aboutsummaryrefslogtreecommitdiffstats
path: root/doc
Commit message (Collapse)AuthorAgeFilesLines
* Add SSL_CTX early callbackBenjamin Kaduk2017-02-233-6/+136
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Provide a callback interface that gives the application the ability to adjust the nascent SSL object at the earliest stage of ClientHello processing, immediately after extensions have been collected but before they have been processed. This is akin to BoringSSL's "select_certificate_cb" (though it is not API compatible), and as the name indicates, one major use is to examine the supplied server name indication and select what certificate to present to the client. However, it can also be used to make more sweeping configuration changes to the SSL object according to the selected server identity and configuration. That may include adjusting the permitted TLS versions, swapping out the SSL_CTX object (as is traditionally done in a tlsext_servername_callback), changing the server's cipher list, and more. We also wish to allow an early callback to indicate that it needs to perform additional work asynchronously and resume processing later. To that effect, refactor the second half of tls_process_client_hello() into a subroutine to be called at the post-processing stage (including the early callback itself), to allow the callback to result in remaining in the same work stage for a later call to succeed. This requires allocating for and storing the CLIENTHELLO_MSG in the SSL object to be preserved across such calls, but the storage is reclaimed after ClientHello processing finishes. Information about the CliehtHello is available to the callback by means of accessor functions that can only be used from the early callback. This allows extensions to make use of the existing internal parsing machinery without exposing structure internals (e.g., of PACKET), so that applications do not have to write fragile parsing code. Applications are encouraged to utilize an early callback and not use a servername_callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback. Also tidy up nearby style by removing unnecessary braces around one-line conditional bodies. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2279)
* Refactor SSL_bytes_to_cipher_list()Benjamin Kaduk2017-02-231-12/+7
| | | | | | | | | | | | | | | | | Split off the portions that mutate the SSL object into a separate function that the state machine calls, so that the public API can be a pure function. (It still needs the SSL parameter in order to determine what SSL_METHOD's get_cipher_by_char() routine to use, though.) Instead of returning the stack of ciphers (functionality that was not used internally), require using the output parameter, and add a separate output parameter for the SCSVs contained in the supplied octets, if desired. This lets us move to the standard return value convention. Also make both output stacks optional parameters. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2279)
* Export SSL_bytes_to_cipher_list()Benjamin Kaduk2017-02-231-1/+21
| | | | | | | | | | | | | | | | | Move ssl_bytes_to_cipher_list() to ssl_lib.c and create a public wrapper around it. This lets application early callbacks easily get SSL_CIPHER objects from the raw ciphers bytes without having to reimplement the parsing code. In particular, they do not need to know the details of the sslv2 format ClientHello's ciphersuite specifications. Document the new public function, including the arguably buggy behavior of modifying the supplied SSL object. On the face of it, such a function should be able to be pure, just a direct translation of wire octets to internal data structures. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2279)
* apps/req.c: flag "-new" is implied by "-precert"Rob Percival2017-02-221-0/+2
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/843)
* Documentation for the -precert flag for "openssl req"Rob Percival2017-02-221-0/+9
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/843)
* Provided support for the -nameopt flag in s_client, s_server and s_timeDmitry Belyavskiy2017-02-213-0/+24
| | | | | | | commands. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2695)
* Implementation of the ARIA cipher as described in RFC 5794.Pauli2017-02-216-11/+47
| | | | | | | | | | | | | | This implementation is written in endian agnostic C code. No attempt at providing machine specific assembly code has been made. This implementation expands the evptests by including the test cases from RFC 5794 and ARIA official site rather than providing an individual test case. Support for ARIA has been integrated into the command line applications, but not TLS. Implemented modes are CBC, CFB1, CFB8, CFB128, CTR, ECB and OFB128. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2337)
* Added '-nameopt' option to the verify command.Dmitry Belyavskiy2017-02-201-0/+8
| | | | | | | | It makes possible to print the certificate's DN correctly in case of verification errors. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2656)
* Don't use an enum in the return type for a public API functionMatt Caswell2017-02-172-13/+4
| | | | | | We use an int instead. That means SSL_key_update() also should use an int. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add documentation for SSL_key_update() and SSL_get_key_update_type()Matt Caswell2017-02-172-0/+123
| | | | | | | This also adds documentation for the pre-existing and related SSL_renegotiate*() functions. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add Sieve support (RFC 5804) to s_client ("-starttls sieve")Robert Scheck2017-02-141-1/+1
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2300)
* DES keys are not 7 days long.Darren Tucker2017-02-131-1/+1
| | | | | | | CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2604)
* Fix a typo in the X509_get0_subject_key_id() documentationMatt Caswell2017-02-091-1/+1
| | | | | | Fixes a copy&paste error Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2568)
* Update documentationDr. Stephen Henson2017-02-082-2/+13
| | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2550)
* Centralize documentation about config file locationRich Salz2017-02-075-34/+24
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2569)
