mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
11,514 Commits 34 Branches 385 Tags 436 MiB
478b50cf67
Commit Graph

895 Commits

Author SHA1 Message Date
Dr. Stephen Henson
7e0de9e8a6 Minor documentation fixes, PR#2345 2010-10-04 13:28:46 +00:00
Dr. Stephen Henson
0d638dc1f6 Minor documentation fixes, PR#2344 2010-10-04 13:23:53 +00:00
Dr. Stephen Henson
827f3d5f39 PR: 2252 
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Update docs to BIO_f_buffer()
 2010-05-03 15:30:07 +00:00
Andy Polyakov
bb92e2c89b bss_file.c: refine UTF-8 logic on Windows. 2010-04-28 20:02:28 +00:00
Dr. Stephen Henson
c0b8eb606f Add SHA2 algorithms to SSL_library_init(). Although these aren't used 
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.

Update docs.
 2010-04-07 13:18:07 +00:00
Dr. Stephen Henson
d4a45bf31a Remove obsolete PRNG note. Add comment about use of SHA256 et al. 2010-04-06 15:03:27 +00:00
Dr. Stephen Henson
60e24554bb PR: 2209 
Submitted Daniel Mentz <danielml@sent.com>

Documentation typo.
 2010-04-06 14:45:18 +00:00
Dr. Stephen Henson
7d3d1788a5 The meaning of the X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY and 
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were reversed in
the verify application documentation.
 2010-02-23 14:09:09 +00:00
Dr. Stephen Henson
69582a592e clarify documentation 2010-02-18 12:41:33 +00:00
Dr. Stephen Henson
c2c49969e2 Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as 
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
 2010-02-17 18:38:31 +00:00
Dr. Stephen Henson
f959598866 update references to new RI RFC 2010-02-12 21:59:31 +00:00
Dr. Stephen Henson
9fb6fd34f8 reword RI description 2010-01-27 18:53:33 +00:00
Dr. Stephen Henson
99b36a8c31 update documentation to reflect new renegotiation options 2010-01-27 17:46:24 +00:00
Dr. Stephen Henson
1e27847d4e PR: 2157 
Submitted by: "Green, Paul" <Paul.Green@stratus.com>

Typo.
 2010-01-27 12:54:58 +00:00
Dr. Stephen Henson
3243698f1d typo 2010-01-21 18:46:15 +00:00
Dr. Stephen Henson
0e0c6821fa PR: 2136 
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
 2010-01-12 17:29:34 +00:00
Dr. Stephen Henson
2a30fec786 Typo 2010-01-05 17:49:49 +00:00
Dr. Stephen Henson
6084c797a8 Remove tabs on blank lines: they produce warnings in pod2man 2010-01-05 17:16:54 +00:00
Dr. Stephen Henson
b5c002d5a8 clarify docs 2009-12-09 18:16:50 +00:00
Dr. Stephen Henson
4db82571ba Document option clearning functions. 
Initial secure renegotiation documentation.
 2009-12-09 17:59:29 +00:00
Dr. Stephen Henson
c2f0203da0 typo 2009-11-29 13:45:42 +00:00
Andy Polyakov
cca3ea1e71 OPENSSL_ia32cap.pod update. 2009-11-15 17:34:24 +00:00
Dr. Stephen Henson
d6245b8952 PR: 2078 
Submitted by: Dale Anderson <dra@redevised.net>
Approved by: steve@openssl.org

