wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/doc/ssl
History
Viktor Dukhovni 9f6b22b814 Enabled DANE only when at least one TLSA RR was added 
It is up to the caller of SSL_dane_tlsa_add() to take appropriate
action when no records are added successfully or adding some records
triggers an internal error (negative return value).

With this change the caller can continue with PKIX if desired when
none of the TLSA records are usable, or take some appropriate action
if DANE is required.

Also fixed the internal ssl_dane_dup() function to properly initialize
the TLSA RR stack in the target SSL handle.  Errors in ssl_dane_dup()
are no longer ignored.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-22 10:41:57 -04:00
..
d2i_SSL_SESSION.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
DTLSv1_listen.pod Update DTLSv1_listen documentation 2016-02-05 20:47:36 +00:00
OPENSSL_init_ssl.pod OPENSSL_init_ssl.pod: fix minor typo 2016-02-16 22:49:23 +01:00
ssl.pod Add SSL_CTX_get_ciphers() 2016-04-11 09:59:04 -04:00
SSL_accept.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_alert_type_string.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_check_chain.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CIPHER_get_name.pod Add cipher query functions 2016-03-08 09:19:15 -05:00
SSL_clear.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_COMP_add_compression_method.pod Misc fix ups to deprecate explicit de-init documentation 2016-04-13 08:59:03 +01:00
SSL_CONF_cmd.pod Update documentation of SSL METHODs and ciphers 2016-02-23 18:14:01 -05:00
SSL_CONF_cmd_argv.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CONF_CTX_new.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CONF_CTX_set1_prefix.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CONF_CTX_set_flags.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CONF_CTX_set_ssl_ctx.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_connect.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_add1_chain_cert.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_add_extra_chain_cert.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_add_session.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_config.pod SSL configuration module docs 2015-12-22 15:14:14 +00:00
SSL_CTX_ctrl.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_dane_enable.pod Enabled DANE only when at least one TLSA RR was added 2016-04-22 10:41:57 -04:00
SSL_CTX_flush_sessions.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_free.pod Correct another batch of typos 2016-03-22 21:57:26 -04:00
SSL_CTX_get0_param.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_get_verify_mode.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_has_client_custom_ext.pod Documentation for new SSL functions 2016-03-04 10:50:11 -05:00
SSL_CTX_load_verify_locations.pod RT4354: Add some cross-refs 2016-02-27 18:58:56 -05:00
SSL_CTX_new.pod Deprecate the use of version-specific methods 2016-03-09 19:45:05 +01:00
SSL_CTX_sess_number.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_sess_set_cache_size.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_sess_set_get_cb.pod constify PACKET 2016-02-01 16:21:57 +01:00
SSL_CTX_sessions.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_set1_curves.pod Remove SSL_{CTX_}set_ecdh_auto() and always enable ECDH 2015-12-04 22:30:36 +01:00
SSL_CTX_set1_sigalgs.pod GH601: Various spelling fixes. 2016-02-05 15:25:50 -05:00
SSL_CTX_set1_verify_cert_store.pod The functions take a SSL *, not a SSL_CTX * 2015-12-23 22:30:31 +01:00
SSL_CTX_set_alpn_select_cb.pod Fix ALPN - more fixes 2016-03-20 21:09:32 -04:00
SSL_CTX_set_cert_cb.pod Turn B<...()> into ...() 2015-11-21 11:50:01 -05:00
SSL_CTX_set_cert_store.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_set_cert_verify_callback.pod Remove SSLeay history, etc., from docs 2015-10-28 17:23:51 -04:00
SSL_CTX_set_cipher_list.pod Correct another batch of typos 2016-03-22 21:57:26 -04:00
SSL_CTX_set_client_CA_list.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_set_client_cert_cb.pod Turn B<...()> into ...() 2015-11-21 11:50:01 -05:00
SSL_CTX_set_ct_validation_callback.pod Suppress CT callback as appropriate 2016-04-07 14:41:34 -04:00
SSL_CTX_set_ctlog_list_file.pod Suppress CT callback as appropriate 2016-04-07 14:41:34 -04:00
SSL_CTX_set_custom_cli_ext.pod Custom extension documentation. 2014-08-28 17:06:53 +01:00
SSL_CTX_set_default_passwd_cb.pod Provide getters for default_passwd_cb and userdata 2016-03-02 17:15:46 +00:00
SSL_CTX_set_generate_session_id.pod Remove SSLeay history, etc., from docs 2015-10-28 17:23:51 -04:00
SSL_CTX_set_info_callback.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_set_max_cert_list.pod Remove SSLeay history, etc., from docs 2015-10-28 17:23:51 -04:00
SSL_CTX_set_min_proto_version.pod Make SSL{_CTX,}_{get,set,clear}_options functions 2016-01-11 10:51:02 -05:00
