Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | SSL_select_next_proto: fix invalid octal escape by switching to hexadecimal | tb | 2025-02-04 | 1 | -3/+3 |
| | |||||
* | SSL_CTX_set_cipher_list: stop mentioning ancient ciphers | tb | 2025-01-18 | 1 | -11/+1 |
| | | | | | | Support was removed nearly a decade ago. No need to mention this anymore. ok jsing | ||||
* | Stop mentioning DSA/DSS | tb | 2025-01-18 | 6 | -23/+16 |
| | | | | | | | | Support for this went away in 2017, but a few things still mentioned DSA in various contexts. Replace DSA with ECDSA where appropriate and otherwise delete this. It won't work. ok jsing | ||||
* | received form the peer -> received from the peer | jmc | 2024-12-19 | 1 | -3/+3 |
| | |||||
* | byt -> but; ok tb@ | jsg | 2024-10-13 | 1 | -3/+3 |
| | |||||
* | Add missing alert descriptions (taken from RFC 8446) | tb | 2024-10-09 | 1 | -2/+11 |
| | | | | This is so gross... | ||||
* | Remove SSL_add_compression_method | tb | 2024-08-31 | 2 | -23/+7 |
| | |||||
* | Document SSL_CTX_set_cert_store | tb | 2024-08-03 | 1 | -2/+18 |
| | | | | From Kenjiro Nakayama | ||||
* | Fix .Ox for SSL_CIPHER_get_handshake_digest() | tb | 2024-07-16 | 1 | -3/+3 |
| | |||||
* | ocurred -> occurred | jsg | 2024-07-15 | 1 | -3/+3 |
| | |||||
* | Document SSL_CIPHER_get_handshake_digest(3) | tb | 2024-07-14 | 1 | -2/+22 |
| | |||||
* | ssl2.h and ssl23.h join the party in the attic | tb | 2024-07-13 | 1 | -17/+2 |
| | | | | | | | Now that the SSL2 client hello support is gone, nothing uses this anymore, except that a few ports still need SSL2_VERSION. ok beck | ||||
* | Adjust documentation for SSL_select_next_proto() | tb | 2024-07-11 | 1 | -30/+48 |
| | | | | | | | | Use better argument names, add a link to the relevant standards and add CAVEATS and BUGS sections pointing out a few pitfalls. discussed with davidben ok beck | ||||
* | The ALPN callback should really ignore the out parameter if there's | tb | 2024-06-28 | 1 | -3/+13 |
| | | | | | | | no overlap. Document that explicitly. Also make it more explicit that that the caller must work with a copy of out. ok jsing | ||||
* | Make signature of SSL_COMP_add_compression_method(3) match reality | tb | 2024-05-23 | 1 | -3/+3 |
| | |||||
* | SSL_CTX_set_keylog_callback: copy-paste error _set_ -> _get_ | tb | 2024-05-16 | 1 | -3/+3 |
| | |||||
* | sync the SSL text; ok tb | jmc | 2024-05-09 | 1 | -3/+3 |
| | |||||
* | Avoid OpenSSL SSL repetitions | tb | 2024-05-08 | 1 | -7/+8 |
| | | | | with the help of jmc | ||||
* | Remove mention of a refcount bug | tb | 2024-01-13 | 1 | -18/+1 |
| | | | | | | Said bug was fixed in OpenSSL 1.0.0, released 14 years ago. It is of course unsurprising that you may accidentally increment the refcount if your idiom for decrementing it is CRYPTO_add(&bio-references, -1, CRYPTO_LOCK_BIO)). | ||||
* | BIO_f_ssl.3: Remove explicit library initialization | tb | 2024-01-13 | 1 | -8/+2 |
| | |||||
* | Mention a subtle difference between PEM_def_callback(3) and the example. | schwarze | 2023-09-19 | 1 | -2/+9 |
| | | | | | | | | It's relevant not only for the example, but also because the functions documented here use PEM_def_callback(3) by default, and that exhibits surprising and potentially dangerous behaviour by not NUL-terminating. OK tb@ | ||||
* | Remove the duplicate documentation of pem_password_cb(3). | schwarze | 2023-09-19 | 1 | -56/+94 |
| | | | | | | | | | | | | | | | | | | | While here, also: * Avoid the misleading term "default password callback" because none of the functions in SSL_CTX_use_certificate(3) support overriding it. * Do not talk about "storing", "writing", and "encryption" since the cb passed to SSL_CTX_set_default_passwd_cb(3) is never used for any of that. * List the functions using cb. * Document what happens by default. * Remove the misleading words "which must be provided by the application" because all this is actually optional. * Make several wordings more precise. * Below EXAMPLES, fix argument naming to agree with pem_password_cb(3), clarify the description of what the example does, and, as suggested by tb@, use strlcpy(3). OK tb@ | ||||
* | Document the RETURN VALUES of BIO_method_type(3) and BIO_method_name(3) | schwarze | 2023-04-11 | 1 | -2/+11 |
