summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Further improve the documentation of library initialization and configuration.schwarze2019-06-149-94/+126
| | | | | | | | | Among other improvements: * Use a uniform wording at the top of the DECSRIPTION for obsolete pages. * Better explain how to use a non-standard configuration file. * Remove obsolete functions from SEE ALSO. Triggered by some suggestions from tb@. Tweaks and OK tb@.
* Add more options to pkcs12 and smime in appstest.shinoguchi2019-06-131-10/+13
|
* Set malloc_options in global scope with an initializer.bluhm2019-06-122-10/+8
| | | | recommended by otto@
* add missing backlinks to ssl(3)schwarze2019-06-1231-64/+100
|
* List all 17 SSL pages that were missing.schwarze2019-06-121-51/+89
| | | | | | Split some excessively long lists into useful sub-categories. Add a new, very short subsection "Obsolete functions" at the end. OK tb@ jmc@
* Disable junking with malloc options. If set, the test hangs on lowbluhm2019-06-111-2/+5
| | | | | memory arm64 machines. found by patrick@; OK otto@
* delete references to ERR pages from SEE ALSO where suchschwarze2019-06-1035-115/+79
| | | | references were already given below RETURN VALUES right above
* Add pkcs12 options and smime tests for appstest.shinoguchi2019-06-101-8/+40
| | | | | - Add some options to pkcs12 test. - Add smime tests for encrypt, decrypt and pk7out.
* add links back to crypto(3) to function group entry pagesschwarze2019-06-1022-45/+70
| | | | | and to isolated obsolete pages; OK bcook@ jmc@
* remove pointless NOTES section header linesschwarze2019-06-089-27/+27
|
* Delete the display of the RSA_METHOD objectschwarze2019-06-081-70/+1
| | | | | | | | | | which is now supposed to be opaque. OK tb@ I checked that all the information contained in comments in the display is available from the appropriate places in RSA_meth_new(3) and RSA_set_flags(3). Note that the comments regarding "mod_exp", "init", and "finish" were half-misleading simplifications, anyway.
* In rsa.h rev. 1.40, gilles@ provided several new RSA_METHOD accessors.schwarze2019-06-085-46/+499
| | | | | Update the documentation. OK tb@ jmc@
* document the RSA_FLAG_* constants for RSA_*_flags(3);schwarze2019-06-081-3/+76
| | | | OK tb@ jmc@
* Remove the last references to the RAND_*(3) functions.schwarze2019-06-0712-47/+34
| | | | | | These references were misleading because these functions are no longer used internally and applications should not call them either. Issue brought up by tb@.
* link to EVP_EncodeInit(3), which was the only missing child pageschwarze2019-06-071-1/+6
|
* link back to evp(3), just like for the other group entry pagesschwarze2019-06-071-2/+3
|
* Remove pointless direct backlinks from the leaf pages HMAC(3) andschwarze2019-06-072-6/+4
| | | | | | | PKCS5_PBKDF2_HMAC(3) to the top level page evp(3). The leaf pages still have backlinks to the group entry page EVP_DigestInit(3), which is enough. Redundancy and asymmetry pointed out by tb@.
* remove cross-references to the obsolete function OpenSSL_add_all_algorithms(3)schwarze2019-06-073-21/+7
|
* tidy up the formatting of gendsa synopsis a little;jmc2019-06-071-5/+3
|
* Convert openssl(1) gendsa to the newer style of option handlinginoguchi2019-06-072-84/+178
| | | | | | | | - Adapt openssl(1) gendsa command to new option handling. - Add lacking ciphers and passout description in openssl.1 manpage. - Describe paramfile as argument in openssl.1 manpage. ok bcook@
* minor errors in previous commit pointed out by jmc@schwarze2019-06-064-8/+8
|
* Tree structure for manual pages: crypto(3) links to 33 functionschwarze2019-06-06117-281/+539
| | | | | | | | | | | group pages, and these link on to all their second-level subpages. Only a handful of second-level pages have third-level subpages. So all crypto pages can now be reached from the www.libressl.org frontpage via at most four clicks, in most cases three clicks. Also link back from leaf pages to their respective group pages and add a couple of additional links between related pages. Triggered by a question from deraadt@. OK jmc@ tb@
* provide getters and setters for the RSA_METHOD interfacegilles2019-06-056-5/+246
| | | | ok tb@, jsing@, sthen@
* Fix bogus cross reference: EVP_SignDigest* -> EVP_DigestSign*tb2019-06-051-3/+3
|
* OPENSSL_realloc(3) is no longer used, we now use reallocarray(3)schwarze2019-06-041-3/+3
|
* Readability tweak in a comment.tb2019-06-041-2/+2
|
* Remove the blinding later to avoid leaking information on the lengthtb2019-06-041-3/+3
| | | | | | | | of ckinv. Pointed out and fix suggested by David Schrammel and Samuel Weiser ok jsing
* Readability tweaks for comments that explain the blinding.tb2019-06-041-5/+5
|
* Remove the blinding later to avoid leaking information on the lengthtb2019-06-041-3/+3
| | | | | | | | of kinv. Pointed out and fix suggested by David Schrammel and Samuel Weiser ok jsing
* .In openssl/x509_vfy.hschwarze2019-06-041-3/+4
| | | | for consistency with all the other X509_STORE_*(3) manual pages
* Add several missing .In linesschwarze2019-06-041-3/+13
| | | | | and add a sentence pointing to the detailed description in RSA_get_ex_new_index(3), worded like in DH_get_ex_new_index(3).
