|  | Commit message (Collapse) | Author | Age | Files | Lines | 
|---|
| | 
| 
| 
| 
| 
| | commit 67adf0a7c273a82901ce8705ae8d71ee2f1c959c
Author: Markus Triska <triska@metalevel.at>
Date:   Sun Dec 25 19:58:38 2016 +0100 | 
| | |  | 
| | 
| 
| 
| 
| | reference X509_NAME_new(3).  Sparingly add a few other
references to relevant X509_NAME*(3) pages while here. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | Delete all the function prototypes.
They are all available from their individual manual pages.
Here, they were incomplete and nothing but a maintenance nightmare.
Add several missing cross reference, such that
this page now references all libssl manual pages.
Delete a sentence that said nothing and correct a typo.
Now all libssl manuals have proper Copyright notices and licenses,
and i have merged all improvements from OpenSSL that i could find. | 
| | 
| 
| 
| 
| 
| 
| 
| | where BUGS is longer than DESCRIPTION.  The function is listed in
ssl(3) and <openssl/ssl.h>, so it's clearly public.
The code looks slightly mysterious to me, so it would be welcome if
somebody more familiar with TLS protocols could check factual accuracy. | 
| | 
| 
| 
| 
| | SSL_num_renegotiations(3) written from scratch.  These functions
are listed in ssl(3) and <openssl/ssl.h>, so they are clearly public. | 
| | 
| 
| 
| | so it's clearly a public interface. | 
| | 
| 
| 
| 
| 
| 
| | in ssl(3) and <openssl/ssl.h>, so it's clearly a public interface.
More could probably be said, the code looks somewhat mysterious to me,
but i think this stub is already better than nothing. | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | listed in ssl(3) and <openssl/ssl.h>, so it's clearly a public interface.
We might wish to merge the improved code from OpenSSL 1.1.0,
but that's major bump, so i'm documenting the BUGS for now. | 
| | 
| 
| 
| | in ssl(3) and <openssl/ssl.h>, so it is clearly public. | 
| | 
| 
| 
| | Mentioned in ssl(3) and <openssl/ssl.h>, so it is public. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | SSL_add_dir_cert_subjects_to_stack(3), written from scratch.
Both functions are listed in ssl(3) and <openssl/ssl.h> and recommended
for the use by browsers in source code comments, so they are clearly
public interfaces.
Mention deduplication.
Purge some duplicate text and improve some wording while here.
Two additional cross references instead of the useless ssl(3).
Add HISTORY, AUTHORS, and BUGS.
It is depressing that BUGS (purely from code inspection) became
longer than the DESCRIPTION. | 
| | 
| 
| 
| 
| | a public interface since it's listed both in ssl(3) and in
<openssl/ssl.h>.  Nothing to pilfer from OpenSSL in this case... | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | because that's what <openssl/ssl.h> #defines.
That's likely a typo in the header file because all the other
functions are called *tmp_rsa*().  But it would be a bad idea to
fix such a bug in interfaces that are only provided for backward
compatibility in the first place, so i'm adjusting the manual to
be bug-compatible with the code, for now.
But, pretty please, for the next major bump, somebody go get Bob's
flensing knife and excise this part of the interface.  Like, export
ciphers?  Really? | 
| | |  | 
| | 
| 
| 
| 
| 
| | Garbage collect empty RETURN VALUES section.
Delete useless cross reference to ssl(3).
Add cross reference to SSL_SESSION_new(3). | 
| | 
| 
| 
| 
| 
| | The function prototype is listed in ssl(3) and <openssl/ssl.h>, so
it's clearly a public interface, but OpenSSL has no documentation
about it whatsoever. | 
| | |  | 
| | 
| 
| 
| | Add one cross reference, from OpenSSL. | 
| | 
| 
| 
| 
| | Stop talking about SSLv2 and SSLv3.
Some minor tweaks. | 
| | 
| 
| 
| | Wording improvements and a bit of additional information from OpenSSL. | 
| | 
| 
| 
| | Stop talking about SSLv2  and SSLv3. | 
| | |  | 
| | 
| 
| 
| 
| 
| | Merge documentation of SSL_peek(3) from OpenSSL.
Stop taking about SSLv2.
Many wording improvements, most from OpenSSL. | 
| | 
| 
| 
| 
| | In the SYNOPSIS, show prototypes, not #defines.
Delete a note about ancient OpenSSL versions. | 
| | 
| 
| 
| | Delete SSLv2 and SSLv3 remnants. | 
| | 
| 
| 
| | Minor corrections while here. | 
| | 
| 
| 
| | Some additional explanations from OpenSSL. | 
| | 
| 
| 
| | Delete empty RETURN VALUES section. | 
| | 
| 
| 
| 
| 
| | Fix the prototype of SSL_get_current_cipher(3).
In the SYNOPSIS, show prototypes rather than #defines.
Some minor improvements from OpenSSL. | 
| | 
| 
| 
| 
| 
| | Delete the RETURN VALUES section.
The content is completely unrelated to the topic of the page -
that must have been a pasto in the original commit in OpenSSL. | 
| | 
| 
| 
| 
| | Some additional explanations from OpenSSL.
Delete empty RETURN VALUES section. | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| | Talk about TLS_method() rather than SSLv23_method().
Rename WARNINGS section to CAVEATS. | 
| | |  | 
| | 
| 
| 
| | Delete empty RETURN VALUES section. | 
| | 
| 
| 
| 
| | Merge various updates from OpenSSL, in particular stop talking about
what happens without SSL_OP_SINGLE_DH_USE, which is now always on. | 
| | |  | 
| | |  | 
| | 
| 
| 
| | relevant for us, calling the page SSL_set_max_send_fragment(3) | 
| | |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | Delete explanation of SSL_OP_SINGLE_DH_USE, it is always on now.
Delete explanation of obsolete option SSL_OP_EPHEMERAL_RSA.
Delete various SSLv2 and SSLv3 remnants.
Delete excessive verbiage detailing each obsolete option individually;
instead, provide one concise list of obsolete options.
Delete HISTORY of individual options; it was incomplete anyway
and is not important enough to warrant so much bloat.
Garbage collect two useless cross references. | 
| | 
| 
| 
| 
| | Delete a sentence explaining exploit mitigation countermeasures
that have long been removed. | 
| | |  | 
| | 
| 
| 
| 
| | Correct prototypes.
Drop the useless statement that a void function does not return a value. | 
| | 
| 
| 
| 
| | Add markup for the declaration of GEN_SESSION_CB.
Garbage collect some remnants of SSLv2 and SSLv3. |