[CVE-2006-2940]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2940
[CVE-2006-2937]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2937
[CVE-2005-2969]: https://www.openssl.org/news/vulnerabilities.html#CVE-2005-2969
-[OpenSSL Guide]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html
+[OpenSSL Guide]: https://docs.openssl.org/master/man7/ossl-guide-introduction
[CHANGES.md]: ./CHANGES.md
[README-QUIC.md]: ./README-QUIC.md
[issue tracker]: https://github.com/openssl/openssl/issues
Documentation about using the FIPS module is available on the [fips_module(7)]
manual page.
- [fips_module(7)]: https://www.openssl.org/docs/manmaster/man7/fips_module.html
+ [fips_module(7)]: https://docs.openssl.org/master/man7/fips_module
Entropy Source
==============
Documentation about writing providers is available on the [provider(7)]
manual page.
- [provider(7)]: https://www.openssl.org/docs/manmaster/man7/provider.html
+ [provider(7)]: https://docs.openssl.org/master/man7/provider
The Default Provider
--------------------
See the [config(5)] manual page for information about how to configure
providers via the config file, and how to automatically activate them.
- [config(5)]: https://www.openssl.org/docs/manmaster/man5/config.html
+ [config(5)]: https://docs.openssl.org/master/man5/config
The following is a minimal config file example to load and activate both
the legacy and the default provider in the default library context.
For more information about implementing QUIC servers with OpenSSL, refer to the
[OpenSSL Guide] and the [openssl-quic(7) manual page].
-[openssl-quic(7) manual page]: https://www.openssl.org/docs/manmaster/man7/openssl-quic.html
-[OpenSSL Guide]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html
+[openssl-quic(7) manual page]: https://docs.openssl.org/master/man7/openssl-quic
+[OpenSSL Guide]: https://docs.openssl.org/master/man7/ossl-guide-introduction
[DDD]: https://github.com/openssl/openssl/tree/master/doc/designs/ddd
[found in the source tree under `doc/designs/ddd`]: ./doc/designs/ddd/
[demo found in `demos/http3`]: ./demos/http3/
-[QUIC Introduction]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-quic-introduction.html
+[QUIC Introduction]: https://docs.openssl.org/master/man7/ossl-guide-quic-introduction
[RFC 9114]: https://tools.ietf.org/html/rfc9114
[ALPN ids]: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
The manual pages for the master branch and all current stable releases are
available online.
-- [OpenSSL master](https://www.openssl.org/docs/manmaster)
-- [OpenSSL 3.0](https://www.openssl.org/docs/man3.0)
-- [OpenSSL 3.1](https://www.openssl.org/docs/man3.1)
-- [OpenSSL 3.2](https://www.openssl.org/docs/man3.2)
+- [OpenSSL master](https://docs.openssl.org/master/)
+- [OpenSSL 3.5](https://docs.openssl.org/3.5/)
+- [OpenSSL 3.4](https://docs.openssl.org/3.4/)
+- [OpenSSL 3.3](https://docs.openssl.org/3.3/)
+- [OpenSSL 3.2](https://docs.openssl.org/3.2/)
+- [OpenSSL 3.0](https://docs.openssl.org/3.0/)
Demos
-----
"OpenSSL Wiki"
[ossl-guide-migration(7ossl)]:
- <https://www.openssl.org/docs/manmaster/man7/ossl-guide-migration.html>
+ <https://docs.openssl.org/master/man7/ossl-guide-migration>
"OpenSSL Migration Guide"
[RFC 8446]:
"List of third party OpenSSL binaries"
[OpenSSL Guide]:
- <https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html>
+ <https://docs.openssl.org/master/man7/ossl-guide-introduction>
"An introduction to OpenSSL"
<!-- Logos and Badges -->
<!-- Links -->
-[guide]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html
-[TLS Introduction]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-tls-introduction.html
+[guide]: https://docs.openssl.org/master/man7/ossl-guide-introduction
+[TLS Introduction]: https://docs.openssl.org/master/man7/ossl-guide-tls-introduction
Useful Links:
-OpenSSL API Documentation: https://www.openssl.org/docs
+OpenSSL API Documentation: https://docs.openssl.org/master
Github: https://github.com/openssl/openssl
Specific notes on upgrading to OpenSSL $series from previous versions are
available in the OpenSSL Migration Guide, here:
- https://www.openssl.org/docs/manmaster/man7/ossl-guide-migration.html
+ https://docs.openssl.org/master/man7/ossl-guide-migration
The $label release is available for download via HTTPS and FTP from the
following master locations (you can find the various FTP mirrors under
Specific notes on upgrading to OpenSSL $series from previous versions are
available in the OpenSSL Migration Guide, here:
- https://www.openssl.org/docs/man$series/man7/ossl-guide-migration.html
+ https://docs.openssl.org/$series/man7/ossl-guide-migration.html
OpenSSL $release is available for download via HTTPS and FTP from the
following master locations (you can find the various FTP mirrors under
- Certificate authority
This file is for users who wish to get a certificate of their own.
