d|d2i]_RSA_PUBKEY()). 
Correct the typo PUKEY...
 2003-12-10 14:31:55 +00:00
Richard Levitte
2abd5b7aa0 Document that you need to include x509.h (to get [i2d|d2i]_DSA_PUBKEY()). 
Correct the typo PUKEY...
 2003-12-10 13:57:51 +00:00
Richard Levitte
6859bb1a22 Make sure the documentation matches reality. 
PR: 755
Notified by: Jakub Bogusz <qboosh@pld-linux.org>
 2003-11-29 10:33:25 +00:00
Richard Levitte
5ebdb39084 Let's use text/plain in the example instead of crapy HTML. 
PR: 777
Submitted by: Michael Shields <mshields@sunblocksystems.com>
 2003-11-28 14:32:31 +00:00
Ulf Möller
d18b993c43 Geoff suggested a more succinct description for "top". 2003-11-07 01:33:00 +00:00
Ulf Möller
e6e81c5894 oops... the description of ->top was inaccurate (the example is correct though) 2003-11-07 00:07:28 +00:00
Richard Levitte
9ad82c123a Use correct case for manual page references 2003-10-01 15:02:45 +00:00
Richard Levitte
d90e74c50c Correct buggy PODs (missing commas and a prepended space). 2003-09-30 17:22:19 +00:00
Bodo Möller
2c789c82be manpages for 'openssl ec' and 'openssl ecparam' 
Submitted by: Nils Larsch
 2003-07-21 13:40:02 +00:00
Richard Levitte
d143dce03c A document that has a very rough description of the X509 
functionality.  This is mostly so there's a way to get from the
crypto.html page to the function descriptions.
 2003-07-10 08:49:03 +00:00
Richard Levitte
94805c84d1 Add -issuer_hash and make -subject_hash the default way to get the 
subject hash, with -hash a synonym kept around for backward
compatibility reasons.
PR: 650
 2003-07-03 20:45:09 +00:00
Richard Levitte
6f2f534b58 The convenience argumetn for -nameopt and -certopt is ca_default, not 
default_ca.
PR: 653
 2003-07-03 07:46:52 +00:00
Lutz Jänicke
9d19fbc4fc Clarify wording of verify_callback() behaviour. 2003-06-26 14:03:03 +00:00
Richard Levitte
8fbb2af392 Add documentation for the new crlnumber configuration option. 2003-06-19 17:52:57 +00:00
Richard Levitte
c5aba56c5b Typo. 2003-06-19 17:50:37 +00:00
Richard Levitte
36bad5cdfd Add documentation for ERR_set_mark() and ERR_pop_to_mark(). 2003-06-11 20:51:49 +00:00
Richard Levitte
40e5b9abeb Typo 2003-06-09 07:56:18 +00:00
Lutz Jänicke
db01746978 Clarify return value of SSL_connect() and SSL_accept() in case of the 
WANT_READ and WANT_WRITE conditions.
 2003-06-03 09:59:44 +00:00
Lutz Jänicke
02b95b7499 Clarify ordering of certificates when using certificate chains 2003-05-30 07:45:07 +00:00
Lutz Jänicke
4f17dfcd75 Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before) 
Submitted by: dg@sunet.ru (Daniel Ginsburg)

PR: #613
 2003-05-28 20:24:57 +00:00
Richard Levitte
edd55d08f5 Brackets are now allowed, after a small hack in the processing of the 
docs-on-web.
 2003-05-23 09:08:59 +00:00
Dr. Stephen Henson
93c929e411 The square brackets in BIO_s_bio.pod for some 
reason cause wml to bomb out with the error
message:

** Slice:Error: Some slices were not closed:
** WML:Break: Error in Pass 9 (rc=1).
** WMK:Error: Error in WML (rc=256)

As a workaround delete them for now.
 2003-05-19 21:28:49 +00:00
Dr. Stephen Henson
c2dac35a02 Fix docs. 2003-05-18 23:10:46 +00:00
Richard Levitte
d6df2b281f Add documentation on the added functionality in 'openssl ca'. 2003-04-04 14:39:44 +00:00
Richard Levitte
16b1b03543 Implement self-signing in 'openssl ca'. This makes it easier to have 
the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.
 2003-04-03 22:33:59 +00:00
Richard Levitte
8152d88799 It's recommended to use req rather than x509 to create self-signed certificates 2003-04-03 22:12:48 +00:00
Richard Levitte
4ce4884a5b Typo correction 2003-04-03 21:55:55 +00:00
Dr. Stephen Henson
4390d66179 Update from stable branch. 2003-03-31 22:29:25 +00:00
Lutz Jänicke
423b1a840c Add warning about unwanted side effect when calling SSL_CTX_free(): 
sessions in the external session cache might be removed.
Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il>

PR: 547
 2003-03-27 22:04:05 +00:00
Dr. Stephen Henson
e5b0508a14 Update ocsp usage message and docs. 2003-03-26 00:46:47 +00:00
Richard Levitte
e986704d24 Add documentation for -starttls (s_client) and -id_prefix (s_server). 
PR: 542
 2003-03-20 16:34:27 +00:00
Richard Levitte
d177e6180d Spelling errors. 
PR: 538
 2003-03-20 11:41:59 +00:00
Dr. Stephen Henson
6ac26a5ce5 Typo. 2003-02-27 13:02:46 +00:00
Dr. Stephen Henson
4cadedef57 Update docs. 2003-02-15 01:09:55 +00:00
Dr. Stephen Henson
a8f5b2ed50 GeneralString support in mini-ASN1 compiler 2003-02-11 14:06:27 +00:00
Richard Levitte
27a9bf17c7 PKCS#1 has a new RFC, which we do implement 2003-02-06 19:30:06 +00:00
Richard Levitte
bfa3555081 Document -engine where missing. 
PR: 424
 2003-01-30 22:02:27 +00:00
Dr. Stephen Henson
da45180de4 Correct EVP_SealInit() documentation, iv is an output 
parameter.
 2003-01-26 13:38:56 +00:00
Richard Levitte
cdc5b4a41e Extend the HOWTO on creating certificates, and add a HOWTO in creating keys. 
PR: 422
 2003-01-14 15:42:16 +00:00
Richard Levitte
c653b56937 Correct an example that has a few typos. 
PR: 458
 2003-01-14 13:56:38 +00:00
Bodo Möller
bda2fa364d Typo. 
NB: This and other manual pages should be updated for the new
BN_GENCB interface.
 2003-01-13 13:18:22 +00:00
Richard Levitte
e68cb95d84 Add documentation on how to handle the shared libaries. 
PR: 423
 2003-01-10 16:14:32 +00:00
Richard Levitte
360e506710 Typos corrected. 
PR: 445
 2003-01-10 08:54:01 +00:00
Lutz Jänicke
44fcd3ef3e Add information about AES cipher suites to ciphers manual page. 
If no authentication method is mentioned in the cipher suite name (e.g.
AES128-SHA), RSA authentication is used (PR #396).
 2002-12-29 21:24:50 +00:00
Richard Levitte
b5beb13abb Add SPKM among the related stanrds. 2002-12-26 22:35:04 +00:00
Richard Levitte
59c0dd56ab Update our list of implemented and related standards. 2002-12-26 00:21:53 +00:00
Richard Levitte
dcf19c173c Update our list of implemented and related standards. 2002-12-26 00:17:46 +00:00
Richard Levitte
18be6c4116 BIO_new_bio_pair() was unnecessarily described in it's own page as well as in 
BIO_s_bio.pod.  The most logical is to move everything needed from
BIO_new_bio_pair.pod to BIO_s_bio.pod (including the nice example)
and toss BIO_new_bio_pair.pod.  I hope I got all the info over properly.
PR: 370
 2002-12-12 22:12:02 +00:00
Richard Levitte
dad1535f7a BIO_set_nbio() is enumerated, but not explained. Remove it from enumeration 
since it's both enumerated and explained in BIO_s_connect.pod.
PR: 370
 2002-12-12 22:08:49 +00:00
Lutz Jänicke
532215f2db Missing ")" 
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com>
Reviewed by:
PR:
 2002-12-04 13:30:58 +00:00
Richard Levitte
5e4a75e79f Correct some names. 2002-11-29 14:21:54 +00:00
Lutz Jänicke
32d21c1ef6 Better workaround to the "=head1 NAME OPTIONS" pod2latex problem: 
NAME OPTIONS are a subset of OPTIONS, so just make it =head2!
Submitted by:
Reviewed by:
PR: 333
 2002-11-18 08:15:45 +00:00
Dr. Stephen Henson
d78254aa28 Add SETWRAP modifier to ASN1 generate. 2002-11-15 00:26:07 +00:00
Lutz Jänicke
56dc24d483 Use =back to finish =over (found using pod2latex). 
Submitted by:
Reviewed by:
PR:
 2002-11-14 21:50:30 +00:00
Lutz Jänicke
84d828ab70 No such reference to link to (found running pod2latex). 
Submitted by:
Reviewed by:
PR:
 2002-11-14 21:41:54 +00:00
Dr. Stephen Henson
cfae3d94e9 Fix documentation of i2d_X509_fp and i2d_X509_bio. 2002-11-14 18:15:52 +00:00
Lutz Jänicke
1f30946481 Don't declare 2 WARNINGS sections 
Submitted by:
Reviewed by:
PR:
 2002-11-14 11:13:01 +00:00
Lutz Jänicke
b1697f189b Opportunistic change to work around pod2latex bug: rename NAME OPTIONS 
section to SUBJECT AND ISSUER NAME OPTIONS
Submitted by:
Reviewed by:
PR: 333
 2002-11-14 11:09:07 +00:00
Lutz Jänicke
17a202add7 Correct reference to section name. 
Submitted by:
Reviewed by:
PR:
 2002-11-14 11:03:30 +00:00
Lutz Jänicke
eaad02a747 Missing =back 
Submitted by:
Reviewed by:
PR:
 2002-11-14 10:51:54 +00:00
Dr. Stephen Henson
2d780dfd81 Typo 2002-11-13 14:07:37 +00:00
Dr. Stephen Henson
04f0a6ba39 Update docs 2002-11-13 13:18:14 +00:00
Dr. Stephen Henson
d479dc1d02 Put NAME in right place, fix typo 2002-11-13 01:20:43 +00:00
Dr. Stephen Henson
137e7e3aa1 Update docs 2002-11-13 00:14:15 +00:00
Dr. Stephen Henson
ba36b61d3d Initial ASN1 generation documentation. 2002-11-12 18:20:28 +00:00
Lutz Jänicke
7d80b27949 Typo. 
Submitted by: assar <assar@kth.se>
Reviewed by:
PR:
 2002-11-11 11:19:15 +00:00
Dr. Stephen Henson
a8c125550c Typo 2002-11-09 18:05:33 +00:00
Richard Levitte
d6257073aa -CAcreateserial doesn't take a filename argument. 
PR: 332
 2002-11-08 21:51:09 +00:00
Dr. Stephen Henson
d618f703ec CRL reason code docs. 2002-11-06 01:28:55 +00:00
Geoff Thorpe
769fedc3ad Add a HISTORY section to the man page to mention the new flags. 2002-10-29 18:05:16 +00:00
Geoff Thorpe
d9ec9d990f The last character of inconsistency in my recent commits is hereby 
squashed.
 2002-10-29 17:51:32 +00:00
Richard Levitte
6aba658cd8 Revert, that was an incorrect change. 
PR: 156
 2002-10-29 04:34:43 +00:00
Richard Levitte
accb0c6edb A small detail: since 0.9.7, DH_new_method() and DSA_new_method() 
don't take an ENGINE* as parameter any more.
PR: 156
 2002-10-29 04:31:46 +00:00
Geoff Thorpe
e0db2eed8d Correct and enhance the behaviour of "internal" session caching as it 
relates to SSL_CTX flags and the use of "external" session caching. The
existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is
supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE".
The bitwise OR of the two flags is also defined as
"SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most
applications wanting to implement session caching *entirely* by its own
provided callbacks. As the documented behaviour contradicted actual
behaviour up until recently, and since that point behaviour has itself been
inconsistent anyway, this change should not introduce any compatibility
problems. I've adjusted the relevant documentation to elaborate about how
this works.

Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these
anomalies and testing this patch for correctness.

PR: 311
 2002-10-29 00:33:04 +00:00
Bodo Möller
e1c191fe44 I don't like c-tab-always-indent ... 2002-10-23 13:09:19 +00:00
Dr. Stephen Henson
0711be1696 New docs. 2002-10-20 13:20:57 +00:00
Geoff Thorpe
7521ab3d0b Make pod2man happier. 2002-10-18 22:04:26 +00:00
Lutz Jänicke
284b216b3a Corrected exchanged parameters in example for EVP_EncryptInit_ex() 
Submitted by: "Marcus Carey" <marcus.carey@verizon.net>
Reviewed by:
PR: 265
 2002-10-18 09:47:14 +00:00
Bodo Möller
05dbe6ee1f change Emacs indentation style to make it easier to insert 
tabs manually

Submitted by: Pierre Bacquet <pbacquet@delta.fr>
 2002-10-17 09:16:02 +00:00
Dr. Stephen Henson
29e48c18b7 More docs. 2002-10-09 17:19:59 +00:00
Dr. Stephen Henson
982dfb7d10 Typo. 2002-10-09 17:15:35 +00:00
Dr. Stephen Henson
8c4b69d3ab Update docs. 2002-10-09 17:05:05 +00:00
Dr. Stephen Henson
ec8ad2bb96 PKCS12_parse manual page. 2002-10-09 13:10:23 +00:00
Dr. Stephen Henson
5fbb02fcb1 PKCS12_create manual page 2002-10-09 12:06:58 +00:00
Dr. Stephen Henson
4e1b50e219 More man pages. 2002-10-09 12:06:12 +00:00
Dr. Stephen Henson
7e9db7cefc PKCS7_verify() docs. 2002-10-08 00:40:58 +00:00
Dr. Stephen Henson
d30e4c5b0b More docs. 2002-10-07 17:31:00 +00:00
Dr. Stephen Henson
9de6bb8abc More d2i/i2d manual pages. 2002-10-07 13:07:00 +00:00
Dr. Stephen Henson
72e04bd13f Document "0" and "1" naming convention. 2002-10-06 12:59:25 +00:00
Dr. Stephen Henson
4ec0448122 Update docs. 2002-10-06 12:40:31 +00:00
Dr. Stephen Henson
842d8e209b Update docs. 2002-10-06 12:34:06 +00:00
Dr. Stephen Henson
292fcd5c7b Update DH parameter docs. 2002-10-06 12:24:09 +00:00
Dr. Stephen Henson
1e976bdc46 Update RSAPublicKey manual page... 2002-10-06 00:03:20 +00:00
Dr. Stephen Henson
9946fceb9d Some docs relating to X509 ASN1 functions. 
Many other ASN1 functions are identical other
than the actual structure being handled.
 2002-10-05 23:30:10 +00:00
Richard Levitte
70e96dcf59 Document should match reality :-). 
PR: 255
 2002-10-04 12:59:00 +00:00
Richard Levitte
6859cf7459 It makes more sense to refer to specific function manuals than the concept 
manual when the specific function is refered to in the current manual text.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
 2002-09-25 13:33:28 +00:00
Richard Levitte
2018681b33 Remove *all* references to RSA_PKCS1_RSAref, since it doesn't exist any more. 
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
 2002-09-25 13:26:36 +00:00
Richard Levitte
e204516178 Remove reference to RSA_PKCS1_RSAref, since it doesn't exist any more. 
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
 2002-09-25 13:25:44 +00:00
Richard Levitte
153aecf91a It makes more sense to refer to specific function manuals than the concept 
manual when the specific function is refered to in the current manual text.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
 2002-09-25 13:11:12 +00:00
Lutz Jänicke
3403caf3da Consequently use term URI instead of URL 
Submitted by: TJ Saunders <tj@castaglia.org>
Reviewed by:
PR: 268
 2002-09-05 07:52:05 +00:00
Bodo Möller
1fd0338b49 fix manpage 2002-08-15 14:23:23 +00:00
Richard Levitte
37f5fcf85c Missing =back. 
Part of PR 196
 2002-08-15 10:59:55 +00:00
Geoff Thorpe
5bf738737d These are updates/fixes to DH/DSA/RAND docs based on the fixes to the RSA 
docs. There were a couple of other places (including RSA) where the docs
were not quite synchronised with the API that are now fixed. One or two
still remain to be fixed though ...
 2002-08-05 16:27:01 +00:00
Geoff Thorpe
415e03aa6f typo fix 2002-08-05 02:54:57 +00:00
Geoff Thorpe
ac120e20e3 Various parts of the RSA documentation were inaccurate and out of date and 
this fixes those that I'm currently aware of. In particular, the ENGINE
interference in the RSA API has hopefully been clarified. This still needs
to be done for other areas of the API ...
 2002-08-04 21:08:36 +00:00
Geoff Thorpe
3f90e45079 A single monolithic man page for the ENGINE stuff. This is a rough 
first-cut but provides better documentation than having nothing on the
ENGINE API.
 2002-08-04 20:57:19 +00:00
Bodo Möller
02750ff56f mention SSL_do_handshake() 2002-07-29 12:35:19 +00:00
Bodo Möller
8be4e173e8 fix a typo and clarify 2002-07-22 09:04:36 +00:00
Lutz Jänicke
c6ccf055ba New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT. 
Submitted by:
Reviewed by:
PR: 127
 2002-07-19 19:55:34 +00:00
Lutz Jänicke
20adcfa058 The behaviour is undefined when calling SSL_write() with num=0. 
Submitted by:
Reviewed by:
PR: 141
 2002-07-19 11:53:54 +00:00
Lutz Jänicke
02b7ec88bb Manual page for SSL_do_handshake(). 
Submitted by: Martin Sjögren <martin@strakt.com>
PR: 137
 2002-07-19 11:05:50 +00:00
Geoff Thorpe
0af9a89cef This documentation change was being written at the same time as Richard's 
changes. So I'm committing this version to overwrite his changes for now,
and he can always take his turn to overwrite my words if he wants :-)

PR: 86
 2002-07-18 20:59:22 +00:00
Richard Levitte
db802c60e3 Explain why RSA_check_key() doesn't work with hard keys. 
PR: 86
 2002-07-18 19:10:57 +00:00
Richard Levitte
503f3b1a21 Add history for documented new functions. 
PR: 59
 2002-07-18 18:54:46 +00:00
Lutz Jänicke
2edcb4ac71 Typos in links between manual pages 
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
 2002-07-10 19:35:54 +00:00
Bodo Möller
cd7562091d fix synopsis 
Submitted by: Nils Larsch
 2002-07-09 10:51:25 +00:00
Bodo Möller
c21506ba02 New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC 
vulnerability workaround (included in SSL_OP_ALL).

PR: #90
 2002-06-14 12:21:11 +00:00
Lutz Jänicke
8586df1efb Correct wrong usage information. 
PR: 95
 2002-06-12 20:15:18 +00:00
Richard Levitte
b49053cae2 Documentation bug corrected. 
PR: 70
 2002-06-05 09:31:05 +00:00
Lutz Jänicke
a5200a1b8f Typo. 
PR: 72
 2002-06-04 20:43:10 +00:00
Richard Levitte
305a1afcf7 a B< that wasn't properly ended. 2002-05-30 16:55:15 +00:00
Lutz Jänicke
9a26adf598 Remove item listed twice <kromJx@crosswinds.net>. 2002-05-28 17:48:54 +00:00
Lutz Jänicke
72da660ddb Fix incorrect =over 4 location. 
Submitted by: David Waitzman <djw@bbn.com>
Reviewed by: Lutz Jaenicke
PR: [openssl.org #38]
 2002-05-16 17:45:37 +00:00
Richard Levitte
21d5ed98d5 Small documentation fix for EVP_CipherFinal or EVP_CipherFinal_ex. 
Notified by Stella Power <snpower@maths.tcd.ie>.
PR: 24
 2002-05-08 15:20:38 +00:00
Lutz Jänicke
c0455cbb18 Fix escaping when using the -subj option of "openssl req", document 
'hidden' -nameopt support. (Robert Joop <joop@fokus.gmd.de>)
 2002-04-30 12:08:18 +00:00
Ulf Möller
592c0e0273 another error discovered by Karsten Braaten. The number was not even 
prime!
 2002-04-13 09:58:50 +00:00
Ulf Möller
4e9ef338fc error reported by Karsten Braaten 2002-04-07 13:33:16 +00:00
Bodo Möller
2c17323e15 Rephrase statement on the security of two-key 3DES. 
[Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of
  Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776.

  Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A
  known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
 2002-03-05 15:29:30 +00:00
Bodo Möller
023ec151df Add 'void *' argument to app_verify_callback. 
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
 2002-02-28 10:52:56 +00:00
Lutz Jänicke
ce4b274aa1 SSL_clear != SSL_free/SSL_new 2002-02-27 08:08:57 +00:00
Lutz Jänicke
f0d6ee6be8 Even though it is not really practical people should know about it. 2002-02-15 07:41:42 +00:00
Bodo Möller
a14e2d9dfe New functions 
ERR_peek_last_error
    ERR_peek_last_error_line
    ERR_peek_last_error_line_data
(supersedes ERR_peek_top_error).

Rename OPENSSL_NO_OLD_DES_SUPPORT into OPENSSL_DISABLE_OLD_DES_SUPPORT
because OPENSSL_NO_... indicates disabled algorithms (according to
mkdef.pl).
 2002-01-24 16:16:43 +00:00
Lutz Jänicke
6ce46d69f5 Typos (jsyn <jsyn@openbsd.org>). 2002-01-21 18:01:46 +00:00
Bodo Möller
31cafe53c9 add a sentence previously deleted by accident 2002-01-04 15:22:40 +00:00
Bodo Möller
dc4ddcd2bb add documentation for SSLeay_version(SSLEAY_DIR) and 
'openssl version -d'

use some descriptions from Lutz' redundant manual page
instead of the previous ones
 2002-01-04 15:17:09 +00:00
Lutz Jänicke
5256b021f3 Tsss, SSLeay_version() was already documented, it just was not linked in. 2002-01-04 15:05:51 +00:00
Lutz Jänicke
4ab1e7ceaf Add information as provided by Richard Levitte on openssl-users :-) 2002-01-04 14:55:38 +00:00
Dr. Stephen Henson
06623ff028 Update PEM docs 2002-01-04 13:35:37 +00:00
Ben Laurie
ff3fa48fc7 Improve back compatibility. 2001-12-09 21:53:31 +00:00
Richard Levitte
8f0edcb3d2 I was recently informed that some people wrongly use ssleay.txt as 
main documentation, so let's warn them a little more, so the word
"OBSOLETE" really gets understood.
 2001-12-04 07:38:17 +00:00
Dr. Stephen Henson
55e42c93a8 EVP_BytesToKey documentation. 2001-12-03 03:07:37 +00:00
Dr. Stephen Henson
21a85f1977 Add -pubkey option to req command. 2001-12-01 23:03:30 +00:00
Bodo Möller
8a0a9392ab discuss -name and default_ca more correctly (I hope) 2001-11-26 12:13:50 +00:00
Lutz Jänicke
a7ce69dbd7 Clarify reference count handling/removal of session 
(shinagawa@star.zko.dec.com).
 2001-11-19 11:11:23 +00:00
Bodo Möller
65123f8064 remove incorrect 'callback' prototype 2001-11-10 02:12:56 +00:00
Bodo Möller
1d8634b110 msg_callback documentation 2001-11-10 02:12:09 +00:00
Bodo Möller
45582d1e2b clarify 2001-11-08 14:54:21 +00:00
Dr. Stephen Henson
1fc6d41bf6 New options to allow req to accept UTF8 strings as input. 2001-10-26 12:40:38 +00:00
Ulf Möller
a41477f92e remove compatibility notes that no longer apply 2001-10-25 17:45:25 +00:00
Richard Levitte
5f68c5feef Correct some links... 2001-10-25 16:56:06 +00:00
Richard Levitte
ee84a5a7fb Change the DES documentation to reflect the current status. Note that 
some password reading functions are really part of the UI
compatibility library...
 2001-10-25 16:55:17 +00:00
Bodo Möller
2a9aca32dc mention des_old.h 2001-10-25 08:44:10 +00:00
Bodo Möller
89da653fa6 Add '-noemailDN' option to 'openssl ca'. This prevents inclusion of 
the e-mail address in the DN (i.e., it will go into a certificate
extension only).  The new configuration file option 'email_in_dn = no'
has the same effect.

