summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* First example of how to fix the d2i_*() manuals:schwarze2016-12-241-98/+123
| | | | | | | | | | | - add four missing functions found in OpenSSL doc/man3/d2i_X509.pod - simplify .Nd - drop needless extra include line - use the same parameter names as in ASN1_item_d2i(3) - point to ASN1_item_d2i(3) for details - sort the text and simplify the wording More work is needed on STANDARDS references.
* Very carefully tweak OpenSSL doc/man3/d2i_X509.pod and create a newschwarze2016-12-243-1/+514
| | | | | | | | | | | | | | | | | | | | | | | ASN1_item_d2i(3) manual page from it. Enough text remains to keep Stephen Henson's Copyright. The eight functions documented in this new page are listed in <openssl/asn1.h> and in Symbols.list, so they are public even though OpenSSL does not document them. They are very important because hundreds of documented, much-used public interface functions are trivial wrappers around them, sharing their complicated semantics and their copious CAVEATS and BUGS. The plan is for the many pages documenting the wrappers to become very concise, to focus on the few type-dependent specifics, and to point to this new page for the details of the semantics, for the CAVEATS, and for the BUGS. While here, write a companion page ASN1_item_new(3) from scratch. The user interface described in that page scares the hell out of me, and i think people writing code to handle ASN.1 ought to be aware of that dangerous user interface design, or they will sooner or later get trapped.
* minor fixes;jmc2016-12-241-6/+6
|
* sprinkle some cross references to newly written x509v3 manual pagesschwarze2016-12-246-12/+32
|
* Write new SXNET_new(3) manual page from scratch. All four functionsschwarze2016-12-242-1/+93
| | | | | | | | | | | | | | | | are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file. I consider the quotation from http://www-03.ibm.com/security/library/wp_pki0730.shtml fair use because (1) it is a very brief extract from a long text, (2) no other source of information is available, (3) it is quoted for the purpose of education and research, (4) republishing happens in a not-for-profit context. I'm not including the URI into the manual page because large corporate websites are notorious for changing URIs during each spring cleaning.
* Write new PKEY_USAGE_PERIOD_new(3) manual page from scratch,schwarze2016-12-232-1/+67
| | | | | | | documenting the dubious RFC 3280 PrivateKeyUsagePeriod extension. Both functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Move __BEGIN_HIDDEN_DECLS out of the middle of a function declaration.patrick2016-12-231-3/+3
| | | | ok jca@
* Write RFC 3820 manual page PROXY_POLICY_new(3) from scratch.schwarze2016-12-232-1/+91
| | | | | | These four functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write ACCESS_DESCRIPTION_new(3) manual page from scratch.schwarze2016-12-232-1/+142
| | | | | | All four functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new EXTENDED_KEY_USAGE_new(3) manual page from scratch.schwarze2016-12-232-1/+76
| | | | | | Both functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new POLICYINFO_new(3) manual page from scratch; i can't say thatschwarze2016-12-232-1/+189
| | | | | | i particularly like these fourteen functions, but they are all listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new NAME_CONSTRAINTS_new(3) manual page from scratch.schwarze2016-12-232-1/+89
| | | | | | These functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new BASIC_CONSTRAINTS_new(3) manual from scratch, explainingschwarze2016-12-232-1/+81
| | | | | | | the important point of how to distinguish CA certificates from end entity certificates. Both functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new DIST_POINT_new(3) manual page from scratch.schwarze2016-12-232-1/+135
| | | | | | All functions documented here are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Write new AUTHORITY_KEYID_new(3) manual page from scratch.schwarze2016-12-232-1/+67
| | | | | | Both functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Link to Peter Gutmann's classic "X.509 Style Guide".schwarze2016-12-231-2/+11
| | | | | | | | | | Thanks to otto@ for making me aware of it. If people know newer documents that are similarly readable and interesting, please speak up. I hate sending people to the STANDARDS only for more information. On the one hand, that's torture, and on the other hand, if i read Gutmann correctly, the standards sometimes provide bad advice, and often none at all.
* Write GENERAL_NAME_new(3) manual page from scratch - as if plain X.501schwarze2016-12-232-1/+138
| | | | | | | Name structures weren't already complicated enough, see X509_NAME_new(3). All these functions are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* no more bn_dump(3);jmc2016-12-221-3/+2
|
* OBJ_obj2txt() should return the total amount of space requiredinoguchi2016-12-221-5/+1
| | | | | reported by @rhenium on GitHub ok jsing@
* Write new manual pages PKCS12_new(3) and PKCS12_SAFEBAG_new(3) fromschwarze2016-12-224-6/+195
| | | | | | | | | | | scratch. All these functions are listed in <openssl/pkcs12.h> and in OpenSSL doc/man3/X509_dup.pod. As usual, OpenSSL documentation specifies the wrong header file. Note that PKCS#12 documentation is still scanty at best. For example, out of 19 public functions handling PKCS12 objects, five are now documented, and this commit documents the first two out of 24 public functions handling PKCS12_SAFEBAG objects.
