summaryrefslogtreecommitdiffstats
path: root/doc
AgeCommit message (Collapse)Author
2014-08-22Improve EVP_PKEY_sign documentationEmilia Kasper
Clarify the intended use of EVP_PKEY_sign. Make the code example compile. Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit d64c533a207f7b6d86c3bc8ffb053e5f4d0c1ca0)
2014-07-21Minor documentation update removing "really" and aTim Hudson
statement of opinion rather than a fact. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit c8d133e4b6f1ed1b7ad3c1a6d2c62f460e26c050)
2014-07-19Fix documentation for RSA_set_method(3)Dr. Stephen Henson
PR#1675 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 197400c3f0d617d71ad8167b52fb73046d334320)
2014-07-17Fix typo, add reference.Jeffrey Walton
PR#3456 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit d48e78f0cf22aaddb563f4bcfccf25b1a45ac8a4)
2014-07-15Add Matt Caswell's fingerprint, and general update on the fingerprints file ↵Matt Caswell
to bring it up to date Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 3bd548192a03142c80cf8bc68659d79dea20a738)
2014-07-15Clarify -Verify and PSK.Dr. Stephen Henson
PR#3452 (cherry picked from commit ca2015a617842fed3d36ed4dcbbf8d5e27bc5216)
2014-07-14document -nextprotoneg option in man pagesHubert Kario
Add description of the option to advertise support of Next Protocol Negotiation extension (-nextprotoneg) to man pages of s_client and s_server. PR#3444 (cherry picked from commit 7efd0e777e65eaa6c60d85b1cc5c889f872f8fc4)
2014-07-07Improve X509_check_host() documentation.Viktor Dukhovni
Based on feedback from Jeffrey Walton. (cherry picked from commit b73ac027357da29d9e393f24cd224999c94028d1)
2014-07-07Update API to use (char *) for email addresses and hostnamesViktor Dukhovni
Reduces number of silly casts in OpenSSL code and likely most applications. Consistent with (char *) for "peername" value from X509_check_host() and X509_VERIFY_PARAM_get0_peername(). (cherry picked from commit 297c67fcd817ea643de2fdeff4e434b050d571e2)
2014-07-07Set optional peername when X509_check_host() succeeds.Viktor Dukhovni
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host(). Document modified interface. (cherry picked from commit ced3d9158a7a8c676be504bb6cd3b5ffb7cc7f13)
2014-07-07New peername element in X509_VERIFY_PARAM_IDViktor Dukhovni
Declaration, memory management, accessor and documentation. (cherry picked from commit 6e661d458f5aa8f52bf3d9098bd10025de5f08ea)
2014-07-07Multiple verifier reference identities.Viktor Dukhovni
Implemented as STACK_OF(OPENSSL_STRING). (cherry picked from commit 8abffa4a73fcbf6536e0a42d736ed9211a8204ea)
2014-07-06Document certificate status request options.Dr. Stephen Henson
(cherry picked from commit cba3f1c739f012aaadb85aaefaf8de424d2695e2)
2014-07-06Update ticket callback docs.Dr. Stephen Henson
(cherry picked from commit a23a6e85d8dcd5733a343754f434201f3c9aa6f0)
2014-07-06Added reference to platform specific cryptographic acceleration such as AES-NIJeffrey Walton
2014-07-06Fixed error in pod files with latest versions of pod2manMatt Caswell
(cherry picked from commit 07255f0a76d9d349d915e14f969b9ff2ee0d1953)
2014-07-04typoDr. Stephen Henson
2014-07-04Remove all RFC5878 code.Dr. Stephen Henson
Remove RFC5878 code. It is no longer needed for CT and has numerous bugs.
