summaryrefslogtreecommitdiffstats
path: root/doc
AgeCommit message (Collapse)Author
2022-04-12Add an initial QUIC Technical requirements documentMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17577)
2022-04-12s390: Add new machine generationJuergen Christ
Allow to specify "z16" as machine generation in environment variable OPENSSL_s390xcap. It is an alias for "z15". Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18054)
2022-04-07Document {SSL|SSL_CTX}_set_{purpose|trust}()Hugo Landau
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18037)
2022-04-07Document SSL_CTX_get_ssl_methodHugo Landau
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18037)
2022-04-06Add SSL_(CTX_)?get0_(verify|chain)_cert_store functionsHugo Landau
Currently we do not have any way to retrieve these values once set. Fixes #18035. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18038)
2022-04-05Document the fact that setting a BIO create function means the BIO will no ↵Arran Cudbard-Bell
longer be marked as initialised Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/17983)
2022-04-02CMS sign digestViktor Söderqvist
CLI changes: New parameter -digest to CLI command openssl cms, to provide pre-computed digest for use with -sign. API changes: New function CMS_final_digest(), like CMS_final() but uses a pre-computed digest instead of computing it from the data. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/15348)
2022-04-01Refactor OSSL_LIB_CTX to avoid using CRYPTO_EX_DATAHugo Landau
This refactors OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA. The assorted objects to be managed by OSSL_LIB_CTX are hardcoded and are initialized eagerly rather than lazily, which avoids the need for locking on access in most cases. Fixes #17116. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17881)
2022-03-31doc: fix example in ssh KDF man page.Pauli
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17972)
2022-03-30document the safe_div_round_up_TYPE functionsPauli
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17884)
2022-03-28Fix typo in manpage SSL_CONF_cmd(3)Hugo Landau
Fixes #17976. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17977)
2022-03-28Remove statistics tracking from LHASHHugo Landau
Fixes #17928. Supercedes #17931. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17935)
2022-03-25ticket_lifetime_hint may exceed 1 week in TLSv1.3Todd Short
For TLSv1.3, limit ticket lifetime hint to 1 week per RFC8446 Fixes #17948 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17952)
2022-03-18OSSL_CMP_CTX_new.pod: make references to private key consistent with ↵Dr. David von Oheimb
OSSL_CMP_MSG_get0_header.pod Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17887)
2022-03-18OSSL_CMP_MSG_get0_header.pod: re-phrase two lenthy otherwise clauses as listsDr. David von Oheimb
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17887)
2022-03-18SSL_CTX_set_verify.pod: move a note further down where it fits betterDr. David von Oheimb
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17887)
2022-03-18Fix documentation for provider-signatureHugo Landau
Fixes #17909. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17914)
2022-03-18List missing operations in provider(7)Hugo Landau
Fixes #17910. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17915)
2022-03-15Add documentation of BN_mod_sqrt()Tomas Mraz
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
2022-03-14Fix documentation of parameters for DH and ECDH KEXTomas Mraz
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17859)
2022-03-14Add manpages for SSL_get_certificate, SSL_get_private_keyHugo Landau
This is as I understand these functions from reading the code. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17815)
2022-03-14Replace handling of negative verification result with SSL_set_retry_verify()Tomas Mraz
Provide a different mechanism to indicate that the application wants to retry the verification. The negative result of the callback function now indicates an error again. Instead the SSL_set_retry_verify() can be called from the callback to indicate that the handshake should be suspended. Fixes #17568 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17825)
2022-03-12OSSL_CMP_CTX_setup_CRM(): Fix handling of defaults from CSR and refcertDr. David von Oheimb
Also update and complete related documentation. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17726)
2022-03-11DOC: TLS compression is disabled by defaultTodd Short
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/17854)
2022-03-10Add TFO support to socket BIO and s_client/s_serverTodd Short
Supports Linux, MacOS and FreeBSD Disabled by default, enabled via `enabled-tfo` Some tests Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8692)
2022-03-10async_posix: Allow custom stack allocation functions to be specified for ↵Arran Cudbard-Bell
POSIX contexts Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17762)
2022-03-03Fix typo in EVP_MD-BLAKE2(7)Hugo Landau
Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17790)
2022-03-02Improve documentation of BIO_FLAGS_BASE64_NO_NL flag.Daniel
Fixes #12491. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17744)
2022-02-28Correct the UnsafeLegacyServerConnect docsMatt Caswell
This option is no longer set by default from OpenSSL 3.0. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/17748)
2022-02-28Change `strlen' argument name to `strlength' to avoid c++ reserved words.Pauli
Fixes #17753 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17764)
2022-02-28fetch: convert a NULL property query to ""Pauli
Previously, a NULL property query was never cached and this lead to a performance degregation. Now, such a query is converted to an empty string and cached. Fixes #17752 Fixes https://github.openssl.org/openssl/openssl/issues/26 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17769)
2022-02-24X509_VERIFY_PARAM_set_flags.pod: fix typosCarlo Teubner
CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17731)
2022-02-24Add -quiet option to pkcs7 for -print_certsRaul Ferrando
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17708)
2022-02-24Undeprecate OPENSSL_VERSION_NUMBER and OpenSSL_version_num()Matt Caswell
This macro and function were deprecated in the documentation but not in the source. Following an OTC vote the deprecation has been removed from the documentation. See https://github.com/openssl/technical-policies/issues/26 Fixes #17517 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17750)
2022-02-24doc: Fix KDF example for scryptmsa42
CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17745)
2022-02-22X509V3_get_d2i.pod: use I<> for arguments and remove B<> around NULLDr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17724)
2022-02-22X509V3_get_d2i.pod: Fix glitch on X509V3_get{,_ext}_d2i and align orderDr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17724)
2022-02-22CMP: add subject of any provided CSR as default message senderDr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17723)
2022-02-20doc: Refactored the example in crypto.podyangyangtiantianlonglong
Added return value and error code in the sample Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17721)
2022-02-20doc: Update "SSL/TLS" old documentation description in openssl.podyangyangtiantianlonglong
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17721)
2022-02-20Fix typoDimitris Apostolou
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/17713)
2022-02-18enc : add support for wrap modeEasySec
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17691)
2022-02-14Apply the correct Apache v2 licenseTomas Mraz
There were still a few files mentioning the old OpenSSL license. Fixes #17684 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17686)
2022-02-14Implement a new flag for running s_client in a non-interactive modeRami Khaldi
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17097)
2022-02-11Added checking for buflen overflow due to MAX_MISALIGNMENT.Kevin K Biju
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17646)
2022-02-09Fix small typo in EVP_KEYEXCH-ECDH.html doc exampleEasySec
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17657)
2022-02-07doc: Add hint to use EVP_PKEY_get_bn_param to retrieve big integersTomas Mraz
Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17423)
2022-02-07Correct return type for BIO_ptr_ctrlThomas1664
Fixes #17549 CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17636)
2022-02-03openssl-dgst.pod.in: Fix documentation of -list optionEasySec
Mention openssl list -digest-algorithms, NOT -digest-commands. Move option -list just after the related option -digest. Fix HTML formatting of section 'Examples' by adding missing newlines and add 2 examples variant to clarify syntax of the command. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17626)
2022-02-03add SSL_get0_iana_groups() & SSL_client_hello_get_extension_order()Phus Lu
The function/macro allow user get groups/extensions without memory allcations. So we could calculate the ssl fignerprint(ja3) in low cost. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16910)
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-15 07:07:07 +0000