* apps: Add support for writing a keylog filePeter Wu2017-02-072-0/+10
| | | | | | | | | | The server and client demos (s_client and s_server) are extended with a -keylogfile option. This is similar as setting the SSLKEYLOGFILE environment variable for NSS and creates a keylog file which is suitable for Wireshark. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2343)
* Fix parsing of serial# in reqRich Salz2017-02-061-1/+0
| | | | | | Reported by Jakub Wilk. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2556)
* Doc fixRich Salz2017-02-061-4/+5
| | | | | | Reported by Alexander Köppe Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2557)
* Add NNTP support (RFC 4642) to s_client ("-starttls nntp")Robert Scheck2017-02-031-1/+1
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2310)
* Add support for parameterized SipHashTodd Short2017-02-011-1/+1
| | | | | | | | | | | The core SipHash supports either 8 or 16-byte output and a configurable number of rounds. The default behavior, as added to EVP, is to use 16-byte output and 2,4 rounds, which matches the behavior of most implementations. There is an EVP_PKEY_CTRL that can control the output size. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2216)
* Update documentationDr. Stephen Henson2017-01-302-2/+50
| | | | | | | | | Add details of the use of PSS for signature algorithms. Document SSL_get_peer_signature_nid() and SSL_get_peer_signature_type_nid(). Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2301)
* Document DH_check_params()Richard Levitte2017-01-261-3/+29
| | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Few nit'sFdaSilvaYY2017-01-252-9/+6
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1618)
* Fix some extra or missing whitespaces...FdaSilvaYY2017-01-252-6/+5
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1618)
* Add support for Poly1305 in EVP_PKEYTodd Short2017-01-242-1/+11
| | | | | | | Add Poly1305 as a "signed" digest. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2128)
* Add documentation for the key logging callbacksCory Benfield2017-01-231-0/+48
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1646)
* 'openssl passwd' command can now compute AIX MD5-based passwords hashes.Gaétan Njinang2017-01-211-1/+8
| | | | | | | | | | | | | The difference between the AIX MD5 password algorithm and the standard MD5 password algorithm is that in AIX there is no magic string while in the standard MD5 password algorithm the magic string is "$1$" Documentation of '-aixmd5' option of 'openssl passwd' command is added. 1 test is added in test/recipes/20-test-passwd.t Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2251)
* correct 3 mistakesMarkus Triska2017-01-191-2/+2
| | | | | | | | CLA: trivial Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2257)
* Defines and strings for special salt length values, add testsDr. Stephen Henson2017-01-183-13/+15
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2236)
* Add support for -1, -2 salt lengths for PSS only keys.Dr. Stephen Henson2017-01-181-2/+3
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2236)
* Correct reference to SSL_get_peer_cert_chain().Markus Triska2017-01-181-1/+1
| | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> CLA: trivial (Merged from https://github.com/openssl/openssl/pull/2247)
* Fix man3 reference to CRYPTO_secure_usedxemdetia2017-01-161-2/+2
| | | | | | | | CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2238)
* Fix "failure rate" bugsRich Salz2017-01-131-2/+2
| | | | Reviewed-by: Emilia Käsper <emilia@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2228)
* Make X509_Digest,others publicRich Salz2017-01-121-0/+65
| | | | | | Also, if want SHA1 then use the pre-computed value if there. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2223)
* Rename file so "ls" works on 80 columnsRich Salz2017-01-121-0/+0
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2221)
* Add documentationRich Salz2017-01-121-1/+31
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1252)
* GH2176: Add X509_VERIFY_PARAM_get_timeRich Salz2017-01-121-0/+2
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2208)
* UI documentation fixupRichard Levitte2017-01-121-3/+2
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2218)
* Add a few documentation lines about UI_OpenSSL()Richard Levitte2017-01-111-0/+3
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2204)
* Document the UI utility functionsRichard Levitte2017-01-111-0/+47
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2204)
* Add an application data field in the UI_METHODRichard Levitte2017-01-111-0/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2204)
* Fix typo in Blake2 function namesRich Salz2017-01-101-6/+6
| | | | | | Fixes GitHub issue 2169. Reviewed-by: Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2207)
* Rename "verify_cb" to SSL_verify_cbRich Salz2017-01-091-4/+4
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2151)
* Doc nits: callback function typedefsRich Salz2017-01-099-15/+32
| | | | | | | | | Enhance find-doc-nits to be better about finding typedefs for callback functions. Fix all nits it now finds. Added some new typedef names to ssl.h some of which were documented but did not exist Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2151)
* Documentation clarification and fixes.Dr. Stephen Henson2017-01-081-15/+15
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
* Add documentation for PSS control operations.Dr. Stephen Henson2017-01-081-0/+99
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
* document RSA-PSS algorithm optionsDr. Stephen Henson2017-01-082-0/+51
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
* replace "will lookup up" by "will look up"Markus Triska2016-12-291-1/+1
| | | | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> CLA: trivial (Merged from https://github.com/openssl/openssl/pull/2145)
* Fix typo.Finn Hakansson2016-12-181-1/+1
| | | | | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> CLA: trivial (Merged from https://github.com/openssl/openssl/pull/2086)
* man3/OPENSSL_ia32cap.pod: clarify AVX512 support in clang context.Andy Polyakov2016-12-151-1/+20
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-29 08:09:22 +0000