wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5613 commits 20 branches 302 tags 153 MiB
Commit graph

597 commits

Author SHA1 Message Date
Richard Levitte
e204516178 Remove reference to RSA_PKCS1_RSAref, since it doesn't exist any more. 
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
 2002-09-25 13:25:44 +00:00
Richard Levitte
39d727d0c3 It makes more sense to refer to specific function manuals than the concept 
manual when the specific function is refered to in the current manual text.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
 2002-09-25 13:11:16 +00:00
Richard Levitte
153aecf91a It makes more sense to refer to specific function manuals than the concept 
manual when the specific function is refered to in the current manual text.
This correction was originally introduced in OpenBSD's tracking of OpenSSL.
 2002-09-25 13:11:12 +00:00
Lutz Jänicke
3403caf3da Consequently use term URI instead of URL 
Submitted by: TJ Saunders <tj@castaglia.org>
Reviewed by:
PR: 268
 2002-09-05 07:52:05 +00:00
Lutz Jänicke
4a13e4b36c Consequently use term URI instead of URL 
Submitted by: TJ Saunders <tj@castaglia.org>
Reviewed by:
PR: 268
 2002-09-05 07:51:23 +00:00
Bodo Möller
1fd0338b49 fix manpage 2002-08-15 14:23:23 +00:00
Bodo Möller
8f4a09e531 fix manpage 2002-08-15 14:22:49 +00:00
Richard Levitte
52ccf9e1c1 Missing =back. 
Part of PR 196
 2002-08-15 10:59:59 +00:00
Richard Levitte
37f5fcf85c Missing =back. 
Part of PR 196
 2002-08-15 10:59:55 +00:00
Geoff Thorpe
31e441a805 These are updates/fixes to DH/DSA/RAND docs based on the fixes to the RSA 
docs. There were a couple of other places where the docs were not
synchronised with the API that are now fixed. One or two still remain to be
fixed though ...
 2002-08-05 16:28:59 +00:00
Geoff Thorpe
5bf738737d These are updates/fixes to DH/DSA/RAND docs based on the fixes to the RSA 
docs. There were a couple of other places (including RSA) where the docs
were not quite synchronised with the API that are now fixed. One or two
still remain to be fixed though ...
 2002-08-05 16:27:01 +00:00
Geoff Thorpe
c4a28caa32 typo fix 2002-08-05 02:55:27 +00:00
Geoff Thorpe
415e03aa6f typo fix 2002-08-05 02:54:57 +00:00
Geoff Thorpe
c3eb0c1e7f Various parts of the RSA documentation were inaccurate and out of date and 
this fixes those that I'm currently aware of. In particular, the ENGINE
interference in the RSA API has hopefully been clarified. This still needs
to be done for other areas of the API ...
 2002-08-04 21:10:05 +00:00
Geoff Thorpe
ac120e20e3 Various parts of the RSA documentation were inaccurate and out of date and 
this fixes those that I'm currently aware of. In particular, the ENGINE
interference in the RSA API has hopefully been clarified. This still needs
to be done for other areas of the API ...
 2002-08-04 21:08:36 +00:00
cvs2svn
ea5214328b This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_7-stable'.
 2002-08-04 20:57:20 +00:00
Geoff Thorpe
3f90e45079 A single monolithic man page for the ENGINE stuff. This is a rough 
first-cut but provides better documentation than having nothing on the
ENGINE API.
 2002-08-04 20:57:19 +00:00
Bodo Möller
02750ff56f mention SSL_do_handshake() 2002-07-29 12:35:19 +00:00
Bodo Möller
93d1969c78 mention SSL_do_handshake() 2002-07-29 12:34:14 +00:00
Bodo Möller
56d84db1d4 fix a typo and clarify 2002-07-22 09:05:41 +00:00
Bodo Möller
8be4e173e8 fix a typo and clarify 2002-07-22 09:04:36 +00:00
Lutz Jänicke
c6ccf055ba New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT. 
Submitted by:
Reviewed by:
PR: 127
 2002-07-19 19:55:34 +00:00
Lutz Jänicke
f19b6474fe New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT. 
Submitted by:
Reviewed by:
PR: 127
 2002-07-19 19:53:02 +00:00
Lutz Jänicke
20adcfa058 The behaviour is undefined when calling SSL_write() with num=0. 
Submitted by:
Reviewed by:
PR: 141
 2002-07-19 11:53:54 +00:00
Lutz Jänicke
4408572079 The behaviour is undefined when calling SSL_write() with num=0. 
Submitted by:
Reviewed by:
PR: 141
 2002-07-19 11:53:11 +00:00
Lutz Jänicke
31b5b999c7 Manual page for SSL_do_handshake(). 
Submitted by: Martin Sjögren <martin@strakt.com>
PR: 137
 2002-07-19 11:06:53 +00:00
cvs2svn
f8bcfb5d5a This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_7-stable'.
 2002-07-19 11:05:53 +00:00
Lutz Jänicke
02b7ec88bb Manual page for SSL_do_handshake(). 
Submitted by: Martin Sjögren <martin@strakt.com>
PR: 137
 2002-07-19 11:05:50 +00:00
Geoff Thorpe
0af9a89cef This documentation change was being written at the same time as Richard's 
changes. So I'm committing this version to overwrite his changes for now,
and he can always take his turn to overwrite my words if he wants :-)

