aboutsummaryrefslogtreecommitdiffstats
path: root/CHANGES
Commit message (Collapse)AuthorAgeFilesLines
* Make -CSP option work again in pkcs12 utility by checking forDr. Stephen Henson2005-05-151-0/+5
| | | | attribute in EVP_PKEY structure.
* Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabledBodo Möller2005-05-111-1/+8
| | | | with the SSL_OP_NO_SSLv2 option.
* give EC_GROUP_new_by_nid a more meanigful name:Nils Larsch2005-05-101-2/+2
| | | | EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
* give EC_GROUP_*_nid functions a more meaningful nameBodo Möller2005-05-091-2/+2
| | | | | EC_GROUP_get_nid -> EC_GROUP_get_curve_name EC_GROUP_set_nid -> EC_GROUP_set_curve_name
* Support for smime-type MIME parameter.Dr. Stephen Henson2005-05-011-0/+4
|
* Port BN_MONT_CTX_set_locked() from stable branch.Dr. Stephen Henson2005-04-261-0/+5
| | | | | The function rsa_eay_mont_helper() has been removed because it is no longer needed after this change.
* some updates for the blinding code; summary:Nils Larsch2005-04-261-0/+12
| | | | | | | | | | | - possibility of re-creation of the blinding parameters after a fixed number of uses (suggested by Bodo) - calculatition of the rsa::e in case it's absent and p and q are present (see bug report #785) - improve the performance when if one rsa structure is shared by more than a thread (see bug report #555) - fix the problem described in bug report #827 - hide the definition ot the BN_BLINDING structure in bn_blind.c
* Add DTLS support.Ben Laurie2005-04-261-0/+3
|
* first step to melt down ChangeLog.0_9_7-stable_not-in-head :-)Bodo Möller2005-04-251-1/+1
|
* - use BN_set_negative and BN_is_negative instead of BN_set_signNils Larsch2005-04-221-7/+6
| | | | | | and BN_get_sign - implement BN_set_negative as a function - always use "#define BN_is_zero(a) ((a)->top == 0)"
* Include error library value in C error source files instead of fixing upDr. Stephen Henson2005-04-121-1/+8
| | | | at runtime.
* Make kerberos ciphersuite code work with newer header filesDr. Stephen Henson2005-04-091-0/+8
|
* Added restrictions on the use of proxy certificates, as they may poseRichard Levitte2005-04-091-0/+6
| | | | a security threat on unexpecting applications. Document and test.
* add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()Nils Larsch2005-04-081-0/+4
| | | | | | | | and SSL_use_PrivateKey_file() PR: 1035 Submitted by: Walter Goulet Reviewed by: Nils Larsch
* get rid of very buggy and very imcomplete DH cert supportNils Larsch2005-04-071-0/+4
| | | | Reviewed by: Bodo Moeller
* use SHA-1 as the default digest for the apps/openssl commandsNils Larsch2005-04-021-1/+5
|
* Give everything prototypes (well, everything that's actually used).Ben Laurie2005-03-311-0/+5
|
* Harmonize with CHANGES as distributed in OpenSSL 0.9.7f.Bodo Möller2005-03-241-1/+5
|
* undo Cygwin changeUlf Möller2005-03-241-1/+6
|
* Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server andDr. Stephen Henson2005-03-221-0/+22
| | | | client random values.
* Use Windows randomness code on CygwinUlf Möller2005-03-191-0/+3
|
* In addition to RC5, also exclude MDC2 from compilation unlessBodo Möller2005-03-021-2/+10
| | | | the algorithm is explicitly requested.
* Change ./Configure so that certain algorithms can be disabled by default.Bodo Möller2005-02-221-0/+5
| | | | | | | | This is now the case for RC5. As a side effect, the OPTIONS in the Makefile will usually look a little different now, but they are essentially only for information anyway.
