Matt Caswell
fd9e244370
Fixed error in pod files with latest versions of pod2man
2014-07-06 00:03:13 +01:00
Dr. Stephen Henson
a23a6e85d8
Update ticket callback docs.
2014-07-03 14:50:08 +01:00
Rich Salz
fc1d88f02f
Close a whole bunch of documentation-related tickets:
...
298 424 656 882 939 1630 1807 2263 2294 2311 2424 2623
2637 2686 2697 2921 2922 2940 3055 3112 3156 3177 3277
2014-07-02 22:42:40 -04:00
Rich Salz
762a44de59
RT 3245; it's "bitwise or" not "logical or"
2014-07-01 13:00:18 -04:00
Rich Salz
854dfcd859
Fix RT 3211; "and are" -->"are"
2014-07-01 12:55:32 -04:00
Rich Salz
d7003c4d7d
Fix RT 3193
2014-07-01 12:44:32 -04:00
Dr. Stephen Henson
528b1f9a9f
Clarify protocols supported.
...
Update protocols supported and note that SSLv2 is effectively disabled
by default.
PR#3184
2014-06-29 00:07:08 +01:00
Jeffrey Walton
0535c2d67c
Clarify docs.
...
Document that the certificate passed to SSL_CTX_add_extra_chain_cert()
should not be freed by the application.
PR#3409
2014-06-27 16:39:11 +01:00
Dr. Stephen Henson
01f2f18f3c
Option to disable padding extension.
...
Add TLS padding extension to SSL_OP_ALL so it is used with other
"bugs" options and can be turned off.
This replaces SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG which is an ancient
option referring to SSLv2 and SSLREF.
PR#3336
2014-06-01 18:15:21 +01:00
Matt Caswell
15658d0cbf
Fixed error in args for SSL_set_msg_callback and SSL_set_msg_callback_arg
2014-05-25 23:45:12 +01:00
Jeff Trawick
e5676b8328
typo in SSL_get_peer_cert_chain docs
...
RT: 3304
2014-05-01 13:40:01 +02:00
Chris Rorvick
fa9d77dcd2
doc: Add missing =back directive.
...
Signed-off-by: Chris Rorvick <chris@rorvick.com>
2014-04-26 12:32:53 -05:00
Dr. Stephen Henson
b7e46a9bce
Update security framework docs.
2014-04-05 13:29:41 +01:00
Dr. Stephen Henson
0f817d3b27
Add initial security framework docs.
2014-03-28 16:42:18 +00:00
Dr. Stephen Henson
f0ef019da2
Add -no_resumption_on_reneg to SSL_CONF.
...
(cherry picked from commit 1f44dac24d
)
2014-03-27 16:12:40 +00:00
Dr. Stephen Henson
e970f63dc0
Update chain building function.
...
Don't clear verification errors from the error queue unless
SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR is set.
If errors occur during verification and SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR
is set return 2 so applications can issue warnings.
(cherry picked from commit 2dd6976f6d
)
2014-03-27 14:24:40 +00:00
Dr. Stephen Henson
13dc3ce9ab
New chain building flags.
...
New flags to build certificate chains. The can be used to rearrange
the chain so all an application needs to do is add all certificates
in arbitrary order and then build the chain to check and correct them.
Add verify error code when building chain.
Update docs.
2014-02-23 13:36:38 +00:00
Dr. Stephen Henson
daddd9a950
Option to set current cert to server certificate.
2014-02-21 19:44:09 +00:00
Kurt Roeckx
e547c45f1c
Fix additional pod errors with numbered items.
2014-02-14 22:30:26 +00:00
Scott Schaefer
2b4ffc659e
Fix various spelling errors
2014-02-14 22:29:12 +00:00
Dr. Stephen Henson
0f78819c8c
New ctrl to set current certificate.
...
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
2014-02-02 22:58:19 +00:00
Dr. Stephen Henson
46ab9bbd7f
Certificate callback doc.
2014-01-26 16:29:43 +00:00
Jeff Trawick
4b64e0cbdb
typo
2014-01-10 23:01:30 +00:00
Jeff Trawick
5edce5685f
typo
2014-01-10 23:00:50 +00:00
Daniel Kahn Gillmor
0ecfd920e5
update remaining documentation to move from EDH to DHE
...
change documentation and comments to indicate that we prefer the
standard "DHE" naming scheme everywhere over the older "EDH"
2014-01-09 15:43:28 +00:00
Daniel Kahn Gillmor
0b30fc903f
documentation should use "DHE" instead of "EDH"
2014-01-09 15:43:28 +00:00
Dr. Stephen Henson
5b7f36e857
Add ServerInfoFile to SSL_CONF, update docs.
