summaryrefslogtreecommitdiff
path: root/src/lib/libssl/man (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Link to SSL_read_early_data(3)kn2022-09-171-3/+3
| | | | OK tb
* fix repeated wordsjsg2022-09-101-3/+3
| | | | ok ok miod@ ack ack jmc@
* AESCGM -> AESGCMjsg2022-07-171-4/+4
|
* add .Xr links to SSL_CTX_set_security_level(3)schwarze2022-07-135-15/+20
|
* Start documenting our new pet octopus, SSL_CTX_set_security_level(3).schwarze2022-07-132-1/+161
| | | | | | | Or should we call it a centipede? Feedback and OK on a previous version from jsing@ and from our chief myriapodologist, tb@.
* man pages: add missing commas between subordinate and main clausesnaddy2022-03-314-18/+18
| | | | | | | jmc@ dislikes a comma before "then" in a conditional, so leave those untouched. ok jmc@
* man pages: add missing word, The foo() ... -> The foo() function ...naddy2022-03-291-5/+6
| | | | ok jmc@ schwarze@
* man pages: add missing commas in enumerationsnaddy2022-03-291-3/+3
|
* Avoid gendered language in man pages when not referring to a specificjsg2022-02-181-4/+4
| | | | | | | | person. Rewrite or use singular they. ok thfr@ sthen@ daniel@ ian@ job@ kmos@ jcs@ ratchov@ phessler@ and others I'm likely missing on an earlier version. feedback tj@, feedback and ok jmc@
* remove please from manual pagesjsg2022-02-061-3/+3
| | | | ok jmc@ sthen@ millert@
* Rewrite paragraph to refer to EVP_CIPHER_CTX_new() and HMAC_CTX_new()tb2022-01-251-6/+6
| | | | | | to match reality. spotted by/ok jmc
* spellingjsg2022-01-152-6/+6
| | | | ok tb@
* s/ECDHE/ECDH/jsing2021-11-301-3/+3
| | | | | | | If we can provide an EC key that is used, then it is by definition non-ephemeral. ok tb@
* spellingjsg2021-11-261-3/+3
| | | | ok schwarze@
* Fix HISTORY section: 6.9 -> 7.0tb2021-10-271-3/+3
|
* sort. alphanumerics have lower ASCII values than '_'tb2021-10-251-5/+5
|
* Install SSL_read_early_data.3. I should have done this during the lasttb2021-10-251-4/+2
| | | | libssl bump.
* merge documentation for SSL_read_ex(3), SSL_peek_ex(3), and SSL_write_ex(3)schwarze2021-10-242-61/+130
| | | | from the OpenSSL 1.1.1 branch, which is still under a free license
* fix wrong and missing return types and wrong macros in the SYNOPSIS;schwarze2021-10-231-10/+18
| | | | while here, also apply some minor wording improvements
* Add new OpenSSL API SSL_CTX_set_num_tickets and friends.beck2021-10-231-0/+55
| | | | | | | | | Since we don't support session tickets in LibreSSL at the moment these functions currently do not have any effect. Again, symbols will appear with tb@'s reptar sized bump.. ok tb@
* oops, wrong dir.tb2021-10-232-301/+0
| | | | pointed out by schwarze
* Import documentation for X509_get_extension_flags, X509_get_key_usage,tb2021-10-231-0/+211
| | | | | | | X509_get_extended_key_usage from OpenSSL. Will be linked to the build after the bump. input/lgtm schwarze
* Import documentation for X509_SIG_get{0,m} from OpenSSL. Will be linkedtb2021-10-231-0/+90
| | | | | | to the build after the bump. tweak & lgtm schwarze
* tweak previous: properly mark up function pointer typedefschwarze2021-10-231-6/+18
| | | | plus .Dv NULL, SEE ALSO, HISTORY
* Add SSL_CTX_set_keylog_callback and SSL_CTX_get_keylog_callbackbeck2021-10-232-1/+46
| | | | | | | | Some things in ports care about calling these functions. Since we will not provide private key logging functionality they are documented as being for compatibility and that they don't do anything. ok tb@
* provide a small manual page for the SSL_set_psk_use_session_callback(3)schwarze2021-09-142-1/+88
| | | | | stub, written from scratch; OK tb@ on SSL_set_psk_use_session_callback.3
