Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add a HISTORY section to the man page to mention the new flags. | Geoff Thorpe | 2002-10-29 | 1 | -0/+5 |
| | |||||
* | The last character of inconsistency in my recent commits is hereby | Geoff Thorpe | 2002-10-29 | 1 | -0/+1 |
| | | | | squashed. | ||||
* | Correct and enhance the behaviour of "internal" session caching as it | Geoff Thorpe | 2002-10-29 | 2 | -12/+43 |
| | | | | | | | | | | | | | | | | | | | relates to SSL_CTX flags and the use of "external" session caching. The existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE". The bitwise OR of the two flags is also defined as "SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most applications wanting to implement session caching *entirely* by its own provided callbacks. As the documented behaviour contradicted actual behaviour up until recently, and since that point behaviour has itself been inconsistent anyway, this change should not introduce any compatibility problems. I've adjusted the relevant documentation to elaborate about how this works. Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these anomalies and testing this patch for correctness. PR: 311 | ||||
* | Missing =back. | Richard Levitte | 2002-08-15 | 1 | -0/+2 |
| | | | | Part of PR 196 | ||||
* | mention SSL_do_handshake() | Bodo Möller | 2002-07-29 | 1 | -1/+1 |
| | |||||
* | The behaviour is undefined when calling SSL_write() with num=0. | Lutz Jänicke | 2002-07-19 | 1 | -0/+3 |
| | | | | | | Submitted by: Reviewed by: PR: 141 | ||||
* | Manual page for SSL_do_handshake(). | Lutz Jänicke | 2002-07-19 | 5 | -0/+79 |
| | | | | | Submitted by: Martin Sjögren <martin@strakt.com> PR: 137 | ||||
* | Typos in links between manual pages | Lutz Jänicke | 2002-07-10 | 3 | -4/+4 |
| | | | | | | Submitted by: Richard.Koenning@fujitsu-siemens.com Reviewed by: PR: 129 | ||||
* | New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC | Bodo Möller | 2002-06-14 | 1 | -2/+15 |
| | | | | | | vulnerability workaround (included in SSL_OP_ALL). PR: #90 | ||||
* | Correct wrong usage information. | Lutz Jänicke | 2002-06-12 | 1 | -23/+27 |
| | | | | PR: 95 | ||||
* | Typo. | Lutz Jänicke | 2002-06-04 | 1 | -1/+1 |
| | | | | PR: 72 | ||||
* | Add 'void *' argument to app_verify_callback. | Bodo Möller | 2002-02-28 | 1 | -20/+20 |
| | | | | | Submitted by: D. K. Smetters <smetters@parc.xerox.com> Reviewed by: Bodo Moeller | ||||
* | SSL_clear != SSL_free/SSL_new | Lutz Jänicke | 2002-02-27 | 1 | -0/+19 |
| | |||||
* | Even though it is not really practical people should know about it. | Lutz Jänicke | 2002-02-15 | 6 | -2/+97 |
| | |||||
* | Clarify reference count handling/removal of session | Lutz Jänicke | 2001-11-19 | 1 | -2/+4 |
| | | | | (shinagawa@star.zko.dec.com). | ||||
* | remove incorrect 'callback' prototype | Bodo Möller | 2001-11-10 | 2 | -2/+9 |
| | |||||
* | msg_callback documentation | Bodo Möller | 2001-11-10 | 1 | -0/+97 |
| | |||||
* | New functions SSL[_CTX]_set_msg_callback(). | Bodo Möller | 2001-10-20 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | | | | | New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option for 'openssl s_client' and 'openssl s_server' that enable a message callback that displays all protocol messages. In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if client_version is smaller than the protocol version in use. Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the client will at least see that alert. Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic pointer). Add/update some OpenSSL copyright notices. | ||||
* | document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | Bodo Möller | 2001-10-17 | 1 | -5/+13 |
| | |||||
* | Update information as a partial response to the post | Lutz Jänicke | 2001-10-12 | 5 | -5/+62 |
