| Age | Commit message (Collapse) | Author |
|---|
|
version.
ok beck@ doug@
|
|
ok doug@
|
|
protocol version range.
This also fixes a bug whereby if all protocols were disabled, the client
would still use TLSv1.2 in the client hello, only to have if fail with
unsupported version when it received and processed the server hello.
ok doug@
|
|
|
|
defines - do not rely on another heading making those available for us.
|
|
commit 67adf0a7c273a82901ce8705ae8d71ee2f1c959c
Author: Markus Triska <triska@metalevel.at>
Date: Sun Dec 25 19:58:38 2016 +0100
|
|
|
|
unintentionally changed during the CBS/CBB rewrite.
Issue reported by jeremy@ due to failing ruby tests.
Analysis and near identical diff from Kazuki Yamaguchi <k at rhe.jp>.
|
|
at the end of the buffer.
Issue identified by and diff from Kazuki Yamaguchi <k at rhe.jp>.
|
|
not really being used.
ok beck.
|
|
changes to libssl non-opaque structs.
|
|
for future work.
Discussed with beck@
|
|
Testing of an earlier revision by naddy@.
ok beck@
|
|
ok doug@
|
|
|
|
reference X509_NAME_new(3). Sparingly add a few other
references to relevant X509_NAME*(3) pages while here.
|
|
ok doug@
|
|
ok doug@
|
|
the EC_POINT_point2oct() calls.
Feedback from and ok doug@
|
|
Delete all the function prototypes.
They are all available from their individual manual pages.
Here, they were incomplete and nothing but a maintenance nightmare.
Add several missing cross reference, such that
this page now references all libssl manual pages.
Delete a sentence that said nothing and correct a typo.
Now all libssl manuals have proper Copyright notices and licenses,
and i have merged all improvements from OpenSSL that i could find.
|
|
where BUGS is longer than DESCRIPTION. The function is listed in
ssl(3) and <openssl/ssl.h>, so it's clearly public.
The code looks slightly mysterious to me, so it would be welcome if
somebody more familiar with TLS protocols could check factual accuracy.
|
|
SSL_num_renegotiations(3) written from scratch. These functions
are listed in ssl(3) and <openssl/ssl.h>, so they are clearly public.
|
|
so it's clearly a public interface.
|
|
in ssl(3) and <openssl/ssl.h>, so it's clearly a public interface.
More could probably be said, the code looks somewhat mysterious to me,
but i think this stub is already better than nothing.
|
|
|
|
listed in ssl(3) and <openssl/ssl.h>, so it's clearly a public interface.
We might wish to merge the improved code from OpenSSL 1.1.0,
but that's major bump, so i'm documenting the BUGS for now.
|
|
in ssl(3) and <openssl/ssl.h>, so it is clearly public.
|
|
Mentioned in ssl(3) and <openssl/ssl.h>, so it is public.
|
|
SSL_add_dir_cert_subjects_to_stack(3), written from scratch.
Both functions are listed in ssl(3) and <openssl/ssl.h> and recommended
for the use by browsers in source code comments, so they are clearly
public interfaces.
Mention deduplication.
Purge some duplicate text and improve some wording while here.
Two additional cross references instead of the useless ssl(3).
Add HISTORY, AUTHORS, and BUGS.
It is depressing that BUGS (purely from code inspection) became
longer than the DESCRIPTION.
|
|
ok doug@
|
|
this contains the session master key.
ok deraadt@ doug@
|
|
this contains the session master key.
ok deraadt@ doug@
|
|
a public interface since it's listed both in ssl(3) and in
<openssl/ssl.h>. Nothing to pilfer from OpenSSL in this case...
|
|
because that's what <openssl/ssl.h> #defines.
That's likely a typo in the header file because all the other
functions are called *tmp_rsa*(). But it would be a bad idea to
fix such a bug in interfaces that are only provided for backward
compatibility in the first place, so i'm adjusting the manual to
be bug-compatible with the code, for now.
But, pretty please, for the next major bump, somebody go get Bob's
flensing knife and excise this part of the interface. Like, export
ciphers? Really?
|
|
|
|
Garbage collect empty RETURN VALUES section.
Delete useless cross reference to ssl(3).
Add cross reference to SSL_SESSION_new(3).
|
|
The function prototype is listed in ssl(3) and <openssl/ssl.h>, so
it's clearly a public interface, but OpenSSL has no documentation
about it whatsoever.
|
|
ok doug@
|
|
handshake functions, we can remove more copied code from DTLS.
|
|
up and restructure.
This also adds CBB based variants of the ssl3_handshake_msg_{start,finish}
functions - for the time being these use a CBB to build the messages, then
copy back into the init_buf.
ok doug@
|
|
|
|
Add one cross reference, from OpenSSL.
|
|
the number of bytes written via an explicit *outlen argument and retaining
the return value to indicate success or failure.
ok doug@
|
|
premaster secret, so name it accordingly. Also, remove bogus assignment
of master_key_length - the correct value is assigned when the master_key
is set.
ok beck@ doug@
|
|
ok beck@ doug@
|
|
Stop talking about SSLv2 and SSLv3.
Some minor tweaks.
|
|
Wording improvements and a bit of additional information from OpenSSL.
|
|
Stop talking about SSLv2 and SSLv3.
|
|
|
|
Merge documentation of SSL_peek(3) from OpenSSL.
Stop taking about SSLv2.
Many wording improvements, most from OpenSSL.
|
