summaryrefslogtreecommitdiffstats
path: root/doc (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Update copyright yearMatt Caswell2022-05-03129-129/+129
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
* Update Paul's pgp key signaturePauli2022-05-031-1/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18219)
* doc: replace "symmetric cipher" phrase in EVP_MD manpagesJan Engelhardt2022-04-2711-11/+11
| | | | | | | | CLA: trivial Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18169)
* pem_password_cb(3): References to other man pagesEasySec2022-04-261-2/+2
| | | | | | | | Refer to OSSL_ENCODER_to_bio and OSSL_DECODER_from_bio man pages. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18164)
* Add Tomas Mraz key to release key fingerprintsTomas Mraz2022-04-221-0/+3
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18138)
* Public API functions OPENSSL_str[n]casecmpDmitry Belyavskiy2022-04-222-0/+53
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18069)
* Fix small typo in X509v3_get_ext_by_NID() man pageEasySec2022-04-191-1/+1
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18124)
* doc: Clarify that calling SSL_set_session(ssl, NULL) is a correct use case.EasySec2022-04-191-1/+2
| | | | | | Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18101)
* Add an initial QUIC Technical requirements documentMatt Caswell2022-04-121-0/+202
| | | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17577)
* s390: Add new machine generationJuergen Christ2022-04-121-3/+3
| | | | | | | | | | | Allow to specify "z16" as machine generation in environment variable OPENSSL_s390xcap. It is an alias for "z15". Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18054)
* Document {SSL|SSL_CTX}_set_{purpose|trust}()Hugo Landau2022-04-071-3/+19
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18037)
* Document SSL_CTX_get_ssl_methodHugo Landau2022-04-071-2/+10
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18037)
* Add SSL_(CTX_)?get0_(verify|chain)_cert_store functionsHugo Landau2022-04-061-1/+12
| | | | | | | | | | | Currently we do not have any way to retrieve these values once set. Fixes #18035. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18038)
* Document the fact that setting a BIO create function means the BIO will no ↵Arran Cudbard-Bell2022-04-051-1/+4
| | | | | | | | | longer be marked as initialised Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/17983)
* CMS sign digestViktor Söderqvist2022-04-022-4/+32
| | | | | | | | | | | | | CLI changes: New parameter -digest to CLI command openssl cms, to provide pre-computed digest for use with -sign. API changes: New function CMS_final_digest(), like CMS_final() but uses a pre-computed digest instead of computing it from the data. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/15348)
* Refactor OSSL_LIB_CTX to avoid using CRYPTO_EX_DATAHugo Landau2022-04-011-69/+12
| | | | | | | | | | | | | This refactors OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA. The assorted objects to be managed by OSSL_LIB_CTX are hardcoded and are initialized eagerly rather than lazily, which avoids the need for locking on access in most cases. Fixes #17116. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17881)
* doc: fix example in ssh KDF man page.Pauli2022-03-311-2/+2
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17972)
* document the safe_div_round_up_TYPE functionsPauli2022-03-301-1/+6
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17884)
* Fix typo in manpage SSL_CONF_cmd(3)Hugo Landau2022-03-281-1/+1
| | | | | | | | Fixes #17976. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17977)
* Remove statistics tracking from LHASHHugo Landau2022-03-281-3/+4
| | | | | | | | | Fixes #17928. Supercedes #17931. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17935)
* ticket_lifetime_hint may exceed 1 week in TLSv1.3Todd Short2022-03-251-0/+10
| | | | | | | | | | For TLSv1.3, limit ticket lifetime hint to 1 week per RFC8446 Fixes #17948 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17952)
* OSSL_CMP_CTX_new.pod: make references to private key consistent with ↵Dr. David von Oheimb2022-03-182-5/+6
| | | | | | | | | OSSL_CMP_MSG_get0_header.pod Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17887)
* OSSL_CMP_MSG_get0_header.pod: re-phrase two lenthy otherwise clauses as listsDr. David von Oheimb2022-03-181-13/+28
| | | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17887)
* SSL_CTX_set_verify.pod: move a note further down where it fits betterDr. David von Oheimb2022-03-181-2/+2
| | | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17887)
* Fix documentation for provider-signatureHugo Landau2022-03-181-8/+4
| | | | | | | | | Fixes #17909. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17914)
* List missing operations in provider(7)Hugo Landau2022-03-181-8/+40
| | | | | | | | | Fixes #17910. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17915)
