aboutsummaryrefslogtreecommitdiffstats
path: root/doc/ssl
Commit message (Collapse)AuthorAgeFilesLines
* Add a HISTORY section to the man page to mention the new flags.Geoff Thorpe2002-10-291-0/+5
|
* The last character of inconsistency in my recent commits is herebyGeoff Thorpe2002-10-291-0/+1
| | | | squashed.
* Correct and enhance the behaviour of "internal" session caching as itGeoff Thorpe2002-10-292-12/+43
| | | | | | | | | | | | | | | | | | | relates to SSL_CTX flags and the use of "external" session caching. The existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE". The bitwise OR of the two flags is also defined as "SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most applications wanting to implement session caching *entirely* by its own provided callbacks. As the documented behaviour contradicted actual behaviour up until recently, and since that point behaviour has itself been inconsistent anyway, this change should not introduce any compatibility problems. I've adjusted the relevant documentation to elaborate about how this works. Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these anomalies and testing this patch for correctness. PR: 311
* Missing =back.Richard Levitte2002-08-151-0/+2
| | | | Part of PR 196
* mention SSL_do_handshake()Bodo Möller2002-07-291-1/+1
|
* The behaviour is undefined when calling SSL_write() with num=0.Lutz Jänicke2002-07-191-0/+3
| | | | | | Submitted by: Reviewed by: PR: 141
* Manual page for SSL_do_handshake().Lutz Jänicke2002-07-195-0/+79
| | | | | Submitted by: Martin Sjögren <martin@strakt.com> PR: 137
* Typos in links between manual pagesLutz Jänicke2002-07-103-4/+4
| | | | | | Submitted by: Richard.Koenning@fujitsu-siemens.com Reviewed by: PR: 129
* New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBCBodo Möller2002-06-141-2/+15
| | | | | | vulnerability workaround (included in SSL_OP_ALL). PR: #90
* Correct wrong usage information.Lutz Jänicke2002-06-121-23/+27
| | | | PR: 95
* Typo.Lutz Jänicke2002-06-041-1/+1
| | | | PR: 72
* Add 'void *' argument to app_verify_callback.Bodo Möller2002-02-281-20/+20
| | | | | Submitted by: D. K. Smetters <smetters@parc.xerox.com> Reviewed by: Bodo Moeller
* SSL_clear != SSL_free/SSL_newLutz Jänicke2002-02-271-0/+19
|
* Even though it is not really practical people should know about it.Lutz Jänicke2002-02-156-2/+97
|
* Clarify reference count handling/removal of sessionLutz Jänicke2001-11-191-2/+4
| | | | (shinagawa@star.zko.dec.com).
* remove incorrect 'callback' prototypeBodo Möller2001-11-102-2/+9
|
* msg_callback documentationBodo Möller2001-11-101-0/+97
|
* New functions SSL[_CTX]_set_msg_callback().Bodo Möller2001-10-201-2/+2
| | | | | | | | | | | | | | | | | | | | | New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option for 'openssl s_client' and 'openssl s_server' that enable a message callback that displays all protocol messages. In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if client_version is smaller than the protocol version in use. Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the client will at least see that alert. Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic pointer). Add/update some OpenSSL copyright notices.
* document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATIONBodo Möller2001-10-171-5/+13
|
* Update information as a partial response to the postLutz Jänicke2001-10-125-5/+62
| | | | | | | | | | | | | | From: "Chris D. Peterson" <cpeterson@aventail.com> Subject: Implementation Issues with OpenSSL To: openssl-users@openssl.org Date: Wed, 22 Aug 2001 16:13:17 -0700 The patch included in the original post may improve the internal session list handling (and is therefore worth a seperate investigation). No change to the list handling will however solve the problems of incorrect SSL_SESSION_free() calls. The session list is only one possible point of failure, dangling pointers would also occur for SSL object currently using the session. The correct solution is to only use SSL_SESSION_free() when applicable!
* Typo.Lutz Jänicke2001-09-131-0/+2
|
* One more manual page.Lutz Jänicke2001-09-132-0/+35
|
* Rework section about return values another time (based on hints fromLutz Jänicke2001-09-132-11/+9
| | | | Bodo Moeller).
* Make maximum certifcate chain size accepted from the peer applicationLutz Jänicke2001-09-112-0/+78
| | | | settable (proposed by "Douglas E. Engert" <deengert@anl.gov>).
* ispellUlf Möller2001-09-078-14/+14
|
* More docs.Lutz Jänicke2001-08-244-2/+158
|
* Typo.Lutz Jänicke2001-08-231-3/+3
|
* More manual pages. Constify.Lutz Jänicke2001-08-233-0/+106
|
* As discussed recently on openssl-users.Lutz Jänicke2001-08-233-3/+89
|
* Make clear, that using the compression layer is currently not recommended.Lutz Jänicke2001-08-231-0/+6
|
* typo.Ulf Möller2001-08-221-1/+1
|
* One more manual page...Lutz Jänicke2001-08-213-2/+60
|
* Documentation on how to handle compression methods.Lutz Jänicke2001-08-212-0/+65
| | | | Hopefully it is clear enough, that it is currently not recommended.
* More interdependencies with respect to shutdown behaviour.Lutz Jänicke2001-08-204-9/+35
|
* Alert description strings for TLSv1 and documentation.Lutz Jänicke2001-08-192-0/+229
|
* More details about session timeout settings.Lutz Jänicke2001-08-174-3/+50
|
* One more function documented.Lutz Jänicke2001-08-173-0/+28
|
* SSL_shutdown() has even more properties...Lutz Jänicke2001-08-174-0/+72
|
* One more step on the way for complete documentation...Lutz Jänicke2001-08-172-0/+78
|
* Unidirectional shutdown is allowed according to the RFC.Lutz Jänicke2001-08-171-6/+18
|
* Better description of the behaviour of SSL_shutdown() as it is now, brokenLutz Jänicke2001-08-161-7/+38
| | | | or not.
* Don't disable rollback attack detection as a recommended bug workaround.Lutz Jänicke2001-08-031-13/+15
|
* Reworked manual pages with a lot of input from Bodo Moeller.Lutz Jänicke2001-07-313-71/+121
|
* Fix wrong information about SSL_set_connect_state()...Lutz Jänicke2001-07-256-30/+20
|
* Additional inline reference.Lutz Jänicke2001-07-231-2/+4
|
* Add missing reference.Lutz Jänicke2001-07-231-0/+1
|
* Documentation about ephemeral key exchangeLutz Jänicke2001-07-215-5/+315
|
* Updated explanation.Lutz Jänicke2001-07-201-3/+16
|
* Some more documentation bits.Lutz Jänicke2001-07-204-4/+56
|
* Clarify! (based on recent mailing-list discussions)Lutz Jänicke2001-07-112-0/+9
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-11 19:05:58 +0000