openssl/doc/ssl
Viktor Dukhovni 5ae4ceb92c Perform DANE-EE(3) name checks by default
In light of potential UKS (unknown key share) attacks on some
applications, primarily browsers, despite RFC761, name checks are
by default applied with DANE-EE(3) TLSA records.  Applications for
which UKS is not a problem can optionally disable DANE-EE(3) name
checks via the new SSL_CTX_dane_set_flags() and friends.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-12 10:16:34 -04:00
..
d2i_SSL_SESSION.pod Unify d2i/i2d documentation. 2016-06-07 15:49:08 -04:00
DTLSv1_listen.pod More doc nits 2016-06-06 10:09:39 -04:00
OPENSSL_init_ssl.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
ssl.pod Replace all #define's in pod pages. 2016-07-08 12:55:45 -04:00
SSL_accept.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_alert_type_string.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_check_chain.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CIPHER_get_name.pod More doc cleanup 2016-06-21 07:03:34 -04:00
SSL_clear.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_COMP_add_compression_method.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CONF_cmd.pod More doc cleanup 2016-06-21 07:03:34 -04:00
SSL_CONF_cmd_argv.pod More doc nits 2016-06-06 10:09:39 -04:00
SSL_CONF_CTX_new.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CONF_CTX_set1_prefix.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CONF_CTX_set_flags.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CONF_CTX_set_ssl_ctx.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_connect.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_add1_chain_cert.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_add_extra_chain_cert.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_add_session.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_config.pod More doc nits 2016-06-06 10:09:39 -04:00
SSL_CTX_ctrl.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_dane_enable.pod Perform DANE-EE(3) name checks by default 2016-07-12 10:16:34 -04:00
SSL_CTX_flush_sessions.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_free.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_get0_param.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_get_verify_mode.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_has_client_custom_ext.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_load_verify_locations.pod Expand SSL_CTX_set_default_verify_paths() documentation 2016-06-10 15:47:07 +01:00
SSL_CTX_new.pod Replace all #define's in pod pages. 2016-07-08 12:55:45 -04:00
SSL_CTX_sess_number.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_sess_set_cache_size.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_sess_set_get_cb.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_sessions.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set1_curves.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set1_sigalgs.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set1_verify_cert_store.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_alpn_select_cb.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_cert_cb.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_cert_store.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_cert_verify_callback.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_cipher_list.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_client_CA_list.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_client_cert_cb.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_ct_validation_callback.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_ctlog_list_file.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_default_passwd_cb.pod Replace all #define's in pod pages. 2016-07-08 12:55:45 -04:00
SSL_CTX_set_generate_session_id.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_info_callback.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_max_cert_list.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_min_proto_version.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_mode.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_msg_callback.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_options.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_psk_client_callback.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_quiet_shutdown.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_read_ahead.pod Replace all #define's in pod pages. 2016-07-08 12:55:45 -04:00
SSL_CTX_set_security_level.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_session_cache_mode.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_session_id_context.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_split_send_fragment.pod Replace all #define's in pod pages. 2016-07-08 12:55:45 -04:00
SSL_CTX_set_ssl_version.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_timeout.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_tlsext_status_cb.pod Add documentation for the newly added SSL_get_tlsext_status_type() 2016-06-07 17:05:52 +01:00
SSL_CTX_set_tlsext_ticket_key_cb.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_set_tmp_dh_callback.pod Cleanup documentation for removed functionality 2016-06-30 15:47:00 +01:00
SSL_CTX_set_verify.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_use_certificate.pod More doc cleanup 2016-06-21 07:03:34 -04:00
SSL_CTX_use_psk_identity_hint.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_CTX_use_serverinfo.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_do_handshake.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_extension_supported.pod More doc cleanup 2016-06-21 07:03:34 -04:00
SSL_free.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get0_peer_scts.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_all_async_fds.pod include/openssl: don't include <windows.h> in public headers. 2016-07-08 11:49:44 +02:00
SSL_get_ciphers.pod More doc cleanup 2016-06-21 07:03:34 -04:00
SSL_get_client_CA_list.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_client_random.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_current_cipher.pod Replace all #define's in pod pages. 2016-07-08 12:55:45 -04:00
SSL_get_default_timeout.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_error.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_extms_support.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_fd.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_peer_cert_chain.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_peer_certificate.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_psk_identity.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_rbio.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_session.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_shared_sigalgs.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_SSL_CTX.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_verify_result.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_get_version.pod More API docs; small changes. 2016-06-09 17:03:30 -04:00
SSL_library_init.pod Replace all #define's in pod pages. 2016-07-08 12:55:45 -04:00
SSL_load_client_CA_file.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_new.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_pending.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_read.pod More doc nits 2016-06-06 10:09:39 -04:00
SSL_rstate_string.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_SESSION_free.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_SESSION_get0_hostname.pod More doc cleanup 2016-06-21 07:03:34 -04:00
SSL_SESSION_get_protocol_version.pod Remove null check, per review feedback. Note this in the docs. 2016-05-31 17:16:29 -04:00
SSL_SESSION_get_time.pod More doc cleanup 2016-06-21 07:03:34 -04:00
SSL_SESSION_has_ticket.pod More doc cleanup 2016-06-21 07:03:34 -04:00
SSL_session_reused.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_set1_host.pod Remove extra include's in synopsis. 2016-06-05 18:32:56 -04:00
SSL_set_bio.pod More doc cleanup 2016-06-21 07:03:34 -04:00
SSL_set_connect_state.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_set_fd.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_set_session.pod Update the SSL_set_session() documentation 2016-06-13 17:35:18 +01:00
SSL_set_shutdown.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_set_verify_result.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_shutdown.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_state_string.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_want.pod Doc nits cleanup, round 2 2016-05-20 20:54:00 -04:00
SSL_write.pod More doc nits 2016-06-06 10:09:39 -04:00