trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@apache.org
Subject [trafficserver] branch master updated: Adjust capitalization of OpenSSL when not referencing openssl CLI (#8056)
Date Mon, 12 Jul 2021 19:32:46 GMT
This is an automated email from the ASF dual-hosted git repository.

rrm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new 722e517  Adjust capitalization of OpenSSL when not referencing openssl CLI (#8056)
722e517 is described below

commit 722e5171a7583ee89468eafa5e9544429532cec6
Author: Randall Meyer <rrm@apache.org>
AuthorDate: Mon Jul 12 12:32:37 2021 -0700

    Adjust capitalization of OpenSSL when not referencing openssl CLI (#8056)
---
 contrib/openssl/README.md                                    |  8 ++++----
 doc/admin-guide/files/records.config.en.rst                  |  6 +++---
 doc/admin-guide/monitoring/statistics/core/ssl.en.rst        |  2 +-
 doc/admin-guide/plugins/ssl_session_reuse.en.rst             |  2 +-
 doc/admin-guide/security/index.en.rst                        |  2 +-
 doc/developer-guide/api/functions/TSSslSession.en.rst        |  2 +-
 doc/developer-guide/api/types/TSHttpHookID.en.rst            | 10 +++++-----
 doc/developer-guide/api/types/TSSslSession.en.rst            |  4 ++--
 .../plugins/hooks-and-transactions/ssl-hooks.en.rst          | 12 ++++++------
 .../plugins/hooks-and-transactions/ssl-session-api.en.rst    |  4 ++--
 doc/getting-started/index.en.rst                             |  4 ++--
 plugins/experimental/magick/README                           |  2 +-
 12 files changed, 29 insertions(+), 29 deletions(-)

diff --git a/contrib/openssl/README.md b/contrib/openssl/README.md
index faa89c7..8286e84 100644
--- a/contrib/openssl/README.md
+++ b/contrib/openssl/README.md
@@ -1,10 +1,10 @@
-async-test.c is source for a sample openssl crypto engine.  It wraps the standard RSA operations.
+async-test.c is source for a sample OpenSSL crypto engine.  It wraps the standard RSA operations.
 For the private key operations it spawns a thread to sleep for 5 seconds and then pauses
the asynchronous job.
 
-It should be built as follows.  It must be build against openssl 1.1 or better for access
to the ASYNC_*_job apis.
+It should be built as follows.  It must be build against OpenSSL 1.1 or better for access
to the ASYNC_*_job apis.
 
-gcc -fPIC -shared -g -o async-test.so -I<path to openssl headers> -L<path to openssl
library> -lssl -lcrypto -lpthread async_engine.c
+gcc -fPIC -shared -g -o async-test.so -I<path to OpenSSL headers> -L<path to OpenSSL
library> -lssl -lcrypto -lpthread async_engine.c
 
-load_engine.cnf is an example openssl config file that can be passed to Traffic Server via
the proxy.config.ssl.engine.conf_file setting.
+load_engine.cnf is an example OpenSSL config file that can be passed to Traffic Server via
the proxy.config.ssl.engine.conf_file setting.
 It describes which crypto engines should be loaded and how they should be used.  In the case
of our async-test crypto engine it will be used for
 RSA operations
diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst
index b781583..9673197 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -3845,8 +3845,8 @@ Client-Related Configuration
 
 .. ts:cv:: CONFIG proxy.config.ssl.async.handshake.enabled INT 0
 
-   Enables the use of openssl async job during the TLS handshake.  Traffic
-   Server must be build against openssl 1.1 or greater or this to take affect.
+   Enables the use of OpenSSL async job during the TLS handshake.  Traffic
+   Server must be build against OpenSSL 1.1 or greater or this to take affect.
    Can be useful if using a crypto engine that communicates off chip.  The
    thread will be rescheduled for other work until the crypto engine operation
    completes. A test crypto engine that inserts a 5 second delay on private key
@@ -3854,7 +3854,7 @@ Client-Related Configuration
 
 .. ts:cv:: CONFIG proxy.config.ssl.engine.conf_file STRING NULL
 
-   Specify the location of the openssl config file used to load dynamic crypto
+   Specify the location of the OpenSSL config file used to load dynamic crypto
    engines. This setting assumes an absolute path.  An example config file is at
    :ts:git:`contrib/openssl/load_engine.cnf`.
 
diff --git a/doc/admin-guide/monitoring/statistics/core/ssl.en.rst b/doc/admin-guide/monitoring/statistics/core/ssl.en.rst
index 92b0e4b..3cd4622 100644
--- a/doc/admin-guide/monitoring/statistics/core/ssl.en.rst
+++ b/doc/admin-guide/monitoring/statistics/core/ssl.en.rst
@@ -83,7 +83,7 @@ SSL/TLS
 .. ts:stat:: global proxy.process.ssl.ssl_error_async integer
    :type: counter
 
-   Track the number of times openssl async jobs paused.
+   Track the number of times OpenSSL async jobs paused.
 
