Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-02-03 | CVE-2010-4180 fix (from OpenSSL_1_0_0-stable) | Bodo Möller | |
2010-04-07 | Add SHA2 algorithms to SSL_library_init(). Although these aren't used | Dr. Stephen Henson | |
directly by SSL/TLS SHA2 certificates are becoming more common and applications that only call SSL_library_init() and not OpenSSL_add_all_alrgorithms() will fail when verifying certificates. Update docs. | |||
2010-04-06 | Remove obsolete PRNG note. Add comment about use of SHA256 et al. | Dr. Stephen Henson | |
2010-02-18 | clarify documentation | Dr. Stephen Henson | |
2010-02-17 | Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as | Dr. Stephen Henson | |
initial connection to unpatched servers. There are no additional security concerns in doing this as clients don't see renegotiation during an attack anyway. | |||
2010-02-12 | update references to new RI RFC | Dr. Stephen Henson | |
2010-01-27 | reword RI description | Dr. Stephen Henson | |
2010-01-27 | update documentation to reflect new renegotiation options | Dr. Stephen Henson | |
2010-01-22 | Tolerate PKCS#8 DSA format with negative private key. | Dr. Stephen Henson | |
2010-01-05 | Typo | Dr. Stephen Henson | |
2009-12-09 | clarify docs | Dr. Stephen Henson | |
2009-12-09 | Document option clearning functions. | Dr. Stephen Henson | |
Initial secure renegotiation documentation. | |||
2009-09-12 | PR: 2025 | Dr. Stephen Henson | |
Submitted by: Tomas Mraz <tmraz@redhat.com> Approved by: steve@openssl.org Constify SSL_CIPHER_description | |||
2009-02-14 | PR: 1835 | Dr. Stephen Henson | |
Submitted by: Damien Miller <djm@mindrot.org> Approved by: steve@openssl.org Fix various typos. | |||
2008-08-01 | Refer to SSL_pending from the man page for SSL_read | Lutz Jänicke | |
2008-06-03 | Memory saving patch. | Ben Laurie | |
2007-08-23 | Document ticket disabling option. | Dr. Stephen Henson | |
2006-12-21 | fix typos | Nils Larsch | |
PR: 1354, 1355, 1398, 1408 | |||
2006-12-06 | fix documentation | Nils Larsch | |
PR: 1343 | |||
2006-03-12 | note that SSL_library_init() is not reentrant | Nils Larsch | |
2006-03-10 | add initial support for RFC 4279 PSK SSL ciphersuites | Nils Larsch | |
PR: 1191 Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation Reviewed by: Nils Larsch | |||
2005-10-26 | Add fixes for CAN-2005-2969. | Bodo Möller | |
(This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.) | |||
2005-08-14 | Let the TLSv1_method() etc. functions return a const SSL_METHOD | Nils Larsch | |
pointer and make the SSL_METHOD parameter in SSL_CTX_new, SSL_CTX_set_ssl_version and SSL_set_ssl_method const. | |||
2005-04-08 | improve docu of SSL_CTX_use_PrivateKey() | Nils Larsch | |
2005-03-30 | update docs (recent constification) | Nils Larsch | |
2005-03-22 | Doc fixes. | Dr. Stephen Henson | |
2004-11-14 | PR: 938 | Dr. Stephen Henson | |
Typo. | |||
2004-06-14 | More precise explanation of session id context requirements. | Lutz Jänicke | |
2003-11-29 | Make sure the documentation matches reality. | Richard Levitte | |
PR: 755 Notified by: Jakub Bogusz <qboosh@pld-linux.org> | |||
2003-06-26 | Clarify wording of verify_callback() behaviour. | Lutz Jänicke | |
2003-06-03 | Clarify return value of SSL_connect() and SSL_accept() in case of the | Lutz Jänicke | |
WANT_READ and WANT_WRITE conditions. | |||
2003-05-30 | Clarify ordering of certificates when using certificate chains | Lutz Jänicke | |
2003-03-27 | Add warning about unwanted side effect when calling SSL_CTX_free(): | Lutz Jänicke | |
sessions in the external session cache might be removed. Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il> PR: 547 | |||
2003-03-20 | Spelling errors. | Richard Levitte | |
PR: 538 | |||
2002-12-04 | Missing ")" | Lutz Jänicke | |
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com> Reviewed by: PR: | |||
2002-11-14 | No such reference to link to (found running pod2latex). | Lutz Jänicke | |
Submitted by: Reviewed by: PR: | |||
2002-10-29 | Add a HISTORY section to the man page to mention the new flags. | Geoff Thorpe | |
2002-10-29 | The last character of inconsistency in my recent commits is hereby | Geoff Thorpe | |
squashed. | |||
2002-10-29 | Correct and enhance the behaviour of "internal" session caching as it | Geoff Thorpe | |
relates to SSL_CTX flags and the use of "external" session caching. The existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE". The bitwise OR of the two flags is also defined as "SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most applications wanting to implement session caching *entirely* by its own provided callbacks. As the documented behaviour contradicted actual behaviour up until recently, and since that point behaviour has itself been inconsistent anyway, this change should not introduce any compatibility problems. I've adjusted the relevant documentation to elaborate about how this works. Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these anomalies and testing this patch for correctness. PR: 311 | |||
2002-08-15 | Missing =back. | Richard Levitte | |
Part of PR 196 | |||
2002-07-29 | mention SSL_do_handshake() | Bodo Möller | |
2002-07-19 | The behaviour is undefined when calling SSL_write() with num=0. | Lutz Jänicke | |
Submitted by: Reviewed by: PR: 141 | |||
2002-07-19 | Manual page for SSL_do_handshake(). | Lutz Jänicke | |
Submitted by: Martin Sjögren <martin@strakt.com> PR: 137 | |||
2002-07-10 | Typos in links between manual pages | Lutz Jänicke | |
Submitted by: Richard.Koenning@fujitsu-siemens.com Reviewed by: PR: 129 | |||
2002-06-14 | New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC | Bodo Möller | |
vulnerability workaround (included in SSL_OP_ALL). PR: #90 | |||
2002-06-12 | Correct wrong usage information. | Lutz Jänicke | |
PR: 95 | |||
2002-06-04 | Typo. | Lutz Jänicke | |
PR: 72 | |||
2002-02-28 | Add 'void *' argument to app_verify_callback. | Bodo Möller | |
Submitted by: D. K. Smetters <smetters@parc.xerox.com> Reviewed by: Bodo Moeller | |||
2002-02-27 | SSL_clear != SSL_free/SSL_new | Lutz Jänicke | |
2002-02-15 | Even though it is not really practical people should know about it. | Lutz Jänicke | |