openssl - Mirror of https://github.com/openssl/openssl

Age	Commit message (Collapse)	Author
2015-01-06	Only allow ephemeral RSA keys in export ciphersuites.	Dr. Stephen Henson
	OpenSSL clients would tolerate temporary RSA keys in non-export ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which enabled this server side. Remove both options as they are a protocol violation. Thanks to Karthikeyan Bhargavan for reporting this issue. (CVE-2015-0204) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6) Conflicts: CHANGES doc/ssl/SSL_CTX_set_options.pod
2014-11-28	Correct some layout issues, convert all remaining tabs to appropriate ↵	Richard Levitte
	amounts of spaces. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 8123d158ab6f0a6a468748c133e33c2063ff36b5)
2014-11-28	Improves the proxy certificates howto doc.	Alok Menghrajani
	The current documentation contains a bunch of spelling and grammar mistakes. I also found it hard to understand some paragraphs, so here is my attempt to improve its readability. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 03b637a730e4a298c360cc143de7564060c06324)
2014-11-27	Add documentation on -timeout option in the ocsp utility	André Guerreiro
	PR#3612 Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit de87dd46c1283f899a9ecf4ccc72db74f36afbf2) (cherry picked from commit 4d3df37bc7fd33d0bec5da04d2572caa0cdbab75)
2014-11-12	Fixes a minor typo in the EVP docs.	Alok Menghrajani
	Out is the buffer which needs to contain at least inl + cipher_block_size - 1 bytes. Outl is just an int*. Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 5211e094dec9486a540ac480f345df1a8d2b2862)
2014-10-21	Fix and improve SSL_MODE_SEND_FALLBACK_SCSV documentation.	Bodo Moeller
	Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-15	Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv	Bodo Moeller
	handling out of #ifndef OPENSSL_NO_DTLS1 section. Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-25	Use correct function name: CMS_add1_signer()	Dr. Stephen Henson
	Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 5886354dcca4f8445ed35b6995a035b75409590c)
2014-08-29	RT2379: Bug in BIO_set_accept_port.pod	Rich Salz
	The doc says that port can be "*" to mean any port. That's wrong. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 07e3b31fae98b985d3d2aad7066144b11833f688)
2014-08-27	RT2210: Add missing EVP_cleanup to example	Mihai Militaru
	I also removed some trailing whitespace and cleaned up the "see also" list. Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit 7b3e11c54466f1da8b707c932e308d345fd61101)
2014-08-26	RT1744: SSL_CTX_set_dump_dh() doc feedback	David Gatwood
	The description of when the server creates a DH key is confusing. This cleans it up. (rsalz: also removed trailing whitespace.) Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2014-08-25	RT1804: fix EXAMPLE in EVP_EncryptInit.pod	Jan Schaumann
	The EXAMPLE that used FILE and RC2 doesn't compile due to a few minor errors. Tweak to use IDEA and AES-128. Remove examples about RC2 and RC5. Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-08-24	Typo fixes to evp documentation.	Matt Caswell
	This patch was submitted by user "Kox" via the wiki Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 2dd8cb3b9593f528d9537aa6a003d5c93df1e3c5)
2014-08-22	Improve EVP_PKEY_sign documentation	Emilia Kasper
	Clarify the intended use of EVP_PKEY_sign. Make the code example compile. Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit d64c533a207f7b6d86c3bc8ffb053e5f4d0c1ca0)
2014-07-21	Minor documentation update removing "really" and a	Tim Hudson
	statement of opinion rather than a fact. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit c8d133e4b6f1ed1b7ad3c1a6d2c62f460e26c050)
2014-07-19	Fix documentation for RSA_set_method(3)	Dr. Stephen Henson
	PR#1675 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 197400c3f0d617d71ad8167b52fb73046d334320)
2014-07-17	Fix typo, add reference.	Jeffrey Walton
	PR#3456 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit d48e78f0cf22aaddb563f4bcfccf25b1a45ac8a4)
2014-07-15	Add Matt Caswell's fingerprint, and general update on the fingerprints file ↵	Matt Caswell
	to bring it up to date Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 3bd548192a03142c80cf8bc68659d79dea20a738)
2014-07-15	Clarify -Verify and PSK.	Dr. Stephen Henson
	PR#3452 (cherry picked from commit ca2015a617842fed3d36ed4dcbbf8d5e27bc5216)
2014-07-06	Document certificate status request options.	Dr. Stephen Henson
	Conflicts: doc/apps/s_client.pod doc/apps/s_server.pod (cherry picked from commit b197c770a6a6ec3d17d7d310a9b64570f044eca0)
2014-07-06	Update ticket callback docs.	Dr. Stephen Henson
	(cherry picked from commit a23a6e85d8dcd5733a343754f434201f3c9aa6f0)
2014-07-06	Fixed error in pod files with latest versions of pod2man	Matt Caswell
	(cherry picked from commit 07255f0a76d9d349d915e14f969b9ff2ee0d1953)
2014-07-04	typo	Dr. Stephen Henson
	(cherry picked from commit 2cfbec1caea8f9567bdff85d33d22481f2afb40a) (cherry picked from commit a9661e45acda0bedcb2413b412f9ffc3f9fb2354)
2014-07-03	Merge branch 'rsalz-docfixes'	Rich Salz