* Merge the stub SSL_SESSION_is_resumable(3) manual page from theschwarze2021-09-143-3/+86
| | | | | | OpenSSL 1.1.1 branch, which is still under a free license. A few tweaks to wording and structure by me. OK tb@ on SSL_SESSION_is_resumable.3
* merge the description of SSL_get_tlsext_status_type(3)schwarze2021-09-111-3/+35
| | | | from the OpenSSL 1.1.1 branch, which is still under a free license
* Do not ignore SSL_TLSEXT_ERR_FATAL from the ALPN callbacktb2021-09-101-3/+7
| | | | | | | | | | | | | | | | | | | As reported by Jeremy Harris, we inherited a strange behavior from OpenSSL, in that we ignore the SSL_TLSEXT_ERR_FATAL return from the ALPN callback. RFC 7301, 3.2 states: 'In the event that the server supports no protocols that the client advertises, then the server SHALL respond with a fatal "no_application_protocol" alert.' Honor this requirement and succeed only on SSL_TLSEXT_ERR_{OK,NOACK} which is the current behavior of OpenSSL. The documentation change is taken from OpenSSL 1.1.1 as well. As pointed out by jsing, there is more to be fixed here: - ensure that the same protocol is selected on session resumption - should the callback be called even if no ALPN extension was sent? - ensure for TLSv1.2 and earlier that the SNI has already been processed ok beck jsing
* comment out the detailed description of SSL_get_servername(3),schwarze2021-09-011-7/+9
| | | | | | leaving only the basic description in the RETURN VALUES section; tb@ pointed out LibreSSL does not currently provide all those guarantees, and he also OK'ed this diff
* sync with OpenSSL 1.1.1, which is still under a free license;schwarze2021-08-301-15/+107
| | | | | | | in particular, this includes new text by Matt Caswell from OpenSSL commit 721eb8f6 Nov 28 12:03:00 2019 +0000 and corrects a wrong argument type that i introduced into the SYNOPSIS; requested by tb@
* Fix .Xr order. From mandoc -Tlint.tb2021-06-262-7/+7
|
* space between macro args and punctuation;jmc2021-06-121-10/+10
|
* RFC 4507bis can refer to various RFCs but this instance is abouttb2021-06-121-4/+5
| | | | | | | RFC 5077. Note that session resumption via session tickets is only for TLSv1.2 and earlier. prompted by a question by/ok jmc
* space between RFC and number;jmc2021-06-116-26/+26
|
* add AES-GCM constants from RFC 7714 for SRTPlandry2021-06-111-2/+6
| | | | | | | | | | SRTP_AEAD_AES_128_GCM/SRTP_AEAD_AES_256_GCM can be used as DTLS-SRTP protection profiles - seen with an update of telephony/baresip i'm working on. adapted from openssl commit 43e5faa2539ae8aae6ef55be2239b9b1a77fea45 ok tb@ jsing@
* Merge documentation for SSL_CIPHER_find(3) from OpenSSL 1.1.1.tb2021-05-121-2/+29
|
* Install SSL_SESSION_get0_cipher.3tb2021-05-121-1/+2
|
* Document SSL_SESSION_get0_cipher(3)tb2021-05-121-0/+94
| | | | | | | Based on the OpenSSL 1.1.1 manual written by Rich Salz with a healthy dose of improvements by schwarze. ok schwarze
* Document SSL_CTX_get_ssl_method(3)tb2021-05-111-4/+15
|
* mention DTLS1_2_VERSIONtb2021-04-151-3/+4
|
* Mention DTLS1_2_VERSION here, tootb2021-04-151-6/+8
|
* Document SSL_OP_NO_DTLSv1{,_2}tb2021-04-151-2/+15
|
* Document DTLSv1_2_{,client_,server_}method(3)tb2021-04-151-4/+36
|
* Merge documentation for SSL_is_dtls() from OpenSSLtb2021-04-151-5/+21
|
* Update for DTLSv1.2 support.tb2021-03-311-2/+4
|
* Document SSL_set_hostflags(3) and SSL_get0_peername(3)tb2021-03-311-18/+4
| | | | ok bcook inoguchi jsing
* Document SSL_use_certificate_chain_file(3)tb2021-03-311-11/+3
| | | | ok bcook inoguchi jsing
* Prepare documenting SSL_use_certificate_chain_filetb2021-03-191-2/+19
|
* missing word in commenttb2021-01-301-3/+3
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 17:13:33 +0000