From 982ac918afe6a1c02d5cf735d7b6c56443a048cc Mon Sep 17 00:00:00 2001 From: marha Date: Fri, 7 Feb 2014 23:28:38 +0100 Subject: xkbcomp xkeyboard-config libxcb libxtrans fontconfig libX11 libxcb mesa xserver git update 7 Feb 2014 Update to openssl1.0.1f xserver commit 83e38eb73fd8c852513aac2da2975b4c01070ec2 libxcb commit d7eb0bdf3b5b11ee9f40ee5e73df8fc0bdfa59f3 xkeyboard-config commit 7596672b96315465df8d8d691e3a567a52f70743 libX11 commit aacf95dacc7c598e7297894580d4d655593813b2 xkbcomp commit 31b90ee4ffc774e0da540277907fc5540c0b012c libxtrans commit 3f0de269abe59353acbd7a5587d68ce0da91db67 fontconfig commit e310d2fac2d874d5aa76c609df70cc7b871c0b6d mesa commit dd2229d4c68ed78a50104637aef904f8ab6d7dd3 --- openssl/doc/apps/rsa.pod | 15 +++++++++++++++ openssl/doc/crypto/X509_STORE_CTX_get_error.pod | 2 ++ openssl/doc/crypto/ecdsa.pod | 10 +++------- openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod | 8 ++++---- openssl/doc/ssl/SSL_CTX_set_options.pod | 5 +++-- openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod | 4 ++++ openssl/doc/ssl/SSL_accept.pod | 10 +++++----- openssl/doc/ssl/SSL_connect.pod | 10 +++++----- openssl/doc/ssl/SSL_do_handshake.pod | 10 +++++----- openssl/doc/ssl/SSL_shutdown.pod | 10 +++++----- 10 files changed, 51 insertions(+), 33 deletions(-) (limited to 'openssl/doc') diff --git a/openssl/doc/apps/rsa.pod b/openssl/doc/apps/rsa.pod index 69b2bef82..d7d784d52 100644 --- a/openssl/doc/apps/rsa.pod +++ b/openssl/doc/apps/rsa.pod @@ -24,6 +24,8 @@ B B [B<-check>] [B<-pubin>] [B<-pubout>] +[B<-RSAPublicKey_in>] +[B<-RSAPublicKey_out>] [B<-engine id>] =head1 DESCRIPTION @@ -118,6 +120,10 @@ by default a private key is output: with this option a public key will be output instead. This option is automatically set if the input is a public key. +=item B<-RSAPublicKey_in>, B<-RSAPublicKey_out> + +like B<-pubin> and B<-pubout> except B format is used instead. + =item B<-engine id> specifying an engine (by its unique B string) will cause B @@ -139,6 +145,11 @@ The PEM public key format uses the header and footer lines: -----BEGIN PUBLIC KEY----- -----END PUBLIC KEY----- +The PEM B format uses the header and footer lines: + + -----BEGIN RSA PUBLIC KEY----- + -----END RSA PUBLIC KEY----- + The B form is a format compatible with older Netscape servers and Microsoft IIS .key files, this uses unsalted RC4 for its encryption. It is not very secure and so should only be used when necessary. @@ -173,6 +184,10 @@ To just output the public part of a private key: openssl rsa -in key.pem -pubout -out pubkey.pem +Output the public part of a private key in B format: + + openssl rsa -in key.pem -RSAPublicKey_out -out pubkey.pem + =head1 BUGS The command line password arguments don't currently work with diff --git a/openssl/doc/crypto/X509_STORE_CTX_get_error.pod b/openssl/doc/crypto/X509_STORE_CTX_get_error.pod index a883f6c09..60e8332ae 100644 --- a/openssl/doc/crypto/X509_STORE_CTX_get_error.pod +++ b/openssl/doc/crypto/X509_STORE_CTX_get_error.pod @@ -278,6 +278,8 @@ happen if extended CRL checking is enabled. an application specific error. This will never be returned unless explicitly set by an application. +=back + =head1 NOTES The above functions should be used instead of directly referencing the fields diff --git a/openssl/doc/crypto/ecdsa.pod b/openssl/doc/crypto/ecdsa.pod index 20edff97f..59a5916de 100644 --- a/openssl/doc/crypto/ecdsa.pod +++ b/openssl/doc/crypto/ecdsa.pod @@ -95,7 +95,7 @@ is ignored. ECDSA_verify() verifies that the signature in B of size B is a valid ECDSA signature of the hash value -value B of size B using the public key B. +B of size B using the public key B. The parameter B is ignored. ECDSA_do_sign() is wrapper function for ECDSA_do_sign_ex with B @@ -131,16 +131,12 @@ specific) int ret; ECDSA_SIG *sig; - EC_KEY *eckey = EC_KEY_new(); + EC_KEY *eckey; + eckey = EC_KEY_new_by_curve_name(NID_secp192k1); if (eckey == NULL) { /* error */ } - key->group = EC_GROUP_new_by_nid(NID_secp192k1); - if (key->group == NULL) - { - /* error */ - } if (!EC_KEY_generate_key(eckey)) { /* error */ diff --git a/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod b/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod index 632b556d1..5e6613335 100644 --- a/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod +++ b/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod @@ -66,16 +66,16 @@ values: =over 4 -=item 1 - -The operation succeeded. - =item 0 A failure while manipulating the STACK_OF(X509_NAME) object occurred or the X509_NAME could not be extracted from B. Check the error stack to find out the reason. +=item 1 + +The operation succeeded. + =back =head1 EXAMPLES diff --git a/openssl/doc/ssl/SSL_CTX_set_options.pod b/openssl/doc/ssl/SSL_CTX_set_options.pod index cc588f3a7..fded0601b 100644 --- a/openssl/doc/ssl/SSL_CTX_set_options.pod +++ b/openssl/doc/ssl/SSL_CTX_set_options.pod @@ -88,9 +88,10 @@ As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect. ... -=item SSL_OP_MSIE_SSLV2_RSA_PADDING +=item SSL_OP_SAFARI_ECDHE_ECDSA_BUG -As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect. +Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. +OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers. =item SSL_OP_SSLEAY_080_CLIENT_DH_BUG diff --git a/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod b/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod index b80e25be7..7e60df5ba 100644 --- a/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod +++ b/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod @@ -81,6 +81,8 @@ SSL_CTX_use_psk_identity_hint() and SSL_use_psk_identity_hint() return Return values from the server callback are interpreted as follows: +=over 4 + =item > 0 PSK identity was found and the server callback has provided the PSK @@ -99,4 +101,6 @@ completely. PSK identity was not found. An "unknown_psk_identity" alert message will be sent and the connection setup fails. +=back + =cut diff --git a/openssl/doc/ssl/SSL_accept.pod b/openssl/doc/ssl/SSL_accept.pod index cc724c0d5..b1c34d15b 100644 --- a/openssl/doc/ssl/SSL_accept.pod +++ b/openssl/doc/ssl/SSL_accept.pod @@ -44,17 +44,17 @@ The following return values can occur: =over 4 -=item 1 - -The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been -established. - =item 0 The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value B to find out the reason. +=item 1 + +The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been +established. + =item E0 The TLS/SSL handshake was not successful because a fatal error occurred either diff --git a/openssl/doc/ssl/SSL_connect.pod b/openssl/doc/ssl/SSL_connect.pod index cc56ebb75..946ca89d7 100644 --- a/openssl/doc/ssl/SSL_connect.pod +++ b/openssl/doc/ssl/SSL_connect.pod @@ -41,17 +41,17 @@ The following return values can occur: =over 4 -=item 1 - -The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been -established. - =item 0 The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value B to find out the reason. +=item 1 + +The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been +established. + =item E0 The TLS/SSL handshake was not successful, because a fatal error occurred either diff --git a/openssl/doc/ssl/SSL_do_handshake.pod b/openssl/doc/ssl/SSL_do_handshake.pod index 243576451..7f8cf249e 100644 --- a/openssl/doc/ssl/SSL_do_handshake.pod +++ b/openssl/doc/ssl/SSL_do_handshake.pod @@ -45,17 +45,17 @@ The following return values can occur: =over 4 -=item 1 - -The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been -established. - =item 0 The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value B to find out the reason. +=item 1 + +The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been +established. + =item E0 The TLS/SSL handshake was not successful because a fatal error occurred either diff --git a/openssl/doc/ssl/SSL_shutdown.pod b/openssl/doc/ssl/SSL_shutdown.pod index 89911acbc..42a89b7c6 100644 --- a/openssl/doc/ssl/SSL_shutdown.pod +++ b/openssl/doc/ssl/SSL_shutdown.pod @@ -92,11 +92,6 @@ The following return values can occur: =over 4 -=item 1 - -The shutdown was successfully completed. The "close notify" alert was sent -and the peer's "close notify" alert was received. - =item 0 The shutdown is not yet finished. Call SSL_shutdown() for a second time, @@ -104,6 +99,11 @@ if a bidirectional shutdown shall be performed. The output of L may be misleading, as an erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. +=item 1 + +The shutdown was successfully completed. The "close notify" alert was sent +and the peer's "close notify" alert was received. + =item -1 The shutdown was not successful because a fatal error occurred either -- cgit v1.2.3