PR: 86
 2002-07-18 20:59:22 +00:00
Geoff Thorpe
44e9c2617a This documentation change was being written at the same time as Richard's 
changes. So I'm committing this version to overwrite his changes for now,
and he can always take his turn to overwrite my words if he wants :-)

PR: 86
 2002-07-18 20:52:47 +00:00
Richard Levitte
b61739874e Explain why RSA_check_key() doesn't work with hard keys. 
PR: 86
 2002-07-18 19:11:06 +00:00
Richard Levitte
db802c60e3 Explain why RSA_check_key() doesn't work with hard keys. 
PR: 86
 2002-07-18 19:10:57 +00:00
Richard Levitte
73957bd323 Add history for documented new functions. 
PR: 59
 2002-07-18 18:55:06 +00:00
Richard Levitte
503f3b1a21 Add history for documented new functions. 
PR: 59
 2002-07-18 18:54:46 +00:00
Lutz Jänicke
2edcb4ac71 Typos in links between manual pages 
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
 2002-07-10 19:35:54 +00:00
Lutz Jänicke
150f2d8d24 Typos in links between manual pages 
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
 2002-07-10 19:34:47 +00:00
Bodo Möller
3a9fef60a1 fix synopsis 
Submitted by: Nils Larsch
 2002-07-09 10:52:30 +00:00
Bodo Möller
cd7562091d fix synopsis 
Submitted by: Nils Larsch
 2002-07-09 10:51:25 +00:00
Bodo Möller
c21506ba02 New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC 
vulnerability workaround (included in SSL_OP_ALL).

PR: #90
 2002-06-14 12:21:11 +00:00
Bodo Möller
2f8275c52d New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC 
vulnerability workaround (included in SSL_OP_ALL).