2014-01-03 23:14:23 +00:00
Dr. Stephen Henson
a4339ea3ba
Use algorithm specific chains for certificates.
...
Fix a limitation in SSL_CTX_use_certificate_chain_file(): use algorithm
specific chains instead of the shared chain.
Update docs.
2014-01-03 22:39:49 +00:00
Dr. Stephen Henson
a25f9adc77
New functions to retrieve certificate from SSL_CTX
...
New functions to retrieve current certificate or private key
from an SSL_CTX.
Constify SSL_get_private_key().
2013-11-18 18:56:48 +00:00
Rob Stradling
7b6b246fd3
Additional "chain_cert" functions.
...
PR#3169
This patch, which currently applies successfully against master and
1_0_2, adds the following functions:
SSL_[CTX_]select_current_cert() - set the current certificate without
disturbing the existing structure.
SSL_[CTX_]get0_chain_certs() - get the current certificate's chain.
SSL_[CTX_]clear_chain_certs() - clear the current certificate's chain.
The patch also adds these functions to, and fixes some existing errors
in, SSL_CTX_add1_chain_cert.pod.
2013-11-13 23:48:35 +00:00
Lubomir Rintel
ed77017b59
POD: Fix list termination
...
This fixes problems in POD list formatting: extra or missing =back
sequences.
doc/ssl/SSL_CTX_set1_curves.pod around line 90: =back without =over
doc/ssl/SSL_CTX_set1_verify_cert_store.pod around line 73: =back without =over
doc/ssl/SSL_CTX_add1_chain_cert.pod around line 82: =back without =over
doc/crypto/evp.pod around line 40: '=item' outside of any '=over'
crypto/des/des.pod around line 184: You forgot a '=back' before '=head1'
PR#3147
2013-10-22 07:38:25 +01:00
Lubomir Rintel
c8919dde09
POD: Fix item numbering
...
Newer pod2man considers =item [1-9] part of a numbered list, while =item
0 starts an unnumbered list. Add a zero effect formatting mark to override
this.
doc/apps/smime.pod around line 315: Expected text after =item, not a
number
...
PR#3146
2013-10-22 07:38:25 +01:00
Dr. Stephen Henson
c557f921dc
Add SSL_CONF command to set DH Parameters.
2013-10-22 07:38:25 +01:00
Dr. Stephen Henson
ec2f7e568e
Extend SSL_CONF
...
Extend SSL_CONF to return command value types.
Add certificate and key options.
Update documentation.
2013-10-20 22:07:36 +01:00
Trevor Perrin
deda5ea788
Update docs to mention "BEGIN SERVERINFO FOR ".
2013-09-13 19:48:09 -07:00
Rob Stradling
dece3209f2
Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
...
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
2013-09-05 13:09:03 +01:00
Dr. Stephen Henson
c3eb33763b
Document supported curve functions.
2013-09-03 15:43:01 +01:00
Dr. Stephen Henson
eeb15452a0
Add documentation.
...
Preliminary documentation for chain and verify stores and certificate chain
setting functions.
2013-08-17 17:41:14 +01:00
Trevor
9cd50f738f
Cleanup of custom extension stuff.
...
serverinfo rejects non-empty extensions.
Omit extension if no relevant serverinfo data.
Improve error-handling in serverinfo callback.
Cosmetic cleanups.
s_client documentation.
s_server documentation.
SSL_CTX_serverinfo documentation.
Cleaup -1 and NULL callback handling for custom extensions, add tests.
Cleanup ssl_rsa.c serverinfo code.
Whitespace cleanup.
Improve comments in ssl.h for serverinfo.
Whitespace.
Cosmetic cleanup.
Reject non-zero-len serverinfo extensions.
Whitespace.
Make it build.
2013-06-18 16:13:08 +01:00
Matt Caswell
aafbe1ccd2
Document updates from wiki.
...
