wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4374 commits 20 branches 302 tags 153 MiB
Commit graph

548 commits

Author SHA1 Message Date
Lutz Jänicke
cb2a0e1319 Missing link ("Greg Stark" <gstark@ethentica.com>) 2001-04-12 21:11:31 +00:00
Lutz Jänicke
26c329cd84 Fix wrong information with respect to CAs listed to the client 
(follows from technical discussion with Amit Chopra <amitc@pspl.co.in>).
 2001-04-12 16:03:28 +00:00
Lutz Jänicke
638b0d4277 Fix wrong information with respect to CAs listed to the client 
(follows from technical discussion with Amit Chopra <amitc@pspl.co.in>).
 2001-04-12 16:02:34 +00:00
Lutz Jänicke
3a11466381 Typo (Jun-ichiro itojun Hagino <itojun@iijlab.net>) 2001-04-12 11:46:23 +00:00
Lutz Jänicke
f7181a9179 Typo (Jun-ichiro itojun Hagino <itojun@iijlab.net>) 2001-04-12 11:45:42 +00:00
Lutz Jänicke
c4365acc48 Typo (was already fixed in 0.9.7-dev). 2001-04-09 15:00:31 +00:00
Bodo Möller
cee3fffab5 Turn 'num' argument to RAND_file_name into a size_t (rather than an int). 2001-03-21 15:26:47 +00:00
Bodo Möller
fba9046490 Update docs. 2001-03-21 15:25:56 +00:00
Dr. Stephen Henson
02ee8626fb Fix PKCS#12 key generation bug. 2001-03-18 02:11:42 +00:00
Dr. Stephen Henson
0bf5d40787 Fix PKCS#12 key generation bug. 2001-03-18 02:10:25 +00:00
Dr. Stephen Henson
791bd0cd2b Add copy_extensions option to 'ca' utility. 2001-03-16 02:04:17 +00:00
Dr. Stephen Henson
e890dcdb19 Add 'align' option to nameopt. 
Add default values for display by the 'ca' utility
to openssl.cnf

Update docs.
 2001-03-15 22:45:20 +00:00
cvs2svn
e486ec5e0e This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-03-15 12:42:06 +00:00
Lutz Jänicke
eb272ac0b0 Forgot "cvs add", so only the surrounding changes made it... sigh. 2001-03-15 12:42:04 +00:00
Dr. Stephen Henson
0a3ea5d34a Document the -certopt option to the x509 utility. 
Add no_issuer option.

Fix X509_print_ex() so it prints out newlines when
certain fields are omitted.
 2001-03-15 01:15:54 +00:00
Dr. Stephen Henson
a29d78e90b Initial docs for PEM routines. 2001-03-11 20:29:28 +00:00
Richard Levitte
7b8250053b Document the change. 2001-03-10 16:28:49 +00:00
Dr. Stephen Henson
cc5ba6a7b6 Update docs. 2001-03-09 13:57:14 +00:00
Bodo Möller
e34cfcf7e1 Consistently use 'void *' for SSL read, peek and write functions. 2001-03-09 10:09:20 +00:00
Bodo Möller
c6a15854ee Consistently use 'void *' for SSL read, peek and write functions. 2001-03-09 10:08:06 +00:00
Dr. Stephen Henson
1358835050 Change the EVP_somecipher() and EVP_somedigest() 
functions to return constant EVP_MD and EVP_CIPHER
pointers.

Update docs.
 2001-03-09 02:51:02 +00:00
Lutz Jänicke
f51fee66ad Add newly learned knowledge from yesterday's discussion. 2001-03-08 17:25:49 +00:00
Lutz Jänicke
b72ff47037 Add newly learned knowledge from yesterday's discussion. 2001-03-08 17:24:02 +00:00
Bodo Möller
98499135d7 Constify BN_value_one. 2001-03-08 13:58:09 +00:00
Bodo Möller
bad4058574 New option '-subj arg' for 'openssl req' and 'openssl ca'. This 
sets the subject name for a new request or supersedes the
subject name in a given request.

Add options '-batch' and '-verbose' to 'openssl req'.