-Certificate authorities should read https://www.openssl.org/docs/apps/ca.html.
+Certificate authorities should read https://docs.openssl.org/master/man1/openssl-ca.
In all the cases shown below, the standard configuration file, as
compiled into openssl, will be used. You may find it in /etc/,
/usr/local/ssl/ or somewhere else. By default the file is named
-openssl.cnf and is described at https://www.openssl.org/docs/apps/config.html.
+openssl.cnf and is described at https://docs.openssl.org/master/man5/config.
You can specify a different configuration file using the
'-config {file}' argument with the commands shown below.
The private keys created by these commands are not passphrase protected;
it might or might not be the desirable thing. Further information on how to
-create private keys can be found at https://www.openssl.org/docs/HOWTO/keys.txt.
+create private keys can be found at https://github.com/openssl/openssl/blob/master/doc/HOWTO/keys.txt.
The rest of this text assumes you have a private key in the file privkey.pem.
certificate for yourself. This is similar to creating a certificate
request, but creates a certificate instead of a certificate request.
This is NOT the recommended way to create a CA certificate, see
-https://www.openssl.org/docs/apps/ca.html.
+https://docs.openssl.org/master/man1/openssl-ca.
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
implementation to take advantage of parallel computing. This is very beneficial
for hardware accelerators as pipeline amortizes the latency over multiple
chunks. Our libssl makes use of pipeline as discussed in
-[here](https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_max_pipelines.html).
+[here](https://docs.openssl.org/master/man3/SSL_CTX_set_max_pipelines).
Pipelining with ENGINE
-----------------------
#### MTU Signalling
**See also:**
-[BIO_s_dgram_pair(3)](https://www.openssl.org/docs/manmaster/man3/BIO_s_dgram_pair.html)
+[BIO_s_dgram_pair(3)](https://docs.openssl.org/master/man3/BIO_s_dgram_pair)
`BIO_dgram_get_mtu` (`BIO_CTRL_DGRAM_GET_MTU`) and `BIO_dgram_set_mtu`
(`BIO_CTRL_DGRAM_SET_MTU`) already exist for `BIO_s_dgram` and are implemented
#### `BIO_sendmmsg` and `BIO_recvmmsg`
**See also:**
-[BIO_sendmmsg(3)](https://www.openssl.org/docs/manmaster/man3/BIO_sendmmsg.html)
+[BIO_sendmmsg(3)](https://docs.openssl.org/master/man3/BIO_sendmmsg)
The BIO interface features a new high-performance API for the execution of
multiple read or write operations in a single system call, on supported OSes. On
#### Truncation Mode
**See also:**
-[BIO_s_dgram_pair(3)](https://www.openssl.org/docs/manmaster/man3/BIO_s_dgram_pair.html)
+[BIO_s_dgram_pair(3)](https://docs.openssl.org/master/man3/BIO_s_dgram_pair)
The controls `BIO_dgram_set_no_trunc` (`BIO_CTRL_DGRAM_SET_NO_TRUNC`) and
`BIO_dgram_get_no_trunc` (`BIO_CTRL_DGRAM_GET_NO_TRUNC`) are introduced. This is
#### Capability Negotiation
**See also:**
-[BIO_s_dgram_pair(3)](https://www.openssl.org/docs/manmaster/man3/BIO_s_dgram_pair.html)
+[BIO_s_dgram_pair(3)](https://docs.openssl.org/master/man3/BIO_s_dgram_pair)
Where a `BIO_s_dgram_pair` is used, there is the potential for such a memory BIO
to be used by existing application code which is being adapted for use with
#### Local Address Support
**See also:**
-[BIO_s_dgram_pair(3)](https://www.openssl.org/docs/manmaster/man3/BIO_s_dgram_pair.html)
+[BIO_s_dgram_pair(3)](https://docs.openssl.org/master/man3/BIO_s_dgram_pair)
Support for local addressing (the reception of destination addresses for
incoming packets, and the specification of source addresses for outgoing
#### `BIO_s_dgram_pair`
**See also:**
-[BIO_s_dgram_pair(3)](https://www.openssl.org/docs/manmaster/man3/BIO_s_dgram_pair.html)
+[BIO_s_dgram_pair(3)](https://docs.openssl.org/master/man3/BIO_s_dgram_pair)
A new BIO implementation, `BIO_s_dgram_pair`, is provided. This is similar to
the existing BIO pair but provides datagram semantics. It provides full support
A new predicate function `BIO_err_is_non_fatal` is defined which determines if
an error code represents a non-fatal or transient error. For details, see
-[BIO_sendmmsg(3)](https://www.openssl.org/docs/manmaster/man3/BIO_sendmmsg.html).
+[BIO_sendmmsg(3)](https://docs.openssl.org/master/man3/BIO_sendmmsg).
Q & A
-----
projects / thirdparty / openssl.git / commitdiff
