summaryrefslogtreecommitdiffstats
path: root/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* pcap-filter(3) is not a function, it is a language description. It wasderaadt2019-09-033-6/+6
| | | | | | mostly cobbled together from a pre-mandoc tcpdump manual page, and desperately needs some loving. First step is to name it right. Discussed with jmc
* Correct the length for argument of reallocarray(). This fix the SEGVasou2019-09-031-2/+2
| | | | | | | when launch the vi editor in vi mode. This fix is similar 1.63 from NetBSD lib/libedit/vi.c. OK schwarze@ yasuoka@
* More correction of section 3 layout. directory->opendir, fts->fts_open,deraadt2019-09-027-59/+36
| | | | | getcap->cgetent. pwcache->user_from_uid. And then repair references. ok jmc
* Document EVP_PKEY_get0(3), EVP_PKEY_assign_GOST(3), EVP_PKEY_assign(3),schwarze2019-09-012-31/+116
| | | | | and EVP_PKEY_set_type(3). While here, clarify a few points regarding reference count and type checking.
* ypclnt -> yp_bind;jmc2019-08-301-3/+3
|
* .Dt same as filenamederaadt2019-08-301-3/+3
|
* there is no function called ypclnt(3), but yp_bind(3) exists...deraadt2019-08-302-24/+11
|
* name these manual pages by the primary function, for instance therederaadt2019-08-307-374/+69
| | | | | is no function called md5() as discussed with jmc
* mop up stdarg rename; ok deraadtjmc2019-08-305-15/+15
|
* mop up resolver.3 rename; ok deraadtjmc2019-08-305-15/+15
|
* mop up for inet_net rename; ok deraadtjmc2019-08-303-9/+9
|
* adapt to bitstring(3) renaming, and look at that bit_ffs(3) is the actualderaadt2019-08-301-3/+3
| | | | | name we want to Xr... ok jmc
* Move 4 manual pages from not-a-function filenames to a correct filename,deraadt2019-08-306-16/+16
| | | | | and correct Xr. ok jmc
* there is no function called uuid(3), so this should be installed asderaadt2019-08-302-4/+4
| | | | | uuid_compare(3) ok jmc
* there is no pcap(3) function, "man pcap" returns an incorrect result.deraadt2019-08-302-4/+4
| | | | | this page should be called by one of the functions, so i chose the first one: pcap_open_live(3)
* uucplock(3) is incorrectly named in some places, it is actually uu_lock(3)deraadt2019-08-303-6/+6
| | | | (more unclear is if anything in ports uses this, as our base no longer does)
* new manual page AES_encrypt(3)schwarze2019-08-284-5/+181
|
* document OCSP_parse_url(3)schwarze2019-08-271-6/+75
|
* document OCSP_cert_status_str(3)schwarze2019-08-271-3/+19
|
* document OCSP_response_status_str(3)schwarze2019-08-271-4/+19
|
* document i2a_ASN1_INTEGER(3)schwarze2019-08-261-5/+50
|
* document ASN1_put_object(3) and ASN1_put_eoc(3)schwarze2019-08-263-3/+186
|
* document ASN1_OCTET_STRING_cmp(3), ASN1_OCTET_STRING_dup(3), andschwarze2019-08-261-12/+45
| | | | ASN1_OCTET_STRING_set(3)
* Change generating and checking of primes so that the error rate ofschwarze2019-08-252-26/+93
| | | | | | | | | | | not being prime depends on the intended use based on the size of the input. For larger primes this will result in more rounds of Miller-Rabin. The maximal error rate for primes with more than 1080 bits is lowered to 2^-128. Patch from Kurt Roeckx <kurt@roeckx.be> and Annie Yousar via OpenSSL commit feac7a1c Jul 25 18:55:16 2018 +0200, still under a free license. OK tb@.
* document EVP_sm3(3) and EVP_whirlpool(3), loosely based on theschwarze2019-08-255-6/+177
| | | | OpenSSL 1.1.1 pages, which are still under a free license
* fix reversed meaning of error codes;schwarze2019-08-251-7/+7
| | | | | from Martin Ukrop <mukrop at mail dot muni dot cz> via OpenSSL commit bb00b040 Aug 5 14:14:54 2019 +0200
* typo in function argument type;schwarze2019-08-251-4/+4
| | | | | from Jan Macku <jamacku at redhat dot com> via OpenSSL commit a9b9d265 Jan 30 16:09:50 2019 +0100
* Correctly document the return values of i2d_ECDSA_SIG(3) andschwarze2019-08-251-25/+28
| | | | | | | d2i_ECDSA_SIG(3); triggered by OpenSSL commit da4ea0cf Aug 5 16:13:24 2019 +0100, but solved differently. While here, adjust argument placeholders and wording to our usual conventions, and don't try to reiterate the complicated contents of ASN1_item_d2i(3) here.
