summaryrefslogtreecommitdiff
path: root/src/lib/libssl/man (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Selectively merge OpenSSL commit e091367d May 5 11:56:45 2017 +0100schwarze2017-08-211-16/+15
| | | | | | | from Matt Caswell <matt at openssl dot org>. In particular, stop talking about SSL 2.0 and SSL 3.0, but do not start talking about TLS 1.3 just yet.
* Mention three functions related to protocol selection by the clientschwarze2017-08-211-3/+48
| | | | | that are deprecated no-ops in LibreSSL, but that OpenSSL explicitly documented on April 19, 2017, without deprecating them.
* Delete non-existent function SSL_flush_sessions();schwarze2017-08-211-12/+4
| | | | | from Rich Salz <rsalz at openssl dot org> via OpenSSL commit 1722496f Jun 8 15:18:38 2017 -0400.
* Delete non-existent functions SSL_add_session() and SSL_remove_session() andschwarze2017-08-211-18/+6
| | | | | | | | | clarify that SSL_CTX_remove_session(3) marks the session as non-resumable. From Rich Salz <rsalz at openssl dot org> via OpenSSL commit 1722496f Jun 8 15:18:38 2017 -0400 and from Matt Caswell <matt at openssl dot org> via OpenSSL commit b8964668 Apr 26 15:16:18 2017 +0100.
* New manual page X509_check_private_key(3), using informationschwarze2017-08-201-3/+4
| | | | | | | | from the OpenSSL manual and from code inspection. Use my own Copyright and license because no Copyright-worthy amount of text from OpenSSL remains. And, no, these functions do *NOT* check private keys, not at all.
* remove a duplicate BIO_do_accept() call from an example;schwarze2017-08-201-12/+6
| | | | | from Beat Bolli <dev at drbeat dot li> via OpenSSL commit 7a67a3ba Jan 18 23:49:43 2017 +0100
* fix .Xr ordering, found with mandoc -Tlintschwarze2017-08-192-6/+6
|
* Import SSL_CTX_set_min_proto_version(3) from OpenSSL, suggested by jsing@.schwarze2017-08-195-7/+134
| | | | | | | | | While importing: * Fix the prototypes, they all contained wrong datatypes. * Delete SSL3_VERSION which is no longer supported. * Delete TLS1_3_VERSION and DTLS1_2_VERSION, not yet supported. * Delete the lie that these would be macros. * Improve SEE ALSO and HISTORY sections.
* fix a typo and mention OpenBSD in HISTORY;schwarze2017-08-191-3/+5
| | | | both pointed out by jsing@
* Remove NPN support.jsing2017-08-121-3/+2
| | | | | | | | | | | | | NPN was never standardised and the last draft expired in October 2012. ALPN was standardised in July 2014 and has been supported in LibreSSL since December 2014. NPN has also been removed from Chromium in May 2016. TLS clients and servers that try to use/enable NPN will fail gracefully and fallback to the default protocol, since it will essentially appear that the otherside does not support NPN. At some point in the future we will actually remove the NPN related symbols entirely. ok bcook@ beck@ doug@
* Import the SSL_CTX_set1_groups(3) manual page from OpenSSL, deletingschwarze2017-08-125-6/+173
| | | | | | the read accessors we don't have and fixing the prototypes - the data type of each and every argument differs in the OpenSSL manuals. Reference the new page from SSL_set_tmp_ecdh(3) as suggested by jsing@.
* New manual page SSL_set_tmp_ecdh(3) written from scratch.schwarze2017-08-124-7/+112
| | | | Feedback and OK jsing@.
* Remove lots of outdated information found by jsing@.schwarze2017-08-121-192/+14
| | | | OK jsing.