* spelling fix;jmc2016-12-221-2/+2
|
* Write X509_SIG_new(3) manual page from scratch. Both functions areschwarze2016-12-222-1/+61
| | | | | listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* reference X509_new(3) instead of x509(3)schwarze2016-12-221-3/+3
|
* Delete the x509(3) manual page and merge what little content remainedschwarze2016-12-223-136/+27
| | | | into X509_new(3). Add information about STANDARDS.
* Stop installing the bn_dump(3) manual page.schwarze2016-12-221-2/+1
| | | | The functions documented there are no longer public.
* Write new PKCS8_PRIV_KEY_INFO_new(3) manual page from scratch.schwarze2016-12-223-4/+61
| | | | | | Both functions are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod. Note that OpenSSL documentation specifies the wrong header file.
* rewrite OCSP_parse_url to be sligthly less nasty and not have one byte ↵beck2016-12-211-78/+34
| | | | | | buffer overreads helpful nitpicking and ok tb@ miod@
* Pacify compiler warning about an unitialized variable which is obviouslyderaadt2016-12-211-3/+3
| | | | | not really being used. ok beck.
* Update regress for ECDHE with X25519.jsing2016-12-211-41/+41
|
* Bump libcrypto/libssl/libtls majors due to libcrypto symbol removal andjsing2016-12-213-3/+3
| | | | changes to libssl non-opaque structs.
* Add minimum and maximum version fields to SSL, SSL_CTX and SSL_METHODjsing2016-12-211-1/+10
| | | | | | for future work. Discussed with beck@
* Add support for ECDHE with X25519.jsing2016-12-217-91/+316
| | | | | | Testing of an earlier revision by naddy@. ok beck@
* Update libcrypto regress to handle header and non-exported symbol changes.jsing2016-12-214-4/+10
|
* Explicitly export a list of symbols from libcrypto.jsing2016-12-2139-184/+3744
| | | | | | | | | | | | | | | | Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@
* Remove prototypes from the public header for X509_VERIFY_PARAM functionsjsing2016-12-212-6/+7
| | | | | | that were recently added but not intended to be made public at this stage. Discussed with beck@
* Ensure negative time/timeout are handled appropriately.jsing2016-12-211-1/+27
|
* Delete completely useless crap and just use getaddrinfo. Fix man pagebeck2016-12-202-62/+11
| | | | | | | while we're at it. Note for the nostalgic, since "wais" is still an alias in /etc/services it will continue to work.. ok deraadt@ millert@ krw@
* fix typo, from OpenSSLschwarze2016-12-191-4/+4
| | | | | | commit 0b742f93ea7882a447f6523ac56a6f847d9f8e92 Author: Finn Hakansson <finn_hakansson@yahoo.com> Date: Thu Dec 15 12:58:19 2016 -0500
* Revise regress for changes to ssl_parse_serverhello_tlsext().jsing2016-12-181-3/+3
| | | | Same diff from inoguchi@
* Convert ssl3_get_server_hello() to CBS.jsing2016-12-183-60/+67
| | | | ok doug@
* Define X25519_KEY_LENGTH and use it so we have fewer magic numbers.jsing2016-12-172-6/+12
| | | | ok beck@
* Write new X509_ATTRIBUTE(3) manual page from scratch.schwarze2016-12-172-1/+101
| | | | | | | | | | Both functions are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file. The design and use of this data type feels horrific. If you understand PKCS#8 or PKCS#10 and can explain why this was designed as it is, your contribution to this manual page is welcome.
* Write a new manual page X509_REQ_new(3) from scratch.schwarze2016-12-172-1/+84
| | | | | | These four functions are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file.
* Eliminate some gcc warnings about 'unused variables', mostly bykrw2016-12-161-2/+2
| | | | | | adding appropriate #ifdef's around declarations. ok millert@ (with a tweak I will commit separately)
* various minor cleanup;jmc2016-12-1610-34/+34
|
* Document X509_REVOKED_new(3) and X509_REVOKED_free(3) and moveschwarze2016-12-163-49/+157
| | | | | | X509_REVOKED_set_serialNumber(3) and X509_REVOKED_set_revocationDate(3) into this new page. Replace irrelevant cross references with relevant cross references to X509_CRL* pages.
* Write X509_CRL_new(3) manual page from scratch. These four functionsschwarze2016-12-162-1/+92
| | | | | | | are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod. Note that the OpenSSL documentation specifies the wrong header file. Link to all pages dealing with X509_CRL objects.
* Write new X509_CINF_new(3) manual page from scratch. These functionsschwarze2016-12-162-1/+99
| | | | | are listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod. Note that the OpenSSL documentation specifies the wrong header file.
* Document ERR_FATAL_ERROR(3), tweaked by me.schwarze2016-12-161-7/+18
| | | | | | OpenSSL commit 036ba500f7886ca2e7231549fa574ec2cdd45cef Author: Benjamin Kaduk <bkaduk@akamai.com> Date: Thu Dec 8 12:01:31 2016 -0600
* Fix error in the description of BUF_reverse(3), tweaked by me.schwarze2016-12-161-5/+10
| | | | | | OpenSSL commit 498180de5c766f68f6d2b65454357bc263773c66 Author: Dmitry Belyavskiy <beldmit@gmail.com> Date: Mon Dec 12 15:35:09 2016 +0300
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-31 16:12:36 +0000