wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5189 commits 20 branches 302 tags 153 MiB
Commit graph

600 commits

Author SHA1 Message Date
Bodo Möller
32a76f2c75 New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC 
vulnerability workaround (included in SSL_OP_ALL).

PR: #90
 2002-06-14 12:19:34 +00:00
Lutz Jänicke
2994181b1b Correct wrong usage information. 
PR: 95
 2002-06-12 20:16:17 +00:00
Richard Levitte
89cac82066 Documentation bug corrected. 
PR: 70
 2002-06-05 09:29:33 +00:00
Lutz Jänicke
fa54157a11 Typo. 2002-06-04 20:44:58 +00:00
Lutz Jänicke
c1febe86d1 Remove item listed twice <kromJx@crosswinds.net>. 2002-05-28 17:47:17 +00:00
Richard Levitte
a6c4ee6d79 Small documentation fix for EVP_CipherFinal or EVP_CipherFinal_ex. 
Notified by Stella Power <snpower@maths.tcd.ie>.
PR: 24
 2002-05-08 15:20:12 +00:00
Ulf Möller
ea72ff2df7 error reported by Karsten Braaten 2002-04-13 10:00:01 +00:00
Ulf Möller
39ee29b02c error reported by Karsten Braaten 2002-04-07 13:33:26 +00:00
Bodo Möller
b8b09625dc Rephrase statement on the security of two-key 3DES. 
[Chosen plaintext attack: R. Merkle, M. Hellman: "On the Security of
  Multiple Encryption", CACM 24 (1981) pp. 465-467, p. 776.

  Known plaintext angriff: P.C. van Oorschot, M. Wiener: "A
  known-plaintext attack on two-key triple encryption", EUROCRYPT '90.]
 2002-03-05 15:30:41 +00:00
Lutz Jänicke
e463138be9 SSL_clear != SSL_free/SSL_new 2002-02-27 08:11:18 +00:00
Lutz Jänicke
0df2a19b10 Even though it is not really practical people should know about it. 2002-02-15 09:36:08 +00:00
cvs2svn
1c8f840653 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2002-02-15 07:41:45 +00:00
Lutz Jänicke
f0d6ee6be8 Even though it is not really practical people should know about it. 2002-02-15 07:41:42 +00:00
Bodo Möller
a14e2d9dfe New functions 
ERR_peek_last_error
    ERR_peek_last_error_line
    ERR_peek_last_error_line_data
(supersedes ERR_peek_top_error).

Rename OPENSSL_NO_OLD_DES_SUPPORT into OPENSSL_DISABLE_OLD_DES_SUPPORT
because OPENSSL_NO_... indicates disabled algorithms (according to
mkdef.pl).
 2002-01-24 16:16:43 +00:00
Lutz Jänicke
bc52146aee Typos (jsyn <jsyn@openbsd.org>). 2002-01-21 18:02:27 +00:00
Lutz Jänicke
6ce46d69f5 Typos (jsyn <jsyn@openbsd.org>). 2002-01-21 18:01:46 +00:00
Bodo Möller
31cafe53c9 add a sentence previously deleted by accident 2002-01-04 15:22:40 +00:00
Bodo Möller
31961f7308 use some descriptions from Lutz' redundant manual page 
instead of the previous ones
 2002-01-04 15:21:26 +00:00
Bodo Möller
dc4ddcd2bb add documentation for SSLeay_version(SSLEAY_DIR) and 
'openssl version -d'

