openbsd/src/lib/libtls/man, branch master

openbsd/src/lib/libtls/man, branch master A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=master 2025-07-07T10:54:00+00:00 .Lb libtls libssl libcrypto 2025-07-07T10:54:00+00:00 schwarze 2025-07-07T10:54:00+00:00 urn:sha1:800b400429130c255973b130ac2376970630d5e9 OK tb@ and no objection from tedu@ Document tls_peer_cert_common_name() 2024-12-10T08:42:12+00:00 tb 2024-12-10T08:42:12+00:00 urn:sha1:c94b3b4a953c20b000c195ce5e2ef6683eed6964 ok beck remove tls_reset(3) from the NAME, SYNOPSIS, and HISTORY sections 2023-09-18T17:25:15+00:00 schwarze 2023-09-18T17:25:15+00:00 urn:sha1:b92995f2a1d2dda8c6289e3afb31574b7feec963 because it is documented in the separate tls_client(3) manual page Remove the ability to do tls 1.0 and 1.1 from libtls. 2023-07-02T06:37:27+00:00 beck 2023-07-02T06:37:27+00:00 urn:sha1:908a2337ae4c28163a92b9fda969dbdd36bc634b With this change any requests from configurations to request versions of tls before tls 1.2 will use tls 1.2. This prepares us to deprecate tls 1.0 and tls 1.1 support from libssl. ok tb@ contibutions -> contributions 2022-01-01T02:18:28+00:00 jsg 2022-01-01T02:18:28+00:00 urn:sha1:e0b952fc7cccf4861f154522a0359428d82729e8 zap wonky commas; 2021-06-22T20:01:19+00:00 jmc 2021-06-22T20:01:19+00:00 urn:sha1:3650508f3facd1163d6549d6fab59a6f81db17d2 Clarify tls_config_set_*_file() file I/O semantics 2021-06-22T17:59:48+00:00 kn 2021-06-22T17:59:48+00:00 urn:sha1:7464c3881edf2f952d355d3ed4e23a63ef9051fa tls_config_set_*_file(3) do not just set the file paths like tls_config_set_*_path(3) do, they do load the given file(s) into memory directly using tls_config_load_file(). This distinction is important because it means a later tls_connect(3) will not do any file I/O (at least wrt. those files), which is relevant when for example pleding without "[rwc]path" after loading files into memory and before doing tls_connect(3). The manual's current wording made me use the following due to above way of pledging a program: tls_load_file() tls_config_set_ca_mem() tls_unload_file() While in fact a single tls_config_set_ca_file() call does the same. tls_config.c r1.26 (Aug 2016) change the code but forgot to amend the manual as noted by tb, thanks. Feedback OK tb Tweak previous: 2021-01-02T19:58:44+00:00 schwarze 2021-01-02T19:58:44+00:00 urn:sha1:c0a13098b65e31155a7ddfa3514859fcc685e498 * Do not abuse .Bl -tag for lists without bodies, use .Bl -item instead. * In tagged lists, put bodies into bodies, not into heads. * Add a few missing macros. * Drop some useless quoting. Make list of DHE parameters more prominent 2021-01-02T19:15:04+00:00 kn 2021-01-02T19:15:04+00:00 urn:sha1:1810ecb83b1849023a93ebdb181e2054f991f1b4 Follow the previous commit and complete the manual page for consistency; better readable and tags for free. OK tb Make the list of supported protocols more prominent 2020-12-30T13:38:13+00:00 kn 2020-12-30T13:38:13+00:00 urn:sha1:e510ae695c6796e2c5638d83018f97c4f02b460f Manuals like httpd.conf(5) refer to this for valid protocol strings, but elements inlined into sentences are hard find to spot. Use a list as already done elsewhere in this manual. OK jmc on earlier version Feeback OK tb