generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
13,497 Commits 16 Branches 258 Tags
Commit Graph

299 Commits

Author SHA1 Message Date
Martin Kaiser
189ae368d9 Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352 2014-05-24 00:02:24 +01:00
Matt Caswell
085ccc542a Fixed minor copy&paste error, and stray space causing rendering problem 2014-05-22 00:07:35 +01:00
Dr. Stephen Henson
6f719f063c Change default cipher in smime app to des3. 
PR#3357
 2014-05-21 11:28:57 +01:00
Matt Caswell
d4b47504de Moved note about lack of support for AEAD modes out of BUGS section to SUPPORTED CIPHERS section (bug has been fixed, but still no support for AEAD) 2014-05-15 21:13:38 +01:00
Jeffrey Walton
2af071c0bc Fix grammar error in verify pod. PR#3355 2014-05-14 22:49:30 +01:00
Jeffrey Walton
18c4f522f4 Add information to BUGS section of enc documentation. PR#3354 2014-05-14 22:48:26 +01:00
Dr. Stephen Henson
89e674744d Correct example. 2014-05-12 18:41:52 +01:00
Matt Caswell
c4afc40a9b Fixed CRLF in file 2014-05-10 01:19:50 +01:00
mancha
8acb953880 Fix version documentation. 
Specify -f is for compilation flags. Add -d to synopsis section.

Closes #77.
 2014-04-26 08:09:53 +01:00
Dr. Stephen Henson
0dd5b94aeb Document -debug_decrypt option. 2014-04-16 12:15:43 +01:00
Dr. Stephen Henson
4e6c12f308 Document -verify_return_error option. 2014-04-07 13:02:39 +01:00
Dr. Stephen Henson
dbb7654dc1 Document new crl option. 2014-04-03 13:33:50 +01:00
Dr. Stephen Henson
0f817d3b27 Add initial security framework docs. 2014-03-28 16:42:18 +00:00
Dr. Stephen Henson
5693a30813 PKCS#8 support for alternative PRFs. 
Add option to set an alternative to the default hmacWithSHA1 PRF
for PKCS#8 private key encryptions. This is used automatically
by PKCS8_encrypt if the nid specified is a PRF.

Add option to pkcs8 utility.

Update docs.
(cherry picked from commit b60272b01fcb4f69201b3e1659b4f7e9e9298dfb)
 2014-03-01 23:16:08 +00:00
Scott Schaefer
2b4ffc659e Fix various spelling errors 2014-02-14 22:29:12 +00:00
Scott Schaefer
856c6dfb09 Document pkcs12 -password behavior 
apps/pkcs12.c accepts -password as an argument.  The document author
almost certainly meant to write "-password, -passin".

However, that is not correct, either.  Actually the code treats
-password as equivalent to -passin, EXCEPT when -export is also
specified, in which case -password as equivalent to -passout.
 2014-02-14 22:28:37 +00:00
Dr. Stephen Henson
847865d0f9 Add suppot for ASCII with CRLF canonicalisation. 2014-02-13 14:35:56 +00:00
Daniel Kahn Gillmor
0ecfd920e5 update remaining documentation to move from EDH to DHE 
change documentation and comments to indicate that we prefer the
standard "DHE" naming scheme everywhere over the older "EDH"
 2014-01-09 15:43:28 +00:00
Daniel Kahn Gillmor
5a21cadbeb use SSL_kDHE throughout instead of SSL_kEDH 
DHE is the standard term used by the RFCs and by other TLS
implementations.  It's useful to have the internal variables use the
standard terminology.

This patch leaves a synonym SSL_kEDH in place, though, so that older
code can still be built against it, since that has been the
traditional API.  SSL_kEDH should probably be deprecated at some
point, though.
 2014-01-09 15:43:28 +00:00
Dr. Stephen Henson
9c75461bef Document RSAPublicKey_{in,out} options. 2013-11-09 15:09:23 +00:00
Lubomir Rintel
c8919dde09 POD: Fix item numbering 
Newer pod2man considers =item [1-9] part of a numbered list, while =item
0 starts an unnumbered list. Add a zero effect formatting mark to override
this.

doc/apps/smime.pod around line 315: Expected text after =item, not a
number
...