PR#3071
The primary changes made are:
- Updates to the "NAME" section of many pages to correctly reflect the
functions defined on those pages. This section is automatically parsed
by the util/extract-names.pl script, so if it is not correct then
running "man" will not correctly locate the right manual pages.
- Updates to take account of where functions are now deprecated
- Full documentation of the ec sub-library
- A number of other typo corrections and other minor tweaks
2013-06-12 23:42:08 +01:00
Dr. Stephen Henson
4365e4aad9
Update SSL_CONF docs.
...
Fix some typos and update version number first added: it has now been
backported to OpenSSL 1.0.2.
2013-02-26 15:29:11 +00:00
Nick Alcock
5cc2707742
Fix POD errors to stop make install_docs dying with pod2man 2.5.0+
...
podlators 2.5.0 has switched to dying on POD syntax errors. This means
that a bunch of long-standing erroneous POD in the openssl documentation
now leads to fatal errors from pod2man, halting installation.
Unfortunately POD constraints mean that you have to sort numeric lists
in ascending order if they start with 1: you cannot do 1, 0, 2 even if
you want 1 to appear first. I've reshuffled such (alas, I wish there
were a better way but I don't know of one).
2013-02-15 19:36:26 +01:00
Dr. Stephen Henson
65f2a56580
documentation fixes
2012-12-06 23:26:11 +00:00
Dr. Stephen Henson
13cfb04343
reorganise SSL_CONF_cmd manual page and update some links
2012-11-20 01:01:33 +00:00
Dr. Stephen Henson
821244cf67
clarify docs
2012-11-18 18:06:16 +00:00
Dr. Stephen Henson
edb128ce00
fix manual page file name
2012-11-18 17:58:45 +00:00
Dr. Stephen Henson
c7b7984ac9
fix typos in SSL_CONF documentation
2012-11-17 00:21:34 +00:00
Dr. Stephen Henson
3db935a9e5
add SSL_CONF functions and documentation
2012-11-16 19:12:24 +00:00
Dr. Stephen Henson
0c58d22ad9
PR: 1794
...
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Document unknown_psk_identify alert, remove pre-RFC 5054 string from
ssl_stat.c
2011-11-13 13:13:01 +00:00
Bodo Möller
9d74befd23
Clarify warning
2011-10-13 13:27:09 +00:00
Bodo Möller
735ebc2de7
Fix typo.
...
Submitted by: Jim Morrison
2011-07-11 12:13:55 +00:00
Bodo Möller
88f2a4cf9c
CVE-2010-4180 fix (from OpenSSL_1_0_0-stable)
2011-02-03 10:43:00 +00:00
Dr. Stephen Henson
c0b8eb606f
Add SHA2 algorithms to SSL_library_init(). Although these aren't used
...
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.
Update docs.
2010-04-07 13:18:07 +00:00
Dr. Stephen Henson
d4a45bf31a
Remove obsolete PRNG note. Add comment about use of SHA256 et al.
2010-04-06 15:03:27 +00:00
Dr. Stephen Henson
69582a592e
clarify documentation
2010-02-18 12:41:33 +00:00
Dr. Stephen Henson
c2c49969e2
Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as
...
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
2010-02-17 18:38:31 +00:00
Dr. Stephen Henson
f959598866
update references to new RI RFC
2010-02-12 21:59:31 +00:00
Dr. Stephen Henson
9fb6fd34f8
reword RI description
2010-01-27 18:53:33 +00:00
Dr. Stephen Henson
99b36a8c31
update documentation to reflect new renegotiation options
2010-01-27 17:46:24 +00:00
Dr. Stephen Henson
2a30fec786
Typo
2010-01-05 17:49:49 +00:00
Dr. Stephen Henson
b5c002d5a8
clarify docs
2009-12-09 18:16:50 +00:00
Dr. Stephen Henson
4db82571ba
Document option clearning functions.
...
Initial secure renegotiation documentation.
2009-12-09 17:59:29 +00:00
Dr. Stephen Henson
7689ed34d3
PR: 2025
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Constify SSL_CIPHER_description
2009-09-12 23:17:39 +00:00
Dr. Stephen Henson
477fd4596f
PR: 1835
...
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org
Fix various typos.
2009-02-14 21:49:38 +00:00
Lutz Jänicke
787287af40
Refer to SSL_pending from the man page for SSL_read
2008-08-01 15:03:20 +00:00
Ben Laurie
8671b89860
Memory saving patch.
