Age | Commit message (Collapse) | Author | |
---|---|---|---|
2005-10-26 | Add fixes for CAN-2005-2969. | Bodo Möller | |
(This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.) | |||
2005-08-14 | Let the TLSv1_method() etc. functions return a const SSL_METHOD | Nils Larsch | |
pointer and make the SSL_METHOD parameter in SSL_CTX_new, SSL_CTX_set_ssl_version and SSL_set_ssl_method const. | |||
2005-04-08 | improve docu of SSL_CTX_use_PrivateKey() | Nils Larsch | |
2005-03-30 | update docs (recent constification) | Nils Larsch | |
2005-03-22 | Doc fixes. | Dr. Stephen Henson | |
2004-11-14 | PR: 938 | Dr. Stephen Henson | |
Typo. | |||
2004-06-14 | More precise explanation of session id context requirements. | Lutz Jänicke | |
2003-11-29 | Make sure the documentation matches reality. | Richard Levitte | |
PR: 755 Notified by: Jakub Bogusz <qboosh@pld-linux.org> | |||
2003-06-26 | Clarify wording of verify_callback() behaviour. | Lutz Jänicke | |
2003-06-03 | Clarify return value of SSL_connect() and SSL_accept() in case of the | Lutz Jänicke | |
WANT_READ and WANT_WRITE conditions. | |||
2003-05-30 | Clarify ordering of certificates when using certificate chains | Lutz Jänicke | |
2003-03-27 | Add warning about unwanted side effect when calling SSL_CTX_free(): | Lutz Jänicke | |
sessions in the external session cache might be removed. Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il> PR: 547 | |||
2003-03-20 | Spelling errors. | Richard Levitte | |
PR: 538 | |||
2002-12-04 | Missing ")" | Lutz Jänicke | |
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com> Reviewed by: PR: | |||
2002-11-14 | No such reference to link to (found running pod2latex). | Lutz Jänicke | |
Submitted by: Reviewed by: PR: | |||
2002-10-29 | Add a HISTORY section to the man page to mention the new flags. | Geoff Thorpe | |
2002-10-29 | The last character of inconsistency in my recent commits is hereby | Geoff Thorpe | |
squashed. | |||
2002-10-29 | Correct and enhance the behaviour of "internal" session caching as it | Geoff Thorpe | |
relates to SSL_CTX flags and the use of "external" session caching. The existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE". The bitwise OR of the two flags is also defined as "SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most applications wanting to implement session caching *entirely* by its own provided callbacks. As the documented behaviour contradicted actual behaviour up until recently, and since that point behaviour has itself been inconsistent anyway, this change should not introduce any compatibility problems. I've adjusted the relevant documentation to elaborate about how this works. Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these anomalies and testing this patch for correctness. PR: 311 | |||
2002-08-15 | Missing =back. | Richard Levitte | |
Part of PR 196 | |||
2002-07-29 | mention SSL_do_handshake() | Bodo Möller | |
2002-07-19 | The behaviour is undefined when calling SSL_write() with num=0. | Lutz Jänicke | |
Submitted by: Reviewed by: PR: 141 | |||
2002-07-19 | Manual page for SSL_do_handshake(). | Lutz Jänicke | |
Submitted by: Martin Sjögren <martin@strakt.com> PR: 137 | |||
2002-07-10 | Typos in links between manual pages | Lutz Jänicke | |
Submitted by: Richard.Koenning@fujitsu-siemens.com Reviewed by: PR: 129 | |||
2002-06-14 | New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC | Bodo Möller | |
vulnerability workaround (included in SSL_OP_ALL). PR: #90 | |||
2002-06-12 | Correct wrong usage information. | Lutz Jänicke | |
PR: 95 | |||
2002-06-04 | Typo. | Lutz Jänicke | |
PR: 72 | |||
2002-02-28 | Add 'void *' argument to app_verify_callback. | Bodo Möller | |
Submitted by: D. K. Smetters <smetters@parc.xerox.com> Reviewed by: Bodo Moeller | |||
2002-02-27 | SSL_clear != SSL_free/SSL_new | Lutz Jänicke | |
2002-02-15 | Even though it is not really practical people should know about it. | Lutz Jänicke | |
2001-11-19 | Clarify reference count handling/removal of session | Lutz Jänicke | |
(shinagawa@star.zko.dec.com). | |||
2001-11-10 | remove incorrect 'callback' prototype | Bodo Möller | |
2001-11-10 | msg_callback documentation | Bodo Möller | |
2001-10-20 | New functions SSL[_CTX]_set_msg_callback(). | Bodo Möller | |
New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option for 'openssl s_client' and 'openssl s_server' that enable a message callback that displays all protocol messages. In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if client_version is smaller than the protocol version in use. Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the client will at least see that alert. Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic pointer). Add/update some OpenSSL copyright notices. | |||
2001-10-17 | document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | Bodo Möller | |
2001-10-12 | Update information as a partial response to the post | Lutz Jänicke | |
From: "Chris D. Peterson" <cpeterson@aventail.com> Subject: Implementation Issues with OpenSSL To: openssl-users@openssl.org Date: Wed, 22 Aug 2001 16:13:17 -0700 The patch included in the original post may improve the internal session list handling (and is therefore worth a seperate investigation). No change to the list handling will however solve the problems of incorrect SSL_SESSION_free() calls. The session list is only one possible point of failure, dangling pointers would also occur for SSL object currently using the session. The correct solution is to only use SSL_SESSION_free() when applicable! | |||
2001-09-13 | Typo. | Lutz Jänicke | |
2001-09-13 | One more manual page. | Lutz Jänicke | |
2001-09-13 | Rework section about return values another time (based on hints from | Lutz Jänicke | |
Bodo Moeller). | |||
2001-09-11 | Make maximum certifcate chain size accepted from the peer application | Lutz Jänicke | |
settable (proposed by "Douglas E. Engert" <deengert@anl.gov>). | |||
2001-09-07 | ispell | Ulf Möller | |
2001-08-24 | More docs. | Lutz Jänicke | |
2001-08-23 | Typo. | Lutz Jänicke | |
2001-08-23 | More manual pages. Constify. | Lutz Jänicke | |
2001-08-23 | As discussed recently on openssl-users. | Lutz Jänicke | |
2001-08-23 | Make clear, that using the compression layer is currently not recommended. | Lutz Jänicke | |
2001-08-22 | typo. | Ulf Möller | |
2001-08-21 | One more manual page... | Lutz Jänicke | |
2001-08-21 | Documentation on how to handle compression methods. | Lutz Jänicke | |
Hopefully it is clear enough, that it is currently not recommended. | |||
2001-08-20 | More interdependencies with respect to shutdown behaviour. | Lutz Jänicke | |
2001-08-19 | Alert description strings for TLSv1 and documentation. | Lutz Jänicke | |