* Move to env var, likelky the possibility to set malloc options fromotto2019-06-042-19/+8
| | | | main is going away.
* add missing .In linesschwarze2019-06-032-4/+6
|
* add missing .In lineschwarze2019-06-031-2/+3
|
* Complete the ld.so boot cleanup: move most libc initialization fromguenther2019-06-022-8/+5
| | | | | | | | | | | | | | | | | _csu_finish() to _libc_preinit(), which is an .init_array function in shared libc (and mark it INITFIRST) or a .preinit_array function in static libc, grabbing the _dl_cb callback there from ld.so. Then in _csu_finish(), invoke the dl_clean_boot() callback to free ld.so's startup bits before main() gets control. Other cleanups this permits: - move various startup structures into .data.rel.ro - the dl* stubs in libc can be strong and call the callbacks provided via _dl_cb - no longer need to conditionalize dlctl() calls on presence of _DYNAMIC original concept and full diff ok kettenis@ ok deraadt@
* __realpath(2) appears to have improved, so re-enable the code thatderaadt2019-05-301-3/+136
| | | | | checks userland-parsing vs kernel parsing, we are hoping to spot another bug..
* Relax parsing of TLS key share extensions on the server.jsing2019-05-291-5/+2
| | | | | | | | | | | The RFC does not require X25519 and it also allows clients to send an empty key share when the want the server to select a group. The current behaviour results in handshake failures where the client supports TLS 1.3 and sends a TLS key share extension that does not contain X25519. Issue reported by Hubert Kario via github. ok tb@
* Do not send an SNI extension when resuming a session that contains a serverjsing2019-05-291-1/+4
| | | | | | | | name (which means the client sent SNI during the initial handshake). Issue reported by Renaud Allard. ok tb@
* There are some bugs in __realpath(2) -- it isn't quite ready so disablederaadt2019-05-291-136/+3
| | | | calling it until those are fixed.
* Fix typo and label indent.jsing2019-05-281-3/+3
|
* Tidy up some names/structures following the renaming of TLS extensionjsing2019-05-281-35/+35
| | | | | | | | | functions based on message type (clienthello/serverhello), to which side is handling the processing. No intended functional change. ok beck@
* Enable the use of the kernel __realpath() system call in the libc wrapper.beck2019-05-281-3/+136
| | | | | | | | For now, this also still uses the existing realpath implmentation and emits a syslog if we see differening results. Once we have run with that for a little while we will remove the old code ok deraadt@
* Throw malloc_conceal and freezero into the mix.otto2019-05-231-3/+8
|
* Only override size of chunk if we're not given the actual length.otto2019-05-231-2/+3
| | | | Fixes malloc_conceal...freezero with malloc options C and/or G.
* bump to LibreSSL 3.0.0bcook2019-05-231-3/+3
| | | | ok tb@
* add stdlib.h for reallocarraybcook2019-05-231-1/+2
|
* *an* RSA;jmc2019-05-203-9/+9
|
* clarify that later flags modify earlier flags;schwarze2019-05-191-2/+4
| | | | | triggered by a question from Jan Stary <hans at stare dot cz> on misc@; OK otto@
* More consistently put remarks about the less useful LC_* categoties,schwarze2019-05-162-14/+26
| | | | | | i.e. those other than LC_CTYPE, into the CAVEATS section, and standardize wording somewhat. OK jmc@
* delete two stray blank linesschwarze2019-05-151-4/+2
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 12:26:10 +0000