2008-06-03 02:48:34 +00:00
Dr. Stephen Henson
f3fef74b09
Document ticket disabling option.
2007-08-23 22:49:13 +00:00
Nils Larsch
fec38ca4ed
fix typos
...
PR: 1354, 1355, 1398, 1408
2006-12-21 21:13:27 +00:00
Nils Larsch
da736b31b2
fix documentation
...
PR: 1343
2006-12-06 09:10:59 +00:00
Nils Larsch
c2cd422ac6
note that SSL_library_init() is not reentrant
2006-03-12 00:37:55 +00:00
Nils Larsch
ddac197404
add initial support for RFC 4279 PSK SSL ciphersuites
...
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
2006-03-10 23:06:27 +00:00
Bodo Möller
72dce7685e
Add fixes for CAN-2005-2969.
...
(This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.)
2005-10-26 19:40:45 +00:00
Nils Larsch
4ebb342fcd
Let the TLSv1_method() etc. functions return a const SSL_METHOD
...
pointer and make the SSL_METHOD parameter in SSL_CTX_new,
SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
2005-08-14 21:48:33 +00:00
Nils Larsch
e248596bac
improve docu of SSL_CTX_use_PrivateKey()
2005-04-08 22:49:57 +00:00
Nils Larsch
c3e6402857
update docs (recent constification)
2005-03-30 11:50:14 +00:00
Dr. Stephen Henson
e27a259696
Doc fixes.
2005-03-22 17:55:33 +00:00
Dr. Stephen Henson
4a64f3d665
PR: 938
...
Typo.
2004-11-14 13:55:16 +00:00
Lutz Jänicke
9f6ea7163b
More precise explanation of session id context requirements.
2004-06-14 13:27:28 +00:00
Richard Levitte
6859bb1a22
Make sure the documentation matches reality.
...
PR: 755
Notified by: Jakub Bogusz <qboosh@pld-linux.org>
2003-11-29 10:33:25 +00:00
Lutz Jänicke
9d19fbc4fc
Clarify wording of verify_callback() behaviour.
2003-06-26 14:03:03 +00:00
Lutz Jänicke
db01746978
Clarify return value of SSL_connect() and SSL_accept() in case of the
...
WANT_READ and WANT_WRITE conditions.
2003-06-03 09:59:44 +00:00
Lutz Jänicke
02b95b7499
Clarify ordering of certificates when using certificate chains
2003-05-30 07:45:07 +00:00
Lutz Jänicke
423b1a840c
Add warning about unwanted side effect when calling SSL_CTX_free():
...
sessions in the external session cache might be removed.
Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il>
PR: 547
2003-03-27 22:04:05 +00:00
Richard Levitte
d177e6180d
Spelling errors.
...
PR: 538
2003-03-20 11:41:59 +00:00
Lutz Jänicke
532215f2db
Missing ")"
...
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com>
Reviewed by:
PR:
2002-12-04 13:30:58 +00:00
Lutz Jänicke
84d828ab70
No such reference to link to (found running pod2latex).
...
Submitted by:
Reviewed by:
PR:
2002-11-14 21:41:54 +00:00
Geoff Thorpe
769fedc3ad
Add a HISTORY section to the man page to mention the new flags.
2002-10-29 18:05:16 +00:00
Geoff Thorpe
d9ec9d990f
The last character of inconsistency in my recent commits is hereby
...
squashed.
2002-10-29 17:51:32 +00:00
Geoff Thorpe
e0db2eed8d
Correct and enhance the behaviour of "internal" session caching as it
...
relates to SSL_CTX flags and the use of "external" session caching. The
existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is
supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE".
The bitwise OR of the two flags is also defined as
"SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most
applications wanting to implement session caching *entirely* by its own
provided callbacks. As the documented behaviour contradicted actual
behaviour up until recently, and since that point behaviour has itself been
inconsistent anyway, this change should not introduce any compatibility
problems. I've adjusted the relevant documentation to elaborate about how
this works.
Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these
anomalies and testing this patch for correctness.
PR: 311
2002-10-29 00:33:04 +00:00
Richard Levitte
37f5fcf85c
Missing =back.
...
Part of PR 196
2002-08-15 10:59:55 +00:00
Bodo Möller
02750ff56f
mention SSL_do_handshake()
2002-07-29 12:35:19 +00:00
Lutz Jänicke
20adcfa058
The behaviour is undefined when calling SSL_write() with num=0.