Submitted by: Massimiliano Pala <madwolf@hackmasters.net>
Reviewed by: Bodo Moeller
 2001-03-05 11:09:43 +00:00
Lutz Jänicke
45ecfb1973 Typo, spotted by "Greg Stark" <gstark@ethentica.com>. 2001-03-01 16:50:11 +00:00
Lutz Jänicke
1c85e93c7c Typo, spotted by "Greg Stark" <gstark@ethentica.com>. 2001-03-01 16:48:12 +00:00
Lutz Jänicke
3cdc8ad07a Describe new callback for session id generation. 2001-02-23 21:38:42 +00:00
Lutz Jänicke
6676457bba SSL_get_version() was an easy one :-) 2001-02-23 21:07:53 +00:00
cvs2svn
ad45ed9f5c This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-02-23 21:05:58 +00:00
Lutz Jänicke
2c1571b4ff SSL_get_version() was an easy one :-) 2001-02-23 21:05:56 +00:00
Ulf Möller
335c4f0966 BN_rand_range() needs a BN_rand() variant that doesn't set the MSB. 2001-02-20 00:23:07 +00:00
Ulf Möller
faa624f9f9 BN_rand_range() needs a BN_rand() variant that doesn't set the MSB. 2001-02-20 00:17:46 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making 
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
 2001-02-19 16:06:34 +00:00
Ulf Möller
2bf1c86d05 ispell 2001-02-16 02:11:12 +00:00
Ulf Möller
52d160d85d ispell 2001-02-16 02:09:53 +00:00
Ulf Möller
2147cd3540 pod format error 2001-02-16 01:46:47 +00:00
Ulf Möller
54ff1e6ae5 pod format error 2001-02-16 01:44:24 +00:00
Lutz Jänicke
0dbfc1da4a Add '-rand' option to s_server and s_client. 2001-02-15 10:35:29 +00:00
Lutz Jänicke
52b621db88 Add "-rand" option to s_client and s_server. 2001-02-15 10:22:07 +00:00
Dr. Stephen Henson
f2e5ca84d4 Option to disable standard block padding with EVP API. 
Add -nopad option to enc command.

Update docs.
 2001-02-14 02:11:52 +00:00
Lutz Jänicke
8b8e03dc66 Finish first round of session cache documentation. 2001-02-13 14:02:59 +00:00
cvs2svn
56ec43a0dd This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-02-13 14:00:10 +00:00
Lutz Jänicke
8e495e4ac7 Finish first round of session cache documentation. 2001-02-13 14:00:09 +00:00
Lutz Jänicke
74ac7455c5 New manual page: SSL_CTX_set_mode. 2001-02-13 11:46:42 +00:00
cvs2svn
166850e315 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-02-13 11:43:12 +00:00
Lutz Jänicke
f282ca7413 New manual page: SSL_CTX_set_mode. 2001-02-13 11:43:11 +00:00
Lutz Jänicke
1e376e41a2 More about session caching. 2001-02-11 17:03:50 +00:00
cvs2svn
dc931b1fca This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-02-11 17:01:37 +00:00
Lutz Jänicke
41ecaba97e More about session caching. 2001-02-11 17:01:36 +00:00
Lutz Jänicke
96dfab9e0e Include information that automatic query is a new feature. 2001-02-10 19:10:36 +00:00
Lutz Jänicke
1b65ce7db3 Update for 0.9.7 with SSL_OP_CIPHER_SERVER_PREFERENCE. 2001-02-10 16:21:38 +00:00
Lutz Jänicke
7fcb1de839 Manual page for SSL_CTX_set_options(). Unfortunately for some of the 
options someone much longer working with OpenSSL/SSLeay is needed.
 2001-02-10 16:20:41 +00:00
cvs2svn
49b02a2d77 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-02-10 16:18:36 +00:00
Lutz Jänicke
7b9cb4a224 Manual page for SSL_CTX_set_options(). Unfortunately for some of the 
options someone much longer working with OpenSSL/SSLeay is needed.
 2001-02-10 16:18:35 +00:00
Bodo Möller
418a0d151e Simplify BN_rand_range 2001-02-10 00:34:20 +00:00
Bodo Möller
e306892994 Simplify BN_rand_range 2001-02-10 00:34:02 +00:00
Lutz Jänicke
7b0cb7f08d Fix "wierd" typo as submitted by Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>. 2001-02-09 19:05:11 +00:00
Lutz Jänicke
b5f6d9dc6e Fix "wierd" typo as submitted by Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>. 2001-02-09 19:03:53 +00:00
Ulf Möller
466e4249ab Note that EGD is used automatically. 2001-02-08 17:16:44 +00:00
Ulf Möller
6bdb723259 cleanup 2001-02-08 17:14:47 +00:00
Ulf Möller
9fbc45b159 cleanup 2001-02-08 17:14:07 +00:00
Bodo Möller
07fc72fea1 Integrate my implementation of a countermeasure against 
Bleichenbacher's DSA attack.  With this implementation, the expected
number of iterations never exceeds 2.

