summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Provide OCSP_SINGLERESP_get0_id().jsing2018-03-173-2/+10
|
* Provide SSL_CIPHER_get_auth_nid(), SSL_CIPHER_get_cipher_nid(),jsing2018-03-173-2/+110
| | | | | SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_is_aead().
* Provide object identifier for chacha20-poly1305.jsing2018-03-172-0/+3
|
* Provide object identifiers for TLS cipher suite key exchange andjsing2018-03-172-0/+20
| | | | authentication.
* Provide X509_REVOKED_dup().jsing2018-03-173-2/+10
|
* Provide SSL_SESSION_get0_id_context().jsing2018-03-173-11/+22
|
* Consistently spell "IPsec" in comments and debug outputs.mpi2018-03-161-2/+2
| | | | From Raf Czlonka, ok sthen@
* Fix a format string issue that Go 1.10 complains about.jsing2018-03-151-1/+1
|
* Also bump libtls minor after the addition of SSL_CTX_get_min/max_proto_versionjca2018-03-151-1/+1
| | | | cluebat tb@
* Provide SSL_CTX_get_min_proto_version and SSL_CTX_get_max_proto_versionjca2018-03-157-28/+117
| | | | | | | | | We already provided the setters, so also provide the getters like OpenSSL does. Addition prompted by the use of those functions in recent openvpn releases. manpage diff from schwarze@ (thanks!) with input from jsing@, ok tb@ jsing@
* ensure SYS_getrandom and GRND_NONBLOCK are both defined before using ↵bcook2018-03-131-4/+4
| | | | | | | getrandom(2) Based on discussion here https://github.com/libressl-portable/openbsd/pull/82 Suggested fix from jsing@
* Fix for processing of EC public keyinoguchi2018-03-122-15/+27
| | | | | | | | | | | | | | Prevents segmentation fault while reading EC private key without public key. Generates missing EC public key when reading EC private key. Refer to these OpenSSL commits: 1f2b943254ce590867717375e4f364860a9b7154 2083f7c465d07867dd9867b8742bb71c03d1f203 Reported on GitHub https://github.com/libressl-portable/portable/issues/395 by Anton Bukov (@k06a) . ok beck@
* un-revert tls_init pthread_once change, now that stub is added so that ↵beck2018-03-082-15/+23
| | | | builds work
* backout. diff was not tested comprehensively, resulting in a broken tree.deraadt2018-03-072-22/+14
|
* Make tls_init() concurrently callable using pthread_once().beck2018-03-072-15/+23
| | | | | | | | | | | ok jsing@ This brings pthread_once usage into libressl, which will need to get dealt with correctly in portable. This sets us up to autoinit libtls, and we will also be using pthread_once to deal with autoinit stuff in libssl and libcrypto
* use _ALIGN() which is uhm a bit OpenBSD-specific, but it means wederaadt2018-03-061-3/+2
| | | | | | don't need to use sys/param.h at all, guess which one i believe is greater namespace polution ok otto
* Use _MAX_PAGE_SHIFT, rather than #ifdef mips64deraadt2018-03-051-6/+2
| | | | ok guenther kettenis
* Provide macro versions of SSL_CTX_set_min/max_proto_version and friendsjca2018-03-031-1/+16
| | | | | Needed at least by openvpn-2.4.5, which detects availability of this interface using #ifdefs... Discussed with & ok jsing@
* Two new manual pages OPENSSL_sk_new(3) and STACK_OF(3), written fromschwarze2018-03-013-1/+749
| | | | scratch, tweaks and OK jsing@ and jmc@.
* ca start/enddates require all 4 yyyy from 2050 on; first twojmc2018-02-281-6/+6
| | | | | | are otherwise optional diff from holger mikolon, tweaked a bit by me
* Garbage collect RC5 documentation.schwarze2018-02-272-25/+6
| | | | | | We have no code implementing it, tedu@ took care of the rc5/ directory in 2014, the related files are commented out in arch/*/Makefile.inc, and opensslfeatures.h contains an explicit #define OPENSSL_NO_RC5.