use some descriptions from Lutz' redundant manual page
instead of the previous ones
 2002-01-04 15:17:09 +00:00
Lutz Jänicke
2e1b411f23 Tsss, SSLeay_version() was already documented, it just was not linked in. 2002-01-04 15:08:34 +00:00
Lutz Jänicke
5256b021f3 Tsss, SSLeay_version() was already documented, it just was not linked in. 2002-01-04 15:05:51 +00:00
Lutz Jänicke
439c7ba540 Add information as provided by Richard Levitte on openssl-users :-) 2002-01-04 14:57:31 +00:00
cvs2svn
edbbf22a0e This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_6-stable'.
 2002-01-04 14:55:39 +00:00
Lutz Jänicke
4ab1e7ceaf Add information as provided by Richard Levitte on openssl-users :-) 2002-01-04 14:55:38 +00:00
Dr. Stephen Henson
06623ff028 Update PEM docs 2002-01-04 13:35:37 +00:00
Ben Laurie
ff3fa48fc7 Improve back compatibility. 2001-12-09 21:53:31 +00:00
Richard Levitte
fe094cdfe3 I was recently informed that some people wrongly use ssleay.txt as 
main documentation, so let's warn them a little more, so the word
"OBSOLETE" really gets understood.
 2001-12-04 07:50:52 +00:00
Richard Levitte
8f0edcb3d2 I was recently informed that some people wrongly use ssleay.txt as 
main documentation, so let's warn them a little more, so the word
"OBSOLETE" really gets understood.
 2001-12-04 07:38:17 +00:00
Dr. Stephen Henson
55e42c93a8 EVP_BytesToKey documentation. 2001-12-03 03:07:37 +00:00
Dr. Stephen Henson
21a85f1977 Add -pubkey option to req command. 2001-12-01 23:03:30 +00:00
Bodo Möller
1b0613e313 discuss -name and default_ca more correctly (I hope) 2001-11-26 12:14:22 +00:00
Bodo Möller
8a0a9392ab discuss -name and default_ca more correctly (I hope) 2001-11-26 12:13:50 +00:00
Lutz Jänicke
c156d5c9bd Clarify reference count handling/removal of session 
(shinagawa@star.zko.dec.com).
 2001-11-19 11:12:30 +00:00
Lutz Jänicke
a7ce69dbd7 Clarify reference count handling/removal of session 
(shinagawa@star.zko.dec.com).
 2001-11-19 11:11:23 +00:00
Bodo Möller
44cc9715ec remove incorrect 'callback' prototype 2001-11-10 02:14:43 +00:00
Bodo Möller
65123f8064 remove incorrect 'callback' prototype 2001-11-10 02:12:56 +00:00
Bodo Möller
1d8634b110 msg_callback documentation 2001-11-10 02:12:09 +00:00
Bodo Möller
45582d1e2b clarify 2001-11-08 14:54:21 +00:00
Bodo Möller
b8556ab14b clarify 2001-11-08 14:52:40 +00:00
Dr. Stephen Henson
1fc6d41bf6 New options to allow req to accept UTF8 strings as input. 2001-10-26 12:40:38 +00:00
Ulf Möller
a41477f92e remove compatibility notes that no longer apply 2001-10-25 17:45:25 +00:00
Richard Levitte
5f68c5feef Correct some links... 2001-10-25 16:56:06 +00:00
Richard Levitte
ee84a5a7fb Change the DES documentation to reflect the current status. Note that 
some password reading functions are really part of the UI
compatibility library...
 2001-10-25 16:55:17 +00:00
Bodo Möller
2a9aca32dc mention des_old.h 2001-10-25 08:44:10 +00:00
Bodo Möller
89da653fa6 Add '-noemailDN' option to 'openssl ca'. This prevents inclusion of 
the e-mail address in the DN (i.e., it will go into a certificate
extension only).  The new configuration file option 'email_in_dn = no'
has the same effect.

Submitted by: Massimiliano Pala madwolf@openca.org
 2001-10-25 08:25:19 +00:00
Richard Levitte
ce15d5a9dc Remove DES_random_seed() but retain des_random_seed() for now. Change 
the docs to reflect this change and correct libeay.num.
 2001-10-25 06:46:22 +00:00
Richard Levitte
c2e4f17c1a Due to an increasing number of clashes between modern OpenSSL and 
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_.  Compatibility routines are provided and declared by including
openssl/des_old.h.  Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.

The compatibility functions will be removed in some future release, at
the latest in version 1.0.
 2001-10-24 21:21:12 +00:00
Bodo Möller
a661b65357 New functions SSL[_CTX]_set_msg_callback(). 
New macros SSL[_CTX]_set_msg_callback_arg().

Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).

New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.


In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.

Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).

Add/update some OpenSSL copyright notices.
 2001-10-20 17:56:36 +00:00
Bodo Möller
51008ffce1 document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 2001-10-17 11:56:26 +00:00
Dr. Stephen Henson
3811eed8d5 Update docs. 2001-10-17 01:50:32 +00:00