Corrections to bn_internal documentation.
 2009-10-28 13:52:07 +00:00
Dr. Stephen Henson
1e6b8d39f1 Document more error codes. 2009-10-18 14:01:17 +00:00
Dr. Stephen Henson
e05d6c7d3c Verification callback functions. 2009-10-18 13:26:08 +00:00
Dr. Stephen Henson
9074df8684 Clarification. 2009-10-17 23:08:32 +00:00
Dr. Stephen Henson
6c17629f91 Preliminary documentation for X509_VERIFY_PARAM. 2009-10-17 23:00:18 +00:00
Dr. Stephen Henson
db57663241 Add docs for X509_STORE_CTX_new() and related functions. 2009-10-17 18:05:53 +00:00
Dr. Stephen Henson
53246488bd More X509 verification docs. 2009-10-17 17:07:17 +00:00
Dr. Stephen Henson
1f164f5ed9 Typo. 2009-10-17 17:06:19 +00:00
Dr. Stephen Henson
b8c182a499 Manual page for X509_verify_cert() 2009-10-17 12:46:52 +00:00
Dr. Stephen Henson
11c4c02ce3 PR: 2074 
Submitted by: Bram Neijt <bneijt@gmail.com>
Approved by: steve@openssl.org

Typo: "contet".
 2009-10-16 15:30:13 +00:00
Dr. Stephen Henson
fb552ac616 Change version from 0.9.9 to 1.0.0 in docs 2009-09-30 23:43:01 +00:00
Dr. Stephen Henson
94480b57db PR: 2023 
Submitted by: James Beckett <jmb.openssl@nospam.hackery.net>, steve
Approved by: steve@openssl.org

Fix documentation errors in d2i_X509 manual pages.
 2009-09-12 23:34:41 +00:00
Dr. Stephen Henson
7689ed34d3 PR: 2025 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Constify SSL_CIPHER_description
 2009-09-12 23:17:39 +00:00
Dr. Stephen Henson
88a3dd7896 Correction: salt is now default 2009-09-04 12:27:12 +00:00
Dr. Stephen Henson
3fa39ed723 Document removal of digest+signature algorithm link. 2009-07-24 13:01:40 +00:00
Dr. Stephen Henson
55a4a77a52 Update from 0.9.8-stable 2009-07-11 22:36:59 +00:00
Dr. Stephen Henson
f3be6c7b7d Update from 1.0.0-stable. 2009-06-26 11:29:26 +00:00
Dr. Stephen Henson
e30dd20c0e Update from 1.0.0-stable 2009-06-25 11:29:30 +00:00
Dr. Stephen Henson
f0288f05b9 Submitted by: Artem Chuprina <ran@cryptocom.ru> 
Reviewed by: steve@openssl.org

Various GOST ciphersuite and ENGINE fixes. Including...

Allow EVP_PKEY_set_derive_peerkey() in encryption operations.

New flag when certificate verify should be omitted in client key exchange.
 2009-06-16 16:38:47 +00:00
Dr. Stephen Henson
ff6e530359 PR: 1938 
Submitted by: Mark Phalan <Mark.Phalan@Sun.COM>
Reviewed by: steve@openssl.org

Patch to pem and hmac manual pages NAME sections.
 2009-06-02 11:05:33 +00:00
Dr. Stephen Henson
16cd15e688 Update from 1.0.0-stable. 2009-05-17 14:48:31 +00:00
Andy Polyakov
e303f55fc7 Expand OPENSS_ia32cap to 64 bits. 2009-04-26 17:49:41 +00:00
Dr. Stephen Henson
8711efb498 Updates from 1.0.0-stable branch. 2009-04-20 11:33:12 +00:00
Dr. Stephen Henson
e5fa864f62 Updates from 1.0.0-stable. 2009-04-15 15:27:03 +00:00
Dr. Stephen Henson
cc7399e79c Changes from 1.0.0-stable. 2009-04-07 16:33:26 +00:00
Dr. Stephen Henson
14023fe352 Merge from 1.0.0-stable branch. 2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
c28a9165f2 PR: 1862 
Typo.
 2009-03-12 17:13:15 +00:00
Dr. Stephen Henson
2a0ff7ad20 Typo. 2009-03-08 12:01:20 +00:00
Dr. Stephen Henson
477fd4596f PR: 1835 
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org