* Add documentation of BN_mod_sqrt()Tomas Mraz2022-03-151-2/+13
| | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Fix documentation of parameters for DH and ECDH KEXTomas Mraz2022-03-143-38/+67
| | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17859)
* Add manpages for SSL_get_certificate, SSL_get_private_keyHugo Landau2022-03-142-0/+79
| | | | | | | | | This is as I understand these functions from reading the code. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17815)
* Replace handling of negative verification result with SSL_set_retry_verify()Tomas Mraz2022-03-146-15/+107
| | | | | | | | | | | | | | | | Provide a different mechanism to indicate that the application wants to retry the verification. The negative result of the callback function now indicates an error again. Instead the SSL_set_retry_verify() can be called from the callback to indicate that the handshake should be suspended. Fixes #17568 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17825)
* OSSL_CMP_CTX_setup_CRM(): Fix handling of defaults from CSR and refcertDr. David von Oheimb2022-03-124-13/+43
| | | | | | | | | Also update and complete related documentation. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17726)
* DOC: TLS compression is disabled by defaultTodd Short2022-03-111-1/+1
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/17854)
* Add TFO support to socket BIO and s_client/s_serverTodd Short2022-03-107-8/+108
| | | | | | | | | | | Supports Linux, MacOS and FreeBSD Disabled by default, enabled via `enabled-tfo` Some tests Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8692)
* async_posix: Allow custom stack allocation functions to be specified for ↵Arran Cudbard-Bell2022-03-101-1/+21
| | | | | | | | POSIX contexts Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17762)
* Fix typo in EVP_MD-BLAKE2(7)Hugo Landau2022-03-031-1/+1
| | | | | | Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17790)
* Improve documentation of BIO_FLAGS_BASE64_NO_NL flag.Daniel2022-03-021-3/+16
| | | | | | | | Fixes #12491. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17744)
* Correct the UnsafeLegacyServerConnect docsMatt Caswell2022-02-281-1/+3
| | | | | | | | | This option is no longer set by default from OpenSSL 3.0. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/17748)
* Change `strlen' argument name to `strlength' to avoid c++ reserved words.Pauli2022-02-281-3/+4
| | | | | | | | Fixes #17753 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17764)
* fetch: convert a NULL property query to ""Pauli2022-02-281-0/+6
| | | | | | | | | | | | | Previously, a NULL property query was never cached and this lead to a performance degregation. Now, such a query is converted to an empty string and cached. Fixes #17752 Fixes https://github.openssl.org/openssl/openssl/issues/26 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17769)
* X509_VERIFY_PARAM_set_flags.pod: fix typosCarlo Teubner2022-02-241-2/+2
| | | | | | | | CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17731)
* Add -quiet option to pkcs7 for -print_certsRaul Ferrando2022-02-241-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17708)
* Undeprecate OPENSSL_VERSION_NUMBER and OpenSSL_version_num()Matt Caswell2022-02-241-32/+20
| | | | | | | | | | | | | | | | This macro and function were deprecated in the documentation but not in the source. Following an OTC vote the deprecation has been removed from the documentation. See https://github.com/openssl/technical-policies/issues/26 Fixes #17517 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17750)
* doc: Fix KDF example for scryptmsa422022-02-231-1/+1
| | | | | | | | CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17745)
* X509V3_get_d2i.pod: use I<> for arguments and remove B<> around NULLDr. David von Oheimb2022-02-221-23/+23
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17724)
* X509V3_get_d2i.pod: Fix glitch on X509V3_get{,_ext}_d2i and align orderDr. David von Oheimb2022-02-221-13/+15
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17724)
* CMP: add subject of any provided CSR as default message senderDr. David von Oheimb2022-02-222-2/+5
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17723)
* doc: Refactored the example in crypto.podyangyangtiantianlonglong2022-02-201-0/+7
| | | | | | | | Added return value and error code in the sample Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17721)
* doc: Update "SSL/TLS" old documentation description in openssl.podyangyangtiantianlonglong2022-02-201-2/+2
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17721)
* Fix typoDimitris Apostolou2022-02-201-1/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/17713)
* enc : add support for wrap modeEasySec2022-02-181-1/+19
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17691)
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-04 03:35:54 +0100