summaryrefslogtreecommitdiff
path: root/src/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add Copyright and license.schwarze2016-11-301-10/+51
| | | | | Stop talking about export ciphers. Remove two irrelevant cross references.
* Add Copyright and license.schwarze2016-11-301-19/+66
| | | | | Rename WARNINGS to CAVEATS and RETURN VALUES to BUGS, the latter from OpenSSL.
* Add Copyright and license.schwarze2016-11-301-7/+51
| | | | Remove the useless statement that a void function does not return a value.
* import SSL_CTX_set_alpn_select_cb(3) from OpenSSLschwarze2016-11-302-1/+266
|
* Copyright and licenseschwarze2016-11-302-6/+101
|
* Add Copyright and license.schwarze2016-11-301-6/+53
| | | | | Correct the description of what happens when the session cache is full, from OpenSSL.
* Add Copyright and license.schwarze2016-11-301-6/+49
| | | | Garbarge collect empty RETURN VALUES section.
* Purge some SSLv2 and SSLv3 stuff that no longer exists.schwarze2016-11-301-57/+11
|
* Add Copyright and license.schwarze2016-11-301-54/+164
| | | | | | | | | Remove the last traces of SSLv3. Add TLS_method(3), TLSv1_2_method(3), DTLSv1_method(3) and friends. Add missing prototypes to the SYNOPSIS. Merge additional information from OpenSSL. Simplify description of TLSv1_method(3) and SSLv23_method(3), from OpenSSL. Some additional minor fixes.
* Add Copyright and license.schwarze2016-11-301-14/+85
| | | | | | | Merge SSL_CTX_set_default_verify_paths(3) documentation from OpenSSL, but do not talk about environment variables, which LibreSSL does not appear to support, judging from the source code. Rename WARNINGS section to CAVEATS.
* Add Copyright and license.schwarze2016-11-301-5/+49
| | | | Garbage collect empty RETURN VALUES section.
* Import the relevant parts of SSL_CTX_get0_param(3) from OpenSSL.schwarze2016-11-302-1/+90
| | | | Call it SSL_set1_param(3) since we don't have these get0 functions.
* Copyright and licenseschwarze2016-11-302-4/+99
|
* Add Copyright and license.schwarze2016-11-301-5/+49
| | | | Garbage collect empty RETURN VALUES section.
* Add Copyright and license.schwarze2016-11-301-4/+51
| | | | Correct two typos while here.
* Add Copyright and license.schwarze2016-11-301-15/+84
| | | | | | | Lots of improvements from OpenSSL: Document SSL_CTX_clear_extra_chain_certs(3). Correct SSL_CTX_add_extra_chain_cert(3) first argument type. Add some new information and improve wording.
* Replace all of the text by a deprecation notice:schwarze2016-11-291-49/+29
| | | | | | | LibreSSL was decompressed long ago. Mention SSL_COMP_get_compression_methods(3) which is both available in our public interface and documented by OpenSSL.
* Add Copyright and license.schwarze2016-11-291-67/+99
| | | | | | | SSLv2 and export ciphers are no longer supported, delete related text. Sync SSL_CIPHER_description(3) return values with the source code. Wording simplifications from OpenSSL. Delete empty RETURN VALUES section.
* The OpenSSL file doc/man3/PEM_read_CMS.pod contains parts belongingschwarze2016-11-282-1/+137
| | | | | to libcrypto and parts belonging to libssl. Extract the parts relevant for our libssl and import them with some tweaks.
* Import the DTLSv1_listen(3) manual from OpenSSL,schwarze2016-11-212-1/+188
| | | | | | | | excluding interface changes that don't apply to LibreSSL, except that i left the confusing discussion of RETURN VALUES completely unchanged, to warn users that this is a mess: OpenSSL first published this interface, then later changed its syntax and semantics in multiple ways.
* Convert ssl3_get_client_kex_dhe() to CBS and perform some general codejsing2016-11-171-38/+29
| | | | | | cleanup, including the removal of a dead code path. ok beck@
* Use defines instead of magic numbers and comments.jsing2016-11-171-5/+3
|
* Add Copyright and license.schwarze2016-11-141-13/+93
| | | | | In the SYNOPSIS, show function prototypes rather than macro definitions. Delete the useless NOTES section header.