Fix various typos.
 2009-02-14 21:49:38 +00:00
Bodo Möller
7ca1cfbac3 -hex option for openssl rand 
PR: 1831
Submitted by: Damien Miller
 2009-02-02 00:01:28 +00:00
Lutz Jänicke
706c5a4d35 Clarify (non-)blocking behavior of EGD socket interface used by RAND_egd(). 2008-11-10 11:26:44 +00:00
Dr. Stephen Henson
87d52468aa Update HMAC functions to return an error where relevant. 2008-11-02 16:00:39 +00:00
Geoff Thorpe
ab9c689ad3 Correct the FAQ and the threads man page re: CRYPTO_THREADID changes. 2008-08-06 16:41:50 +00:00
Geoff Thorpe
4c3296960d Remove the dual-callback scheme for numeric and pointer thread IDs, 
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).

Thanks to Bodo, for invaluable review and feedback.
 2008-08-06 15:54:15 +00:00
Lutz Jänicke
787287af40 Refer to SSL_pending from the man page for SSL_read 2008-08-01 15:03:20 +00:00
Dr. Stephen Henson
db50661fce X509 verification fixes. 
Ignore self issued certificates when checking path length constraints.

Duplicate OIDs in policy tree in case they are allocated.

Use anyPolicy from certificate cache and not current tree level.
 2008-07-13 14:25:36 +00:00
Geoff Thorpe
5f834ab123 Revert my earlier CRYPTO_THREADID commit, I will commit a reworked 
version some time soon.
 2008-07-03 19:59:25 +00:00
Ben Laurie
8671b89860 Memory saving patch. 2008-06-03 02:48:34 +00:00
Ben Laurie
3c1d6bbc92 LHASH revamp. make depend. 2008-05-26 11:24:29 +00:00
Lutz Jänicke
51e00db226 Document "openssl s_server" -crl_check* options 
Submitted by: Daniel Black <daniel.subs@internode.on.net>
 2008-05-19 07:52:15 +00:00
Lutz Jänicke
a92ebf2290 Provide information about "openssl dgst" -hmac option. 2008-05-19 07:43:34 +00:00
Dr. Stephen Henson
19048b5c8d New function CMS_add1_crl(). 2008-05-02 17:27:01 +00:00
Dr. Stephen Henson
c386f8ac38 Typo. 2008-05-01 23:35:36 +00:00
Dr. Stephen Henson
4a954b56c9 Use "cont" consistently in cms-examples.pl 
Add a -certsout option to output any certificates in a message.