Submitted by: Massimiliano Pala madwolf@openca.org
 2001-10-25 08:25:19 +00:00
Richard Levitte
ce15d5a9dc Remove DES_random_seed() but retain des_random_seed() for now. Change 
the docs to reflect this change and correct libeay.num.
 2001-10-25 06:46:22 +00:00
Richard Levitte
c2e4f17c1a Due to an increasing number of clashes between modern OpenSSL and 
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_.  Compatibility routines are provided and declared by including
openssl/des_old.h.  Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.

The compatibility functions will be removed in some future release, at
the latest in version 1.0.
 2001-10-24 21:21:12 +00:00
Bodo Möller
a661b65357 New functions SSL[_CTX]_set_msg_callback(). 
New macros SSL[_CTX]_set_msg_callback_arg().

Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).

New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.


In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.

Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).

Add/update some OpenSSL copyright notices.
 2001-10-20 17:56:36 +00:00
Bodo Möller
51008ffce1 document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 2001-10-17 11:56:26 +00:00
Dr. Stephen Henson
3811eed8d5 Update docs. 2001-10-17 01:50:32 +00:00
Dr. Stephen Henson
e72d734d5f Update docs. 2001-10-16 02:22:59 +00:00
Lutz Jänicke
56fa8e69cf Update information as a partial response to the post 
From: "Chris D. Peterson" <cpeterson@aventail.com>
  Subject: Implementation Issues with OpenSSL
  To: openssl-users@openssl.org
  Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!
 2001-10-12 12:29:16 +00:00
Lutz Jänicke
e1c279b63d Small documentation fixes (Howard Lum <howard@pumpkin.canada.sun.com>) 2001-10-08 08:37:24 +00:00
Lutz Jänicke
d300bcca7f Typo. 2001-09-13 15:18:51 +00:00
Lutz Jänicke
d59c3e5046 One more manual page. 2001-09-13 15:05:42 +00:00
Lutz Jänicke
6d8566f2eb Rework section about return values another time (based on hints from 
Bodo Moeller).
 2001-09-13 13:21:38 +00:00
Lutz Jänicke
c0f5dd070b Make maximum certifcate chain size accepted from the peer application 
settable (proposed by "Douglas E. Engert" <deengert@anl.gov>).
 2001-09-11 13:08:51 +00:00
Ulf Möller
3b80e3aa9e ispell 2001-09-07 06:13:40 +00:00
Bodo Möller
983495c4b2 Use uniformly chosen witnesses for Miller-Rabin test 
(by using new BN_pseudo_rand_range function)
 2001-09-03 12:58:16 +00:00
Lutz Jänicke
f1b2807478 More docs. 2001-08-24 14:29:48 +00:00
Lutz Jänicke
bfd7bb3eb6 Typo. 2001-08-23 17:41:20 +00:00
Lutz Jänicke
11c8f0b79d More manual pages. Constify. 2001-08-23 17:22:43 +00:00
Lutz Jänicke
c4068186ac As discussed recently on openssl-users. 2001-08-23 15:00:11 +00:00
Lutz Jänicke
0a93a68020 Make clear, that using the compression layer is currently not recommended. 2001-08-23 09:42:12 +00:00
Ulf Möller
f2ab7d1392 typo. 2001-08-22 18:35:17 +00:00
Lutz Jänicke
141e584998 One more manual page... 2001-08-21 14:54:54 +00:00
Lutz Jänicke
336736ef35 Documentation on how to handle compression methods. 
Hopefully it is clear enough, that it is currently not recommended.
 2001-08-21 13:02:58 +00:00
Lutz Jänicke
d93eb21c7c More interdependencies with respect to shutdown behaviour. 2001-08-20 14:34:16 +00:00
Lutz Jänicke
a403188f92 Alert description strings for TLSv1 and documentation. 2001-08-19 16:20:42 +00:00
Lutz Jänicke
52129c0b0b More details about session timeout settings. 2001-08-17 16:36:51 +00:00
Lutz Jänicke
a52877a2f1 One more function documented. 2001-08-17 15:54:50 +00:00
Lutz Jänicke
cdd7c3ce92 SSL_shutdown() has even more properties... 2001-08-17 15:09:31 +00:00
Lutz Jänicke
c1497b4d19 One more step on the way for complete documentation... 2001-08-17 14:32:38 +00:00
Lutz Jänicke
b2ed462934 Unidirectional shutdown is allowed according to the RFC. 2001-08-17 09:08:32 +00:00
Lutz Jänicke
9e09eebf94 Better description of the behaviour of SSL_shutdown() as it is now, broken 
or not.
 2001-08-16 14:27:55 +00:00
Bodo Möller
3f1c4e49a3 add missing link 2001-08-08 15:09:06 +00:00
Lutz Jänicke
06da6e4977 Don't disable rollback attack detection as a recommended bug workaround. 2001-08-03 08:45:13 +00:00
Lutz Jänicke
37f599bcec Reworked manual pages with a lot of input from Bodo Moeller. 2001-07-31 15:04:50 +00:00
Ben Laurie
8408f4fbc7 Document DES changes better. 2001-07-31 13:33:58 +00:00
Bodo Möller
924875e53b Undo DH_generate_key() change: s3_srvr.c was using it correctly 2001-07-27 22:34:25 +00:00
Bodo Möller
6aecef815c Don't preserve existing keys in DH_generate_key. 2001-07-25 17:20:34 +00:00
Lutz Jänicke
7abe76e1bd Fix wrong information about SSL_set_connect_state()... 2001-07-25 12:12:51 +00:00
Lutz Jänicke
3e3dac9f97 Additional inline reference. 2001-07-23 12:57:37 +00:00
Lutz Jänicke
397ba0f08a Add missing reference. 2001-07-23 12:52:05 +00:00
Lutz Jänicke
4db48ec0bd Documentation about ephemeral key exchange 2001-07-21 11:02:17 +00:00
Lutz Jänicke
6d3dec92fb Updated explanation. 2001-07-20 19:23:43 +00:00
Lutz Jänicke
2d3b6a5be7 Some more documentation bits. 2001-07-20 18:57:15 +00:00
Dr. Stephen Henson
534a1ed0cb Allow OCSP server to handle multiple requests. 
Document new OCSP options.
 2001-07-13 13:13:44 +00:00
Lutz Jänicke
a1a63a4239 Clarify! (based on recent mailing-list discussions) 2001-07-11 15:10:28 +00:00
Bodo Möller
e9ad0d2c31 Fix PRNG. 2001-07-10 10:49:34 +00:00
Lutz Jänicke
43f9391bcc When only the key is given to "enc", the IV is undefined 
(found by Andy Brown <logic@warthog.com>).
 2001-07-03 10:31:11 +00:00
Dr. Stephen Henson
181355616e Add examples to EVP_EncryptInit manual page. 2001-05-17 13:03:20 +00:00
Lutz Jänicke
74daa124c2 Add missing item(s) SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT. 2001-05-16 09:43:51 +00:00
Lutz Jänicke
5892855c5f Typos. 2001-05-14 09:52:44 +00:00
Lutz Jänicke
a6e859e9ec One more point to clarify, pointed out by "Greg Stark" <ghstark@pobox.com> 2001-05-14 09:02:38 +00:00
Lutz Jänicke
33ab4699ba Clarify behaviour with respect to SSL/TLS records. 2001-05-12 09:49:02 +00:00
Lutz Jänicke
4b3270f78e Clarify behaviour of SSL_write() by mentioning SSL_MODE_ENABLE_PARTIAL_WRITE 
flag as discussed on the mailing list.
 2001-05-11 09:53:10 +00:00
Lutz Jänicke
0ea659475c Typo (reported by Petr Lancaric <Petr.Lancaric@ips-ag.cz>) 2001-04-25 15:24:47 +00:00
Lutz Jänicke
197322455d Clarify request of client certificates. This is a FAQ. 2001-04-17 13:18:56 +00:00
Lutz Jänicke
cb2a0e1319 Missing link ("Greg Stark" <gstark@ethentica.com>) 2001-04-12 21:11:31 +00:00
Lutz Jänicke
638b0d4277 Fix wrong information with respect to CAs listed to the client 
(follows from technical discussion with Amit Chopra <amitc@pspl.co.in>).
 2001-04-12 16:02:34 +00:00
Lutz Jänicke
f7181a9179 Typo (Jun-ichiro itojun Hagino <itojun@iijlab.net>) 2001-04-12 11:45:42 +00:00
Bodo Möller
fba9046490 Update docs. 2001-03-21 15:25:56 +00:00
Dr. Stephen Henson
02ee8626fb Fix PKCS#12 key generation bug. 2001-03-18 02:11:42 +00:00
Dr. Stephen Henson
791bd0cd2b Add copy_extensions option to 'ca' utility. 2001-03-16 02:04:17 +00:00
Dr. Stephen Henson
e890dcdb19 Add 'align' option to nameopt. 
Add default values for display by the 'ca' utility
to openssl.cnf

Update docs.
 2001-03-15 22:45:20 +00:00
Lutz Jänicke
eb272ac0b0 Forgot "cvs add", so only the surrounding changes made it... sigh. 2001-03-15 12:42:04 +00:00
Dr. Stephen Henson
0a3ea5d34a Document the -certopt option to the x509 utility. 
Add no_issuer option.

Fix X509_print_ex() so it prints out newlines when
certain fields are omitted.
 2001-03-15 01:15:54 +00:00
Dr. Stephen Henson
a29d78e90b Initial docs for PEM routines. 2001-03-11 20:29:28 +00:00
Richard Levitte
7b8250053b Document the change. 2001-03-10 16:28:49 +00:00
Dr. Stephen Henson
cc5ba6a7b6 Update docs. 2001-03-09 13:57:14 +00:00
Bodo Möller
e34cfcf7e1 Consistently use 'void *' for SSL read, peek and write functions. 2001-03-09 10:09:20 +00:00
Dr. Stephen Henson
1358835050 Change the EVP_somecipher() and EVP_somedigest() 
functions to return constant EVP_MD and EVP_CIPHER
pointers.

Update docs.
 2001-03-09 02:51:02 +00:00
Lutz Jänicke
b72ff47037 Add newly learned knowledge from yesterday's discussion. 2001-03-08 17:24:02 +00:00
Bodo Möller
98499135d7 Constify BN_value_one. 2001-03-08 13:58:09 +00:00
Bodo Möller
bad4058574 New option '-subj arg' for 'openssl req' and 'openssl ca'. This 
sets the subject name for a new request or supersedes the
subject name in a given request.