PR#3146
 2013-10-22 07:38:25 +01:00
Scott Deboy
36086186a9 Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) 
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
 2013-09-06 13:59:13 +01:00
Veres Lajos
478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Carlos Alberto Lopez Perez
b98af49d97 Add an "-xmpphost" option to s_client 
* Many XMPP servers are configured with multiple domains (virtual hosts)
 * In order to establish successfully the TLS connection you have to specify
   which virtual host you are trying to connect.
 * Test this, for example with ::
   * Fail:
       openssl s_client -connect talk.google.com:5222 -starttls xmpp
   * Works:
       openssl s_client -connect talk.google.com:5222 -starttls xmpp -xmpphost gmail.com
 2013-09-05 17:24:56 +01:00
Carlos Alberto Lopez Perez
50f307a98f Add "xmpp" to the list of supported starttls protocols on s_client manpage 2013-09-05 17:24:56 +01:00
Dr. Stephen Henson
902efde1cc Document -force_pubkey option. 2013-08-21 13:43:00 +01:00
Dr. Stephen Henson
dfcb42c68e Update cms docs. 2013-08-05 16:23:22 +01:00
Dr. Stephen Henson
4bf4a6501c Update cms docs. 
Document use of -keyopt to use RSA-PSS and RSA-OAEP modes.
 2013-06-21 23:43:06 +01:00
Trevor
9cd50f738f Cleanup of custom extension stuff. 
serverinfo rejects non-empty extensions.

Omit extension if no relevant serverinfo data.

Improve error-handling in serverinfo callback.

Cosmetic cleanups.

s_client documentation.

s_server documentation.

SSL_CTX_serverinfo documentation.

Cleaup -1 and NULL callback handling for custom extensions, add tests.

Cleanup ssl_rsa.c serverinfo code.

Whitespace cleanup.

Improve comments in ssl.h for serverinfo.

Whitespace.

Cosmetic cleanup.

Reject non-zero-len serverinfo extensions.

Whitespace.

Make it build.
 2013-06-18 16:13:08 +01:00
Ben Laurie
3a778a2913 Documentation improvements by Chris Palmer (Google). 2012-12-14 13:28:49 +00:00
Ben Laurie
74cc3b583d Document -pubkey. 2012-12-13 16:17:55 +00:00
Dr. Stephen Henson
13cfb04343 reorganise SSL_CONF_cmd manual page and update some links 2012-11-20 01:01:33 +00:00
Dr. Stephen Henson
095db6bdb8 correct docs 2012-11-19 20:06:44 +00:00
Dr. Stephen Henson
8dbeb110fb document -trace and -msgfile options 2012-11-19 16:37:18 +00:00
Dr. Stephen Henson
765b413794 update docs for s_server/s_client 2012-11-19 16:07:53 +00:00
Dr. Stephen Henson
642aa226db document -naccept option 2012-11-18 15:51:26 +00:00
Dr. Stephen Henson
63d103ea48 typo 2012-11-16 12:49:14 +00:00
Dr. Stephen Henson
999ffeca6c update ciphers documentation to indicate implemented fixed DH ciphersuites 2012-11-16 01:15:15 +00:00
Dr. Stephen Henson
ffa4579679 initial update of ciphers doc 2012-11-16 00:42:38 +00:00
Andy Polyakov
677741f87a doc/apps: formatting fixes. 
PR: 2683
Submitted by: Annie Yousar
 2012-01-11 21:58:19 +00:00
Dr. Stephen Henson
618eb125f0 Document RFC5114 "generation" options. 2011-12-07 00:42:22 +00:00
Dr. Stephen Henson
7e0de9e8a6 Minor documentation fixes, PR#2345 2010-10-04 13:28:46 +00:00
Dr. Stephen Henson
0d638dc1f6 Minor documentation fixes, PR#2344 2010-10-04 13:23:53 +00:00
Dr. Stephen Henson
7d3d1788a5 The meaning of the X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY and 
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were reversed in
the verify application documentation.
 2010-02-23 14:09:09 +00:00
Dr. Stephen Henson
3243698f1d typo 2010-01-21 18:46:15 +00:00
Dr. Stephen Henson
0e0c6821fa PR: 2136 
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
 2010-01-12 17:29:34 +00:00
Dr. Stephen Henson
6084c797a8 Remove tabs on blank lines: they produce warnings in pod2man 2010-01-05 17:16:54 +00:00
Dr. Stephen Henson
fb552ac616 Change version from 0.9.9 to 1.0.0 in docs 2009-09-30 23:43:01 +00:00
Dr. Stephen Henson
88a3dd7896 Correction: salt is now default 2009-09-04 12:27:12 +00:00
Dr. Stephen Henson
f3be6c7b7d Update from 1.0.0-stable. 2009-06-26 11:29:26 +00:00