New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
     min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
     min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
 2001-02-08 12:20:25 +00:00
Bodo Möller
35ed8cb8b6 Integrate my implementation of a countermeasure against 
Bleichenbacher's DSA attack.  With this implementation, the expected
number of iterations never exceeds 2.

New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
     min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
     min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
 2001-02-08 12:14:51 +00:00
Lutz Jänicke
420125f996 Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00
Lutz Jänicke
813c7c415b Update documentation to match the state of OpenSSL 0.9.6. 2001-02-08 10:36:37 +00:00
Ulf Möller
38b3a46ffa DSA fix from main branch. 2001-02-07 22:35:11 +00:00
Ulf Möller
57e7d3ce15 Bleichenbacher's DSA attack 2001-02-07 22:24:35 +00:00
Lutz Jänicke
d4d76b9e83 Documenting session caching, 2nd step. 2001-02-04 18:10:54 +00:00
cvs2svn
e1fee47759 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-02-04 18:05:28 +00:00
Lutz Jänicke
0bc6597d4d Documenting session caching, 2nd step. 2001-02-04 18:05:27 +00:00
Lutz Jänicke
88e9984da5 Clarify why SSL_CTX_use_certificate_chain_file() should be preferred. 2001-02-03 15:15:44 +00:00
Lutz Jänicke
7403c34b0b Clarify why SSL_CTX_use_certificate_chain_file() should be preferred. 2001-02-03 15:15:00 +00:00
Lutz Jänicke
dac1169e82 Typo: on my screen it nicely wrapped around at 80 :-) 2001-02-03 11:02:35 +00:00
Lutz Jänicke
9022f2403b Typo: on my screen it nicely wrapped around at 80 :-) 2001-02-03 11:02:02 +00:00
Lutz Jänicke
2bbe747045 Backport... 2001-02-02 14:44:02 +00:00
cvs2svn
55cd47ffb4 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-02-02 14:40:53 +00:00
Lutz Jänicke
8cbceba610 Document session caching, first step. 2001-02-02 14:40:52 +00:00
Lutz Jänicke
819d5cef08 Backport extended documentation. 2001-01-31 14:18:43 +00:00
cvs2svn
e9cba65a99 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-01-31 14:14:21 +00:00
Lutz Jänicke
cd6aa710b5 New manual page for a hardly known but important item :-) 2001-01-31 14:14:20 +00:00
Lutz Jänicke
c032563a0a Backport documentation added for 0.9.7. 2001-01-28 18:31:35 +00:00
cvs2svn
2b8d087ba1 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2001-01-25 02:26:59 +00:00
Geoff Thorpe
67c3cf0675 Insert a missing space to stop pod2man giving stroppy "malformed" warnings. 2001-01-25 02:26:58 +00:00
Lutz Jänicke
e58d808a4c Copy over just written manpage to the ones still missing. 2001-01-23 11:04:52 +00:00
Lutz Jänicke
751b5e8ff2 Add entries for new manpages... 2001-01-23 10:47:41 +00:00
Ulf Möller
9756da13dd Use the correct number of arguments in the example. 2001-01-21 19:46:50 +00:00
Lutz Jänicke
b5a6f0a92d Documentation about SSL_get_ex_data_X509_STORE_CTX_idx and 
SSL_get_ex_new_index() functionality. Extended verify_callback()
example to show the usage.
 2001-01-20 16:22:43 +00:00
Dr. Stephen Henson
bfcec27d61 Update ocsp utility documentation. 2001-01-20 01:26:28 +00:00
Ulf Möller
a068630a20 link to the new manpage. 2001-01-15 22:19:30 +00:00
Bodo Möller
dfebac32c0 New '-extfile' option for 'openssl ca'. 
This allows keeping extensions in a separate configuration file.

Submitted by: Massimiliano Pala <madwolf@comune.modena.it>
 2001-01-15 11:35:24 +00:00
Geoff Thorpe
ab5db00717 Update the LHASH man page. 
* Correct some prototypes and macros with respect to "const"ness.