Add options '-batch' and '-verbose' to 'openssl req'.

Submitted by: Massimiliano Pala <madwolf@hackmasters.net>
Reviewed by: Bodo Moeller
 2001-03-05 11:09:43 +00:00
Lutz Jänicke
45ecfb1973 Typo, spotted by "Greg Stark" <gstark@ethentica.com>. 2001-03-01 16:50:11 +00:00
Lutz Jänicke
3cdc8ad07a Describe new callback for session id generation. 2001-02-23 21:38:42 +00:00
Lutz Jänicke
2c1571b4ff SSL_get_version() was an easy one :-) 2001-02-23 21:05:56 +00:00
Ulf Möller
335c4f0966 BN_rand_range() needs a BN_rand() variant that doesn't set the MSB. 2001-02-20 00:23:07 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making 
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
 2001-02-19 16:06:34 +00:00
Ulf Möller
52d160d85d ispell 2001-02-16 02:09:53 +00:00
Ulf Möller
54ff1e6ae5 pod format error 2001-02-16 01:44:24 +00:00
Lutz Jänicke
52b621db88 Add "-rand" option to s_client and s_server. 2001-02-15 10:22:07 +00:00
Dr. Stephen Henson
f2e5ca84d4 Option to disable standard block padding with EVP API. 
Add -nopad option to enc command.

Update docs.
 2001-02-14 02:11:52 +00:00
Lutz Jänicke
8e495e4ac7 Finish first round of session cache documentation. 2001-02-13 14:00:09 +00:00
Lutz Jänicke
f282ca7413 New manual page: SSL_CTX_set_mode. 2001-02-13 11:43:11 +00:00
Lutz Jänicke
41ecaba97e More about session caching. 2001-02-11 17:01:36 +00:00
Lutz Jänicke
96dfab9e0e Include information that automatic query is a new feature. 2001-02-10 19:10:36 +00:00
Lutz Jänicke
1b65ce7db3 Update for 0.9.7 with SSL_OP_CIPHER_SERVER_PREFERENCE. 2001-02-10 16:21:38 +00:00
Lutz Jänicke
7b9cb4a224 Manual page for SSL_CTX_set_options(). Unfortunately for some of the 
options someone much longer working with OpenSSL/SSLeay is needed.
 2001-02-10 16:18:35 +00:00
Bodo Möller
e306892994 Simplify BN_rand_range 2001-02-10 00:34:02 +00:00
Lutz Jänicke
b5f6d9dc6e Fix "wierd" typo as submitted by Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>. 2001-02-09 19:03:53 +00:00
Ulf Möller
466e4249ab Note that EGD is used automatically. 2001-02-08 17:16:44 +00:00
Ulf Möller
9fbc45b159 cleanup 2001-02-08 17:14:07 +00:00
Bodo Möller
35ed8cb8b6 Integrate my implementation of a countermeasure against 
Bleichenbacher's DSA attack.  With this implementation, the expected
number of iterations never exceeds 2.

New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
     min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
     min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
 2001-02-08 12:14:51 +00:00
Lutz Jänicke
420125f996 Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00
Ulf Möller
57e7d3ce15 Bleichenbacher's DSA attack 2001-02-07 22:24:35 +00:00
Lutz Jänicke
0bc6597d4d Documenting session caching, 2nd step. 2001-02-04 18:05:27 +00:00
Lutz Jänicke
7403c34b0b Clarify why SSL_CTX_use_certificate_chain_file() should be preferred. 2001-02-03 15:15:00 +00:00
Lutz Jänicke
9022f2403b Typo: on my screen it nicely wrapped around at 80 :-) 2001-02-03 11:02:02 +00:00
Lutz Jänicke
8cbceba610 Document session caching, first step. 2001-02-02 14:40:52 +00:00
Lutz Jänicke
cd6aa710b5 New manual page for a hardly known but important item :-) 2001-01-31 14:14:20 +00:00
Geoff Thorpe
67c3cf0675 Insert a missing space to stop pod2man giving stroppy "malformed" warnings. 2001-01-25 02:26:58 +00:00
Lutz Jänicke
e58d808a4c Copy over just written manpage to the ones still missing. 2001-01-23 11:04:52 +00:00
Lutz Jänicke
751b5e8ff2 Add entries for new manpages... 2001-01-23 10:47:41 +00:00
Ulf Möller
9756da13dd Use the correct number of arguments in the example. 2001-01-21 19:46:50 +00:00
Lutz Jänicke
b5a6f0a92d Documentation about SSL_get_ex_data_X509_STORE_CTX_idx and 
SSL_get_ex_new_index() functionality. Extended verify_callback()
example to show the usage.
 2001-01-20 16:22:43 +00:00
Dr. Stephen Henson
bfcec27d61 Update ocsp utility documentation. 2001-01-20 01:26:28 +00:00
Ulf Möller
a068630a20 link to the new manpage. 2001-01-15 22:19:30 +00:00
Bodo Möller
dfebac32c0 New '-extfile' option for 'openssl ca'. 
This allows keeping extensions in a separate configuration file.

Submitted by: Massimiliano Pala <madwolf@comune.modena.it>
 2001-01-15 11:35:24 +00:00
Geoff Thorpe
ab5db00717 Update the LHASH man page. 
* Correct some prototypes and macros with respect to "const"ness.

* Add the extra macros and examples due to the lh_doall[_arg] modifications
  made recently. The existing example is also reworked for consistency.

* Rewrite, tweak, and supplement bits of the existing comments that seemed
  (IMHO) to be a little convoluted and misleading.

* Add a NOTE section that explains the use of macros and avoiding function
  casts (ie. generate a wrapper as with the macros, or prototype any
  callback functions exactly to not require casting). Also, explain the
  "const" approach taken in LHASH for the purposes of API comprehensibility
  and also application code auditing.
 2001-01-14 23:37:42 +00:00
Dr. Stephen Henson
b4b1bdd5d3 Preliminary ocsp utility documentation. 
Fix ocsp usage message.
 2001-01-14 00:52:19 +00:00
Bodo Möller
d199858e89 New -newreq-nodes option to CA.pl. 
Submitted by: Damien Miller <djm@mindrot.org>
 2001-01-11 13:23:19 +00:00
Bodo Möller
b62a0c4cab Add a pointer to digest options in the description of -fingerprint. 2001-01-10 14:35:20 +00:00
Bodo Möller
a0aae68cf6 Fix SSL_peek and SSL_pending. 2000-12-25 18:40:46 +00:00
Ulf Möller
4ce7894c4a c&p error spotted by Martin Forssen 2000-12-13 23:00:33 +00:00
Lutz Jänicke
cc93ae3ef4 Add description of SSL_[CTX_]_check_private_key(). 2000-12-12 21:06:29 +00:00
Lutz Jänicke
66ebbb6a56 Add manual pages for certficate/key loading and friends. 2000-12-08 14:29:13 +00:00
Richard Levitte
1435ccfba1 Update the internal docs. 2000-12-05 19:18:51 +00:00
Lutz Jänicke
d766a23deb Typo and additional information about cert-chain building. 2000-12-05 16:47:22 +00:00
Lutz Jänicke
b1e21f8fac Add EXAMPLES for SSL_CIPHER_description() output. 2000-12-05 16:45:26 +00:00
Geoff Thorpe
ebff44b83a Sync up with a minor change in lhash.h 2000-12-04 04:54:59 +00:00
Geoff Thorpe
733777275b Update the documentation to the current state of the LHASH changes. There 
will probably be more when the lh_doall[_arg] callbacks are similarly
tidied up, but this 'pod' should now be current.
 2000-12-04 04:35:04 +00:00
Richard Levitte
862e973b50 Write a first HOWTO on how to create certificates. This is currently 
a draft.
 2000-12-01 17:44:33 +00:00
Ulf Möller
06676624fc Add a warning about the usage of the montgomery functions (if the inputs 
are not reduced modulo m, the outputs won't be either).
 2000-11-29 22:37:14 +00:00
Bodo Möller
5acaa49504 More BN_mod_... functions. 2000-11-26 18:31:32 +00:00
Bodo Möller
535b9b5724 Add bn_mod.c (should have happend in the previous commit ...). 
BN_swap manual page.
 2000-11-26 16:46:57 +00:00
Bodo Möller
78a0c1f18d modular arithmetics 
"make update"
 2000-11-26 16:42:38 +00:00
Bodo Möller
b1d6e3f551 Documentation on using the SSL library with non-blocking I/O. 2000-11-17 10:25:46 +00:00
Bodo Möller
db70a3fd6e Improve usability of 'openssl passwd' by including 
password verification where it makes sense.
 2000-11-17 09:03:02 +00:00
Lutz Jänicke
803e4e93d4 Fill in missing information about the string returned from 
SSL_CIPHER_description(), as there is no other API function to find
out details about the cipher used besides the number of bits or protocol used.
 2000-11-15 18:42:41 +00:00
Bodo Möller
2984b0ae24 Additional explanations for SSL_ERROR_WANT_READ/WRITE. 2000-11-12 19:17:22 +00:00
Bodo Möller
cb4ae6c0d3 Point to SSL_set_bio(3) early because that manpage provides 
information that is essential for using BIO pairs.
 2000-11-10 07:50:18 +00:00
Bodo Möller
359fd02fec add missing word 2000-11-10 07:46:11 +00:00
Richard Levitte
ccb9643f02 Remove references to RSAref. The glue library is but a memory to fade 
away now...
 2000-11-08 17:51:37 +00:00
Ulf Möller
458d356db9 looks like a cut&paste error 2000-11-06 21:28:38 +00:00
Richard Levitte
1d833a9910 Update the standards list to the current status 2000-11-02 22:55:14 +00:00
Richard Levitte
5270e7025e Merge the engine branch into the main trunk. All conflicts resolved. 
At the same time, add VMS support for Rijndael.
 2000-10-26 21:07:28 +00:00
Ulf Möller
a2bbe59401 s_server not s_client 2000-10-23 19:13:35 +00:00
Ulf Möller
0fa504b68d Correction from Tani Hosokawa <unknown@riverstyx.net> 2000-10-23 14:02:02 +00:00
Ulf Möller
bbdc9c98a8 give pseudo prototypes instead of macro definitions for better clarity 2000-10-19 22:02:21 +00:00
Ulf Möller
11b62699a1 "DESCRIPTION" is required. 2000-10-19 19:40:35 +00:00
Ulf Möller
14a74a21f0 correction from Lutz 2000-10-19 15:19:41 +00:00
Ulf Möller
9bd3bd227f Add short overview, move header files section further down. 2000-10-18 23:08:55 +00:00
Ulf Möller
d0ef53bd2d cosmetic changes 2000-10-18 22:51:34 +00:00
Ulf Möller
8d3f155a66 cosmetic change 2000-10-18 22:01:47 +00:00
Richard Levitte
553615f500 New docs and new facts in older docs. 
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-10-12 09:56:36 +00:00
Dr. Stephen Henson
924046ce75 Make non blocking I/O work for accept BIOs. 2000-10-12 01:50:33 +00:00
Richard Levitte
53fe8d5be5 A few small corrections to the SSL documentation. 
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-10-10 09:15:47 +00:00
Richard Levitte
356c06c776 More SSL functions documented. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-10-03 22:02:28 +00:00
Ulf Möller
a87aa87bcc The des_modes manpage is in section 7. 2000-09-27 21:45:20 +00:00
Bodo Möller
b7af080fb1 Add BUGS section. 2000-09-26 12:15:53 +00:00
Ulf Möller
393e826ec3 typo 2000-09-25 05:55:19 +00:00
Ulf Möller
8fdec3e558 stop perlpod from complaining. 2000-09-23 07:30:28 +00:00
Ulf Möller
69431c2998 more manpage links. 2000-09-23 07:16:17 +00:00
Dr. Stephen Henson
dbba890cf1 Only use the new informational verify codes if we 
specifically ask for them.