* Garbage collect MD2 documentation.schwarze2018-02-273-73/+21
| | | | We have no code implementing those functions.
* fix a wrong preposition; from Daniel Bevenius at gmail dot comschwarze2018-02-271-4/+5
| | | | via OpenSSL commit cbade361 Dec 12 13:14:45 2017 +0100
* Add a cross reference to SSL_get_ex_data_X509_STORE_CTX_idx(3);schwarze2018-02-271-3/+9
| | | | | from Rich Salz <rsalz@openssl.org> via OpenSSL commit 9e183d22 Mar 11 08:56:44 2017 -0500.
* Import SSL_CTX_set_tlsext_use_srtp(3) from OpenSSL, slightly tweaked by me.schwarze2018-02-272-1/+190
|
* Add four options that exist in our tree and are documented in OpenSSL.schwarze2018-02-271-1/+9
|
* sort option list alphabetically in preparation for adding missing options;schwarze2018-02-271-28/+28
| | | | no text change
* Mention that SSL_OP_TLSEXT_PADDING no longer has any effect,schwarze2018-02-271-12/+10
| | | | | and correct the description of SSL_OP_ALL. Found by inspecting <openssl/ssl.h>.
* Merge the documentation of SSL_CIPHER_get_id(3) andschwarze2018-02-271-42/+71
| | | | | the new RETURN VALUES section from OpenSSL, tweaked by me. While here, correct the description of SSL_CIPHER_description(3).
* In ssl.h rev. 1.145 2018/02/22 17:30:25, jsing@ provided SSL_is_server(3).schwarze2018-02-271-9/+34
| | | | | Merge the documentation from OpenSSL, slightliy tweaking the wording for precision. The connection is not necessarily "working" yet.
* In ssl.h rev. 1.144 2018/02/22 17:29:24, jsing@ provided SSL_up_ref(3).schwarze2018-02-271-6/+19
| | | | Merge the documentation from OpenSSL.
* In ssl.h rev. 1.143 2018/02/22 17:27:07, jsing@ providedschwarze2018-02-261-6/+24
| | | | SSL_CTX_get_ciphers(3). Merge the documentation from OpenSSL.
* In ssl.h rev. 1.142 2018/02/22 17:25:18, jsing@ providedschwarze2018-02-261-12/+23
| | | | | SSL_SESSION_up_ref(3). Merge the documentation from OpenSSL, tweaked by me.
* In x509.h rev. 1.41 2018/02/22 17:22:02, jsing@ providedschwarze2018-02-261-6/+31
| | | | | X509_chain_up_ref(3). Merge the documentation from OpenSSL, tweaked by me.
* In x509_vfy.h rev. 1.24 2018/02/22 17:19:31, jsing@ providedschwarze2018-02-252-6/+40
| | | | | X509_STORE_set_ex_data(3) and X509_STORE_get_ex_data(3). Document them.
* In x509_vfy.h rev. 1.24 2018/02/22 17:19:31, jsing providedschwarze2018-02-254-59/+137
| | | | | | | | X509_STORE_get0_objects(3). Merge the documenteation from OpenSSL, heavily tweaked by me. While here, document six additional public functions closely related to X509_STORE_set1_param(3) that OpenSSL lacks documentation for. No Copyright-worthy amount of text remains in X509_STORE_set1_param.3, so switch to my Copyright and license.
* In x509_vfy.h rev. 1.23 2018/02/22 17:17:09, jsing@ providedschwarze2018-02-252-1/+218
| | | | | | | X509_OBJECT_get0_X509(3) and X509_OBJECT_get0_X509_CRL(3). Since they are undocumented in OpenSSL, write a new manual page from scratch, also documenting five closely related public functions that have already been available before.
* In x509_vfy.h rev. 1.22 2018/02/22 17:15:09, jsing@ providedschwarze2018-02-258-15/+157
| | | | | | X509_STORE_up_ref(3). X509_STORE_new(3) and X509_STORE_free(3) have already been available earlier. Import the documentation from OpenSSL, adding some precision.