Add test for example 4.11
 2008-05-01 23:30:06 +00:00
Dr. Stephen Henson
a12a6b9962 Correct argument order for CMS_decrypt() in docs. 2008-04-11 23:49:03 +00:00
Dr. Stephen Henson
a5db50d005 Revert argument swap change... oops CMS_uncompress() was consistent... 2008-04-11 23:23:18 +00:00
Dr. Stephen Henson
529d329ce1 Make CMS_uncompress() argument order consistent with other functions. 2008-04-11 17:34:13 +00:00
Dr. Stephen Henson
38d3a73808 Reformat, fix typos and clarify CMS API docs. 2008-04-10 23:28:25 +00:00
Dr. Stephen Henson
73b3c2d861 Correct HISTORY reference. 2008-04-10 15:59:40 +00:00
Dr. Stephen Henson
4670e00ff5 Typo. 2008-04-10 15:56:27 +00:00
Dr. Stephen Henson
287df2fe49 Add docs for CMS_final() and BIO_new_CMS(). 2008-04-10 11:55:57 +00:00
Dr. Stephen Henson
43d9e9d07f Add CMS signed receipt genration and verification docs. 2008-04-10 11:00:47 +00:00
Dr. Stephen Henson
c420fab52b Spellcheck CMS docs. 2008-04-10 10:46:11 +00:00
Dr. Stephen Henson
6469a1fda3 Signed receipt request function documentation. 2008-04-09 23:13:49 +00:00
Dr. Stephen Henson
da6ea110b5 Update docs. 2008-04-09 20:59:45 +00:00
Dr. Stephen Henson
fb777e1f79 Add CMS_uncompress manual page. 2008-04-09 20:55:55 +00:00
Dr. Stephen Henson
360bb61d86 Add CMS_compress() docs. 2008-04-09 17:04:36 +00:00
Dr. Stephen Henson
847e551f39 More CMS API documentation. 2008-04-09 16:08:16 +00:00
Dr. Stephen Henson
86173db853 Fix various typos, update SMIMECapabilities description. 2008-04-08 22:44:56 +00:00
Dr. Stephen Henson
9034c56c6c Correct d2i/i2d typos. 2008-04-08 22:35:32 +00:00
Dr. Stephen Henson
e33ffaca12 Initial CMS API documentation. 2008-04-08 22:27:10 +00:00
Dr. Stephen Henson
41f81a0143 Update docs. 2008-03-29 00:54:24 +00:00
Geoff Thorpe
f7ccba3edf There was a need to support thread ID types that couldn't be reliably cast 
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used.  This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
 2008-03-28 02:49:43 +00:00
Dr. Stephen Henson
7122aafce5 Preliminary documentation for CMS utility. 2008-03-21 13:09:26 +00:00
Dr. Stephen Henson
0d7f6fc76a Clarification and fix typo. 2008-02-25 18:11:47 +00:00
Bodo Möller
d9e427f09c Make sure to set indent-tabs-mode so that we get tabs, not spaces. 2008-02-21 07:24:12 +00:00
Lutz Jänicke
7c1722c60d Add missing colon in manpage 
Submitted by: Richard Hartmann <richih.mailinglist@gmail.com>
 2008-01-30 08:26:59 +00:00
Dr. Stephen Henson
3b979c5450 Clarify BITLIST format and include an example. 2008-01-23 19:10:53 +00:00
Dr. Stephen Henson
cec2538ca9 Submitted by: Victor B. Wagner <vitus@cryptocom.ru>, steve 
Use default algorithms for OCSP request and response signing. New command
line option to support other digest use for OCSP certificate IDs.
 2007-12-04 12:41:28 +00:00
Richard Levitte
28f7e60d47 Change submitted by Doug Kaufman. He writes: 
I just compiled the 9.9-dev version from the 12022007 tarball under
  DJGPP. There were only 2 changes needed, one for b_sock.c, since
  DJGPP with WATT32 doesn't define socklen_t and one for testtsa to
  handle DOS style path separators. I also noted what seems to be a
  typographical error in ts.pod. The test suite passes. The patch is
  attached.

  Since I am in the US, I have sent notifications to the Bureau of
  Industry and Security and to the NSA.
 2007-12-03 09:02:29 +00:00
Lutz Jänicke
b6a338cb29 Typos in man pages: dependant->dependent 
Submitted by: Tobias Stoeckmann <tobias@bugol.de>
 2007-11-19 09:18:03 +00:00
Bodo Möller
15bd07e923 fix typos 
Submitted by: Ernst G. Giessmann
 2007-11-19 07:24:08 +00:00
Lutz Jänicke
5f0477f47b Typos 
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
 2007-09-24 11:22:58 +00:00
Lutz Jänicke
7bbce69721 Port from 0.9.8-stable 2007-09-24 11:01:18 +00:00
Dr. Stephen Henson
a529a80108 Update from stable branch. 2007-09-17 17:54:31 +00:00
Andy Polyakov
330591fdfc Mention aes in enc.pod. 
PR: 1529
 2007-09-17 16:42:35 +00:00
Andy Polyakov
c7503f5240 Mention SHA2 in openssl.pod. 
PR: 1575
 2007-09-17 15:56:55 +00:00
Dr. Stephen Henson
f3fef74b09 Document ticket disabling option. 2007-08-23 22:49:13 +00:00