Fix typo in docs.
 2000-09-22 21:32:08 +00:00
Richard Levitte
4aa4f333ed Change IMPORTANT to WARNING for greater emphasis. 2000-09-21 17:21:15 +00:00
Richard Levitte
c19b6c922a Clarifications and new documents. 
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-09-21 06:46:15 +00:00
Richard Levitte
4759abc5f2 New documents. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-20 16:55:26 +00:00
Richard Levitte
e31e385ce3 Mistakes corrected. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-20 16:52:05 +00:00
Ulf Möller
18edda0f92 Malloc() -> OPENSSL_malloc() etc. 2000-09-20 03:28:54 +00:00
Ulf Möller
89681b183d The RSA patent will have expired when the next version is released... 2000-09-20 03:25:33 +00:00
Ulf Möller
c8973693ab ispell. 2000-09-20 03:24:36 +00:00
Dr. Stephen Henson
4e87e05b25 Add docs for X509_get_ext_d2i() function. 
Add some major changes to NEWS...
 2000-09-20 00:50:25 +00:00
Richard Levitte
933f32cc4d Document SSL_library_init() and it's aliases. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-19 23:12:57 +00:00
Richard Levitte
c6def253b4 Type correction. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-19 23:11:42 +00:00
Richard Levitte
dd3430a6e9 Extend the docs on setting the cipher list. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-19 23:10:32 +00:00
Richard Levitte
c15602f48e Reorder the Blowfish documentation so the low-level routines do not get so prominent, and make sure to say out loud what they expect. 2000-09-19 06:15:33 +00:00
Dr. Stephen Henson
3b2cbbcb9a Clarify the BIO_seek() mess and related issues. 
Buffering BIO docs.
 2000-09-18 23:05:33 +00:00
Ulf Möller
c69c47b9fe ispell 2000-09-18 22:58:02 +00:00
Richard Levitte
615513ba52 New documentation about things related to SSL_CIPHER. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-18 16:42:30 +00:00
Richard Levitte
e17b712894 Restore the descriptions to conform with the rest of the 
documentation.  We'll work on better documents after the release of
0.9.6.
 2000-09-17 19:20:17 +00:00
Bodo Möller
07fcf422a1 Rename new BIO_set_shutdown_wr macro to just BIO_shutdown_wr 
(it's similar to the shutdown(..., SHUT_WR) system call
for sockets).
 2000-09-17 01:23:53 +00:00
Richard Levitte
da542e1bf7 Move text that isn't really descriptions of the functions in the page 
to the NOTES section, and add references to the functions mentioned
(and perhaps a few more).
 2000-09-16 23:32:33 +00:00
Richard Levitte
93fe6e13a3 Add BIO_seek() and BIO_tell() to the BIO control functions manual. 2000-09-16 23:31:03 +00:00
Dr. Stephen Henson
2c281ebb6c New macro BIO_set_shutdown_wr(). 
Update docs.
 2000-09-16 21:21:01 +00:00
Bodo Möller
37b08e8365 SSL => TLS/SSL 2000-09-16 16:05:34 +00:00
Bodo Möller
318f962928 TLS => TLS/SSL 2000-09-16 16:02:35 +00:00
Bodo Möller
acb5b34328 Change spelling back to "behaviour" and "flavour" instead of the 
American variants.
 2000-09-16 16:00:38 +00:00
Bodo Möller
c1629c9ea2 Clarification. 2000-09-16 15:55:57 +00:00
Ulf Möller
1e4e549296 ispell and some other nit-picking 2000-09-16 15:39:28 +00:00
Dr. Stephen Henson
439fb8e1e0 Remove redundant manpages and references to them. 2000-09-16 12:01:38 +00:00
Ulf Möller
53e44d90c7 add links to the new BIO and SSL manpages to make them visible on the web. 2000-09-16 06:04:43 +00:00
Dr. Stephen Henson
32751b8ab1 BIO_f_ssl() docs. 2000-09-16 01:32:42 +00:00
Dr. Stephen Henson
68a1c6b0d9 Accept BIO docs. 2000-09-15 17:31:47 +00:00
Dr. Stephen Henson
2273d6b657 Update BIO_s_connect(). 2000-09-15 00:28:47 +00:00
Bodo Möller
e39c194387 Some small clarifications. 2000-09-14 22:09:55 +00:00
Richard Levitte
e1b78bc64d In the name section, all the functions described shoud be enumerated. 
This will also make it much simpler to generate softlinks name like
each function to man-pages containing the info.
 2000-09-14 21:23:28 +00:00
Richard Levitte
e65c84abb0 Update the info on version numbering 2000-09-14 21:22:19 +00:00
Richard Levitte
8eec1389fb BIO_seed() and BIO_tell() were documented in two other documents, 
which is redundant.  They are now in their own document.

Also, in the name section, all the functions described shoud be
enumerated.  This will also make it much simpler to generate softlinks
name like each function to man-pages containing the info.
 2000-09-14 20:24:56 +00:00
Richard Levitte
e38dabbc0c BIO_seed() and BIO_tell() were documented in two other documents, 
which is redundant.  Instead, move them to their own page.
 2000-09-14 20:23:17 +00:00
Richard Levitte
54731d75d7 Items without a =over and a =back are ignored. 2000-09-14 20:22:14 +00:00
Dr. Stephen Henson
18f2259499 BIO_s_bio() manual page detailing BIO pair. 
This combines several manual pages provided by
Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>,
various comments by Bodo to the lists and a bit
of source examination by me.
 2000-09-14 18:55:39 +00:00
Richard Levitte
7fcc8326e3 Remove indentation in the NAME section. There's really no need to 
indent there, especially since the pod2* scripts will regard that as
preformated text.  In one case, indent a code section one step.
 2000-09-14 13:17:55 +00:00
Richard Levitte
cc99526db1 Add a number of documentation files, mostly for SSL routines, but also 
for a few BIO routines.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-09-14 13:11:56 +00:00
Dr. Stephen Henson
bace212474 Initial connect BIO docs. 2000-09-14 12:44:34 +00:00
Richard Levitte
e117a890ca Remove indentation in the NAME section. There's really no need to 
indent there, especially since the pod2* scripts will regard that as
preformated text.  In one case, indent a code section one step.
 2000-09-14 12:14:41 +00:00
Dr. Stephen Henson
6dcbaf5857 Docs for socket BIO. 2000-09-14 00:05:50 +00:00
Dr. Stephen Henson
02ef611ef3 BIO_s_fd() manual page. 2000-09-13 17:27:42 +00:00
Dr. Stephen Henson
4041156461 Clarify some of the I/O issues. 
Add case of using select() and blocking I/O with
BIOs and why you shouldn't (thanks Bodo!).
 2000-09-13 00:20:24 +00:00
Dr. Stephen Henson
d572cb6c1c More BIO docs. 2000-09-12 01:56:56 +00:00
Dr. Stephen Henson
b1ccd57b18 Docs for cipher and base64 BIOs. 2000-09-11 01:04:09 +00:00
Dr. Stephen Henson
5fd0cd9a9b More new BIO docs, correct some old ones. 2000-09-10 17:36:15 +00:00
Dr. Stephen Henson
d7b9c76c72 More preliminary BIO docs... 
Incomplete and possibly inaccurate. Hope somone is
checking these :-)
 2000-09-10 01:52:26 +00:00
Dr. Stephen Henson
b144a5e907 Really add BIO_read this time... 2000-09-09 01:01:35 +00:00
Dr. Stephen Henson
c5a3b7e790 Add BIO_read() (etc.) docs. 
Add an ASN1 FAQ because I'm sick of answering it :-)
 2000-09-09 00:59:37 +00:00
Dr. Stephen Henson
709e85953d Update verify docs. 
New option to verify program to print out diagnostics.
 2000-09-08 00:53:58 +00:00
Dr. Stephen Henson
84b65340e1 Two new PKCS#12 demo programs. 
Update PKCS12_parse().

Make the keyid in certificate aux info more usable.
 2000-09-07 23:14:26 +00:00
Dr. Stephen Henson
f50c11ca40 Ugh, BIO_find_type() cannot be passed a NULL. 
Fix doc example, and fix BIO_find_type().

Fix PKCS7_verify(). It was using 'i' for both the
loop variable and the verify return value.
 2000-09-07 17:42:25 +00:00
Dr. Stephen Henson
cfd3bb1785 Add docs for BIO_find_type() and friends. 
Added function BIO_next() otherwise you can't
traverse a chain without accessing BIO internals.
 2000-09-07 13:04:27 +00:00
Bodo Möller
1974a58fe0 clarification (source/sink BIOs are usually *both* source and sink) 2000-09-07 08:07:55 +00:00
Dr. Stephen Henson
47770c4dfb Some BIO docs, incomplete, more to follow. 
Hmmm I didn't realise BIO_pop() did that:
isn't source wonderful?
 2000-09-07 00:22:31 +00:00
Bodo Möller
2b40660ec1 Add OAEP. Seed the PRNG. 2000-09-06 11:49:43 +00:00
Bodo Möller
34417732fa Add rsautl. 2000-09-06 07:58:27 +00:00
Bodo Möller
b894b13059 Clarification for SSL_ERROR_ZERO_RETURN 2000-09-06 07:56:03 +00:00
Dr. Stephen Henson
bbb720034a Fix typo in rsautl. 
Add support for settable verify time in X509_verify_cert().

Document rsautl utility.
 2000-09-05 22:30:38 +00:00
Bodo Möller
4ed601b172 Include MD4 in documentation. 2000-09-04 15:28:21 +00:00
Dr. Stephen Henson
bd08a2bd0c Add 'rsautl' low level RSA utility. 
Add DER public key routines.

Add -passin argument to 'ca' utility.

Document sign and verify options to dgst.
 2000-09-03 23:13:48 +00:00
Dr. Stephen Henson
d428bf8c56 New option to CA.pl to sign request using CA extensions. 
This allows intermediate CAs to be created more easily.

PKCS12_create() now checks private key matches certificate.

Fix typo in x509 app.

Update docs.

New function ASN1_STRING_to_UTF8() converts any ASN1_STRING
type to UTF8.
 2000-08-24 23:24:18 +00:00
Richard Levitte
fa1194d30a Correct the title. This also fooled the automatic documentation builder 
that this was actually the pkcs7 document...
 2000-08-15 17:35:10 +00:00
Richard Levitte
3009458e2f MD4 implemented. Assar Westerlund provided the digest code itself and the test utility, I added the bits to get a EVP interface, the command line utility and the speed test 2000-08-14 14:05:53 +00:00
Bodo Möller
cc244b371d Update 'openssl passwd' documentation on selection of algorithms. 2000-07-31 12:27:44 +00:00
Dr. Stephen Henson
bd4e152791 Document the new DN printing options. 
Change a few names to be more meaningful.

Fix typos in CA.pl docs.
 2000-07-30 01:27:59 +00:00
Richard Levitte
c4558f8291 We do PKCS8 as well 2000-07-21 12:50:06 +00:00
Dr. Stephen Henson
fd13f0ee52 Make req seed the PRNG if signing with 
an already existing DSA key.

