- Oct 25, 2001
-
-
Bodo Möller authored
the e-mail address in the DN (i.e., it will go into a certificate extension only). The new configuration file option 'email_in_dn = no' has the same effect. Submitted by: Massimiliano Pala madwolf@openca.org
-
Bodo Möller authored
-
Bodo Möller authored
change)
-
Richard Levitte authored
the docs to reflect this change and correct libeay.num.
-
Bodo Möller authored
-
Richard Levitte authored
-
- Oct 24, 2001
-
-
Richard Levitte authored
-
Richard Levitte authored
libdes (which is still used out there) or other des implementations, the OpenSSL DES functions are renamed to begin with DES_ instead of des_. Compatibility routines are provided and declared by including openssl/des_old.h. Those declarations are the same as were in des.h when the OpenSSL project started, which is exactly how libdes looked at that time, and hopefully still looks today. The compatibility functions will be removed in some future release, at the latest in version 1.0.
-
Bodo Möller authored
never resets s->method to s->ctx->method when called from within one of the SSL handshake functions.
-
Richard Levitte authored
-
Richard Levitte authored
-
Richard Levitte authored
-
- Oct 23, 2001
-
-
Richard Levitte authored
Submitted by Frederic.Giudicelli@INTRINsec.com
-
Dr. Stephen Henson authored
-
- Oct 22, 2001
-
-
Bodo Möller authored
-
- Oct 21, 2001
-
-
Dr. Stephen Henson authored
Reject certificates with unhandled critical extensions.
-
Dr. Stephen Henson authored
Stop spurious "unable to load config info" errors in req
-
- Oct 20, 2001
-
-
Bodo Möller authored
be called multiple times
-
Bodo Möller authored
New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option for 'openssl s_client' and 'openssl s_server' that enable a message callback that displays all protocol messages. In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if client_version is smaller than the protocol version in use. Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the client will at least see that alert. Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic pointer). Add/update some OpenSSL copyright notices.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Oct 17, 2001
-
-
Bodo Möller authored
variable name occured just in a function *prototype* -- so rename it
-
Richard Levitte authored
-
Richard Levitte authored
it to NULL.
-
Bodo Möller authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
to digests to retain compatibility.
-
- Oct 16, 2001
-
-
Lutz Jänicke authored
-
Bodo Möller authored
Both have per-SSL_CTX defaults. These new values can be set by calling SSL[_CTX]_[callback_]ctrl with codes SSL_CTRL_SET_MSG_CALLBACK and SSL_CTRL_SET_MSG_CALLBACK_ARG. So far, the callback is never actually called. Also rearrange some SSL_CTX struct members (some exist just in SSL_CTXs, others are defaults for SSLs and are either copied during SSL_new, or used if the value in the SSL is not set; these three classes of members were not in a logical order), and add some missing assignments to SSL_dup.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Retain compatibility of EVP_DigestInit() and EVP_DigestFinal() with existing code. Modify library to use digest *_ex() functions.
-
Bodo Möller authored
SSL 2.0 client hellos added with the previous commit was totally wrong -- it must start with the message type, not the protocol version. (Not that this particular header is actually used anywhere ...)
-
- Oct 15, 2001
-
-
Bodo Möller authored
(if s23_srvr.c faked the message, s->init_num is 0).
-
Bodo Möller authored
'Handshake' protocol structures are kept in memory, including 'msg_type' and 'length'. (This is in preparation of future support for callbacks that get to peek at handshake messages and the like.)
-
Bodo Möller authored
-
Bodo Möller authored
-
Bodo Möller authored
case of ssl3_accept
-
- Oct 14, 2001
-
-
Ulf Möller authored
Submitted by: Toomas Kiisk <vix@cyber.ee>
-
- Oct 12, 2001
-
-
Lutz Jänicke authored
From: "Chris D. Peterson" <cpeterson@aventail.com> Subject: Implementation Issues with OpenSSL To: openssl-users@openssl.org Date: Wed, 22 Aug 2001 16:13:17 -0700 The patch included in the original post may improve the internal session list handling (and is therefore worth a seperate investigation). No change to the list handling will however solve the problems of incorrect SSL_SESSION_free() calls. The session list is only one possible point of failure, dangling pointers would also occur for SSL object currently using the session. The correct solution is to only use SSL_SESSION_free() when applicable!
-
- Oct 11, 2001
-
-
Richard Levitte authored
such cases, a flush should *not* attempt to finalise the encoding, as the EVP_ENCODE_CTX structure will only be filled with garbage. For the same reason, do the same check when a wpending is performed.
-