PR: #90
 2002-06-14 12:20:27 +00:00
Lutz Jänicke
8586df1efb Correct wrong usage information. 
PR: 95
 2002-06-12 20:15:18 +00:00
Lutz Jänicke
78af3b274f Correct wrong usage information. 
Submitted by:
Reviewed by:
PR: 95
 2002-06-12 20:14:04 +00:00
Richard Levitte
b49053cae2 Documentation bug corrected. 
PR: 70
 2002-06-05 09:31:05 +00:00
Richard Levitte
65ac3faff6 Documentation bug corrected. 
PR: 70
 2002-06-05 09:30:20 +00:00
Lutz Jänicke
5dd352c916 Typo. 
Submitted by:
Reviewed by:
PR: 72
 2002-06-04 20:44:10 +00:00
Lutz Jänicke
a5200a1b8f Typo. 
PR: 72
 2002-06-04 20:43:10 +00:00
Richard Levitte
2033da0b23 a B< that wasn't properly ended. 2002-05-30 16:55:31 +00:00
Richard Levitte
305a1afcf7 a B< that wasn't properly ended. 2002-05-30 16:55:15 +00:00
Lutz Jänicke
9a26adf598 Remove item listed twice <kromJx@crosswinds.net>. 2002-05-28 17:48:54 +00:00
Lutz Jänicke
405ac901c9 Remove item listed twice <kromJx@crosswinds.net>. 
Submitted by:
Reviewed by:
PR:
 2002-05-28 17:48:12 +00:00
Lutz Jänicke
72da660ddb Fix incorrect =over 4 location. 
Submitted by: David Waitzman <djw@bbn.com>
Reviewed by: Lutz Jaenicke
PR: [openssl.org #38]
 2002-05-16 17:45:37 +00:00
Lutz Jänicke
7dc584ed91 Fix incorrect =over 4 location. 
Submitted by: David Waitzman <djw@bbn.com>
Reviewed by: Lutz Jaenicke
PR: [openssl.org #38]
 2002-05-16 17:44:50 +00:00
Richard Levitte
21d5ed98d5 Small documentation fix for EVP_CipherFinal or EVP_CipherFinal_ex. 
Notified by Stella Power <snpower@maths.tcd.ie>.
PR: 24
 2002-05-08 15:20:38 +00:00
Richard Levitte
aebe0396e9 Small documentation fix for EVP_CipherFinal or EVP_CipherFinal_ex. 
Notified by Stella Power <snpower@maths.tcd.ie>.
PR: 24
 2002-05-08 15:20:33 +00:00
Lutz Jänicke
fb0f53b2e0 Fix escaping when using the -subj option of "openssl req", document 
'hidden' -nameopt support. (Robert Joop <joop@fokus.gmd.de>)
Submitted by:
Reviewed by:
PR: #2
 2002-04-30 12:10:10 +00:00
Lutz Jänicke
c0455cbb18 Fix escaping when using the -subj option of "openssl req", document 
'hidden' -nameopt support. (Robert Joop <joop@fokus.gmd.de>)
 2002-04-30 12:08:18 +00:00
Bodo Möller
f89db4020f error reported by Karsten Braaten 2002-04-13 22:06:25 +00:00
Ulf Möller
592c0e0273 another error discovered by Karsten Braaten. The number was not even 
prime!
 2002-04-13 09:58:50 +00:00
Bodo Möller
c991c6e710 error reported by Karsten Braaten 2002-04-09 13:04:00 +00:00
Ulf Möller
4e9ef338fc error reported by Karsten Braaten 2002-04-07 13:33:16 +00:00
Bodo Möller
2bbaab4a24 Rephrase statement on the security of two-key 3DES. 
[Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of
  Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776.

  Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A
  known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
 2002-03-05 15:30:13 +00:00
Bodo Möller
2c17323e15 Rephrase statement on the security of two-key 3DES. 
[Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of
  Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776.

  Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A
  known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
 2002-03-05 15:29:30 +00:00
Bodo Möller
48781ef7f7 Add 'void *' argument to app_verify_callback. 
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
 2002-02-28 10:55:52 +00:00
Bodo Möller
023ec151df Add 'void *' argument to app_verify_callback. 
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
 2002-02-28 10:52:56 +00:00
Lutz Jänicke
291ae60b52 SSL_clear != SSL_free/SSL_new 
Submitted by:
Reviewed by:
PR:
 2002-02-27 08:10:12 +00:00
Lutz Jänicke
ce4b274aa1 SSL_clear != SSL_free/SSL_new 2002-02-27 08:08:57 +00:00
Lutz Jänicke
f38f8d94a9 Even though it is not really practical people should know about it. 
Submitted by:
Reviewed by:
PR:
 2002-02-15 07:44:44 +00:00
cvs2svn
679eb352e0 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_7-stable'.
 2002-02-15 07:41:46 +00:00
Lutz Jänicke
f0d6ee6be8 Even though it is not really practical people should know about it. 2002-02-15 07:41:42 +00:00
cvs2svn
fbfcdc4cef This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_7-stable'.
 2002-02-13 14:44:34 +00:00
Bodo Möller
a14e2d9dfe New functions 
ERR_peek_last_error
    ERR_peek_last_error_line
    ERR_peek_last_error_line_data
(supersedes ERR_peek_top_error).

Rename OPENSSL_NO_OLD_DES_SUPPORT into OPENSSL_DISABLE_OLD_DES_SUPPORT
because OPENSSL_NO_... indicates disabled algorithms (according to
mkdef.pl).
 2002-01-24 16:16:43 +00:00
Lutz Jänicke
6ce46d69f5 Typos (jsyn <jsyn@openbsd.org>). 2002-01-21 18:01:46 +00:00
Bodo Möller
31cafe53c9 add a sentence previously deleted by accident 2002-01-04 15:22:40 +00:00
Bodo Möller
dc4ddcd2bb add documentation for SSLeay_version(SSLEAY_DIR) and 
'openssl version -d'