...
Submitted by:
Reviewed by:
PR: 141
2002-07-19 11:53:54 +00:00
Lutz Jänicke
02b7ec88bb
Manual page for SSL_do_handshake().
...
Submitted by: Martin Sjögren <martin@strakt.com>
PR: 137
2002-07-19 11:05:50 +00:00
Lutz Jänicke
2edcb4ac71
Typos in links between manual pages
...
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
2002-07-10 19:35:54 +00:00
Bodo Möller
c21506ba02
New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC
...
vulnerability workaround (included in SSL_OP_ALL).
PR: #90
2002-06-14 12:21:11 +00:00
Lutz Jänicke
8586df1efb
Correct wrong usage information.
...
PR: 95
2002-06-12 20:15:18 +00:00
Lutz Jänicke
a5200a1b8f
Typo.
...
PR: 72
2002-06-04 20:43:10 +00:00
Bodo Möller
023ec151df
Add 'void *' argument to app_verify_callback.
...
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
2002-02-28 10:52:56 +00:00
Lutz Jänicke
ce4b274aa1
SSL_clear != SSL_free/SSL_new
2002-02-27 08:08:57 +00:00
Lutz Jänicke
f0d6ee6be8
Even though it is not really practical people should know about it.
2002-02-15 07:41:42 +00:00
Lutz Jänicke
a7ce69dbd7
Clarify reference count handling/removal of session
...
(shinagawa@star.zko.dec.com ).
2001-11-19 11:11:23 +00:00
Bodo Möller
65123f8064
remove incorrect 'callback' prototype
2001-11-10 02:12:56 +00:00
Bodo Möller
1d8634b110
msg_callback documentation
2001-11-10 02:12:09 +00:00
Bodo Möller
a661b65357
New functions SSL[_CTX]_set_msg_callback().
...
New macros SSL[_CTX]_set_msg_callback_arg().
Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet).
New '-msg' option for 'openssl s_client' and 'openssl s_server'
that enable a message callback that displays all protocol messages.
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic
pointer).
Add/update some OpenSSL copyright notices.
2001-10-20 17:56:36 +00:00
Bodo Möller
51008ffce1
document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
2001-10-17 11:56:26 +00:00
Lutz Jänicke
56fa8e69cf
Update information as a partial response to the post
...
From: "Chris D. Peterson" <cpeterson@aventail.com>
Subject: Implementation Issues with OpenSSL
To: openssl-users@openssl.org
Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!
2001-10-12 12:29:16 +00:00
Lutz Jänicke
d300bcca7f
Typo.
2001-09-13 15:18:51 +00:00
Lutz Jänicke
d59c3e5046
One more manual page.
2001-09-13 15:05:42 +00:00
Lutz Jänicke
6d8566f2eb
Rework section about return values another time (based on hints from
...
Bodo Moeller).
2001-09-13 13:21:38 +00:00
Lutz Jänicke
c0f5dd070b
Make maximum certifcate chain size accepted from the peer application
...
settable (proposed by "Douglas E. Engert" <deengert@anl.gov>).
2001-09-11 13:08:51 +00:00
Ulf Möller
3b80e3aa9e
ispell
2001-09-07 06:13:40 +00:00
Lutz Jänicke
f1b2807478
More docs.
2001-08-24 14:29:48 +00:00
Lutz Jänicke
bfd7bb3eb6
Typo.
2001-08-23 17:41:20 +00:00
Lutz Jänicke
11c8f0b79d
More manual pages. Constify.
2001-08-23 17:22:43 +00:00
Lutz Jänicke
c4068186ac
As discussed recently on openssl-users.
2001-08-23 15:00:11 +00:00
Lutz Jänicke
0a93a68020
Make clear, that using the compression layer is currently not recommended.
2001-08-23 09:42:12 +00:00
Ulf Möller
f2ab7d1392
typo.
2001-08-22 18:35:17 +00:00
Lutz Jänicke
141e584998
One more manual page...
2001-08-21 14:54:54 +00:00
Lutz Jänicke
336736ef35
Documentation on how to handle compression methods.
...
Hopefully it is clear enough, that it is currently not recommended.
2001-08-21 13:02:58 +00:00
Lutz Jänicke
d93eb21c7c
More interdependencies with respect to shutdown behaviour.