 .. ts:stat:: global proxy.process.ssl.ssl_session_cache_eviction integer
    :type: counter
diff --git a/doc/admin-guide/plugins/ssl_session_reuse.en.rst b/doc/admin-guide/plugins/ssl_session_reuse.en.rst
index c0e48ae..00becf5 100644
--- a/doc/admin-guide/plugins/ssl_session_reuse.en.rst
+++ b/doc/admin-guide/plugins/ssl_session_reuse.en.rst
@@ -34,7 +34,7 @@ For Session ID base resumption in uses the ATS SSL Session Cache for the
local s
 Redis to communication new sessions with its peers.  When a new session is seen by an ATS
instances it
 publishes an encrypted copy of the session state to the local Redis channel.  When a new
session is received
 on the Redis channel, the plugin stores that session state into its local ATS SSL session
cache.  Once the
-session state is in the local ATS SSL session cache it is available to the openssl library
for future TLS
+session state is in the local ATS SSL session cache it is available to the OpenSSL library
for future TLS
 handshakes.
 
 For the ticket based session resumption, the plugin implements logic to decide on a Session
Ticket Encryption Key (STEK)
diff --git a/doc/admin-guide/security/index.en.rst b/doc/admin-guide/security/index.en.rst
index 9d51c32..493a04a 100644
--- a/doc/admin-guide/security/index.en.rst
+++ b/doc/admin-guide/security/index.en.rst
@@ -284,7 +284,7 @@ Authority Information Access field of the signed certificate. For example::
 Traffic Server can also use prefetched OCSP stapling responses if ssl_ocsp_name parameter
 is used in :file:`ssl_multicert.config`. Take into account that when using prefetched
 OCSP stapling responses traffic server will not refresh them and it should be done
-externally. This can be done using openssl::
+externally. This can be done using OpenSSL::
 
     $ openssl ocsp -issuer ca.crt -cert cert.crt -host ocsp.digicert.com:80 \
     -header "Host=ocsp.digicert.com" -respout /var/cache/ocsp/cert.ocsp
diff --git a/doc/developer-guide/api/functions/TSSslSession.en.rst b/doc/developer-guide/api/functions/TSSslSession.en.rst
index 8a3aadf..b3cc8e0 100644
--- a/doc/developer-guide/api/functions/TSSslSession.en.rst
+++ b/doc/developer-guide/api/functions/TSSslSession.en.rst
@@ -44,7 +44,7 @@ These functions tend to be used with the :macro:`TS_SSL_SESSION_HOOK`.
 
 The functions work with the :type:`TSSslSessionID` object to identify sessions to retrieve,
insert, or delete.
 
-The functions also work with the :type:`TSSslSession` object which can be cast to a pointer
to the openssl SSL_SESSION object.
+The functions also work with the :type:`TSSslSession` object which can be cast to a pointer
to the OpenSSL SSL_SESSION object.
 
 These functions perform the appropriate locking on the session cache to avoid errors.
 
diff --git a/doc/developer-guide/api/types/TSHttpHookID.en.rst b/doc/developer-guide/api/types/TSHttpHookID.en.rst
index 3033d95..9b6eca3 100644
--- a/doc/developer-guide/api/types/TSHttpHookID.en.rst
+++ b/doc/developer-guide/api/types/TSHttpHookID.en.rst
@@ -99,17 +99,17 @@ Enumeration Members
 Description
 ===========
 
-Note that :macro:`TS_SSL_CERT_HOOK` and :macro:`TS_SSL_SNI_HOOK` correspond to the same openssl
+Note that :macro:`TS_SSL_CERT_HOOK` and :macro:`TS_SSL_SNI_HOOK` correspond to the same OpenSSL
 callbacks. This is done for backwards compatibility. :macro:`TS_SSL_SNI_HOOK` is expected
 to be deprecated and removed, plugins using this should change to :macro:`TS_SSL_CERT_HOOK`
or
 :macro:`TS_SSL_SERVERNAME_HOOK` as appropriate.
 
-.. warning:: openssl 1.0.2 and later versions
+.. warning:: OpenSSL 1.0.2 and later versions
 
-   :macro:`TS_SSL_SERVERNAME_HOOK` is invoked for the openssl servername callback.
-   :macro:`TS_SSL_SNI_HOOK` and :macro:`TS_SSL_CERT_HOOK` are invoked for the openssl certificate
+   :macro:`TS_SSL_SERVERNAME_HOOK` is invoked for the OpenSSL servername callback.
+   :macro:`TS_SSL_SNI_HOOK` and :macro:`TS_SSL_CERT_HOOK` are invoked for the OpenSSL certificate
    callback which is not guaranteed to be invoked for a TLS transaction.
 
