summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* The file passed to realpath(3) must exists, adjust man page to newbluhm2019-12-111-3/+3
| | | | | behavior. noticed by hshoexer@; OK beck@
* Document X509_STORE_CTX_set_flags() which is a handy way to change theclaudio2019-12-051-3/+18
| | | | | | | verification param flags of a context. While this function is marked as likely to be deprecated in OpenSSL it seems that this may not happen. This is why we decided to still document it. OK and input from ingo@ tb@
* Add missing RCS tag.tb2019-12-031-0/+1
|
* Fix typo: ECHD -> ECDH.tb2019-12-031-4/+4
| | | | From Michael Forney, thanks!
* Add support for TLS 1.3 post handshake messages and key updating.beck2019-11-263-20/+217
| | | | | | tested against openssl 1.1's server. ok jsing@ tb@
* gcc3, like clang and unlike our gcc4, doesn't support redirecting builtinsguenther2019-11-251-6/+12
| | | | | | | like mem{set,cpy,move} or __stack_smash_handler using asm() renaming. So treat gcc3 like clang and mark such functions as protected instead. ok ayoma@
* A touch of style(9)tim2019-11-211-6/+6
| | | | OK tb@ tedu@
* Use explicit_bzero() to clear key materialtim2019-11-211-1/+2
| | | | OK tb@ tedu@
* Add accessors to change the buffer in a handshake message.beck2019-11-203-3/+20
| | | | | | Needed for doing TLS 1.3 Post Handshake Handshake messages. ok jsing@
* Fix rsa key output formatinoguchi2019-11-201-5/+12
| | | | | | This fixes openssl(1) rsa -text output format ok tb@
* Add prototypes for the functions that update application secretsbeck2019-11-181-1/+3
| | | | so that the regress tests will work for them
* Provide a clean interface for sending TLSv1.3 alerts.jsing2019-11-182-5/+17
| | | | ok beck@
* Change tls13_record_layer_phh() to take a CBS as this avoids ownershipjsing2019-11-172-8/+6
| | | | | | issues and makes call sites cleaner. ok beck@
* Correct update of application traffic secrets to use an empty contextbeck2019-11-171-3/+7
| | | | | | rather than the hash of an empty context ok jsing@
* Bring back the ssl_shutdown internal method pointer.jsing2019-11-173-4/+21
| | | | | | | For now ssl3_shutdown() is called in all cases, however TLSv1.3 will soon get its own version. ok beck@
* Add a reference for the non-standard post-handshake handshake (PHH).tb2019-11-171-2/+2
| | | | ok beck, jsing
* Ensure that we are never operating in plaintext mode once the handshakejsing2019-11-171-1/+7
| | | | | | is complete, which should never occur. ok beck@
* Provide framework for sending alerts and post-handshake handshake messages.jsing2019-11-172-15/+174
| | | | | | Discussed at length with beck@ ok beck@ tb@
* indent with a tab instead of 8 spacestb2019-11-171-2/+2
|
* Move the TLSv1.3 server message handling stubs.jsing2019-11-172-125/+125
|
* Add the initial framework for the TLSv1.3 server.jsing2019-11-173-3/+84
| | | | ok beck@
* tls13_connect() should be static.jsing2019-11-171-2/+2
|
* Fix backoff to legacy when in client auth mode.beck2019-11-171-2/+2
| | | | ok jsing@
* Drop back to the legacy tls method if we are doing client authenticaitonbeck2019-11-171-1/+7
| | | | | | from a tls 1.3 connection, for now. ok jsing@
* Separate the callbacks for recieved and completed post handshake messagesbeck2019-11-173-10/+22
| | | | | | from the record layer ok jsing@
* Allow 1.3 ciphers in libtls.beck2019-11-161-2/+2
| | | | ok jsing@
* Revert previous deduplication diff, I broke portable in a strange way.beck2019-11-161-47/+58
| | | | | I'll figure it out a bit later. Found and diagnosed by inoguchi@
* Allow portable to override the default CA bundle locationbeck2019-11-162-3/+7
| | | | ok kinichiro@ jsing@
* Deduplicate some extension processing code.beck2019-11-151-58/+47
| | | | ok tb@ inoguchi@
* Add missing cross-reference to NOTES section.millert2019-11-141-3/+3
| | | | OK kn@ tb@
* Allow ip addresses as argument to SSL_set1_host() but be careful to nototto2019-11-041-2/+14
| | | | poison the context. ok and help jsing@ tb@
* Reshuffle RSA_PSS_PARAMS and RSA_OAEP_PARAMS to avoid duplicate typedef.jsing2019-11-041-21/+19
| | | | | | Issue spotted by bcook@ ok bcook@ inoguchi@
* Sort standard_methods by pkey_id.inoguchi2019-11-021-4/+4
| | | | ok jsing@
* CMS didn't make the 6.6 release: adjust the text in the HISTORY sectionsschwarze2019-11-0223-69/+69
|
* .Xr CMS_ContentInfo_new 3schwarze2019-11-021-2/+3
|
* .Xr BIO_new_CMS 3schwarze2019-11-021-2/+3
|
* document PEM_read_CMS(3), PEM_read_bio_CMS(3), PEM_write_CMS(3), andschwarze2019-11-021-3/+46
| | | | PEM_write_bio_CMS(3) which jsing@ just enabled in Symbols.list rev. 1.91
* In Symbols.list rev. 1.91, jsing enabled many CMS functions.schwarze2019-11-021-1/+24
| | | | Install the new manual pages documenting the majority of them.
* Bring back some icky buffer allocation code so that pkey_rsa_print()jsing2019-11-021-9/+41
| | | | | | works again with the horrific API that is ASN1_bn_print(). Issue spotted by inoguchi@
* Bump libcrypto, libssl and libtls minors due to symbol additions.jsing2019-11-023-3/+3
|
* Provide RSA_PKCS1_OpenSSL().jsing2019-11-023-3/+10
| | | | Prompted by inoguchi@
* Make RSA_padding_{add,check}_PKCS1_OAEP_mgf1() public.jsing2019-11-023-9/+10
|
* Make RSA_OAEP_PARAMs public.jsing2019-11-023-17/+22
|
* Document tls_conn_cipher_strength().jsing2019-11-021-2/+14
| | | | ok schwarze@
* Enable CMS in LibreSSL.jsing2019-11-023-2/+135
| | | | ok bcook@ deraadt@ inoguchi@ job@ tb@
* Provide tls_conn_cipher_strength().jsing2019-11-024-3/+15
| | | | | | | | | This returns the strength in bits of the symmetric cipher used for the connection. Diff from gilles@ ok tb@
* In evp/pmeth_lib.c rev. 1.16, jsing@ enabled EVP_PKEY_RSA_PSS.schwarze2019-11-011-3/+5
| | | | Document it.
* In rsa.h rev. 1.45, jsing@ providedschwarze2019-11-011-8/+16
| | | | | | the three macro constants RSA_PSS_SALTLEN_*; document them. The wording is a combination of our existing text and the wording in the OpenSSL 1.1.1 branch, which is still under a free license.
* Add DSA CMS support.jsing2019-11-011-1/+25
| | | | | | From OpenSSL 1.1.1d. ok tb@
* Add RSA CMS support.jsing2019-11-013-5/+262
| | | | | | From OpenSSL 1.1.1d. ok tb@