SSL_CTX_set_mode.pod RT4292: Remove ===== line 2016-02-05 12:47:46 -05:00
SSL_CTX_set_msg_callback.pod Fix typo in SSL_CTX_set_msg_callback docs 2016-02-18 14:12:19 -05:00
SSL_CTX_set_options.pod Make SSL{_CTX,}_{get,set,clear}_options functions 2016-01-11 10:51:02 -05:00
SSL_CTX_set_psk_client_callback.pod Correct another batch of typos 2016-03-22 21:57:26 -04:00
SSL_CTX_set_quiet_shutdown.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_set_read_ahead.pod Correct faulty L<> links in .pods 2016-03-19 11:39:47 +01:00
SSL_CTX_set_security_level.pod Correct another batch of typos 2016-03-22 21:57:26 -04:00
SSL_CTX_set_session_cache_mode.pod Remove SSLeay history, etc., from docs 2015-10-28 17:23:51 -04:00
SSL_CTX_set_session_id_context.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_set_split_send_fragment.pod Add documentation for SSL_has_pending() 2016-03-07 21:39:28 +00:00
SSL_CTX_set_ssl_version.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_set_timeout.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_CTX_set_tlsext_status_cb.pod Add some documentation for the OCSP callback functions 2015-12-27 21:59:04 +00:00
SSL_CTX_set_tlsext_ticket_key_cb.pod Correct another batch of typos 2016-03-22 21:57:26 -04:00
SSL_CTX_set_tmp_dh_callback.pod Always generate DH keys for ephemeral DH cipher suites. 2015-12-23 22:26:31 +00:00
SSL_CTX_set_verify.pod Fix client verify mode to check SSL_VERIFY_PEER 2016-04-07 14:41:34 -04:00
SSL_CTX_use_certificate.pod RT4354: Add some cross-refs 2016-02-27 18:58:56 -05:00
SSL_CTX_use_psk_identity_hint.pod RT2518: fix pod2man errors 2014-09-08 11:18:30 -04:00
SSL_CTX_use_serverinfo.pod GH297: Fix NAME section of SSL_CTX_use_serverinfo.pod 2015-06-23 08:19:06 -04:00
SSL_do_handshake.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_free.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get0_peer_scts.pod Add doc on when to use SCT callback. 2016-03-12 13:02:34 -05:00
SSL_get_all_async_fds.pod Refactor the async wait fd logic 2016-02-29 12:58:44 +00:00
SSL_get_ciphers.pod Add SSL_CTX_get_ciphers() 2016-04-11 09:59:04 -04:00
SSL_get_client_CA_list.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_client_random.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_current_cipher.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_default_timeout.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_error.pod Tweak async documentation based on feedback 2015-11-20 23:35:19 +00:00
SSL_get_extms_support.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_fd.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_peer_cert_chain.pod Clarify resumed sessions and NULL return. 2016-02-08 02:35:51 +00:00
SSL_get_peer_certificate.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_psk_identity.pod add initial support for RFC 4279 PSK SSL ciphersuites 2006-03-10 23:06:27 +00:00
SSL_get_rbio.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_session.pod Doc fixes suggested by Claus Assmann 2016-01-27 02:02:22 -05:00
SSL_get_shared_sigalgs.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_SSL_CTX.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_verify_result.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_get_version.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_library_init.pod Rename INIT funtions, deprecate old ones. 2016-02-10 09:37:03 -05:00
SSL_load_client_CA_file.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_new.pod Add SSL_up_ref() and SSL_CTX_up_ref() 2016-01-26 13:19:10 +00:00
SSL_pending.pod Fix typo in SSL_pending docs 2016-03-07 21:42:09 +00:00
SSL_read.pod Remove some SSLv2 references 2015-10-30 09:17:22 +00:00
SSL_rstate_string.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_SESSION_free.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_SESSION_get_hostname.pod Write POD page. 2016-04-14 08:41:29 -04:00
SSL_SESSION_get_time.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_SESSION_has_ticket.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_session_reused.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_set1_host.pod DANE documentation typos 2016-01-06 14:15:12 -05:00
SSL_set_bio.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_set_connect_state.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_set_fd.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_set_session.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_set_shutdown.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_set_verify_result.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_shutdown.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_state_string.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_want.pod Fix L<> content in manpages 2015-08-21 15:11:50 -04:00
SSL_write.pod Remove some SSLv2 references 2015-10-30 09:17:22 +00:00