* Fix hang in EGD/PRNGD query when communication socket is closedLutz Jänicke2005-02-191-0/+4
| | | | | | prematurely by EGD/PRNGD. PR: 1014 Submitted by: Darren Tucker <dtucker@zip.com.au>
* Prompt for passphrases for PKCS12 input formatDr. Stephen Henson2004-12-291-0/+3
|
* Add functionality needed to process proxy certificates.Richard Levitte2004-12-281-0/+5
|
* Add lots of checks for memory allocation failure, error codes to indicateDr. Stephen Henson2004-12-051-0/+4
| | | | | | failure and freeing up memory if a failure occurs. PR:620
* Add -passin argument to dgst command.Dr. Stephen Henson2004-12-031-0/+3
|
* Perform partial comparison of different character types in X509_NAME_cmp().Dr. Stephen Henson2004-12-011-0/+6
|
* Document the change.Richard Levitte2004-11-291-1/+15
|
* Summarize recent RC4 tune-ups.Andy Polyakov2004-11-261-0/+4
|
* Allow alternative manual sections to be embedded in .pod file comments.Dr. Stephen Henson2004-11-251-0/+11
|
* PR: 910Dr. Stephen Henson2004-11-161-0/+5
| | | | | | | | Add command line options -certform, -keyform and -pass to s_client and s_server. This supports the use of alternative passphrase sources, key formats and keys handled by an ENGINE. Update docs.
* Fix race condition when CRL checking is enabled.Dr. Stephen Henson2004-10-041-0/+7
|
* New X509_VERIFY_PARAM structure and associated functionality.Dr. Stephen Henson2004-09-061-0/+8
| | | | | | | | | | This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change.
* Make a note of the new engine.Geoff Thorpe2004-08-041-0/+5
|
* Delta CRL support in extension code.Dr. Stephen Henson2004-07-061-0/+3
|
* Deprecate unused cruft, and "make update".Geoff Thorpe2004-06-171-0/+3
|
* Mention new SHA algorithms in CHANGES. This completes the integration.Andy Polyakov2004-05-311-0/+3
|
* Fixes so alerts are sent properly in s3_pkt.cDr. Stephen Henson2004-05-151-0/+3
| | | | PR: 851
* CHANGES to mention improved PowerPC platform support.Andy Polyakov2004-05-131-0/+4
|
* - update from current 0.9.6-stable CHANGES fileBodo Möller2004-05-041-22/+55
| | | | | | | | | | | | | | - update from current 0.9.7-stable CHANGES file: Now here we have "CHANGES between 0.9.7e and 0.9.8", and I hope that all patches mentioned for 0.9.7d and 0.9.7e actually are in the CVS HEAD, i.e. what is to become 0.9.8. I have rewritten the 'openssl ca -create_serial' entry (0.9.8) so that it explains the earlier change that is now listed (0.9.7e). The ENGINE_set_default typo bug entry has been moved from 0.9.8 to 0.9.7b, which is where it belongs.
* Allow RSA key-generation to specify an arbitrary public exponent. JelteGeoff Thorpe2004-04-261-0/+5
| | | | | | | | | proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe
* As far as I can tell, the bugfix this comment refers to was committed toGeoff Thorpe2004-04-211-3/+0
| | | | | 0.9.7-stable as well as HEAD (and doesn't apply to the 0.9.6-engine variant).
* Reduce chances of issuer and serial number duplication by use of randomDr. Stephen Henson2004-04-201-0/+9
| | | | | | initial serial numbers. PR: 842
* Reduce header interdependencies, initially in engine.h (the rest of theGeoff Thorpe2004-04-191-0/+9
| | | | | | | | | changes are the fallout). As this could break source code that doesn't directly include headers for interfaces it uses, changes to recursive includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to define this when building and using openssl, and then adapt code where necessary - this is how to stay current. However the mechanism exists for the lethargic.
* Oops forgot CHANGES entry.Dr. Stephen Henson2004-03-311-0/+3
|
* Enhance EVP code to generate random symmetric keys of theDr. Stephen Henson2004-03-281-0/+10
| | | | | | | | appropriate form, for example correct DES parity. Update S/MIME code and EVP_SealInit to use new functions. PR: 700
* Allow CRLs to be passed into X509_STORE_CTX. This is useful when theDr. Stephen Henson2004-03-271-0/+6
| | | | | | verified structure can contain its own CRLs (such as PKCS#7 signedData). Tidy up some of the verify code.
* Extend OID config module format.Dr. Stephen Henson2004-03-271-0/+6
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-25 13:54:07 +0000