==== readme ========================================================
This is the old 0.6.6 docuementation. Most of the cipher stuff is still
==== readme ========================================================
This is the old 0.6.6 docuementation. Most of the cipher stuff is still
-1) If the ssleay binaray has the name of one of its component programs, it
-executes that program and then exits. This can be achieve by using hard or
+1) If the ssleay binary has the name of one of its component programs, it
+executes that program and then exits. This can be achieved by using hard or
symbolic links, or failing that, just renaming the binary.
2) If the first argument to ssleay is the name of one of the component
programs, that program runs that program and then exits.
symbolic links, or failing that, just renaming the binary.
2) If the first argument to ssleay is the name of one of the component
programs, that program runs that program and then exits.
example is for BIO_s_sock(). A socket needs to be
assigned to the BIO before it can be used.
- 'shutdown', this flag indicates if the underlying
example is for BIO_s_sock(). A socket needs to be
assigned to the BIO before it can be used.
- 'shutdown', this flag indicates if the underlying
when the BIO is closed.
- 'flags' is used to hold extra state. It is primarily used
to hold information about why a non-blocking operation
when the BIO is closed.
- 'flags' is used to hold extra state. It is primarily used
to hold information about why a non-blocking operation
unsigned long BN_get_word(BIGNUM *a);
Returns 'a' in an unsigned long. Not remarkably, often 'a' will
unsigned long BN_get_word(BIGNUM *a);
Returns 'a' in an unsigned long. Not remarkably, often 'a' will
PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
(char *)x, NULL,NULL,0,NULL)
Don't do encryption normally. If you want to PEM encrypt your X509 structure,
PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
(char *)x, NULL,NULL,0,NULL)
Don't do encryption normally. If you want to PEM encrypt your X509 structure,
copies of the origional postings if people are interested. RSA I believe
claim that they were 'trade-secrets' and that some-one broke an NDA in
revealing them. Other claim they reverse engineered the algorithms from
copies of the origional postings if people are interested. RSA I believe
claim that they were 'trade-secrets' and that some-one broke an NDA in
revealing them. Other claim they reverse engineered the algorithms from
-Regardless, RSA, I belive, is willing to go to court over the issue so
+Regardless, RSA, I believe, is willing to go to court over the issue so
licencing is probably the best idea, or at least talk to them.
If there are people who actually know more about this, pease let me know, I
don't want to vilify or spread miss-information if I can help it.
licencing is probably the best idea, or at least talk to them.
If there are people who actually know more about this, pease let me know, I
don't want to vilify or spread miss-information if I can help it.
some scripts to issue client certs to Microsoft Internet Explorer. It
includes the required knowledge about the model MSIE uses for client
certification and includes complete sample scripts ready to play with. The
some scripts to issue client certs to Microsoft Internet Explorer. It
includes the required knowledge about the model MSIE uses for client
certification and includes complete sample scripts ready to play with. The
The SSL_CTX has a session_cache_mode which is by default,
in SSL_SESS_CACHE_SERVER mode. What this means is that the library
The SSL_CTX has a session_cache_mode which is by default,
in SSL_SESS_CACHE_SERVER mode. What this means is that the library
If SSL_SESS_CACHE_NO_AUTO_CLEAR is set, old timed out sessions are
not automatically removed each 255, SSL_connect()s or SSL_accept()s.
If SSL_SESS_CACHE_NO_AUTO_CLEAR is set, old timed out sessions are
not automatically removed each 255, SSL_connect()s or SSL_accept()s.
the cache is flush. Please note that this could be expensive on
a heavily loaded SSL server, in which case, turn this off and
clear the cache of old entries 'manually' (with one of the functions
listed below) every few hours. Perhaps I should up this number, it is hard
the cache is flush. Please note that this could be expensive on
a heavily loaded SSL server, in which case, turn this off and
clear the cache of old entries 'manually' (with one of the functions
listed below) every few hours. Perhaps I should up this number, it is hard
every now and then, in theory at most 255 new session-id's will have been
added but if 100 are added every minute, you would still have
500 in the cache before any would start being flushed (assuming a 3 minute
every now and then, in theory at most 255 new session-id's will have been
added but if 100 are added every minute, you would still have
500 in the cache before any would start being flushed (assuming a 3 minute
void SSL_CTX_sess_set_get_cb(ctx,cb) sets the callback and
int (*cb)()SSL_CTX_sess_get_get_cb(ctx) returns the callback.
void SSL_CTX_sess_set_get_cb(ctx,cb) sets the callback and
int (*cb)()SSL_CTX_sess_get_get_cb(ctx) returns the callback.
-non-blocking semantics for these callbacks, it is upto the appication
-to make the callbacks effiecent if they require blocking (perhaps
+non-blocking semantics for these callbacks, it is upto the application
+to make the callbacks efficient if they require blocking (perhaps
condition has dissapeared.
After the connection has been made, information can be retrived about the
condition has dissapeared.
After the connection has been made, information can be retrived about the