| | | | | | | | | | | | | | | From: "Chris D. Peterson" <cpeterson@aventail.com> Subject: Implementation Issues with OpenSSL To: openssl-users@openssl.org Date: Wed, 22 Aug 2001 16:13:17 -0700 The patch included in the original post may improve the internal session list handling (and is therefore worth a seperate investigation). No change to the list handling will however solve the problems of incorrect SSL_SESSION_free() calls. The session list is only one possible point of failure, dangling pointers would also occur for SSL object currently using the session. The correct solution is to only use SSL_SESSION_free() when applicable! | ||||
* | Typo. | Lutz Jänicke | 2001-09-13 | 1 | -0/+2 |
| | |||||
* | One more manual page. | Lutz Jänicke | 2001-09-13 | 2 | -0/+35 |
| | |||||
* | Rework section about return values another time (based on hints from | Lutz Jänicke | 2001-09-13 | 2 | -11/+9 |
| | | | | Bodo Moeller). | ||||
* | Make maximum certifcate chain size accepted from the peer application | Lutz Jänicke | 2001-09-11 | 2 | -0/+78 |
| | | | | settable (proposed by "Douglas E. Engert" <deengert@anl.gov>). | ||||
* | ispell | Ulf Möller | 2001-09-07 | 8 | -14/+14 |
| | |||||
* | More docs. | Lutz Jänicke | 2001-08-24 | 4 | -2/+158 |
| | |||||
* | Typo. | Lutz Jänicke | 2001-08-23 | 1 | -3/+3 |
| | |||||
* | More manual pages. Constify. | Lutz Jänicke | 2001-08-23 | 3 | -0/+106 |
| | |||||
* | As discussed recently on openssl-users. | Lutz Jänicke | 2001-08-23 | 3 | -3/+89 |
| | |||||
* | Make clear, that using the compression layer is currently not recommended. | Lutz Jänicke | 2001-08-23 | 1 | -0/+6 |
| | |||||
* | typo. | Ulf Möller | 2001-08-22 | 1 | -1/+1 |
| | |||||
* | One more manual page... | Lutz Jänicke | 2001-08-21 | 3 | -2/+60 |
| | |||||
* | Documentation on how to handle compression methods. | Lutz Jänicke | 2001-08-21 | 2 | -0/+65 |
| | | | | Hopefully it is clear enough, that it is currently not recommended. | ||||
* | More interdependencies with respect to shutdown behaviour. | Lutz Jänicke | 2001-08-20 | 4 | -9/+35 |
| | |||||
* | Alert description strings for TLSv1 and documentation. | Lutz Jänicke | 2001-08-19 | 2 | -0/+229 |
| | |||||
* | More details about session timeout settings. | Lutz Jänicke | 2001-08-17 | 4 | -3/+50 |
| | |||||
* | One more function documented. | Lutz Jänicke | 2001-08-17 | 3 | -0/+28 |
| | |||||
* | SSL_shutdown() has even more properties... | Lutz Jänicke | 2001-08-17 | 4 | -0/+72 |
| | |||||
* | One more step on the way for complete documentation... | Lutz Jänicke | 2001-08-17 | 2 | -0/+78 |
| | |||||
* | Unidirectional shutdown is allowed according to the RFC. | Lutz Jänicke | 2001-08-17 | 1 | -6/+18 |
| | |||||
* | Better description of the behaviour of SSL_shutdown() as it is now, broken | Lutz Jänicke | 2001-08-16 | 1 | -7/+38 |
| | | | | or not. | ||||
* | Don't disable rollback attack detection as a recommended bug workaround. | Lutz Jänicke | 2001-08-03 | 1 | -13/+15 |
| | |||||
* | Reworked manual pages with a lot of input from Bodo Moeller. | Lutz Jänicke | 2001-07-31 | 3 | -71/+121 |
| | |||||
* | Fix wrong information about SSL_set_connect_state()... | Lutz Jänicke | 2001-07-25 | 6 | -30/+20 |
| | |||||
* | Additional inline reference. | Lutz Jänicke | 2001-07-23 | 1 | -2/+4 |
| | |||||
* | Add missing reference. | Lutz Jänicke | 2001-07-23 | 1 | -0/+1 |
| | |||||
* | Documentation about ephemeral key exchange | Lutz Jänicke | 2001-07-21 | 5 | -5/+315 |
| | |||||
* | Updated explanation. | Lutz Jänicke | 2001-07-20 | 1 | -3/+16 |
| | |||||
* | Some more documentation bits. | Lutz Jänicke | 2001-07-20 | 4 | -4/+56 |
| | |||||
* | Clarify! (based on recent mailing-list discussions) | Lutz Jänicke | 2001-07-11 | 2 | -0/+9 |
| |