summaryrefslogtreecommitdiff
path: root/src/lib/libssl/Symbols.list (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove SSL_add_compression_methodtb2024-08-311-1/+0
|
* Add SSL_CTX_set1_cert_store() and SSL_CIPHER_get_handshake_digest() totb2024-08-121-0/+2
| | | | Symbols.list
* Unexport SSL_version_strtb2024-04-151-1/+0
| | | | ok jsing
* Remove SSL_debugtb2024-03-021-1/+0
| | | | | | | The garbage truck is quite full by now. Collect the last symbol straggler for this bump. ok jsing
* Remove SSL_CIPHER_get_by_{id,value}()tb2024-03-021-2/+0
| | | | | | | | | While this undocumented API would have been much nicer and saner than SSL_CIPHER_find(), nothing used this except for the exporter test. Let's get rid of it again. libssl uses ssl3_get_cipher_by_{id,value}() directly. ok jsing
* Export SSL_get_{peer_,}signature_type_nid()tb2024-03-021-0/+2
| | | | | | | | | Also move the prototypes to the correct header. Oversight reported by Frank Lichtenheld, thanks! Fixes https://github.com/libressl/openbsd/issues/147 ok jsing
* Set OPENSSL_NO_ENGINE, remove engine codetb2023-07-281-1/+0
| | | | | | | | | | ENGINE was special. It's horrible code even by the low standards of this library. Some ports may now try to use the stubs which will fail, but the fallout from this should be minimal. Of course there are various language bindings that expose the ENGINE API. OpenSSL 3 disabling ENGINE by default will likely help fixing this at some point. ok jsing
* Symbols.list: Drop comments and sort.tb2022-11-111-33/+22
| | | | | | | While grouping the API by its purpose is nice, it doesn't help much if >90% is "general API". ok jsing
* Update Symbols.listtb2022-09-111-0/+11
| | | | ok jsing
* sorttb2022-07-071-1/+1
|
* Update Symbols.listtb2022-07-071-0/+4
| | | | ok jsing
* Update Symbols.list to include API additionstb2021-10-311-0/+10
|
* Update Symbols.list after API additionstb2021-09-101-0/+18
|
* Provide SSL_SESSION_get0_cipher(3)tb2021-05-101-0/+1
| | | | ok jsing
* Provide SSL_CTX_get_ssl_method(3)tb2021-05-101-0/+1
| | | | ok jsing
* Provide SSL_CIPHER_find(3)tb2021-05-101-0/+1
| | | | ok jsing
* Expose various DTLSv1.2 specific functions and definestb2021-03-311-0/+4
| | | | ok bcook inoguchi jsing
* Expose SSL_set_hostflags(3) and SSL_get0_peername(3)tb2021-03-311-0/+2
| | | | ok bcook inoguchi jsing
* Expose SSL_use_certificate_chain_file(3)tb2021-03-311-0/+1
| | | | ok bcook inoguchi jsing
* Provide SSL chain/cert chain APIs.jsing2019-04-041-0/+12
| | | | | | | | | | | These allow for chains to be managed on a per-certificate basis rather than as a single "extra certificates" list. Note that "chain" in this context does not actually include the leaf certificate however, unlike SSL_CTX_use_certificate_chain_{file,mem}(). Thanks to sthen@ for running this through a bulk ports build. ok beck@ tb@
* Provide version agnostic DTLS methods.jsing2019-03-171-0/+3
| | | | ok tb@
* Add a re-implementation of SSL_get1_supported_ciphers().tb2019-01-221-0/+1
| | | | | | | Part of OpenSSL 1.1 API (pre-licence-change). input schwarze ok jsing
* Provide SSL_get_client_ciphers().tb2019-01-221-0/+1
| | | | | | Part of OpenSSL 1.1 API, pre-licence change. ok jsing
* Add SSL_set1_host(), a thin wrapper around X509_VERIFY_PARAM_set1_host().tb2018-11-111-0/+1
| | | | | | | Used by unbound's DNS over TLS implementation to do server name verification. ok jsing
* Provide SSL_SESSION_set1_id()tb2018-03-201-0/+1
| | | | ok jsing
* Bring in compatibility for OpenSSL 1.1 style init functions.beck2018-03-171-0/+3
| | | | | | | | | This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL ok jsing@, nits by tb@ and deraadt@
* Provide SSL_SESSION_get_ticket_lifetime_hint() andtb2018-03-171-0/+2
| | | | | | SSL_SESSION_has_ticket() ok jsing
* Provide SSL_CTX_get_default_passwd_cb{,_userdata}()tb2018-03-171-0/+2
| | | | ok jsing
* Provide SSL_CIPHER_get_auth_nid(), SSL_CIPHER_get_cipher_nid(),jsing2018-03-171-0/+5
| | | | | SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_is_aead().