| | | | | for the various BIO types. | ||||
* | document the interaction with BIO_dup_chain(3) | schwarze | 2022-12-18 | 1 | -2/+14 |
| | |||||
* | Add a small blurb on @SECLEVEL=nlibressl-v3.7.0 | tb | 2022-12-11 | 1 | -2/+8 |
| | |||||
* | Link to SSL_read_early_data(3) | kn | 2022-09-17 | 1 | -3/+3 |
| | | | | OK tb | ||||
* | fix repeated words | jsg | 2022-09-10 | 1 | -3/+3 |
| | | | | ok ok miod@ ack ack jmc@ | ||||
* | AESCGM -> AESGCM | jsg | 2022-07-17 | 1 | -4/+4 |
| | |||||
* | add .Xr links to SSL_CTX_set_security_level(3) | schwarze | 2022-07-13 | 5 | -15/+20 |
| | |||||
* | Start documenting our new pet octopus, SSL_CTX_set_security_level(3). | schwarze | 2022-07-13 | 2 | -1/+161 |
| | | | | | | | Or should we call it a centipede? Feedback and OK on a previous version from jsing@ and from our chief myriapodologist, tb@. | ||||
* | man pages: add missing commas between subordinate and main clauses | naddy | 2022-03-31 | 4 | -18/+18 |
| | | | | | | | jmc@ dislikes a comma before "then" in a conditional, so leave those untouched. ok jmc@ | ||||
* | man pages: add missing word, The foo() ... -> The foo() function ... | naddy | 2022-03-29 | 1 | -5/+6 |
| | | | | ok jmc@ schwarze@ | ||||
* | man pages: add missing commas in enumerations | naddy | 2022-03-29 | 1 | -3/+3 |
| | |||||
* | Avoid gendered language in man pages when not referring to a specific | jsg | 2022-02-18 | 1 | -4/+4 |
| | | | | | | | | person. Rewrite or use singular they. ok thfr@ sthen@ daniel@ ian@ job@ kmos@ jcs@ ratchov@ phessler@ and others I'm likely missing on an earlier version. feedback tj@, feedback and ok jmc@ | ||||
* | remove please from manual pages | jsg | 2022-02-06 | 1 | -3/+3 |
| | | | | ok jmc@ sthen@ millert@ | ||||
* | Rewrite paragraph to refer to EVP_CIPHER_CTX_new() and HMAC_CTX_new() | tb | 2022-01-25 | 1 | -6/+6 |
| | | | | | | to match reality. spotted by/ok jmc | ||||
* | spelling | jsg | 2022-01-15 | 2 | -6/+6 |
| | | | | ok tb@ | ||||
* | s/ECDHE/ECDH/ | jsing | 2021-11-30 | 1 | -3/+3 |
| | | | | | | | If we can provide an EC key that is used, then it is by definition non-ephemeral. ok tb@ | ||||
* | spelling | jsg | 2021-11-26 | 1 | -3/+3 |
| | | | | ok schwarze@ | ||||
* | Fix HISTORY section: 6.9 -> 7.0 | tb | 2021-10-27 | 1 | -3/+3 |
| | |||||
* | sort. alphanumerics have lower ASCII values than '_' | tb | 2021-10-25 | 1 | -5/+5 |
| | |||||
* | Install SSL_read_early_data.3. I should have done this during the last | tb | 2021-10-25 | 1 | -4/+2 |
| | | | | libssl bump. | ||||
* | merge documentation for SSL_read_ex(3), SSL_peek_ex(3), and SSL_write_ex(3) | schwarze | 2021-10-24 | 2 | -61/+130 |
| | | | | from the OpenSSL 1.1.1 branch, which is still under a free license | ||||
* | fix wrong and missing return types and wrong macros in the SYNOPSIS; | schwarze | 2021-10-23 | 1 | -10/+18 |
| | | | | while here, also apply some minor wording improvements | ||||
* | Add new OpenSSL API SSL_CTX_set_num_tickets and friends. | beck | 2021-10-23 | 1 | -0/+55 |
| | | | | | | | | | Since we don't support session tickets in LibreSSL at the moment these functions currently do not have any effect. Again, symbols will appear with tb@'s reptar sized bump.. ok tb@ | ||||
* | oops, wrong dir. | tb | 2021-10-23 | 2 | -301/+0 |
| | | | | pointed out by schwarze | ||||
* | Import documentation for X509_get_extension_flags, X509_get_key_usage, | tb | 2021-10-23 | 1 | -0/+211 |
| | | | | | | | X509_get_extended_key_usage from OpenSSL. Will be linked to the build after the bump. input/lgtm schwarze | ||||
* | Import documentation for X509_SIG_get{0,m} from OpenSSL. Will be linked | tb | 2021-10-23 | 1 | -0/+90 |
| | | | | | | to the build after the bump. tweak & lgtm schwarze | ||||
* | tweak previous: properly mark up function pointer typedef | schwarze | 2021-10-23 | 1 | -6/+18 |
| | | | | plus .Dv NULL, SEE ALSO, HISTORY | ||||
* | Add SSL_CTX_set_keylog_callback and SSL_CTX_get_keylog_callback | beck | 2021-10-23 | 2 | -1/+46 |
| | | | | | | | | Some things in ports care about calling these functions. Since we will not provide private key logging functionality they are documented as being for compatibility and that they don't do anything. ok tb@ |