| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
(Documentation update was in the MR but not the commit. Oops.)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
| |
|
|
| |
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
| |
|
|
|
|
|
|
| |
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
GH: #495, MR: #1435
|
| |
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
| |
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
| |
|
|
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR: #364
|
| |
|
|
| |
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
|
| |
|
|
|
|
|
|
| |
Remove RSA_FLAG_SIGN_VER: this was origininally used to retain binary
compatibility after RSA_METHOD was extended to include rsa_sign and
rsa_verify fields. It is no longer needed.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
|
| |
Add CRYPTO_free_ex_index (for shared libraries)
Unify and complete the documentation for all "ex_data" API's and objects.
Replace xxx_get_ex_new_index functions with a macro.
Added an exdata test.
Renamed the ex_data internal datatypes.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
| |
Rename it to be an internal function bn_init.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
| |
Following on from the previous commit this adds some documentation for the
BN_with_flags function which is easy to misuse.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
|
| |
|
|
|
|
| |
For all functions, consistently use asdf() not B<asdf()>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In theory the pthreads approach for Thread Local Storage should be more
portable.
This also changes some APIs in order to accommodate this change. In
particular ASYNC_init_pool is renamed ASYNC_init_thread and
ASYNC_free_pool is renamed ASYNC_cleanup_thread. Also introduced ASYNC_init
and ASYNC_cleanup.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
| |
There are potential deadlock situations that can occur if code executing
within the context of a job aquires a lock, and then pauses the job. This
adds an ability to temporarily block pauses from occuring whilst performing
work and holding a lock.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
| |
Clarify that you must only call this after all async jobs have
completed - otherwise you could get memory leaks.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
|
| |
Add some clarifications to the async documentation. Also changed
ASYNC_pause_job() so that it returns success if you are not within the
context of a job. This is so that engines can be used either asynchronously
or synchronously and can treat an error from ASYNC_pause_job() as a real
error.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
| |
Document the libssl and command line application aspects of async.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
| |
Reviewed-by: Rich Salz <rsalz@akamai.com>
RT #4100, MR #1264
|
| |
|
|
|
|
|
|
| |
Use SHA256 for TSA and setted permitted digests to a sensible value.
Based on PR#4141
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
| |
Based on PR#2145
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
|
|
|
| |
The new function SSL_use_certificate_chain_file was always crashing in
the internal function use_certificate_chain_file because it would pass a
NULL value for SSL_CTX *, but use_certificate_chain_file would
unconditionally try to dereference it.
Reviewed-by: Stephen Henson <steve@openssl.org>
|
| |
|
|
|
|
|
| |
EVP_SignInit_ex was missing from the NAME section of its man page so
typing "man EVP_SignInit_ex" failed to load the page.
Reviewed-by: Stephen Henson <steve@openssl.org>
|
| |
|
|
| |
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
| |
|
|
|
|
| |
No dummy arguments.
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
| |
|
|
|
| |
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
|
| |
All instances of SSLeay (any combination of case) were replaced with
the case-equivalent OpenSSL.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
| |
There were a few remaining references to SSLv2 support which are no longer
relevant now that it has been removed.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
| |
SSL_state has been replaced by SSL_get_state and SSL_set_state is no longer
supported.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
| |
Rename the enum HANDSHAKE_STATE to OSSL_HANDSHAKE_STATE to ensure there are
no namespace clashes, and convert it into a typedef.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
| |
Update the return type for SSL_state in the documentation.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If something was "present in all versions" of SSLeay, or if it was
added to a version of SSLeay (and therefore predates OpenSSL),
remove mention of it. Documentation history now starts with OpenSSL.
Remove mention of all history before OpenSSL 0.9.8, inclusive.
Remove all AUTHOR sections.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
| |
Old API for use with OpenSSL-0.9.6. Remove it.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
| |
Previous language was unclear. New language isn't pretty but I believe
it is more accurate.
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
| |
The function SSLv23_server_method() is an old name. New code should use
TLS_server_method() instead. Therefore don't use SSLv23_server_method() in
an example in the docs.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
| |
There are a number of engines in the OpenSSL source code which are now
obsolete. The following engines have been removed: 4758cca, aep, atalla,
cswift, nuron, sureware.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates the "DEFAULT" cipherstring to be
"ALL:!COMPLEMENTOFDEFAULT:!eNULL". COMPLEMENTOFDEFAULT is now defined
internally by a flag on each ciphersuite indicating whether it should be
excluded from DEFAULT or not. This gives us control at an individual
ciphersuite level as to exactly what is in DEFAULT and what is not.
Finally all DES, RC4 and RC2 ciphersuites are added to COMPLEMENTOFDEFAULT
and hence removed from DEFAULT.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
|
| |
Add documentation to all the appropriate apps for the new -no-CApath and
-no-CAfile options.
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
