| Commit message (Collapse) | Author | Files | Lines |
|---|
|
in ssl(3) and <openssl/ssl.h>, so it is clearly public.
|
|
Mentioned in ssl(3) and <openssl/ssl.h>, so it is public.
|
|
SSL_add_dir_cert_subjects_to_stack(3), written from scratch.
Both functions are listed in ssl(3) and <openssl/ssl.h> and recommended
for the use by browsers in source code comments, so they are clearly
public interfaces.
Mention deduplication.
Purge some duplicate text and improve some wording while here.
Two additional cross references instead of the useless ssl(3).
Add HISTORY, AUTHORS, and BUGS.
It is depressing that BUGS (purely from code inspection) became
longer than the DESCRIPTION.
|
|
ok doug@
|
|
this contains the session master key.
ok deraadt@ doug@
|
|
this contains the session master key.
ok deraadt@ doug@
|
|
From Henri Kemppainen
|
|
a public interface since it's listed both in ssl(3) and in
<openssl/ssl.h>. Nothing to pilfer from OpenSSL in this case...
|
|
because that's what <openssl/ssl.h> #defines.
That's likely a typo in the header file because all the other
functions are called *tmp_rsa*(). But it would be a bad idea to
fix such a bug in interfaces that are only provided for backward
compatibility in the first place, so i'm adjusting the manual to
be bug-compatible with the code, for now.
But, pretty please, for the next major bump, somebody go get Bob's
flensing knife and excise this part of the interface. Like, export
ciphers? Really?
|
|
|
|
A specially crafted struct sockaddr_dl argument can trigger a stack
overflow of a static buffer in libc. An attacker may be able to
use this to write to arbitrary locations in the data segment.
From FreeBSD (glebius); OK deraadt@ mestre@
|
|
Garbage collect empty RETURN VALUES section.
Delete useless cross reference to ssl(3).
Add cross reference to SSL_SESSION_new(3).
|
|
The function prototype is listed in ssl(3) and <openssl/ssl.h>, so
it's clearly a public interface, but OpenSSL has no documentation
about it whatsoever.
|
|
|
|
|
|
we don't define preprocessor constants for the related NIDs,
so delete the subsection discussing them.
|
|
to be pointed to from random individual pages.
|
|
|
|
Mention AES, Chacha20, ECDSA, OCSP, OPENSSL_config.
Improve many cross references.
Convert the table into some real text and polish some wording.
Stop talking about SSL.
Drop vague references to undocumented internals (objects, stack, txt_db).
Delete verbiage that says nothing or is duplicate.
Ultimately, the content of this page should be merged into
OPENSSL_init_crypto(3), but we don't have that function yet,
so the merge has to wait.
|
|
|
|
ok doug@
|
|
handshake functions, we can remove more copied code from DTLS.
|
|
up and restructure.
This also adds CBB based variants of the ssl3_handshake_msg_{start,finish}
functions - for the time being these use a CBB to build the messages, then
copy back into the init_buf.
ok doug@
|
|
to functions, so delete the BIO(3) manual page and merge its content
into BIO_new(3) and BIO_push(3).
Sort the content of BIO_new(3) into a logical order
and improve the wording in various ways.
Add the required cross references to BIO_push(3).
|
|
|
|
Merge documentation of d2i_X509_AUX(3) and i2d_X509_AUX(3) from OpenSSL.
Correct the prototype of d2i_X509(3), from OpenSSL.
Merge warnings against "reuse" functionality from OpenSSL.
|
|
Update a cross reference, from OpenSSL.
|
|
Merge documentation of some additional {d2i,i2d}_{D,R}SA_PUBKEY_{bio,fp}(3)
functions from OpenSSL.
|
|
|
|
|
|
|
|
Add one cross reference, from OpenSSL.
|
|
|
|
Merge documentation of X509_up_ref(3) from OpenSSL.
|
|
|
|
|
|
|
|
since we don't have that function, call the page X509_STORE_set1_param(3)
|
|
|
|
|
|
Mention that X509_STORE_CTX_free(3) accepts NULL.
|
|
Never include <openssl/x509_vfy.h> directly; from OpenSSL.
Merge a typo fix from OpenSSL.
|
|
|
|
Better explain the last argument of X509_NAME_oneline(3), from OpenSSL.
|
|
More explanations about X509_NAME_get_index_by_NID(3) from OpenSSL.
Merge a typo fix in EXAMPLES from OpenSSL.
|
|
Merge correction of buggy EXAMPLES from OpenSSL.
|
|
|
|
|
|
|
|
the number of bytes written via an explicit *outlen argument and retaining
the return value to indicate success or failure.
ok doug@
|