Document the new smime options.
 2000-07-12 23:55:30 +00:00
Bodo Möller
16ece03a2e Add an early reference to BN_CTX_new so that the usage of BN_CTX_start 
is easier to grasp.
 2000-07-11 20:35:45 +00:00
Ulf Möller
e0b0dc11df Add PRNGD link. 2000-07-03 17:26:51 +00:00
Richard Levitte
adbd4ed16d Added references to RFCs 1421 to 1424, that describe PEM. 
Suggested by Randolph Bentson <bentson@grieg.holmsjoen.com>
 2000-06-26 16:12:01 +00:00
Richard Levitte
fb0b844a7d Document the change in req. 2000-06-22 09:19:59 +00:00
Richard Levitte
3b21161922 The dynamic thread API changed, and so does the documentation. 2000-06-19 15:28:36 +00:00
Richard Levitte
c79223040d Add support for dynamically created and destroyed mutexes. This will 
be needed in some ENGINE code, and might serve elsewhere as well.
Note that it's implemented in such a way that the locking itself is
done through the same CRYPTO_lock function as the static locks.

WARNING: This is currently experimental and untested code (it will get
tested soon, though :-)).
 2000-06-18 15:59:04 +00:00
Dr. Stephen Henson
d3ed8ceb3d Add support for the modified SGC key format used in IIS. 2000-06-15 23:48:05 +00:00
Richard Levitte
569e7f6ef2 This seems to work better with enums... 2000-06-15 20:57:25 +00:00
Ulf Möller
b7b40c3120 typo 2000-06-12 18:50:59 +00:00
Dr. Stephen Henson
e366f2b876 Fix evp_locl.h macros. 
Documentation correction.
 2000-06-11 15:43:17 +00:00
Dr. Stephen Henson
fd75eb50c0 Make EVP_SealInit() and EVP_OpenInit() check EVP_EncryptInit() and 
EVP_DecryptInit() return values.

Update docs.
 2000-06-11 12:27:58 +00:00
Dr. Stephen Henson
a91dedca48 Document EVP routines. Change EVP_SealInit() and EVP_OpenInit() 
to support multiple calls.

New function to retrieve email address from certificates and
requests.
 2000-06-11 12:18:15 +00:00
Richard Levitte
b194041adf Small documentation bug, probably a cut'n'paste, corrected. 2000-06-01 17:40:34 +00:00
Bodo Möller
cbb6ad9d10 typo 2000-05-31 23:20:10 +00:00
Bodo Möller
727daea783 dh and gendh have been obsoleted by dhparam. 2000-05-31 23:07:48 +00:00
Richard Levitte
fbecbc8cfb You must have an empty line between =item's 2000-05-30 08:01:24 +00:00
Geoff Thorpe
4c0aee5a75 Minor corrections to documentation. 
* speed processes any/all options passed to it, not just one.
* DH and DSA have no "_get_method()" functions, only RSA does.
* typos.
 2000-05-29 15:52:21 +00:00
Ralf S. Engelschall
447a9638b7 Fix Blowfish URL. 
Submitted by: Arnaud De Timmerman <Arnaud.De.Timmerman@branchur.fr>
 2000-05-23 18:33:44 +00:00
Bodo Möller
608c31c60d typo 2000-05-19 07:54:42 +00:00
Richard Levitte
6d52cf2149 Add a new file where all the standards and other documents that we try 
to adhere to are listed.  It should be regarded as a complement to
whatever is out on the web, including the docs in http://www.openssl.org/
 2000-05-18 21:22:50 +00:00
Bodo Möller
2c8c4ce2e0 Correction. 2000-04-15 00:04:30 +00:00
Bodo Möller
e5c84d5152 New function ERR_error_string_n. 2000-04-14 23:36:15 +00:00
Bodo Möller
d49f3797a5 Minor corrections. 2000-04-12 23:04:13 +00:00
Richard Levitte
b87ef9460b OpenVMS, not OpenVSM... 2000-04-12 16:48:20 +00:00
Bodo Möller
8acdd759b9 Clarifications. 2000-04-06 22:30:57 +00:00
Dr. Stephen Henson
afee764c4a Update docs. 2000-03-25 02:38:28 +00:00
Richard Levitte
1bb30673f9 Corrected. It said before that ivec had to be initialised to zero, 
which isn't true.  What is true, however, is that SSH assumes it is.
 2000-03-23 11:08:49 +00:00
Dr. Stephen Henson
555b22cfca Update docs and remove old PKCS#7 README file. 2000-03-23 02:35:47 +00:00
Ulf Möller
513393f8d4 RAND_event() 2000-03-22 15:30:03 +00:00
Bodo Möller
88220dcb21 Document pseudo-commands. 2000-03-20 13:39:06 +00:00
Ulf Möller
395df2fe30 libdes manpage. 
This may still contain a few errors from the old documentation,
but most of it should make sense.
 2000-03-19 02:09:37 +00:00
Ulf Möller
369782ac50 add =cut 2000-03-18 22:00:26 +00:00
Richard Levitte
ce301b6b0b Add the possibility (with -ign_eof) to ignore end of file on input but 
still not be quiet.  Also make it clear that -quiet implicitely means
-ign_eof as well.
 2000-03-10 12:18:28 +00:00
Ulf Möller
e4947bfec7 clarify. 2000-03-09 17:07:55 +00:00
Dr. Stephen Henson
9886f42014 Manual pages for EVP_Open* and EVP_Seal* 2000-03-08 01:48:12 +00:00
Dr. Stephen Henson
f71732627a Manual pages for EVP signing and verifying. 2000-03-07 17:35:25 +00:00
Ulf Möller
7f1120994e new component 2000-03-04 00:22:04 +00:00
Bodo Möller
41918458c0 New '-dsaparam' option for 'openssl dhparam', and related fixes. 2000-03-03 22:18:19 +00:00
Ulf Möller
410243f197 add RAND_status() to title 2000-03-01 17:08:27 +00:00
Bodo Möller
afbd0746cf 'rand'/'-rand' documentation. 2000-03-01 11:45:53 +00:00
Bodo Möller
55f7d65db0 Document the 'rand' application. 2000-03-01 07:57:25 +00:00
Ulf Möller
3aefe30469 corrections 2000-02-27 18:35:29 +00:00
Ulf Möller
47f87f536a remove obsolete BN_CTX info 2000-02-27 12:30:07 +00:00
Ulf Möller
5ee6cc1162 put function names in the title. 2000-02-27 02:38:41 +00:00
Ulf Möller
775c63fc02 Reorganize bn_mul.c (no bugfix yet), remove obsolete files in BN library. 2000-02-26 22:16:47 +00:00
Andy Polyakov
e0b8b39f3a Linux is almost the only one where getpid() == thread-id. IRIX is 
another one, but only if you stick to sproc(2).
 2000-02-25 17:59:42 +00:00
Ulf Möller
d52c973498 links 2000-02-25 16:00:24 +00:00
Andy Polyakov
dbe7113308 There're two (incompatible) ways to write multi-threaded programs under 
IRIX, one is to call sproc(2) when every thread does get own pid and
POSIX threads when all the threads share same pid.
 2000-02-25 15:44:03 +00:00
Ulf Möller
1c890fa864 mention RAND_egd() 2000-02-25 15:43:33 +00:00
Ulf Möller
4101054ab5 *** empty log message *** 2000-02-25 14:19:17 +00:00
Ulf Möller
a610374cb2 mention that EGD is used in non-blocking mode. 2000-02-24 19:33:58 +00:00
Bodo Möller
a7b991bd68 Don't define platform-dependent preprocessor symbols for OPENSSL_THREAD_DEFINES. 
"make update".
 2000-02-24 18:19:50 +00:00
Ulf Möller
a4cfd178f9 EGD socket info. 2000-02-24 17:18:51 +00:00
Ulf Möller
4d524e10b4 nicer manpages 2000-02-24 11:55:57 +00:00
Ulf Möller
390ead1e9a EGD info, as requested. 2000-02-24 03:36:01 +00:00
Ulf Möller
4ec2d4d2b3 Support EGD. 2000-02-24 02:51:47 +00:00
Richard Levitte
9f7f1ff75e Correct a couple of command errors. 2000-02-24 01:20:31 +00:00
Ulf Möller
b6891e9c35 CRYPTO_num_locks() 2000-02-24 00:22:17 +00:00
Ulf Möller
be7ae17560 threads mapage. 2000-02-23 18:10:42 +00:00
Ulf Möller
c1ce32f1bf minor docs changes (added links is the openssl(1) text) 2000-02-23 17:09:50 +00:00
Dr. Stephen Henson
41e68ef25f Add PBE algorithms with ciphers, not digests. 2000-02-23 14:27:47 +00:00
Dr. Stephen Henson
3142c86d65 Allow ADH to be used but not present in the default cipher 
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
 2000-02-23 01:11:01 +00:00
Dr. Stephen Henson
3f2b5a88ad Update docs. 2000-02-22 14:16:23 +00:00
Ulf Möller
de4b598946 Don't list prototypes for internal functions. 2000-02-22 12:01:50 +00:00
Ulf Möller
261b5d96ad Correction to RSA_padding_check_xxx() docs (this time for real). 2000-02-22 11:16:41 +00:00
Ulf Möller
fc6d523f0a Correction for RSA_padding_check_xxx() documentation. 2000-02-22 11:11:41 +00:00
Dr. Stephen Henson
72b60351f1 Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for 
the old functionality.

Various warning fixes.

Initial EVP symmetric cipher docs.
 2000-02-22 02:59:26 +00:00
Richard Levitte
9dd2b2a940 Blowfish docs. 2000-02-21 03:01:23 +00:00
Ulf Möller
9f7b1b24e2 Document OPENSSL_VERSION_NUMBER 2000-02-20 21:00:22 +00:00
Ulf Möller
4ec19e203c Fix gcc warnings. 2000-02-20 20:59:21 +00:00
Bodo Möller
853f757ece Allow for higher granularity of entropy estimates by using 'double' 
instead of 'unsigned' counters.
Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp.

Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.
 2000-02-19 15:22:53 +00:00
Bodo Möller
ad86060357 Change the example to show apr1 with an 8-character salt. 2000-02-18 11:51:58 +00:00
Dr. Stephen Henson
8a208cba97 New functions and option to use NEW in certificate requests. 2000-02-18 00:54:21 +00:00
Ben Laurie
671cf7f54a Reflect API changes. 2000-02-17 09:39:01 +00:00
Dr. Stephen Henson
cd3c54e50f Add -pass argument to 'enc'. 
Fix to make Win32 compile work again.
 2000-02-17 00:41:43 +00:00
Dr. Stephen Henson
a3fe382e2d Pass phrase reorganisation. 2000-02-16 23:16:01 +00:00
Dr. Stephen Henson
d13e4eb0b5 Make pkcs12 and smime applications seed random number 
generator (otherwise they don't work) and add -rand
option. Update docs.
 2000-02-12 03:03:04 +00:00
Bodo Möller
e6e7b5f3df Implement MD5-based "apr1" password hash. 2000-02-11 16:25:44 +00:00
Richard Levitte
5160448b98 Add references to the new passwd utility. 2000-02-11 11:21:01 +00:00
Bodo Möller
bb325c7d6a 'passwd' tool. 2000-02-10 21:50:52 +00:00
Richard Levitte
a5d9c6e4fe Move down the attributions 2000-02-08 23:40:20 +00:00
Bodo Möller
8ce288a881 Note about des_ncbc_encrypt. 2000-02-08 21:50:52 +00:00
Dr. Stephen Henson
0cd4498b8f Update docs. 2000-02-08 13:37:08 +00:00
Dr. Stephen Henson
f07fb9b24b Add command line password options to the reamining utilities, 
amend docs.
 2000-02-08 01:34:59 +00:00
Richard Levitte
7948febeca First try at documenting the DES (and other algorithms) modes 2000-02-07 18:15:06 +00:00
Ulf Möller
4facdbb5fa Refer to EVP_DigestInit() in the hash function descriptions. 2000-02-06 23:26:31 +00:00
Dr. Stephen Henson
3cbe1980fd Document EVP digest operations. 2000-02-06 17:44:54 +00:00
Ulf Möller
cae55bfc68 Improve bntest slightly, and fix another bug in the BN library. 2000-02-06 15:56:59 +00:00
Richard Levitte
7cf6e2a35b Typo corrected... 2000-02-06 10:07:32 +00:00
Dr. Stephen Henson
66430207a4 Add support for some broken PKCS#8 formats. 2000-02-05 21:07:56 +00:00
Bodo Möller
37e48b88ad Generate just one error code if iterated SSL_CTX_get() fails. 
Avoid enabled 'assert()' in production library.
 2000-02-05 19:29:00 +00:00
Ulf Möller
6535eb1728 Use MONT_WORD macro to control if the word-based or the bignum 
algorithm is used.
 2000-02-05 18:23:05 +00:00
Ulf Möller
9b141126d4 New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access 
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
 2000-02-05 14:17:32 +00:00
Ulf Möller
7e708ebee0 md2 is documented in the md5 page. lets see if this works... 2000-02-05 10:43:03 +00:00
Ulf Möller
c236e66d62 Document RC4. 2000-02-05 10:41:05 +00:00
Ulf Möller
b20b78b720 a short page for "speed" 2000-02-03 23:23:57 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Ulf Möller
9dbc41d7ee Document hash functions. 2000-02-03 18:22:01 +00:00
Dr. Stephen Henson
82fc1d9c28 Add new -notext option to 'ca', -pubkey option to spkac. 
Remove some "WTF??" casts from applications.