2001-08-20 14:34:16 +00:00
Lutz Jänicke
a403188f92
Alert description strings for TLSv1 and documentation.
2001-08-19 16:20:42 +00:00
Lutz Jänicke
52129c0b0b
More details about session timeout settings.
2001-08-17 16:36:51 +00:00
Lutz Jänicke
a52877a2f1
One more function documented.
2001-08-17 15:54:50 +00:00
Lutz Jänicke
cdd7c3ce92
SSL_shutdown() has even more properties...
2001-08-17 15:09:31 +00:00
Lutz Jänicke
c1497b4d19
One more step on the way for complete documentation...
2001-08-17 14:32:38 +00:00
Lutz Jänicke
b2ed462934
Unidirectional shutdown is allowed according to the RFC.
2001-08-17 09:08:32 +00:00
Lutz Jänicke
9e09eebf94
Better description of the behaviour of SSL_shutdown() as it is now, broken
...
or not.
2001-08-16 14:27:55 +00:00
Lutz Jänicke
06da6e4977
Don't disable rollback attack detection as a recommended bug workaround.
2001-08-03 08:45:13 +00:00
Lutz Jänicke
37f599bcec
Reworked manual pages with a lot of input from Bodo Moeller.
2001-07-31 15:04:50 +00:00
Lutz Jänicke
7abe76e1bd
Fix wrong information about SSL_set_connect_state()...
2001-07-25 12:12:51 +00:00
Lutz Jänicke
3e3dac9f97
Additional inline reference.
2001-07-23 12:57:37 +00:00
Lutz Jänicke
397ba0f08a
Add missing reference.
2001-07-23 12:52:05 +00:00
Lutz Jänicke
4db48ec0bd
Documentation about ephemeral key exchange
2001-07-21 11:02:17 +00:00
Lutz Jänicke
6d3dec92fb
Updated explanation.
2001-07-20 19:23:43 +00:00
Lutz Jänicke
2d3b6a5be7
Some more documentation bits.
2001-07-20 18:57:15 +00:00
Lutz Jänicke
a1a63a4239
Clarify! (based on recent mailing-list discussions)
2001-07-11 15:10:28 +00:00
Lutz Jänicke
74daa124c2
Add missing item(s) SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT.
2001-05-16 09:43:51 +00:00
Lutz Jänicke
5892855c5f
Typos.
2001-05-14 09:52:44 +00:00
Lutz Jänicke
a6e859e9ec
One more point to clarify, pointed out by "Greg Stark" <ghstark@pobox.com>
2001-05-14 09:02:38 +00:00
Lutz Jänicke
33ab4699ba
Clarify behaviour with respect to SSL/TLS records.
2001-05-12 09:49:02 +00:00
Lutz Jänicke
4b3270f78e
Clarify behaviour of SSL_write() by mentioning SSL_MODE_ENABLE_PARTIAL_WRITE
...
flag as discussed on the mailing list.
2001-05-11 09:53:10 +00:00
Lutz Jänicke
197322455d
Clarify request of client certificates. This is a FAQ.
2001-04-17 13:18:56 +00:00
Lutz Jänicke
638b0d4277
Fix wrong information with respect to CAs listed to the client
...
(follows from technical discussion with Amit Chopra <amitc@pspl.co.in>).
2001-04-12 16:02:34 +00:00
Lutz Jänicke
f7181a9179
Typo (Jun-ichiro itojun Hagino <itojun@iijlab.net>)
2001-04-12 11:45:42 +00:00
Lutz Jänicke
eb272ac0b0
Forgot "cvs add", so only the surrounding changes made it... sigh.
2001-03-15 12:42:04 +00:00
Bodo Möller
e34cfcf7e1
Consistently use 'void *' for SSL read, peek and write functions.
2001-03-09 10:09:20 +00:00
Lutz Jänicke
b72ff47037
Add newly learned knowledge from yesterday's discussion.
2001-03-08 17:24:02 +00:00
Lutz Jänicke
3cdc8ad07a
Describe new callback for session id generation.
2001-02-23 21:38:42 +00:00
Lutz Jänicke
2c1571b4ff
SSL_get_version() was an easy one :-)
2001-02-23 21:05:56 +00:00
Ulf Möller
52d160d85d
ispell
2001-02-16 02:09:53 +00:00