2014-07-03Merge branch 'rsalz-docfixes'Rich Salz
2014-07-02Fix doc typo.Matt Smart
ERR_get_error(3) references the non-existent ERR_get_last_error_line_data instead of the one that does exist, ERR_peek_last_error_line_data. PR#3283 (cherry picked from commit 5cc99c6cf5e908df6b00b04af7f08e99c0698c7b)
2014-06-29Clarified that the signature's buffer size, `s`, is not used as anJeffrey Walton
IN parameter. Under the old docs, the only thing stated was "at most EVP_PKEY_size(pkey) bytes will be written". It was kind of misleading since it appears EVP_PKEY_size(pkey) WILL be written regardless of the signature's buffer size. (cherry picked from commit 6e6ba36d980f67b6e5c7b139f78da7acbbf8ec76)
2014-06-29Typo.Ken Ballou
PR#3173 (cherry picked from commit 76ed5a42ea68dd08bba44e4003b7e638e5d8a4a3)
2014-06-29Clarify protocols supported.Dr. Stephen Henson
Update protocols supported and note that SSLv2 is effectively disabled by default. PR#3184 (cherry picked from commit 1b13a4f38dfc385d5e776f6b3e06c5795874cf9b)
2014-06-27Clarify docs.Jeffrey Walton
Document that the certificate passed to SSL_CTX_add_extra_chain_cert() should not be freed by the application. PR#3409 (cherry picked from commit 0535c2d67ca2d684087ef90be35d5fb207aab227)
2014-06-25More complete X509_check_host documentation.Viktor Dukhovni
(cherry picked from commit d241b804099ce28c053ba988eb5532b1a32dd51e)
2014-06-12Client-side namecheck wildcards.Viktor Dukhovni
A client reference identity of ".example.com" matches a server certificate presented identity that is any sub-domain of "example.com" (e.g. "www.sub.example.com). With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches only direct child sub-domains (e.g. "www.sub.example.com"). (cherry picked from commit e52c52f10bb8e34aaf8f28f3e5b56939e8f6b357)
2014-06-10backport changes to ciphers(1) man pageHubert Kario
Backport of patch: add ECC strings to ciphers(1), point out difference between DH and ECDH and backport of other other assorted fixes to this man page * Make a clear distinction between DH and ECDH key exchange. * Group all key exchange cipher suite identifiers, first DH then ECDH * add descriptions for all supported *DH* identifiers * add ECDSA authentication descriptions * add example showing how to disable all suites that offer no authentication or encryption * update status of static DH (it's now supported) * backport descriptions of AES128, AES256, AESGCM * backport descriptions of CAMELLIA128, CAMELLIA256 * backport listing of standard names for ECC cipher suites and TLSv1.2 cipher suites * backport description of PSK cipher suites
2014-06-07Fixed minor duplication in docsMatt Caswell
2014-06-01Option to disable padding extension.Dr. Stephen Henson
Add TLS padding extension to SSL_OP_ALL so it is used with other "bugs" options and can be turned off. This replaces SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG which is an ancient option referring to SSLv2 and SSLREF. PR#3336 (cherry picked from commit 758415b2259fa45d3fe17d8e53ae1341b7b6e482) Conflicts: ssl/t1_lib.c
2014-05-25Fixed error in args for SSL_set_msg_callback and SSL_set_msg_callback_argMatt Caswell
2014-05-22Fixed minor copy&paste error, and stray space causing rendering problemMatt Caswell
2014-05-22Fixed unterminated B tag, causing build to fail with newer pod2man versionsMatt Caswell
2014-05-21Fixes to host checking.Viktor Dukhovni
Fixes to host checking wild card support and add support for setting host checking flags when verifying a certificate chain. (cherry picked from commit 397a8e747dc3f964196caed5ca4e08d4b598362a)
2014-05-21Change default cipher in smime app to des3.Dr. Stephen Henson
PR#3357 (cherry picked from commit ca3ffd9670f2b589bf8cc04923f953e06d6fbc58)
2014-05-15Moved note about lack of support for AEAD modes out of BUGS section to ↵Matt Caswell
SUPPORTED CIPHERS section (bug has been fixed, but still no support for AEAD)
2014-05-14Fix grammar error in verify pod. PR#3355Jeffrey Walton
2014-05-14Add information to BUGS section of enc documentation. PR#3354Jeffrey Walton
2014-05-14Corrected POD syntax errors. PR#3353Michal Bozon
2014-05-12Correct the return type on the signature for X509_STORE_CTX_get_ex_data ↵Jean-Paul Calderone
given in the pod file.
2014-05-02typo in SSL_get_peer_cert_chain docsJeff Trawick
RT: 3304
2014-05-01Fixed various pod errorsMatt Caswell
2014-04-30POD: Fix item numberingLubomir Rintel
Newer pod2man considers =item [1-9] part of a numbered list, while =item 0 starts an unnumbered list. Add a zero effect formatting mark to override this. doc/apps/smime.pod around line 315: Expected text after =item, not a number ... PR#3146
2014-04-26Fix version documentation.mancha
Specify -f is for compilation flags. Add -d to synopsis section. (cherry picked from commit 006397ea62bbcae22c8664d53c2222b808c4bdd1) Closes #78.
2014-04-16Document -debug_decrypt option.Dr. Stephen Henson
(cherry picked from commit 0dd5b94aeb77c2982bdf6886962b7a8491c6c9ed)
2014-04-15Clarify CMS_decrypt behaviour.Dr. Stephen Henson
(cherry picked from commit 5f8e9a477a18551052f2019c1f374061acbaa5e6)
2014-04-11Add new key fingerprint.Dr. Stephen Henson
(cherry picked from commit 3143a332e8f2f5ca1a6f0262a1a1a66103f2adf7)
2014-04-07Document -verify_return_error option.Dr. Stephen Henson
(cherry picked from commit 4e6c12f3088d3ee5747ec9e16d03fc671b8f40be)
2014-04-03Document new crl option.Dr. Stephen Henson
(cherry picked from commit dbb7654dc189992966ecd95ca66f7a3bb011ab9b)
2014-03-27Add -no_resumption_on_reneg to SSL_CONF.Dr. Stephen Henson
2014-03-27Update chain building function.Dr. Stephen Henson
Don't clear verification errors from the error queue unless SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR is set. If errors occur during verification and SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR is set return 2 so applications can issue warnings.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-26 07:44:26 +0000