openssl - Mirror of https://github.com/openssl/openssl

Age	Commit message (Collapse)	Author
2011-02-03	CVE-2010-4180 fix (from OpenSSL_1_0_0-stable)	Bodo Möller

2010-04-07	Add SHA2 algorithms to SSL_library_init(). Although these aren't used	Dr. Stephen Henson
	directly by SSL/TLS SHA2 certificates are becoming more common and applications that only call SSL_library_init() and not OpenSSL_add_all_alrgorithms() will fail when verifying certificates. Update docs.
2010-04-06	Remove obsolete PRNG note. Add comment about use of SHA256 et al.	Dr. Stephen Henson

2010-02-18	clarify documentation	Dr. Stephen Henson

2010-02-17	Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as	Dr. Stephen Henson
	initial connection to unpatched servers. There are no additional security concerns in doing this as clients don't see renegotiation during an attack anyway.
2010-02-12	update references to new RI RFC	Dr. Stephen Henson

2010-01-27	reword RI description	Dr. Stephen Henson

2010-01-27	update documentation to reflect new renegotiation options	Dr. Stephen Henson

2010-01-22	Tolerate PKCS#8 DSA format with negative private key.	Dr. Stephen Henson

2010-01-05	Typo	Dr. Stephen Henson

2009-12-09	clarify docs	Dr. Stephen Henson

2009-12-09	Document option clearning functions.	Dr. Stephen Henson
	Initial secure renegotiation documentation.
2009-09-12	PR: 2025	Dr. Stephen Henson
	Submitted by: Tomas Mraz <tmraz@redhat.com> Approved by: steve@openssl.org Constify SSL_CIPHER_description
2009-02-14	PR: 1835	Dr. Stephen Henson
	Submitted by: Damien Miller <djm@mindrot.org> Approved by: steve@openssl.org Fix various typos.
2008-08-01	Refer to SSL_pending from the man page for SSL_read	Lutz Jänicke

2008-06-03	Memory saving patch.	Ben Laurie

2007-08-23	Document ticket disabling option.	Dr. Stephen Henson

2006-12-21	fix typos	Nils Larsch
	PR: 1354, 1355, 1398, 1408
2006-12-06	fix documentation	Nils Larsch
	PR: 1343
2006-03-12	note that SSL_library_init() is not reentrant	Nils Larsch

2006-03-10	add initial support for RFC 4279 PSK SSL ciphersuites	Nils Larsch
	PR: 1191 Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation Reviewed by: Nils Larsch
2005-10-26	Add fixes for CAN-2005-2969.	Bodo Möller
	(This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.)
2005-08-14	Let the TLSv1_method() etc. functions return a const SSL_METHOD	Nils Larsch
	pointer and make the SSL_METHOD parameter in SSL_CTX_new, SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
2005-04-08	improve docu of SSL_CTX_use_PrivateKey()	Nils Larsch

2005-03-30	update docs (recent constification)	Nils Larsch

2005-03-22	Doc fixes.	Dr. Stephen Henson

2004-11-14	PR: 938	Dr. Stephen Henson
	Typo.
2004-06-14	More precise explanation of session id context requirements.	Lutz Jänicke

2003-11-29	Make sure the documentation matches reality.	Richard Levitte
	PR: 755 Notified by: Jakub Bogusz <qboosh@pld-linux.org>
2003-06-26	Clarify wording of verify_callback() behaviour.	Lutz Jänicke

2003-06-03	Clarify return value of SSL_connect() and SSL_accept() in case of the	Lutz Jänicke
	WANT_READ and WANT_WRITE conditions.
2003-05-30	Clarify ordering of certificates when using certificate chains	Lutz Jänicke

2003-03-27	Add warning about unwanted side effect when calling SSL_CTX_free():	Lutz Jänicke
	sessions in the external session cache might be removed. Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il> PR: 547
2003-03-20	Spelling errors.	Richard Levitte
	PR: 538
2002-12-04	Missing ")"	Lutz Jänicke
	Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com> Reviewed by: PR:
2002-11-14	No such reference to link to (found running pod2latex).	Lutz Jänicke
	Submitted by: Reviewed by: PR:
2002-10-29	Add a HISTORY section to the man page to mention the new flags.	Geoff Thorpe

2002-10-29	The last character of inconsistency in my recent commits is hereby	Geoff Thorpe
	squashed.
2002-10-29	Correct and enhance the behaviour of "internal" session caching as it	Geoff Thorpe
	relates to SSL_CTX flags and the use of "external" session caching. The existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE". The bitwise OR of the two flags is also defined as "SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most applications wanting to implement session caching entirely by its own provided callbacks. As the documented behaviour contradicted actual behaviour up until recently, and since that point behaviour has itself been inconsistent anyway, this change should not introduce any compatibility problems. I've adjusted the relevant documentation to elaborate about how this works. Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these anomalies and testing this patch for correctness. PR: 311
2002-08-15	Missing =back.	Richard Levitte
	Part of PR 196
2002-07-29	mention SSL_do_handshake()	Bodo Möller

2002-07-19	The behaviour is undefined when calling SSL_write() with num=0.	Lutz Jänicke
	Submitted by: Reviewed by: PR: 141
2002-07-19	Manual page for SSL_do_handshake().	Lutz Jänicke
	Submitted by: Martin Sjögren <martin@strakt.com> PR: 137
2002-07-10	Typos in links between manual pages	Lutz Jänicke
	Submitted by: Richard.Koenning@fujitsu-siemens.com Reviewed by: PR: 129
2002-06-14	New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC	Bodo Möller
	vulnerability workaround (included in SSL_OP_ALL). PR: #90
2002-06-12	Correct wrong usage information.	Lutz Jänicke
	PR: 95
2002-06-04	Typo.	Lutz Jänicke
	PR: 72
2002-02-28	Add 'void *' argument to app_verify_callback.	Bodo Möller
	Submitted by: D. K. Smetters <smetters@parc.xerox.com> Reviewed by: Bodo Moeller
2002-02-27	SSL_clear != SSL_free/SSL_new	Lutz Jänicke

2002-02-15	Even though it is not really practical people should know about it.	Lutz Jänicke