Fixes to keep VC++ happy and avoid warnings.

Docs tidy.
 2000-02-03 02:56:48 +00:00
Bodo Möller
7999c65c9b Some 'const's for BNs. 2000-02-03 01:26:07 +00:00
Bodo Möller
aff0825c61 Tolerate negative numbers in BN_is_prime. 2000-02-02 22:18:01 +00:00
Bodo Möller
e74231ed9e rndsort{Miller, Rabin} primality test. 2000-02-02 21:20:44 +00:00
Dr. Stephen Henson
54a34aecc3 Update docs. 2000-02-02 01:33:28 +00:00
Ulf Möller
cf802b983f Remove an =over that never ends 2000-02-01 15:33:15 +00:00
Ulf Möller
20ead2c6f7 link to SSL_get_error(3) 2000-02-01 15:05:11 +00:00
Ulf Möller
fef47a1d1e dhgen is gone. 2000-02-01 15:00:37 +00:00
Richard Levitte
ee25d40bea Correct one link. 2000-02-01 12:03:47 +00:00
Bodo Möller
1c8337abe3 Pointer to important manual page that should be written. 2000-02-01 08:48:05 +00:00
Ulf Möller
388f2f56f2 Document ERR library. 2000-02-01 01:37:00 +00:00
Ulf Möller
f5a8d67872 spelling 2000-02-01 01:35:52 +00:00
Bodo Möller
6671fe16ee Reference for SHA-1. 2000-01-31 09:02:30 +00:00
Ulf Möller
1749d8a039 Typos. 2000-01-30 23:31:01 +00:00
Ulf Möller
74235cc9ec Update docs: corrections, turn buffer docs into manpage, fold SHA1 
pages into one for improved readability, add lhash manpage
 2000-01-30 22:16:47 +00:00
Bodo Möller
cdd43b5ba5 Documentation for BN_is_prime_fasttest. 2000-01-30 11:05:39 +00:00
Bodo Möller
1baa94907c Make output of "openssl dsaparam 1024" more interesting :-) 2000-01-30 03:32:28 +00:00
Bodo Möller
a87030a1ed Make DSA_generate_parameters, and fix a couple of bug 
(including another problem in the s3_srvr.c state machine).
 2000-01-30 02:23:03 +00:00
Dr. Stephen Henson
15701211b5 Update docs. 2000-01-30 01:39:40 +00:00
Richard Levitte
aa3353fda2 Put config in section 5, where it belongs. 2000-01-28 11:35:44 +00:00
Dr. Stephen Henson
2af9fd006d Add CA.pl man page this time... 2000-01-28 01:37:08 +00:00
Ulf Möller
75b0edaafa fix link 2000-01-27 23:07:50 +00:00
Bodo Möller
953aa79040 A couple of things were reversed for BN_pseudo_rand ... 2000-01-27 21:09:25 +00:00
Richard Levitte
6c2c3e9ba9 Update all links so they will be rendered better. 2000-01-27 20:11:26 +00:00
Ulf Möller
5d6e31dbe6 Update comment from bn.h 2000-01-27 19:36:52 +00:00
Ulf Möller
38e33cef15 Document DSA and SHA. 
New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)
 2000-01-27 19:31:26 +00:00
Bodo Möller
38b1fa8995 Small correction. 2000-01-27 09:03:49 +00:00
Bodo Möller
387ca353fa Correct typos that ispell did not find. 2000-01-27 08:57:57 +00:00
Richard Levitte
d629757a84 Made link of reference 2000-01-27 02:29:19 +00:00
Ulf Möller
fc58fa8bb8 New manpage. 2000-01-27 01:54:05 +00:00
Ulf Möller
e93f9a3284 Run ispell. 
Clean up bn_mont.c.
 2000-01-27 01:50:42 +00:00
Richard Levitte
bb075f8833 Update all links so they will be rendered better. 2000-01-27 01:25:31 +00:00
Bodo Möller
ada3cc4a8f Clarification. 2000-01-26 08:59:26 +00:00
Bodo Möller
a598cd1ab4 New manual page. 2000-01-25 22:35:20 +00:00
Richard Levitte
4a1a3440a4 Man page section forgotten... 2000-01-24 14:19:00 +00:00
Bodo Möller
05ccd698b9 RAND_load_file(..., -1) now means "read the complete file"; 
this is what we now use to read $RANDFILE / $HOME/.rnd.
(Previously, after 'cat'ting lots of stuff into .rnd
only the first MB would be looked at.)

Bugfix for apps/enc.c: Continue if RAND_pseudo_bytes returns 0
(only -1 is an error).
 2000-01-24 10:03:24 +00:00
Richard Levitte
1675f6eb05 Let's make all the example formated the same, shall we? 2000-01-24 02:24:37 +00:00
Richard Levitte
8548d44270 Correct indentation 2000-01-24 02:15:59 +00:00
Dr. Stephen Henson
fd38fecc1a Document how CRYPTO_EX_DATA stuff works for 
RSA structures. Other structures behave in
a similar way.
 2000-01-24 01:50:17 +00:00
Ulf Möller
3bec05e933 Documented in the RSA_print page 2000-01-24 01:21:22 +00:00
Ulf Möller
223fc8654a RSA_print etc 2000-01-24 01:20:39 +00:00
Ulf Möller
dd8dec69b8 Document the BN library. 2000-01-23 22:06:24 +00:00
Dr. Stephen Henson
fabce04122 Make s_server, s_client check cipher list return codes. 
Update docs.
 2000-01-23 02:28:08 +00:00
Dr. Stephen Henson
64287002ce Minor patch: check only match @STRENGTH and remove eNULL 
comment.

Add documentation for the ciphers command including a full
description of cipher lists.
 2000-01-22 23:34:44 +00:00
Bodo Möller
c88a900fa1 update PRNG documentation/comments 2000-01-22 23:11:13 +00:00
Ulf Möller
2a99e8b9df dh renamed to dhparam 2000-01-22 21:26:52 +00:00
Ulf Möller
4486d0cd7a Document the DH library, and make some minor changes along the way. 2000-01-22 20:05:23 +00:00
Dr. Stephen Henson
09483c58e3 Add new program dhparam and update docs. 2000-01-22 13:58:29 +00:00
Ulf Möller
3604a4d3d1 Move ssl.pod to doc/ssl 2000-01-21 23:58:03 +00:00
Ulf Möller
3779469192 Use comment from md_rand.c (part 2, as well). 2000-01-21 23:39:15 +00:00
Ulf Möller
0b5cfe32e9 Use comment from md_rand.c in rand.pod 2000-01-21 23:36:40 +00:00
Dr. Stephen Henson
cc8709a090 Docs for sess_id utility. 2000-01-21 22:38:52 +00:00
Bodo Möller
720b3598d6 Avoid integer overflow in entropy counter. 
Slightly clarify the RAND_... documentation.
 2000-01-21 19:54:22 +00:00
Ulf Möller
60b5245360 Document RAND library. 2000-01-21 17:50:27 +00:00
Ulf Möller
5d82c5b3f4 Move ssl.pod to doc/ssl 2000-01-21 17:46:36 +00:00
Dr. Stephen Henson
8100490a72 Make -CAcreateserial start from 1 instead of 0 for 
serial numbers.
 2000-01-21 02:42:14 +00:00
Dr. Stephen Henson
dd46d58f65 Change the 'man' directory to 'apps'. Yes I wish cvs 
could rename too :-(
 2000-01-21 02:17:04 +00:00
Dr. Stephen Henson
6e6bc352b1 Finish off the X509_ATTRIBUTE string stuff. 2000-01-20 01:37:17 +00:00
Richard Levitte
9597902a91 Tell the truth about list separators. 2000-01-15 23:19:22 +00:00
Richard Levitte
b46c3e9b69 Typo 2000-01-14 22:43:11 +00:00
Ulf Möller
036c8d7e7b PKCS#1 signatures don't use randomness. 
Add a note about the padding functions.
 2000-01-12 20:47:46 +00:00
Ulf Möller
6a3fff5ecf corrections 2000-01-12 13:59:20 +00:00
Ulf Möller
90308e7072 Dummy page superseded by crypto/crypto.pod 2000-01-11 22:36:25 +00:00
Ulf Möller
2186cd8ef1 Document the RSA library. 2000-01-11 22:35:21 +00:00
Ulf Möller
efeca6aa32 Add missing =back. 2000-01-11 00:06:40 +00:00
Dr. Stephen Henson
4b08eaf5c7 Update docs. 2000-01-10 00:11:51 +00:00
Bodo Möller
150a4320d8 s_client and s_server now have their own man pages. 2000-01-09 10:55:29 +00:00
Dr. Stephen Henson
a2151c5b9a Man page for s_server. 2000-01-09 01:26:43 +00:00
Dr. Stephen Henson
c3ed3b6eab Add -prexit command to s_client and patch some BIO 
functions so it doesn't crash. Document s_client.
 2000-01-08 19:05:47 +00:00
Bodo Möller
c708302516 superseded by doc/man/openssl.pod 2000-01-08 18:08:39 +00:00
Bodo Möller
3ea4404fd7 Unify doc/openssl.pod and doc/man/openssl.pod, which were almost the 
same and now are identical.
The next step will be to delete doc/openssl.pod, this is just
to see the individual CVS deltas.
 2000-01-08 18:08:02 +00:00
Dr. Stephen Henson
ef7eaa4cb0 Manpages for the DH utils and fix for a memory leak in dh program 2000-01-08 13:36:17 +00:00
Dr. Stephen Henson
dad666fbbe Add PKCS#12 manpage and use MAC iteration counts by default. 2000-01-08 03:16:04 +00:00
Ulf Möller
69396b4199 Minor format changes. 2000-01-08 02:07:46 +00:00
Ulf Möller
1f2f922455 ispell. 2000-01-07 02:07:13 +00:00
Ulf Möller
19d2bb574b Add some newlines needed for pod2man, and run ispell. 
Submitted by:
Reviewed by:
PR:
 2000-01-07 01:39:59 +00:00
Dr. Stephen Henson
b38f9f66c3 Initial automation changes to 'req' and X509_ATTRIBUTE functions. 2000-01-06 01:26:48 +00:00
Dr. Stephen Henson
20432eae41 Fix some of the command line password stuff. New function 
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
 2000-01-01 16:42:49 +00:00
Dr. Stephen Henson
525f51f6c9 Add PKCS#8 utility functions and add PBE options. 1999-12-23 02:02:42 +00:00
Dr. Stephen Henson
3fc9635ea7 Fix the S/MIME code to use canonical MIME format for 
encrypted mail. Also update the smime docs.
 1999-12-15 01:26:17 +00:00
Dr. Stephen Henson
e3775a33c1 Make the PKCS#7 S/MIME functions check for passed NULL pointers. 
Fix the usage message of smime utility and sanitise the return
codes.