* remove bogus ".POD" from .Dt name; noticed by jsing@schwarze2017-08-111-3/+3
|
* add missing and correct misspelled names, most in NAME sections;schwarze2017-08-012-6/+8
| | | | | found with regress/usr.bin/mandoc/db/dbm_dump; OK jmc@
* as noted by Hanno Boeck, using the *check_private_key functions isbenno2017-07-251-6/+22
| | | | | | tricky, especially since the manpage is full of lies. Try to make readers think twice before using them. With oks and help from schwarze@, tedu@, sthen@, jmc@
* nits about trailing punctuation found with mandoc -Tlintschwarze2017-07-051-4/+4
|
* fix cross references to self; found with mandoc -Tlintschwarze2017-07-052-6/+6
|
* fix broken markup of callback arguments; found with mandoc -Tlintschwarze2017-06-102-11/+8
|
* fix some .Xr errors that jmc@ found with mdoclint(1)schwarze2017-04-103-12/+13
|
* new manual page SSL_get_server_tmp_key(3)schwarze2017-04-103-2/+88
| | | | from Matt Caswell <matt@openssl.org>, OpenSSL commit 508fafd8
* Additional SSL_SESSION documentationschwarze2017-04-1011-16/+349
| | | | | from Matt Caswell <matt at openssl dot org>, OpenSSL commit b31db505. Improve crosslinking while here.
* for pure *_ctrl() wrapper macros, move the reference from ssl(3)schwarze2017-04-1014-49/+54
| | | | to SSL_CTX_ctrl(3) to make ssl(3) slightly more palatable
* new manual page SSL_CTX_set_tlsext_servername_callback(3) for SNI;schwarze2017-04-102-1/+126
| | | | | from <Jon dot Spillett at oracle dot com> via OpenSSL commit 8c55c461
* pasto; from <Jon dot Spillett at oracle dot com> via OpenSSL commit 3aaa1bd0schwarze2017-04-101-3/+3
|
* typo fix; from <Jon dot Spillett at oracle dot com>schwarze2017-04-101-5/+5
| | | | via OpenSSL commit 7bd27895
* tweak previous;jmc2017-03-291-3/+5
|
* Fix typo in function name;schwarze2017-03-281-4/+5
| | | | | from Markus Triska <triska at metalevel dot at> via OpenSSL commit 1f164c6f.
* After i wrote SSL_renegotiate(3) from scratch, OpenSSL alsoschwarze2017-03-281-12/+109
| | | | | | | documented the function. Merge the more detailed descriptions and the additional documentation of SSL_renegotiate_abbreviated(3) and SSL_renegotiate_pending(3). From Matt Caswell, OpenSSL commit 39820637.
* fix typo; from OpenSSLschwarze2016-12-291-4/+4
| | | | | | commit 67adf0a7c273a82901ce8705ae8d71ee2f1c959c Author: Markus Triska <triska@metalevel.at> Date: Sun Dec 25 19:58:38 2016 +0100
* various minor cleanup;jmc2016-12-1610-34/+34
|
* Make sure all manual pages discussing X509_NAME objectsschwarze2016-12-144-12/+16
| | | | | reference X509_NAME_new(3). Sparingly add a few other references to relevant X509_NAME*(3) pages while here.
* Add Copyright and license.schwarze2016-12-101-1047/+149
| | | | | | | | | | | | | | Delete all the function prototypes. They are all available from their individual manual pages. Here, they were incomplete and nothing but a maintenance nightmare. Add several missing cross reference, such that this page now references all libssl manual pages. Delete a sentence that said nothing and correct a typo. Now all libssl manuals have proper Copyright notices and licenses, and i have merged all improvements from OpenSSL that i could find.
* Write an SSL_get_shared_ciphers(3) manual from scratch; another oneschwarze2016-12-102-1/+72
| | | | | | | | where BUGS is longer than DESCRIPTION. The function is listed in ssl(3) and <openssl/ssl.h>, so it's clearly public. The code looks slightly mysterious to me, so it would be welcome if somebody more familiar with TLS protocols could check factual accuracy.
