summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Expand)Author
2021-09-02RFC 6066 section 8 allows the server MAY choose not send the CertificateStatusBob Beck
2021-09-02this is not a section 3 man page anymoreTheo de Raadt
2021-09-01remove unused macro;Jason McIntyre
2021-09-01inet_ntop(3) needs sys/socket.h for AF_INET / AF_INET6 so add the headerClaudio Jeker
2021-09-01neither ktrace(2) or utrace(2) require a caller to pull sys/param.hTheo de Raadt
2021-09-01comment out the detailed description of SSL_get_servername(3),Ingo Schwarze
2021-09-01Remove assignment of value that is never read.Bob Beck
2021-08-31Remove some dead code that was missed in an earlier cleanup andTheo Buehler
2021-08-31Defragment DTLS.Joel Sing
2021-08-31Remove a nonsensical s->version == TLS1_VERSION from DTLS code.Joel Sing
2021-08-31whitespaceTheo Buehler
2021-08-30Make uuid_from_string() reject a string of the correct length but having aKenneth R Westerback
2021-08-30Clean up and simplify info and msg callbacks.Joel Sing
2021-08-30Replace DTLS r_epoch with the read epoch from the TLSv1.2 record layer.Joel Sing
2021-08-30Move to an AEAD nonce allocated in the TLSv1.2 record layer.Joel Sing
2021-08-30sync with OpenSSL 1.1.1, which is still under a free license;Ingo Schwarze
2021-08-30Document that %n has been neutered -- it now does syslog+abort.Theo de Raadt
2021-08-30Ignore warning alert returns from servername callback in TLSv1.3Theo Buehler
2021-08-30jca and I converted %n to a syslog warning about a year ago, and the portsTheo de Raadt
2021-08-30Revert previous change that changed our default return for unable toBob Beck
2021-08-30Fix Jan's regress in openssl/x509 to do what it says it does,Bob Beck
2021-08-29fix an obvious mixup regarding the order of lines in the SYNOPSIS,Ingo Schwarze
2021-08-29Don't call the verify callback twice on success.Bob Beck
2021-08-29Add ober_dup. Needed for upcoming SNMPv3 support for trap receiver inMartijn van Duren
2021-08-28Get rid of historical code to extract the roots in the legacy case.Bob Beck
2021-08-28Clean up and simplify ssl3_dispatch_alert() and ssl3_send_alert().Joel Sing
2021-08-28Zap blanks before tabs.Theo Buehler
2021-08-28Remove the "dump_chain" flag and code. This was a workaround for a problem whereBob Beck
2021-08-27Remove unused #include <assert.h>.Theo Buehler
2021-08-24Fix various read buffer overflow when printing ASN.1 strings (which areTheo Buehler
2021-08-19Pull roots out of the trust store in the legacy xsc when building chainsBob Beck
2021-08-18Import initial code for the SM2 cipherTheo Buehler
2021-08-18Add a check_trust call to the legacy chain validation on chain add, rememberingBob Beck
2021-08-18Refactor the legacy chain validation from the chain adding code into itsBob Beck
2021-08-16typo in commentTheo Buehler
2021-08-14when talking about non-blocking I/O, .Xr both FIONBIO and O_NONBLOCKIngo Schwarze
2021-08-13Stop using a while loop for code that runs at most once,Ingo Schwarze
2021-08-12Stop playing hopeless games with FIONBIO.Ingo Schwarze
2021-08-11Only enter the sig_no switch if we actually return from read(2) withMartijn van Duren
2021-08-10While el_gets(3) and el_wgets(3) wait for user input, no longer ignoreIngo Schwarze
2021-08-09Unifdef read__fixio() to make it readable.Ingo Schwarze
2021-08-06link X509_STORE_get_by_subject(3) and X509_ocspid_print(3) to the build,Ingo Schwarze
2021-08-06new manual page X509_ocspid_print(3)Ingo Schwarze
2021-08-06add a roff(7) comment marking the API function X509_get_default_private_dir()Ingo Schwarze
2021-08-04SSL_CTX_remove_session() checks for a NULL session, avoid doing it twice.Joel Sing
2021-08-03Document X509_get_default_cert_dir_env(3)Ingo Schwarze
2021-08-03Document X509_get_default_cert_area(3).Ingo Schwarze
2021-08-02tweaks regarding X509_LOOKUP_by_subject(3):Ingo Schwarze
2021-08-02new manual page X509_STORE_get_by_subject(3)Ingo Schwarze
2021-08-01document X509_STORE_load_mem(3) and X509_STORE_add_lookup(3)Ingo Schwarze