summaryrefslogtreecommitdiff
path: root/src/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Add Copyright and license.schwarze2016-12-011-7/+51
| | | | Delete empty RETURN VALUES section.
* Add Copyright and license.schwarze2016-12-011-108/+95
| | | | | Merge various updates from OpenSSL, in particular stop talking about what happens without SSL_OP_SINGLE_DH_USE, which is now always on.
* import tlsext documentation from OpenSSLschwarze2016-12-013-1/+464
|
* Copyright and licenseschwarze2016-12-014-11/+200
|
* import the parts of OpenSSL SSL_CTX_set_split_send_fragment(3)schwarze2016-12-012-1/+91
| | | | relevant for us, calling the page SSL_set_max_send_fragment(3)
* import SSL_CTX_set_read_ahead(3) from OpsenSSL, with considerable tweaksschwarze2016-12-012-1/+133
|
* Copyright and licenseschwarze2016-12-011-2/+49
|
* garbage collect PSK remnantsschwarze2016-12-015-279/+3
|
* Add Copyright and license.schwarze2016-12-011-134/+81
| | | | | | | | | | | | Delete explanation of SSL_OP_SINGLE_DH_USE, it is always on now. Delete explanation of obsolete option SSL_OP_EPHEMERAL_RSA. Delete various SSLv2 and SSLv3 remnants. Delete excessive verbiage detailing each obsolete option individually; instead, provide one concise list of obsolete options. Delete HISTORY of individual options; it was incomplete anyway and is not important enough to warrant so much bloat. Garbage collect two useless cross references.
* Add Copyright and license.schwarze2016-12-011-7/+50
| | | | | Delete a sentence explaining exploit mitigation countermeasures that have long been removed.
* Copyright and licenseschwarze2016-12-012-5/+99
|
* Add Copyright and license.schwarze2016-11-301-11/+73
| | | | | Correct prototypes. Drop the useless statement that a void function does not return a value.
* Add Copyright and license.schwarze2016-11-301-35/+58
| | | | | Add markup for the declaration of GEN_SESSION_CB. Garbage collect some remnants of SSLv2 and SSLv3.
* Add Copyright and license.schwarze2016-11-301-21/+60
| | | | | | Fix the declaration of pem_password_cb. Simplify wording, mostly from OpenSSL. Garbage collect the empty RETURN VALUES section.
* Copyright and license.schwarze2016-11-302-12/+101
|
* Add Copyright and license.schwarze2016-11-301-10/+51
| | | | | Stop talking about export ciphers. Remove two irrelevant cross references.
* Add Copyright and license.schwarze2016-11-301-19/+66
| | | | | Rename WARNINGS to CAVEATS and RETURN VALUES to BUGS, the latter from OpenSSL.
* Add Copyright and license.schwarze2016-11-301-7/+51
| | | | Remove the useless statement that a void function does not return a value.
* import SSL_CTX_set_alpn_select_cb(3) from OpenSSLschwarze2016-11-302-1/+266
|
* Copyright and licenseschwarze2016-11-302-6/+101
|
* Add Copyright and license.schwarze2016-11-301-6/+53
| | | | | Correct the description of what happens when the session cache is full, from OpenSSL.
* Add Copyright and license.schwarze2016-11-301-6/+49
| | | | Garbarge collect empty RETURN VALUES section.
* Purge some SSLv2 and SSLv3 stuff that no longer exists.schwarze2016-11-301-57/+11
|
* Add Copyright and license.schwarze2016-11-301-54/+164
| | | | | | | | | Remove the last traces of SSLv3. Add TLS_method(3), TLSv1_2_method(3), DTLSv1_method(3) and friends. Add missing prototypes to the SYNOPSIS. Merge additional information from OpenSSL. Simplify description of TLSv1_method(3) and SSLv23_method(3), from OpenSSL. Some additional minor fixes.
* Add Copyright and license.schwarze2016-11-301-14/+85
| | | | | | | Merge SSL_CTX_set_default_verify_paths(3) documentation from OpenSSL, but do not talk about environment variables, which LibreSSL does not appear to support, judging from the source code. Rename WARNINGS section to CAVEATS.
* Add Copyright and license.schwarze2016-11-301-5/+49
| | | | Garbage collect empty RETURN VALUES section.