use some descriptions from Lutz' redundant manual page
instead of the previous ones
 2002-01-04 15:17:09 +00:00
Lutz Jänicke
5256b021f3 Tsss, SSLeay_version() was already documented, it just was not linked in. 2002-01-04 15:05:51 +00:00
Lutz Jänicke
4ab1e7ceaf Add information as provided by Richard Levitte on openssl-users :-) 2002-01-04 14:55:38 +00:00
Dr. Stephen Henson
06623ff028 Update PEM docs 2002-01-04 13:35:37 +00:00
Ben Laurie
ff3fa48fc7 Improve back compatibility. 2001-12-09 21:53:31 +00:00
Richard Levitte
8f0edcb3d2 I was recently informed that some people wrongly use ssleay.txt as 
main documentation, so let's warn them a little more, so the word
"OBSOLETE" really gets understood.
 2001-12-04 07:38:17 +00:00
Dr. Stephen Henson
55e42c93a8 EVP_BytesToKey documentation. 2001-12-03 03:07:37 +00:00
Dr. Stephen Henson
21a85f1977 Add -pubkey option to req command. 2001-12-01 23:03:30 +00:00
Bodo Möller
8a0a9392ab discuss -name and default_ca more correctly (I hope) 2001-11-26 12:13:50 +00:00
Lutz Jänicke
a7ce69dbd7 Clarify reference count handling/removal of session 
(shinagawa@star.zko.dec.com).
 2001-11-19 11:11:23 +00:00
Bodo Möller
65123f8064 remove incorrect 'callback' prototype 2001-11-10 02:12:56 +00:00
Bodo Möller
1d8634b110 msg_callback documentation 2001-11-10 02:12:09 +00:00
Bodo Möller
45582d1e2b clarify 2001-11-08 14:54:21 +00:00
Dr. Stephen Henson
1fc6d41bf6 New options to allow req to accept UTF8 strings as input. 2001-10-26 12:40:38 +00:00
Ulf Möller
a41477f92e remove compatibility notes that no longer apply 2001-10-25 17:45:25 +00:00
Richard Levitte
5f68c5feef Correct some links... 2001-10-25 16:56:06 +00:00
Richard Levitte
ee84a5a7fb Change the DES documentation to reflect the current status. Note that 
some password reading functions are really part of the UI
compatibility library...
 2001-10-25 16:55:17 +00:00
Bodo Möller
2a9aca32dc mention des_old.h 2001-10-25 08:44:10 +00:00
Bodo Möller
89da653fa6 Add '-noemailDN' option to 'openssl ca'. This prevents inclusion of 
the e-mail address in the DN (i.e., it will go into a certificate
extension only).  The new configuration file option 'email_in_dn = no'
has the same effect.

Submitted by: Massimiliano Pala madwolf@openca.org
 2001-10-25 08:25:19 +00:00
Richard Levitte
ce15d5a9dc Remove DES_random_seed() but retain des_random_seed() for now. Change 
the docs to reflect this change and correct libeay.num.
 2001-10-25 06:46:22 +00:00
Richard Levitte
c2e4f17c1a Due to an increasing number of clashes between modern OpenSSL and 
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_.  Compatibility routines are provided and declared by including
openssl/des_old.h.  Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.

The compatibility functions will be removed in some future release, at
the latest in version 1.0.
 2001-10-24 21:21:12 +00:00
Bodo Möller
a661b65357 New functions SSL[_CTX]_set_msg_callback(). 
New macros SSL[_CTX]_set_msg_callback_arg().

Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).

New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.


In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.

Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).

Add/update some OpenSSL copyright notices.
 2001-10-20 17:56:36 +00:00
Bodo Möller
51008ffce1 document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 2001-10-17 11:56:26 +00:00
Dr. Stephen Henson
3811eed8d5 Update docs. 2001-10-17 01:50:32 +00:00
Dr. Stephen Henson
e72d734d5f Update docs. 2001-10-16 02:22:59 +00:00
Lutz Jänicke
56fa8e69cf Update information as a partial response to the post 
From: "Chris D. Peterson" <cpeterson@aventail.com>
  Subject: Implementation Issues with OpenSSL
  To: openssl-users@openssl.org
  Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!
 2001-10-12 12:29:16 +00:00
Lutz Jänicke
e1c279b63d Small documentation fixes (Howard Lum <howard@pumpkin.canada.sun.com>) 2001-10-08 08:37:24 +00:00