* New manual pages SSL_get_certificate(3), SSL_get_state(3), andschwarze2016-12-105-4/+286
| | | | | SSL_num_renegotiations(3) written from scratch. These functions are listed in ssl(3) and <openssl/ssl.h>, so they are clearly public.
* Document SSL_version(3). It's listed in ssl(3) and <openssl/ssl.h>,schwarze2016-12-101-7/+20
| | | | so it's clearly a public interface.
* Write SSL_renegotiate(3) manual from scratch; this function is listedschwarze2016-12-072-1/+58
| | | | | | | in ssl(3) and <openssl/ssl.h>, so it's clearly a public interface. More could probably be said, the code looks somewhat mysterious to me, but i think this stub is already better than nothing.
* add missing .Nm SSL_peek in the NAME sectionschwarze2016-12-071-3/+4
|
* Write SSL_copy_session_id(3) manual from scratch. This function isschwarze2016-12-072-1/+78
| | | | | | | listed in ssl(3) and <openssl/ssl.h>, so it's clearly a public interface. We might wish to merge the improved code from OpenSSL 1.1.0, but that's major bump, so i'm documenting the BUGS for now.
* Write new SSL_dup(3) manual from scratch. This function is listedschwarze2016-12-072-1/+61
| | | | in ssl(3) and <openssl/ssl.h>, so it is clearly public.
* New SSL_dup_CA_list(3) manual written from scratch.schwarze2016-12-072-1/+53
| | | | Mentioned in ssl(3) and <openssl/ssl.h>, so it is public.
* Add documentation for SSL_add_file_cert_subjects_to_stack(3) andschwarze2016-12-071-25/+103
| | | | | | | | | | | | | | | SSL_add_dir_cert_subjects_to_stack(3), written from scratch. Both functions are listed in ssl(3) and <openssl/ssl.h> and recommended for the use by browsers in source code comments, so they are clearly public interfaces. Mention deduplication. Purge some duplicate text and improve some wording while here. Two additional cross references instead of the useless ssl(3). Add HISTORY, AUTHORS, and BUGS. It is depressing that BUGS (purely from code inspection) became longer than the DESCRIPTION.
* An SSL_SESSION_print(3) manual written from scratch. It's clearlyschwarze2016-12-062-1/+68
| | | | | a public interface since it's listed both in ssl(3) and in <openssl/ssl.h>. Nothing to pilfer from OpenSSL in this case...
* s/SSL_CTX_need_tmp_rsa/SSL_CTX_need_tmp_RSA/schwarze2016-12-061-5/+5
| | | | | | | | | | | | | | because that's what <openssl/ssl.h> #defines. That's likely a typo in the header file because all the other functions are called *tmp_rsa*(). But it would be a bad idea to fix such a bug in interfaces that are only provided for backward compatibility in the first place, so i'm adjusting the manual to be bug-compatible with the code, for now. But, pretty please, for the next major bump, somebody go get Bob's flensing knife and excise this part of the interface. Like, export ciphers? Really?
* Copyright and license for the remaining manuals in this directoryschwarze2016-12-066-13/+296
|
* Add Copyright and license.schwarze2016-12-061-8/+52
| | | | | | Garbage collect empty RETURN VALUES section. Delete useless cross reference to ssl(3). Add cross reference to SSL_SESSION_new(3).
* New manual page SSL_SESSION_new(3) written from scratch.schwarze2016-12-062-1/+64
| | | | | | The function prototype is listed in ssl(3) and <openssl/ssl.h>, so it's clearly a public interface, but OpenSSL has no documentation about it whatsoever.
* replace all references to BIO(3) with references to BIO_new(3)schwarze2016-12-0611-33/+33
|
* Add Copyright and license.schwarze2016-12-051-2/+50
| | | | Add one cross reference, from OpenSSL.
* Add Copyright and license.schwarze2016-12-041-14/+59
| | | | | Stop talking about SSLv2 and SSLv3. Some minor tweaks.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 13:17:37 +0000