| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| | |
|
| |
|
|
|
|
| |
I was told not to look since it will magically get fixed. Fine. I'd still
have expected a minimal amount of care so that the manpage isn't totally
dysfunctional and missing text in the right places. Sigh.
|
| |
|
|
|
|
|
|
|
|
|
| |
This matches when BoringSSL has done, and allows for getting
rid of the dependency on system timegm() and gmtime() in libtls.
which will make life easier for portable, and remove our
dependency on the potentially very slow system versions.
ok tb@ - tb will handle the minor bump bits and expose
on the next minor bump
CVS :----------------------------------------------------------------------
|
| | |
|
| |
|
|
| |
OK tb@
|
| |
|
|
|
| |
This matches what other pages use. Also rewrite the definition of the
modular inverse to be less ugly.
|
| | |
|
| |
|
|
|
| |
The old description was vague, but strictly speaking a lie, so make it
more precise and turn the lie into a truth.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous wording was misleading since the result of X509_ALGOR_new()
is not actually an empty X509_ALGOR object. Rather, it contains the
undefined ASN1_OBJECT returned by OBJ_nid2obj(NID_undef). Therefore using
X509_ALGOR_get0(3) for error checking X509_ALGOR_set_md() is not trivial.
So: change the initial paragraph into a general intro referring to the
OpenSSL API needed to interface with X509_ALGOR and write a new paragraph
documenting X509_ALGOR_new(3) and drop the incorrect suggestion of an error
check. Notably there's now a reference to the OBJ_nid2obj() family without
which one cannot really use X509_ALGOR_* for anything at all.
With and ok schwarze
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The X509_ALGOR_set0() and X509_ALGOR_set_md() documentation comes from
upstream, which means it is as sloppy as the code and as vague as your
average upstream manpage. Be precise on what X509_ALGOR_set0() does on
different inputs and document return values and failure modes.
X509_ALGOR_set_md() is a void function that calls X509_ALGOR_set0() in a
way that can fail, leaving alg in a corrupted state. Document when that
can occur and how to avoid or detect that, but do not go too far, because
EVP_MD_meth_new(), one potential source of failures, is a whole another
can of worms.
joint work with schwarze
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We aligned with upstream behavior. Let's document it properly.
Surprisingly, OpenSSL 1.1 half-assed the docs: two parts of the manual
contradict each other. The part getting EVP_CIPHER_CTX_iv_length() right,
incorrectly documents possible -1 return value to EVP_CIPHER_iv_length().
OpenSSL 3 documentation improvement efforts seem to have tried to address
this issue with the result that the manual is now entirely wrong when it
comes to the EVP_CIPHER_CTX_iv_length() replacement. Par for the course.
|
| |
|
|
| |
crypto(3)
|
| | |
|
| |
|
|
| |
Mention sections 2.1.1 and 2.1.2 in STANDARDS
|
| |
|
|
| |
since it should be a prefix.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Apparently I should have used 2023 despite sharing versions of these
files with several people under this license (and thus permitting them
to redistribute and share with the public). It makes no sense to me,
but shrug.
|
| | |
|
| |
|
|
|
| |
where that feels potentially confusing,
and add one missing .Pp macro; no change of meaning
|
| |
|
|
| |
and fix whitespace on one text line; no change of meaning
|
| |
|
|
| |
and polish one wording; no change of meaning
|
| |
|
|
|
| |
that was also followed by a bogus argument,
and fix one grammatical error; no change of meaning
|
| |
|
|
|
| |
and capitalize "AFI" where is does not refer to the function argument;
no change of meaning
|
| |
|
|
| |
and some missing escaping of HYPHEN-MINUS; no text change
|
| |
|
|
| |
plus some minor markup and punctuation fixes
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
These were the last four RFC 3779 things that check_complete.pl x509v3
complained about. I will surely tweak and try to improve a few things
in the coming days, but the pages should now be stable enough that
review efforts will likely not be wasted. Any feedback appreciated.
|
| |
|
|
|
|
| |
First RFC 3779 page without a BUG section. It could have one, but I'm
in a lenient mood right now. Maybe it's just that this is bad but not
quite as bad as EVP.
|
| |
|
|
|
|
| |
First RFC 3779 page without a BUG section. It could have one, but I'm
in a lenient mood right now. Maybe it's just that this is bad but not
quite as bad as EVP.
|
| |
|
|
| |
Mention a few more bugs and unify manpage descriptions
|
| |
|
|
| |
Also note another bug in X509v3_asid_{canonize,is_canonical}(3).
|
| | |
|
| |
|
|
| |
Let's just say there's room for improvement...
|
| | |
|
| | |
|
| |
|
|
|
| |
Someone clearly didn't actually use much of the code they wrote and exposed
and therefore didn't think it through properly.
|
| | |
|
| |
|
|
| |
ASRange and ASIdOrRange
|
| | |
|
| | |
|