* Disable ec assembly for amd64 pending fixes for ssh, and bumpbeck2016-11-111-2/+2
| | | | majors appropriately
* When using an union including a type known for having strong alignmentmiod2016-11-081-7/+15
| | | | | | | | constraints, in order to force the union to have the same constraint, use the actual type instead of `double'. And add a comment explaining why we want such an alignment in there. ok beck@
* Remove unused SSLv3 from ssl3_cbc_record_digest_supported().jsing2016-11-063-77/+33
| | | | | | From Markus Uhlin <markus.uhlin at bredband dot net> ok beck@ bcooK@
* Split ssl3_get_client_key_exchange() into separate per algorithm functions.jsing2016-11-061-320/+388
| | | | ok beck@
* Remove pointless check - without fixed ECDH, there is only one way to reachjsing2016-11-061-8/+1
| | | | | | this code path. ok beck@ bcook@
* Split out the DHE and ECDHE code paths fromjsing2016-11-061-203/+221
| | | | | | ssl3_send_server_key_exchange(). ok beck@ bcook@
* Adjust cipher suite strengths - move MD5 to LOW, RC4 to LOW and 3DES tojsing2016-11-061-13/+13
| | | | | | MEDIUM. ok beck@ bcook@
* Remove the single IDEA cipher suite. There is no good reason to supportjsing2016-11-063-29/+3
| | | | | | this. ok beck@ bcook@
* unifdef -m -UOPENSSL_NO_CHACHA -UOPENSSL_NO_POLY1305jsing2016-11-062-6/+2
| | | | ok beck@
* remove unused variablebcook2016-11-061-6/+3
|
* One of the error paths would attempt to access not-yet-initialized locals.miod2016-11-051-2/+2
| | | | | | Simply return since there is nothing more to do. Spotted by coverity. ok jsing@ beck@
* Do a partial CBB conversion of ssl3_send_server_key_exchange(), which willjsing2016-11-051-52/+67
| | | | | | make it easier to do further clean up. ok beck@ miod@
* move manual pages from doc/ to man/ for consistency with otherschwarze2016-11-0585-169/+169
| | | | | libraries, in particular considering that there are unrelated files in doc/; requested by jsing@ and beck@
* bump minors for symbol addition for ocsp and x25519 symbol additionsbeck2016-11-051-1/+1
|
* after getting rid of the pod files, clean up the Makefiles; ok bcook@schwarze2016-11-052-28/+13
|
* Convert ssl3_get_server_kex_ecdhe() to CBS, simplifying tls1_check_curve()jsing2016-11-053-62/+41
| | | | | | | in the process. This also fixes a long standing bug where tls1_ec_curve_id2nid() is called with only one byte of the curve ID. ok beck@ miod@
* Remove generated Symbols.map on make clean.jsing2016-11-051-2/+2
| | | | ok guenther@
* Rename ssl3_get_key_exchange() to ssl3_get_server_key_exchange(), sincejsing2016-11-043-7/+7
| | | | | | that's what it really is. ok miod@
* Tidy up the usage of peer_ecdh_tmp, following the fixed ECDH removal.jsing2016-11-041-13/+5
| | | | ok beck@
* Mark a couple local functions as staticguenther2016-11-042-4/+4
| | | | ok jsing@ beck@
* The *_method_data structures can be staticguenther2016-11-046-21/+21
| | | | ok jsing@
* Add an explict list of exported symbols with just the functionsguenther2016-11-045-11/+289
| | | | | | | declared in the public headers, and use __{BEGIN,END}_HIDDEN_DECLS in the internal headers to optimize internal functions ok jsing@
* make public ASN1_time_parse and ASN1_time_tm_cmp to replace former hiddenbeck2016-11-041-2/+2
| | | | | | functions.. document with a man page. bump majors on libtls, libssl, libcrypto ok jsing@ guenther@
* Make do_dtls1_write() static to d1_pkt.c and delete declarations forguenther2016-11-042-8/+6
| | | | | | three functions that were removed a while ago ok jsing@
* Fix some linewrapping glitchesguenther2016-11-041-7/+5
| | | | ok jsing@
* Completely rewrite the session handling ASN.1 code using CBB and CBS. Thisjsing2016-11-041-616/+329
| | | | | | | addresses two 2038 related issues and also adds support for allocation in the i2d function, which will allow for simplification in the callers. ok beck@ miod@
* Convert ssl3_get_server_kex_dhe() to CBS.jsing2016-11-041-42/+19
| | | | ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-09-01 08:56:07 +0000