* Import the relevant parts of SSL_CTX_get0_param(3) from OpenSSL.schwarze2016-11-302-1/+90
| | | | Call it SSL_set1_param(3) since we don't have these get0 functions.
* Copyright and licenseschwarze2016-11-302-4/+99
|
* Add Copyright and license.schwarze2016-11-301-5/+49
| | | | Garbage collect empty RETURN VALUES section.
* Add Copyright and license.schwarze2016-11-301-4/+51
| | | | Correct two typos while here.
* Add Copyright and license.schwarze2016-11-301-15/+84
| | | | | | | Lots of improvements from OpenSSL: Document SSL_CTX_clear_extra_chain_certs(3). Correct SSL_CTX_add_extra_chain_cert(3) first argument type. Add some new information and improve wording.
* Replace all of the text by a deprecation notice:schwarze2016-11-291-49/+29
| | | | | | | LibreSSL was decompressed long ago. Mention SSL_COMP_get_compression_methods(3) which is both available in our public interface and documented by OpenSSL.
* Add Copyright and license.schwarze2016-11-291-67/+99
| | | | | | | SSLv2 and export ciphers are no longer supported, delete related text. Sync SSL_CIPHER_description(3) return values with the source code. Wording simplifications from OpenSSL. Delete empty RETURN VALUES section.
* The OpenSSL file doc/man3/PEM_read_CMS.pod contains parts belongingschwarze2016-11-282-1/+137
| | | | | to libcrypto and parts belonging to libssl. Extract the parts relevant for our libssl and import them with some tweaks.
* Import the DTLSv1_listen(3) manual from OpenSSL,schwarze2016-11-212-1/+188
| | | | | | | | excluding interface changes that don't apply to LibreSSL, except that i left the confusing discussion of RETURN VALUES completely unchanged, to warn users that this is a mess: OpenSSL first published this interface, then later changed its syntax and semantics in multiple ways.
* Convert ssl3_get_client_kex_dhe() to CBS and perform some general codejsing2016-11-171-38/+29
| | | | | | cleanup, including the removal of a dead code path. ok beck@
* Use defines instead of magic numbers and comments.jsing2016-11-171-5/+3
|
* Add Copyright and license.schwarze2016-11-141-13/+93
| | | | | In the SYNOPSIS, show function prototypes rather than macro definitions. Delete the useless NOTES section header.
* Disable ec assembly for amd64 pending fixes for ssh, and bumpbeck2016-11-111-2/+2
| | | | majors appropriately
* When using an union including a type known for having strong alignmentmiod2016-11-081-7/+15
| | | | | | | | constraints, in order to force the union to have the same constraint, use the actual type instead of `double'. And add a comment explaining why we want such an alignment in there. ok beck@
* Remove unused SSLv3 from ssl3_cbc_record_digest_supported().jsing2016-11-063-77/+33
| | | | | | From Markus Uhlin <markus.uhlin at bredband dot net> ok beck@ bcooK@
* Split ssl3_get_client_key_exchange() into separate per algorithm functions.jsing2016-11-061-320/+388
| | | | ok beck@
* Remove pointless check - without fixed ECDH, there is only one way to reachjsing2016-11-061-8/+1
| | | | | | this code path. ok beck@ bcook@
* Split out the DHE and ECDHE code paths fromjsing2016-11-061-203/+221
| | | | | | ssl3_send_server_key_exchange(). ok beck@ bcook@
* Adjust cipher suite strengths - move MD5 to LOW, RC4 to LOW and 3DES tojsing2016-11-061-13/+13
| | | | | | MEDIUM. ok beck@ bcook@
* Remove the single IDEA cipher suite. There is no good reason to supportjsing2016-11-063-29/+3
| | | | | | this. ok beck@ bcook@
* unifdef -m -UOPENSSL_NO_CHACHA -UOPENSSL_NO_POLY1305jsing2016-11-062-6/+2
| | | | ok beck@
* remove unused variablebcook2016-11-061-6/+3
|
* One of the error paths would attempt to access not-yet-initialized locals.miod2016-11-051-2/+2
| | | | | | Simply return since there is nothing more to do. Spotted by coverity. ok jsing@ beck@
* Do a partial CBB conversion of ssl3_send_server_key_exchange(), which willjsing2016-11-051-52/+67
| | | | | | make it easier to do further clean up. ok beck@ miod@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-01 21:51:17 +0000