* Provide SSL_SESSION_get0_id_context().jsing2018-03-171-2/+3
|
* Provide SSL_CTX_get_min_proto_version and SSL_CTX_get_max_proto_versionjca2018-03-151-0/+4
| | | | | | | | | We already provided the setters, so also provide the getters like OpenSSL does. Addition prompted by the use of those functions in recent openvpn releases. manpage diff from schwarze@ (thanks!) with input from jsing@, ok tb@ jsing@
* Provide SSL_is_server().jsing2018-02-221-0/+1
|
* Provide SSL_up_ref().jsing2018-02-221-0/+1
|
* Provide SSL_CTX_get_ciphers().jsing2018-02-221-0/+1
|
* Provide SSL_SESSION_up_ref().jsing2018-02-221-0/+1
|
* Provide SSL_SESSION_get_protocol_version()tb2018-02-201-0/+1
| | | | ok jsing
* Provide SSL_SESSION_get_master_key()jsing2018-02-171-0/+1
|
* Provide SSL_get_client_random() and SSL_get_server_random()jsing2018-02-171-0/+2
|
* Provide SSL_CTX_get0_certificate()jsing2018-02-171-0/+1
|
* Provide SSL_CTX_up_ref().jsing2018-02-141-0/+1
|
* Provide SSL_CTX_get0_param() and SSL_get0_param().jsing2018-02-141-2/+4
| | | | | Some applications that use X509_VERIFY_PARAM expect these to exist, since they're also part of the OpenSSL 1.0.2 API.
* Bring back the NPN related symbols.jsing2017-08-301-0/+3
| | | | | | | | | | | Several pieces of software make use of these based on a conditional around OPENSSL_NPN_NEGOTIATED, rather than using the presence of the symbols, the non-existence of a OPENSSL_NO_NEXTPROTONEG define or even the existence of the TLS extension type. Unfortunately we cannot remove OPENSSL_NPN_NEGOTIATED since the API for ALPN was effectively botched and reuses two parts from the NPN implementation, rather than providing ALPN specific or generic versions.
* Completely remove NPN remnants.jsing2017-08-281-3/+0
| | | | Based on a diff from doug@, similar diff from inoguchi@
* Provide SSL{,_CTX}_set_{min,max}_proto_version() functions.jsing2017-05-061-0/+4
| | | | | | Rides minor bump. ok beck@
* Add support for setting the supported EC curves viajsing2017-01-241-0/+4
| | | | | | | | | | | | | SSL{_CTX}_set1_groups{_list}() - also provide defines for the previous SSL{_CTX}_set1_curves{_list} names. This also changes the default list of EC curves to be X25519, P-256 and P-384. If you want others (such a brainpool) you need to configure this yourself. Inspired by parts of BoringSSL and OpenSSL. ok beck@
* Add an explict list of exported symbols with just the functionsguenther2016-11-041-0/+266
declared in the public headers, and use __{BEGIN,END}_HIDDEN_DECLS in the internal headers to optimize internal functions ok jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-01-15 21:10:32 +0000