2014-07-02	Fix doc typo.	Matt Smart
	ERR_get_error(3) references the non-existent ERR_get_last_error_line_data instead of the one that does exist, ERR_peek_last_error_line_data. PR#3283 (cherry picked from commit 5cc99c6cf5e908df6b00b04af7f08e99c0698c7b)
2014-06-29	Clarified that the signature's buffer size, `s`, is not used as an	Jeffrey Walton
	IN parameter. Under the old docs, the only thing stated was "at most EVP_PKEY_size(pkey) bytes will be written". It was kind of misleading since it appears EVP_PKEY_size(pkey) WILL be written regardless of the signature's buffer size. (cherry picked from commit 6e6ba36d980f67b6e5c7b139f78da7acbbf8ec76)
2014-06-29	Typo.	Ken Ballou
	PR#3173 (cherry picked from commit 76ed5a42ea68dd08bba44e4003b7e638e5d8a4a3)
2014-06-27	Clarify docs.	Jeffrey Walton
	Document that the certificate passed to SSL_CTX_add_extra_chain_cert() should not be freed by the application. PR#3409 (cherry picked from commit 0535c2d67ca2d684087ef90be35d5fb207aab227) Add restrictions section present in other branches. Conflicts: doc/ssl/SSL_CTX_add_extra_chain_cert.pod (cherry picked from commit 86cac6d3b25342ff17a2b6564f7592fd7c6829e8)
2014-06-07	Fixed minor duplication in docs	Matt Caswell

2014-05-30	add description of -attime to man page	Hubert Kario
	the verify app man page didn't describe the usage of attime option even though it was listed as a valid option in the -help message. This patch fixes this omission.
2014-05-30	add description of -no_ecdhe option to s_server man page	Hubert Kario
	While the -help message references this option, the man page doesn't mention the -no_ecdhe option. This patch fixes this omission.
2014-05-29	Change default cipher in smime app to des3.	Dr. Stephen Henson
	PR#3357 (cherry picked from commit ca3ffd9670f2b589bf8cc04923f953e06d6fbc58)
2014-05-25	Fixed error in args for SSL_set_msg_callback and SSL_set_msg_callback_arg	Matt Caswell

2014-05-22	Fixed minor copy&paste error, and stray space causing rendering problem	Matt Caswell

2014-05-15	Removed note in BUGS section about AEAD ciphers - inadvertently added to ↵	Matt Caswell
	wrong branch
2014-05-14	Fix grammar error in verify pod. PR#3355	Jeffrey Walton

2014-05-14	Add information to BUGS section of enc documentation. PR#3354	Jeffrey Walton

2014-05-14	Corrected POD syntax errors. PR#3353	Michal Bozon

2014-05-12	Correct the return type on the signature for X509_STORE_CTX_get_ex_data ↵	Jean-Paul Calderone
	given in the pod file.
2014-05-02	typo in SSL_get_peer_cert_chain docs	Jeff Trawick
	RT: 3304
2014-04-30	Fixed missing =back commands	Matt Caswell

2014-04-30	POD: Fix item numbering	Lubomir Rintel
	Newer pod2man considers =item [1-9] part of a numbered list, while =item 0 starts an unnumbered list. Add a zero effect formatting mark to override this. doc/apps/smime.pod around line 315: Expected text after =item, not a number ... PR#3146
2014-04-26	Fix version documentation.	mancha
	Specify -f is for compilation flags. Add -d to synopsis section. (cherry picked from commit 006397ea62bbcae22c8664d53c2222b808c4bdd1) Closes #80.
2014-04-16	Document -debug_decrypt option.	Dr. Stephen Henson
	(cherry picked from commit 0dd5b94aeb77c2982bdf6886962b7a8491c6c9ed)
2014-04-15	Clarify CMS_decrypt behaviour.	Dr. Stephen Henson
	(cherry picked from commit 5f8e9a477a18551052f2019c1f374061acbaa5e6)
2014-04-11	Add new key fingerprint.	Dr. Stephen Henson
	(cherry picked from commit 3143a332e8f2f5ca1a6f0262a1a1a66103f2adf7)
2014-04-07	Document -verify_return_error option.	Dr. Stephen Henson
	(cherry picked from commit 4e6c12f3088d3ee5747ec9e16d03fc671b8f40be)
2014-04-03	Document new crl option.	Dr. Stephen Henson
	(cherry picked from commit dbb7654dc189992966ecd95ca66f7a3bb011ab9b)
2014-02-14	Fix additional pod errors with numbered items.	Kurt Roeckx
	(cherry picked from commit e547c45f1c74e976656c042ec9d873f6eea0e756)
2014-02-14	Fix various spelling errors	Scott Schaefer
	(cherry picked from commit 2b4ffc659eabec29f76821f0ac624a2b8c19e4c7)