diff options
| author | beck <> | 2016-11-05 15:13:26 +0000 |
|---|---|---|
| committer | beck <> | 2016-11-05 15:13:26 +0000 |
| commit | a554fd917ad5e5050665b441a614e66959938ede (patch) | |
| tree | 539491edf35461b59c4b7f94d33635fed5473983 /src/lib/libtls/tls_init.3 | |
| parent | e48d894dfa7188c6a08be7d172039bdcbfa8d471 (diff) | |
| download | openbsd-a554fd917ad5e5050665b441a614e66959938ede.tar.gz openbsd-a554fd917ad5e5050665b441a614e66959938ede.tar.bz2 openbsd-a554fd917ad5e5050665b441a614e66959938ede.zip | |
Add support for server side OCSP stapling to libtls.
Add support for server side OCSP stapling to netcat.
Diffstat (limited to 'src/lib/libtls/tls_init.3')
| -rw-r--r-- | src/lib/libtls/tls_init.3 | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index 88195deb2e..a6ab619c19 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: tls_init.3,v 1.77 2016/11/04 05:13:13 beck Exp $ | 1 | .\" $OpenBSD: tls_init.3,v 1.78 2016/11/05 15:13:26 beck Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> | 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -14,7 +14,7 @@ | |||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | .\" | 16 | .\" |
| 17 | .Dd $Mdocdate: November 4 2016 $ | 17 | .Dd $Mdocdate: November 5 2016 $ |
| 18 | .Dt TLS_INIT 3 | 18 | .Dt TLS_INIT 3 |
| 19 | .Os | 19 | .Os |
| 20 | .Sh NAME | 20 | .Sh NAME |
| @@ -39,6 +39,8 @@ | |||
| 39 | .Nm tls_config_set_key_mem , | 39 | .Nm tls_config_set_key_mem , |
| 40 | .Nm tls_config_set_keypair_file , | 40 | .Nm tls_config_set_keypair_file , |
| 41 | .Nm tls_config_set_keypair_mem , | 41 | .Nm tls_config_set_keypair_mem , |
| 42 | .Nm tls_config_set_ocsp_staple_mem , | ||
| 43 | .Nm tls_config_set_ocsp_staple_file , | ||
| 42 | .Nm tls_config_set_protocols , | 44 | .Nm tls_config_set_protocols , |
| 43 | .Nm tls_config_set_verify_depth , | 45 | .Nm tls_config_set_verify_depth , |
| 44 | .Nm tls_config_prefer_ciphers_client , | 46 | .Nm tls_config_prefer_ciphers_client , |
| @@ -134,6 +136,10 @@ | |||
| 134 | .Fn tls_config_set_keypair_file "struct tls_config *config" "const char *cert_file" "const char *key_file" | 136 | .Fn tls_config_set_keypair_file "struct tls_config *config" "const char *cert_file" "const char *key_file" |
| 135 | .Ft "int" | 137 | .Ft "int" |
| 136 | .Fn tls_config_set_keypair_mem "struct tls_config *config" "const uint8_t *cert" "size_t cert_len" "const uint8_t *key" "size_t key_len" | 138 | .Fn tls_config_set_keypair_mem "struct tls_config *config" "const uint8_t *cert" "size_t cert_len" "const uint8_t *key" "size_t key_len" |
| 139 | .Ft "int" | ||
| 140 | .Fn tls_config_set_ocsp_staple_mem "struct tls_config *config" "const char *staple" "size_t len" | ||
| 141 | .Ft "int" | ||
| 142 | .Fn tls_config_set_ocsp_staple_file "struct tls_config *config" "const char *staple_file | ||
| 137 | .Ft "void" | 143 | .Ft "void" |
| 138 | .Fn tls_config_set_protocols "struct tls_config *config" "uint32_t protocols" | 144 | .Fn tls_config_set_protocols "struct tls_config *config" "uint32_t protocols" |
| 139 | .Ft "void" | 145 | .Ft "void" |
| @@ -365,6 +371,14 @@ used as an alternative certificate for Server Name Indication (server only). | |||
| 365 | adds an additional public certificate and private key from memory, | 371 | adds an additional public certificate and private key from memory, |
| 366 | used as an alternative certificate for Server Name Indication (server only). | 372 | used as an alternative certificate for Server Name Indication (server only). |
| 367 | .It | 373 | .It |
| 374 | .Fn tls_config_set_ocsp_staple_mem | ||
| 375 | adds a DER encoded OCSP response to be stapled during the TLS handshake from | ||
| 376 | memory. | ||
| 377 | .It | ||
| 378 | .Fn tls_config_set_ocsp_staple_file | ||
| 379 | adds a DER encoded OCSP response to be stapled during the TLS handshake from | ||
| 380 | the specified file. | ||
| 381 | .It | ||
| 368 | .Fn tls_config_set_alpn | 382 | .Fn tls_config_set_alpn |
| 369 | sets the ALPN protocols that are supported. | 383 | sets the ALPN protocols that are supported. |
| 370 | The alpn string is a comma separated list of protocols, in order of preference. | 384 | The alpn string is a comma separated list of protocols, in order of preference. |