Add some documentation.
 1999-12-09 01:31:32 +00:00
Dr. Stephen Henson
21131f00d7 New function PKC12_newpass() 1999-12-03 03:46:18 +00:00
Dr. Stephen Henson
5f2f0b5596 Document the extension tests performed by the -purpose test 
in the x509 utility.
 1999-11-30 14:39:58 +00:00
Dr. Stephen Henson
7b418a474c Document all possible errors (and some impossible) from the verify program. 1999-11-30 02:28:42 +00:00
Dr. Stephen Henson
13938aceca Add part of chain verify SSL support code: not complete or doing anything 
yet.

Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.

Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
 1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
9868232ae1 Initial trust code: allow setting of trust checking functions 
in a table. Doesn't do too much yet.

Make the -<digestname> options in 'x509' affect all relevant
options.

Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.

A few constification changes.
 1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
6d1b637ba1 Clarify docs. 1999-11-16 02:51:41 +00:00
Dr. Stephen Henson
fd699ac55f Add a salt to the key derivation using the 'enc' program. 1999-11-16 02:49:25 +00:00
Dr. Stephen Henson
4abc5c624a Add some examples to the enc man page. 1999-11-14 13:34:34 +00:00
Dr. Stephen Henson
a0e9f529a4 Add support for the 40 and 64 bit RC2 and RC4 ciphers in 'enc' 
add documentation for 'enc'.
 1999-11-14 03:23:17 +00:00
Dr. Stephen Henson
0286d94454 Add info about the header and footer lines used in PEM formats 
and add an nseq manpage.
 1999-11-13 21:58:39 +00:00
Dr. Stephen Henson
938ead8f88 Correct x509 manpaghe and add a crl manpage 1999-11-13 21:28:01 +00:00
Dr. Stephen Henson
01aad2c80a Add an spkac manual page and fix the pkcs7 manpage. 1999-11-12 14:04:41 +00:00
Dr. Stephen Henson
954ef7ef69 Merge some common functionality in the apps, delete 
the encryption option in the pkcs7 utility (they never
did anything) and add a couple more options to pkcs7.
 1999-11-12 01:42:25 +00:00
Dr. Stephen Henson
c4471290c0 Oops forgot the S/MIME v3 RFC. 1999-11-12 01:07:33 +00:00
Dr. Stephen Henson
5e76807bbd More docs and corrections/updates 1999-11-12 01:04:39 +00:00
Dr. Stephen Henson
af29811edd Add password command line options to some utils. Fix and update man 
pages.
 1999-11-11 18:41:31 +00:00
Dr. Stephen Henson
53b1899e3c Fix a couple of outstanding issues: update STATUS file, fix NO_FP_API problems. 
Update docs, change 'ca' to use the new callback parameter. Now moved key_callback
into app.c because some other utilities will use it soon.
 1999-11-11 13:58:41 +00:00
Dr. Stephen Henson
174a4a8c89 Oops. The pkcs8 man page wasn't finished: this is an updated version 1999-11-11 00:48:39 +00:00
Dr. Stephen Henson
aba3e65f2c Very preliminary POD format documentation for some 
of the openssl utility commands...
 1999-11-10 02:52:17 +00:00
Dr. Stephen Henson
f769ce3ea4 More multibyte character support. 
Functions to get keys from EVP_PKEY structures.
 1999-10-25 02:00:09 +00:00
Dr. Stephen Henson
fd52057729 Add functions to allow extensions to be added to certificate requests. 
Modify obj_dat.pl to take its files from the command line. Usage is now
perl obj_dat.pl objects.h obj_dat.h
this should avoid redirection shell escape problems under Win32.
 1999-08-11 13:08:58 +00:00
Dr. Stephen Henson
87c49f622e Support for parsing of certificate extensions in PKCS#10 requests: these are 
used by things like Xenroll. Also include documentation for extendedKeyUsage
extension.
 1999-08-09 22:38:05 +00:00
Dr. Stephen Henson
66ab08b1cf Implement STACK_OF(ANS1_OBJECT) for extended key usage extension, change the 
documentation to reflect the STACK_OF(CONF_VALUE) change to the CONF lib and
use ANSI typedefs for X509V3_EXT_I2D and X509V3_EXT_FREE.
 1999-06-21 23:59:09 +00:00
Dr. Stephen Henson
565d1065c3 Document the X509V3 code and change some of the extension function pointers 
to use 'void *' rather than 'char *' for an "arbitrary extension".
 1999-06-11 01:58:42 +00:00
Dr. Stephen Henson
257e206da6 Include some notes on basic extension usage and change openssl.cnf to usually 
do sensible things with extensions.
 1999-05-19 23:54:58 +00:00
Ulf Möller
405b4a7edb Oops. 1999-05-19 19:14:59 +00:00
Ulf Möller
33d50ef662 Small corrections. 1999-05-19 18:39:23 +00:00
Dr. Stephen Henson
703126f027 Various clarifications to extension docs: change the name of literal 
extensions from RAW to DER to avoid confusion with raw extensions.

Update NEWS file.
 1999-05-17 20:05:36 +00:00
Bodo Möller
3f45ed82dc Rename "openssl x509" option "-config" to "-extfile", because it 
doesn't have a default value like the "-config" options of other
openssl subprograms.
 1999-05-17 08:28:37 +00:00
Bodo Möller
b975f15d54 Keep text lines less than 80 characters wide. 1999-05-16 18:27:46 +00:00
Dr. Stephen Henson
e40b7abeed Allows PKCS#12 password to be placed on command line and add allow config 
file name for 'ca' to come from the environment.
 1999-05-08 12:59:50 +00:00
Dr. Stephen Henson
b64f825671 Add PKCS#12 documentation and new option in x509 to add certificate extensions. 1999-04-27 00:36:20 +00:00
Bodo Möller
4c0c739288 Comment changed. 
Submitted by:
Reviewed by:
PR:
 1999-04-25 09:34:36 +00:00
Bodo Möller
ad38bedbac C indentation style definition for Emacs. 
Submitted by:
Reviewed by:
PR:
 1999-04-24 11:49:33 +00:00
Dr. Stephen Henson
d943e37241 Suppport for CRL distribution points extension. Also document some of 
this stuff.
 1999-04-21 17:44:45 +00:00
Ralf S. Engelschall
94c95d04c6 Fix a typo in the X.509v3 docs: cRLSign instead of cRLCertSign is correct 
according to the sources.... found by Steffen Dettmer <steffen@tfh-berlin.de>.
 1999-04-10 11:33:28 +00:00
Ulf Möller
b822aa562f Pointer to Ariel Glenn's SSLeay documentation. 1999-04-01 13:09:56 +00:00
Ralf S. Engelschall
36108adbb8 update list 1999-03-22 15:56:31 +00:00
Ralf S. Engelschall
f5904406d0 Merge ext-conf.txt and buffer.txt into a global openssl.txt because we 
shouldn't again start with thousend little text files or we quickly come back
to the old SSLeay days ;-)
 1999-03-22 15:55:01 +00:00
Ralf S. Engelschall
6e9f108dd7 Add two recently added functions 1999-03-22 15:53:08 +00:00
Dr. Stephen Henson
1756d405cc Added support for adding extensions to CRLs, also fix a memory leak and 
make 'req' check the config file syntax before it adds extensions. Added
info in the documentation as well.
 1999-03-06 19:33:29 +00:00
Dr. Stephen Henson
9985bed331 Deleted my str_dup() function from X509V3: the same functionality is provided 
by BUF_MEM_strdup(). Added text documentation to the BUF_MEM stuff.
 1999-03-04 23:29:51 +00:00
Ralf S. Engelschall
789285aa96 Added the new `Includes OpenSSL Cryptography Software' button as 
doc/openssl_button.{gif,html} which is similar in style to the old SSLeay
button and can be used by applications based on OpenSSL to show the
relationship to the OpenSSL project.

PS: This beast caused me three hours to create, because
    of the size I had to hand-paint the 7pt fonts in Photoshop.
 1999-03-04 12:55:42 +00:00
Ben Laurie
754048577b Perhaps if I do a tiny bit of docco, others may follow? 1999-02-25 17:39:04 +00:00
Ralf S. Engelschall
ea14a91f64 Move s_server -dcert and -dkey options out of the undocumented feature area 
because they are useful for the DSA situation and should be recognized by the
users. Thanks to Steve for the original hint.
 1999-02-25 11:26:26 +00:00
Dr. Stephen Henson
deff75b634 Add preliminary user level config documentation for extension stuff. Programming 
info will come later...

Feel free to reformat and tidy this up...
 1999-02-21 17:41:08 +00:00
Ralf S. Engelschall
155d7a0e1d First cut for a very conservative source tree cleanup: 
1. merge various obsolete readme texts into doc/ssleay.txt
   where we collect the old documents and readme texts.

2. remove the first part of files where I'm already sure that we no longer need
   them because of three reasons: either they are just temporary files which
   were left by Eric or they are preserved original files where I've verified
   that the diff is also available in the CVS via "cvs diff -rSSLeay_0_8_1b"
   or they were renamed (as it was definitely the case for the crypto/md/
   stuff).

We've still a horrible mess under crypto/bn/asm/.  There for a lot of files
I'm sure whether we need them or not. So, when someone knows it better, feel
free to cleanup there.
 1999-02-10 08:26:08 +00:00
Ralf S. Engelschall
288cb84fb4 Fill in more contents for the openssl(1) manpage. 1999-01-28 14:50:10 +00:00
Ralf S. Engelschall
9f28c57cea More structuring and sorting of the SSL API documentation. 
And the first steps to descriptions in prosa.
 1998-12-31 11:18:15 +00:00
Ralf S. Engelschall
fcc6c7199b Puhhh... now we've documented the prototypes of all 214 API "functions". This 
is a pain to do, because of the various macro definitions which I had to
expand manually to get their prototype :-(

What's now needed is a volunteer who wants to write down one or two sentences
per API function to document it a little bit...
 1998-12-31 10:33:17 +00:00
Ralf S. Engelschall
db1842132f Cleanup of doc/ directory: The old/obsolete SSLeay files are now assembled 
together in a ssleay.txt file.
 1998-12-30 22:58:47 +00:00
Ralf S. Engelschall
1b4559977e Replace AUTHOR with a better HISTORY as in FreeBSD's manpages 1998-12-30 07:21:32 +00:00
Ralf S. Engelschall
cb496082f8 Import the first cut for manual pages. 
They are written in Perl's POD format for two reasons: First Perl is already
needed for SSLeay and second, POD is easy to write and maintain _AND_ created
nice looking NRoff manpages.

The idea is to have three manual pages:

  openssl(1) ... The manpage for the `openssl' program (formerly ssleay)
  crypto(3) .... The manpage for crypto.h/libcrypto.a
  ssl(3) ....... The manpage for ssl.h/libssl.a

The openssl(1) should be very similar to cvs(1), i.e.  it should document all
commands in a compact way.  And I've even created the first cut for an
overview of all 243 functions of the SSL API for ssl.pod. More to come...
 1998-12-29 17:12:34 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00