* Add the extra macros and examples due to the lh_doall[_arg] modifications
  made recently. The existing example is also reworked for consistency.

* Rewrite, tweak, and supplement bits of the existing comments that seemed
  (IMHO) to be a little convoluted and misleading.

* Add a NOTE section that explains the use of macros and avoiding function
  casts (ie. generate a wrapper as with the macros, or prototype any
  callback functions exactly to not require casting). Also, explain the
  "const" approach taken in LHASH for the purposes of API comprehensibility
  and also application code auditing.
 2001-01-14 23:37:42 +00:00
Dr. Stephen Henson
b4b1bdd5d3 Preliminary ocsp utility documentation. 
Fix ocsp usage message.
 2001-01-14 00:52:19 +00:00
Bodo Möller
d199858e89 New -newreq-nodes option to CA.pl. 
Submitted by: Damien Miller <djm@mindrot.org>
 2001-01-11 13:23:19 +00:00
Bodo Möller
b62a0c4cab Add a pointer to digest options in the description of -fingerprint. 2001-01-10 14:35:20 +00:00
Bodo Möller
a9c3dc60b9 Fix SSL_peek and SSL_pending. 2000-12-25 18:41:37 +00:00
Bodo Möller
a0aae68cf6 Fix SSL_peek and SSL_pending. 2000-12-25 18:40:46 +00:00
Ulf Möller
4ce7894c4a c&p error spotted by Martin Forssen 2000-12-13 23:00:33 +00:00
Lutz Jänicke
cc93ae3ef4 Add description of SSL_[CTX_]_check_private_key(). 2000-12-12 21:06:29 +00:00
cvs2svn
a29b1a3f0f This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2000-12-11 17:28:08 +00:00
Lutz Jänicke
66ebbb6a56 Add manual pages for certficate/key loading and friends. 2000-12-08 14:29:13 +00:00
Richard Levitte
1435ccfba1 Update the internal docs. 2000-12-05 19:18:51 +00:00
Lutz Jänicke
d766a23deb Typo and additional information about cert-chain building. 2000-12-05 16:47:22 +00:00
Lutz Jänicke
b1e21f8fac Add EXAMPLES for SSL_CIPHER_description() output. 2000-12-05 16:45:26 +00:00
Geoff Thorpe
ebff44b83a Sync up with a minor change in lhash.h 2000-12-04 04:54:59 +00:00
Geoff Thorpe
733777275b Update the documentation to the current state of the LHASH changes. There 
will probably be more when the lh_doall[_arg] callbacks are similarly
tidied up, but this 'pod' should now be current.
 2000-12-04 04:35:04 +00:00
Richard Levitte
862e973b50 Write a first HOWTO on how to create certificates. This is currently 
a draft.
 2000-12-01 17:44:33 +00:00
Ulf Möller
06676624fc Add a warning about the usage of the montgomery functions (if the inputs 
are not reduced modulo m, the outputs won't be either).
 2000-11-29 22:37:14 +00:00
Bodo Möller
5acaa49504 More BN_mod_... functions. 2000-11-26 18:31:32 +00:00
Bodo Möller
535b9b5724 Add bn_mod.c (should have happend in the previous commit ...). 
BN_swap manual page.
 2000-11-26 16:46:57 +00:00
Bodo Möller
78a0c1f18d modular arithmetics 
"make update"
 2000-11-26 16:42:38 +00:00
Bodo Möller
b1d6e3f551 Documentation on using the SSL library with non-blocking I/O. 2000-11-17 10:25:46 +00:00
Bodo Möller
db70a3fd6e Improve usability of 'openssl passwd' by including 
password verification where it makes sense.
 2000-11-17 09:03:02 +00:00
Lutz Jänicke
803e4e93d4 Fill in missing information about the string returned from 
SSL_CIPHER_description(), as there is no other API function to find
out details about the cipher used besides the number of bits or protocol used.
 2000-11-15 18:42:41 +00:00
Bodo Möller
2984b0ae24 Additional explanations for SSL_ERROR_WANT_READ/WRITE. 2000-11-12 19:17:22 +00:00
Bodo Möller
cb4ae6c0d3 Point to SSL_set_bio(3) early because that manpage provides 
information that is essential for using BIO pairs.
 2000-11-10 07:50:18 +00:00
Bodo Möller
359fd02fec add missing word 2000-11-10 07:46:11 +00:00
Richard Levitte
ccb9643f02 Remove references to RSAref. The glue library is but a memory to fade 
away now...
 2000-11-08 17:51:37 +00:00
Ulf Möller
458d356db9 looks like a cut&paste error 2000-11-06 21:28:38 +00:00
Richard Levitte
1d833a9910 Update the standards list to the current status 2000-11-02 22:55:14 +00:00
Richard Levitte
5270e7025e Merge the engine branch into the main trunk. All conflicts resolved. 
At the same time, add VMS support for Rijndael.
 2000-10-26 21:07:28 +00:00
Ulf Möller
a2bbe59401 s_server not s_client 2000-10-23 19:13:35 +00:00
Ulf Möller
0fa504b68d Correction from Tani Hosokawa <unknown@riverstyx.net> 2000-10-23 14:02:02 +00:00
cvs2svn
38654b070d This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2000-10-19 23:16:49 +00:00
Ulf Möller
bbdc9c98a8 give pseudo prototypes instead of macro definitions for better clarity 2000-10-19 22:02:21 +00:00
Ulf Möller
11b62699a1 "DESCRIPTION" is required. 2000-10-19 19:40:35 +00:00
Ulf Möller
14a74a21f0 correction from Lutz 2000-10-19 15:19:41 +00:00
Ulf Möller
9bd3bd227f Add short overview, move header files section further down. 2000-10-18 23:08:55 +00:00
Ulf Möller
d0ef53bd2d cosmetic changes 2000-10-18 22:51:34 +00:00
Ulf Möller
8d3f155a66 cosmetic change 2000-10-18 22:01:47 +00:00
Richard Levitte
553615f500 New docs and new facts in older docs. 
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-10-12 09:56:36 +00:00
Dr. Stephen Henson
924046ce75 Make non blocking I/O work for accept BIOs. 2000-10-12 01:50:33 +00:00
Richard Levitte
82c31e1496 Fix from main trunk, 2000-10-04 00:02 levitte: 
More SSL functions documented.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>