* import the CRYPTO_memcmp(3) manual from OpenSSL 1.1.1,schwarze2019-08-252-1/+97
| | | | still under a free license, tweaked by me
* document RSAPrivateKey_dup(3) and RSAPublicKey_dup(3)schwarze2019-08-231-11/+55
|
* document X509_get1_email(3), X509_get1_ocsp(3), X509_email_free(3)schwarze2019-08-236-12/+141
|
* document X509_dup(3)schwarze2019-08-231-8/+40
|
* document X509_check_purpose(3)schwarze2019-08-226-9/+403
|
* sysctl(2): add kern.utc_offset: successor to the DST/TIMEZONE options(4)cheloha2019-08-211-1/+18
| | | | | | | | | | | | | | | | | | | | | The DST and TIMEZONE options(4) are incompatible with KARL, so we need some other way to compensate for an RTC running with a known offset. Enter kern.utc_offset, an offset in minutes East of UTC. TIMEZONE has always been minutes West, but this is inconsistent with how everyone else talks about timezones, hence the flip. TIMEZONE has the advantage of being compiled into the binary. Our new sysctl(2) has no such luck, so it needs to be set as early as possible in boot, from sysctl.conf(5), so we can correct the kernel clock from the RTC's local time to UTC before daemons like ntpd(8) and cron(8) start. To encourage this, kern.utc_offset is made immutable after the securelevel(7) is raised to 1. Prompted by yasuoka@. Discussed with deraadt@, kettenis@, yasuoka@. Additional testing by yasuoka@. ok deraadt@, yasuoka@
* Remove support for semantically opace interface identifiers (RFC 7217)florian2019-08-211-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | for IPv6 link local addresses. Some hosting and VM providers route customer IPv6 prefixes to link local addresses derived from ethernet MAC addresses (RFC 2464). This leads to hard to debug IPv6 connectivity problems and is probably not worth the effort. RFC 7721 lists 4 weaknesses: 3.1. Correlation of Activities over Time & 3.2. Location Tracking These are still possible with RFC 7217 addresses for an adversary connected to the same layer 2 network (think conference wifi). Since the link local prefix stays the same (fe80::/64) the link local addresses do not change between different networks. An adversary on the same layer 2 network can probably track ethernet MAC addresses via different means, too. 3.3. Address Scanning & 3.4. Device-Specific Vulnerability Exploitation These now become possible, however, as noted above a layer 2 adversary was probably able to do this via different means. People concerned with these weaknesses are advised to use ifconfig lladdr random. OK benno input & OK kn
* New manual page X509_cmp(3) documenting the same public functionsschwarze2019-08-206-10/+241
| | | | | | as in OpenSSL 1.1.1. I rewrote most of the text for clarity, precision, and conciseness and added some additional information. A few sentences from Paul Yang remain.
* Add static_ASN1_* macroinoguchi2019-08-201-1/+72
| | | | - Add static_ASN1_* macro. Patch was provided by steils AT gentoo.org
* make BN_CTX_end(NULL) a NOOP for compatibility with documented behaviourschwarze2019-08-202-4/+12
| | | | | | | | | in OpenSSL 1.1.1 even though in general, letting random functions accept NULL is not advisable because it can hide programming errors; "yes please" tb@ "unfortunately I suspect you're right" jsing@ "oh well" deraadt@
* document X509_INFO_new(3) and X509_INFO_free(3)schwarze2019-08-194-10/+78
|
* document ECDH_compute_key(3) and ECDH_size(3);schwarze2019-08-198-15/+110
| | | | feedback and OK tb@
* Tweak cross references, in particular making sure thatschwarze2019-08-1823-48/+85
| | | | | all CMS pages are linked to CMS_ContentInfo_new(3) both ways and that closely related pages reference each other.
* minor cleanup:schwarze2019-08-182-63/+37
| | | | | | * avoid jumping back and forth between use cases * delete duplicate information * and minor wording improvements
* minor cleanup:schwarze2019-08-184-54/+74
| | | | | | | * add the missing STANDARDS sections * mark up ASN.1 type names * GOST does not need an ENGINE in LibreSSL, so don't use it as an example * and minor wording improvements and typo fixes
* minor cleanup:schwarze2019-08-181-22/+42
| | | | | | * mark up ASN.1 type and field names * move the RFC reference to STANDARDS * and minor wording improvements
* some cleanup:schwarze2019-08-181-60/+82
| | | | | | | | | | * do not jump back and forth among functions * show data type - NID correspondance in a table * make the difference between content type and embedded content clearer * add the missing STANDARDS section * mark up ASN.1 type names * remove some text that says nothing * and minor wording improvements
* some cleanup:schwarze2019-08-171-44/+46
| | | | | | | | * add the missing STANDARDS section * more precision below RETURN VALUES * simplify some overly verbose text * mark up ASN.1 type names * and minor wording improvements and typo fixes
* minor cleanup:schwarze2019-08-171-89/+88
| | | | | | | | * add the missing STANDARDS section * mark up ASN.1 type names * avoid some repetitions * make some lists more palatable in -column form * and minor wording improvements and typo fixes
* link to the new EC_KEY_METHOD_new(3) pageschwarze2019-08-161-3/+6
| | | | and mention a trap set by EC_KEY_copy(3)
* document the EC_KEY_METHOD function tableschwarze2019-08-163-3/+330
|
* document EC_KEY_get_ex_new_index(3), EC_KEY_get_ex_data(3),schwarze2019-08-162-8/+19
| | | | and EC_KEY_set_ex_data(3)
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.