1. 19 5月, 2016 1 次提交
  2. 03 4月, 2016 1 次提交
    • V
      Move peer chain security checks into x509_vfy.c · fbb82a60
      Viktor Dukhovni 提交于
      A new X509_VERIFY_PARAM_set_auth_level() function sets the
      authentication security level.  For verification of SSL peers, this
      is automatically set from the SSL security level.  Otherwise, for
      now, the authentication security level remains at (effectively) 0
      by default.
      
      The new "-auth_level" verify(1) option is available in all the
      command-line tools that support the standard verify(1) options.
      
      New verify(1) tests added to check enforcement of chain signature
      and public key security levels.  Also added new tests of enforcement
      of the verify_depth limit.
      
      Updated documentation.
      Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
      fbb82a60
  3. 16 3月, 2016 1 次提交
    • F
      General verify options to openssl ts · 08538fc0
      fbroda 提交于
      This commit adds the general verify options of ocsp, verify,
      cms, etc. to the openssl timestamping app as suggested by
      Stephen N. Henson in [openssl.org #4287]. The conflicting
      "-policy" option of "openssl ts" has been renamed to
      "-tspolicy". Documentation and tests have been updated.
      
      CAVE: This will break code, which currently uses the "-policy"
      option.
      Reviewed-by: NRich Salz <rsalz@openssl.org>
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      08538fc0
  4. 06 2月, 2016 1 次提交
  5. 20 11月, 2015 2 次提交
  6. 29 10月, 2015 1 次提交
    • R
      Remove SSLeay history, etc., from docs · a528d4f0
      Rich Salz 提交于
      If something was "present in all versions" of SSLeay, or if it was
      added to a version of SSLeay (and therefore predates OpenSSL),
      remove mention of it.  Documentation history now starts with OpenSSL.
      
      Remove mention of all history before OpenSSL 0.9.8, inclusive.
      
      Remove all AUTHOR sections.
      Reviewed-by: NTim Hudson <tjh@openssl.org>
      a528d4f0
  7. 28 8月, 2015 1 次提交
    • R
      Various doc fixes. · c03726ca
      Rich Salz 提交于
      Make all mention of digest algorithm use "any supported algorithm"
      
      RT2071, some new manpages from Victor B. Wagner <vitus@cryptocom.ru>:
          X509_LOOKUP_hash_dir.pod
          X509_check_ca.pod
          X509_check_issued.pod
      
      RT 1600:
          Remove references to non-existant objects(3)
          Add RETURN VALUES to BIO_do_accept page.
      
      RT1818:
          RSA_sign Can return values other than 0 on failure.
      
      RT3634:
          Fix AES CBC aliases (Steffen Nurpmeso <sdaoden@yandex.com>)
      
      RT3678:
          Some clarifications to BIO_new_pair
          (Devchandra L Meetei <dlmeetei@gmail.com>)
      
      RT3787:
          Fix some EVP_ function return values
          (Laetitia Baudoin <lbaudoin@google.com>)
      Reviewed-by: NTim Hudson <tjh@openssl.org>
      c03726ca
  8. 22 8月, 2015 1 次提交
  9. 03 5月, 2015 1 次提交
  10. 15 2月, 2014 1 次提交
  11. 15 4月, 2009 1 次提交
  12. 03 12月, 2007 1 次提交
    • R
      Change submitted by Doug Kaufman. He writes: · 28f7e60d
      Richard Levitte 提交于
        I just compiled the 9.9-dev version from the 12022007 tarball under
        DJGPP. There were only 2 changes needed, one for b_sock.c, since
        DJGPP with WATT32 doesn't define socklen_t and one for testtsa to
        handle DOS style path separators. I also noted what seems to be a
        typographical error in ts.pod. The test suite passes. The patch is
        attached.
      
        Since I am in the US, I have sent notifications to the Bureau of
        Industry and Security and to the NSA.
      28f7e60d
  13. 07 11月, 2006 1 次提交
  14. 27 2月, 2006 1 次提交
  15. 13 2月, 2006 1 次提交