Fix from main trunk, 2000-10-10 11:15  levitte:

A few small corrections to the SSL documentation.
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-10-11 12:12:06 +00:00
Richard Levitte
57b6a64eed Fix from main trunk, 2000-09-26 14:15 bodo: 
Add BUGS section.
 2000-10-11 09:53:10 +00:00
Richard Levitte
c0a86cd5dd Fix from main trunk, 2000-09-27 23:45 ulf: 
The des_modes manpage is in section 7.
 2000-10-11 09:47:44 +00:00
Richard Levitte
b73ff18078 Fix from main trunk, 2000-09-25 07:55 ulf: 
typo
 2000-10-11 01:56:00 +00:00
cvs2svn
9beaae61ec This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2000-10-10 09:15:48 +00:00
Richard Levitte
53fe8d5be5 A few small corrections to the SSL documentation. 
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-10-10 09:15:47 +00:00
Richard Levitte
356c06c776 More SSL functions documented. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-10-03 22:02:28 +00:00
Ulf Möller
a87aa87bcc The des_modes manpage is in section 7. 2000-09-27 21:45:20 +00:00
Bodo Möller
b7af080fb1 Add BUGS section. 2000-09-26 12:15:53 +00:00
Ulf Möller
393e826ec3 typo 2000-09-25 05:55:19 +00:00
Ulf Möller
8fdec3e558 stop perlpod from complaining. 2000-09-23 07:30:28 +00:00
Ulf Möller
69431c2998 more manpage links. 2000-09-23 07:16:17 +00:00
Dr. Stephen Henson
dbba890cf1 Only use the new informational verify codes if we 
specifically ask for them.

Fix typo in docs.
 2000-09-22 21:32:08 +00:00
Richard Levitte
4aa4f333ed Change IMPORTANT to WARNING for greater emphasis. 2000-09-21 17:21:15 +00:00
Richard Levitte
c19b6c922a Clarifications and new documents. 
Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-09-21 06:46:15 +00:00
Richard Levitte
4759abc5f2 New documents. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-20 16:55:26 +00:00
Richard Levitte
e31e385ce3 Mistakes corrected. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-20 16:52:05 +00:00
Ulf Möller
18edda0f92 Malloc() -> OPENSSL_malloc() etc. 2000-09-20 03:28:54 +00:00