* In x509_vfy.h rev. 1.21 2018/02/22 17:11:30, jsing@ providedschwarze2018-02-251-1/+19
| | | | | X509_STORE_CTX_get0_store(3). It is undocumented in OpenSSL, so write some documentation from scratch.
* In x509_vfy.h rev. 1.21 2018/02/22 17:11:30, jsing@ providedschwarze2018-02-252-14/+32
| | | | | | | | | | X509_STORE_CTX_get0_chain(3). Adapt the documentation. It is absurd that OpenSSL documents the two almost identical functions X509_STORE_CTX_get0_chain(3) and X509_STORE_CTX_get1_chain(3) in two different manual pages, with quite different wordings, and without even referencing each other. It is very obvious that they have lost their way in their own mire of functions.
* In x509.h rev. 1.37 2018/02/22 17:01:44, jsing@ providedschwarze2018-02-251-7/+65
| | | | | | | X509_CRL_set1_lastUpdate(3) and X509_CRL_set1_nextUpdate(3) and in rev. 1.39 2018/02/22 17:06:42 X509_set1_notBefore(3) and X509_set1_notAfter(3). Document them, again from scratch because what OpenSSL provides is slightly confusing.
* Correct the description of ASN1_item_free(3) with respect toschwarze2018-02-251-4/+13
| | | | | optional reference counting. ETOOMUCHMAGIC. By the way, this public hellhole is still undocumented in OpenSSL.
* In x509.h rev. 1.35 2018/02/22 16:53:42, jsing@ providedschwarze2018-02-251-5/+29
| | | | | | | X509_CRL_up_ref(3). Since it is undocumented in OpenSSL, write some documentation from scratch. While here, also correct the description of X509_CRL_free(3) and mention X509_CRL_dup(3), too.
* In x509.h rev. 1.34 2018/02/22 16:50:30, jsing@ providedschwarze2018-02-242-8/+42
| | | | | | X509_REQ_get_signature_nid(3), in rev. 1.36 2018/02/22 16:58:45 X509_CRL_get_signature_nid(3), and in rev. 1.40 2018/02/22 17:09:28 X509_get0_tbs_sigalg(3). Merge the documentation from OpenSSL.
* In x509.h rev. 1.33 2018/02/22 16:47:50, jsing@ providedschwarze2018-02-243-9/+33
| | | | | | X509_REVOKED_get0_serialNumber(3) and X509_REVOKED_get0_revocationDate(3). Merge the documentation from OpenSSL, but put it into X509_REVOKED_new(3) rather than into X509_CRL_get0_by_serial(3) because it fits better there.
* In x509.h rev. 1.33 2018/02/22 16:47:50, jsing@ providedschwarze2018-02-241-12/+31
| | | | | | X509_REVOKED_get0_extensions(3) and in rev. 1.36 2018/02/22 16:58:45 X509_CRL_get0_extensions(3). Merge the documentation from OpenSSL and fix a few minor typos while here.
* In ssl.h rev. 1.141 2018/02/20 18:07:11, tb@ providedschwarze2018-02-247-12/+106
| | | | | SSL_SESSION_get_protocol_version(3). Import the documentation form OpenSSL, tweaked by me, OK tb@.
* In bio.h rev. 1.39 2018/02/22 16:38:43, jsing@ provided BIO_up_ref(3).schwarze2018-02-241-12/+57
| | | | | | Merge the documentation from OpenSSL, tweaked by me. While here, fix the in parts imprecise, in parts incorrect descriptions of BIO_new(3), BIO_set(3), BIO_free(3), and BIO_free_all(3).
* In evp.h rev. 1.58 2018/02/20 18:05:28, tb@ providedschwarze2018-02-241-6/+13
| | | | EVP_PKEY_get0_EC_KEY(3). Merge the documentation from OpenSSL.
* In dh.h rev. 1.23 2018/02/20 17:59:31, tb@ provided DH_bits(3).schwarze2018-02-241-10/+21
| | | | Merge the documentation from OpenSSL, tweaked by me.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-06 16:43:17 +0000