-   This is a behavior change dependent on the version of openssl. To avoid problems use
+   This is a behavior change dependent on the version of OpenSSL. To avoid problems use
    :macro:`TS_SSL_SERVERNAME_HOOK` to get called back for all TLS transaction and
    :macro:`TS_SSL_CERT_HOOK` to get called back only to select a certificate.
diff --git a/doc/developer-guide/api/types/TSSslSession.en.rst b/doc/developer-guide/api/types/TSSslSession.en.rst
index 74e6e0a..4f50ead 100644
--- a/doc/developer-guide/api/types/TSSslSession.en.rst
+++ b/doc/developer-guide/api/types/TSSslSession.en.rst
@@ -40,10 +40,10 @@ Description
 ===========
 
 :type:`TSSslSessionID` represents the SSL session ID as a buffer and length.  The ``TS_SSL_MAX_SSL_SESSION_ID_LENGTH``
is the same value
-as the openssl constant ``SSL_MAX_SSL_SESSION_ID_LENGTH``. The plugin has direct access to
this object since creating and
+as the OpenSSL constant ``SSL_MAX_SSL_SESSION_ID_LENGTH``. The plugin has direct access to
this object since creating and
 manipulating session IDs seems like a fairly common operation (rather than providing an API
to access the data via an
 opaque TS object type).
 
 
-:type:`TSSslSession` references the SSL session object.  It can be cast to the openssl type
``SSL_SESSION``.
+:type:`TSSslSession` references the SSL session object.  It can be cast to the OpenSSL type
``SSL_SESSION``.
 
diff --git a/doc/developer-guide/plugins/hooks-and-transactions/ssl-hooks.en.rst b/doc/developer-guide/plugins/hooks-and-transactions/ssl-hooks.en.rst
index cf9dd41..6932ea9 100644
--- a/doc/developer-guide/plugins/hooks-and-transactions/ssl-hooks.en.rst
+++ b/doc/developer-guide/plugins/hooks-and-transactions/ssl-hooks.en.rst
@@ -82,11 +82,11 @@ always be called after TS_VCONN_START_HOOK.
 
 The Traffic Server core first evaluates the settings in the ssl_multicert.config file based
on the
 server name. Then the core SNI callback executes the plugin registered SNI callback code.
The plugin
-callback can access the servername by calling the openssl function SSL_get_servername().
+callback can access the servername by calling the OpenSSL function SSL_get_servername().
 
 Processing will continue regardless of whether the hook callback executes
-:c:func:`TSVConnReenable()` since the openssl implementation does not allow for pausing processing
-during the openssl servername callback.
+:c:func:`TSVConnReenable()` since the OpenSSL implementation does not allow for pausing processing
+during the OpenSSL servername callback.
 
 TS_SSL_CERT_HOOK
 ----------------
@@ -95,7 +95,7 @@ This hook is called as the server certificate is selected for the TLS handshake.
 can execute code to create or select the certificate that should be used for the TLS handshake.
 This will override the default Traffic Server certificate selection.
 
-If you are running with openssl 1.0.2 or later, you can control whether the TLS handshake
processing
+If you are running with OpenSSL 1.0.2 or later, you can control whether the TLS handshake
processing
 will continue after the certificate hook callback execute by calling :c:func:`TSVConnReenable()`
or
 not.  The TLS handshake processing will not proceed until :c:func:`TSVConnReenable()` is
called.
 
@@ -111,7 +111,7 @@ object using the :c:func:`TSVConnSslVerifyCTXGet()` method and fetch the
peer's
 any additional checks.
 
 Processing will continue regardless of whether the hook callback executes
-:c:func:`TSVConnReenable()` since the openssl implementation does not allow for pausing processing
+:c:func:`TSVConnReenable()` since the OpenSSL implementation does not allow for pausing processing
 during the certificate verify callback.  The plugin can use the :c:func:`TSVConnReenableEx()`
 function to pass in the TS_EVENT_ERROR and stop the TLS handshake.
 
@@ -124,7 +124,7 @@ the :c:func:`TSVConnSslVerifyCTXGet()` method and fetch the peer's certificates
 additional checks.
 
 Processing will continue regardless of whether the hook callback executes
-:c:func:`TSVConnReenable()` since the openssl implementation does not allow for pausing processing
+:c:func:`TSVConnReenable()` since the OpenSSL implementation does not allow for pausing processing
 during the certificate verify callback.  The plugin can use the :c:func:`TSVConnReenableEx()`
 function to pass in the TS_EVENT_ERROR and
 
diff --git a/doc/developer-guide/plugins/hooks-and-transactions/ssl-session-api.en.rst b/doc/developer-guide/plugins/hooks-and-transactions/ssl-session-api.en.rst
index 4da99fa..3210a57 100644
--- a/doc/developer-guide/plugins/hooks-and-transactions/ssl-session-api.en.rst
+++ b/doc/developer-guide/plugins/hooks-and-transactions/ssl-session-api.en.rst
@@ -30,7 +30,7 @@ to enable the plugin to update the session cache based on outside information,
e
 .. macro:: TS_SSL_SESSION_HOOK
 
 This hook is invoked when a change has been made to the ATS session cache or a session has
been accessed
-from ATS via openssl.  These hooks are only activated if the ATS implementation of the session
cache is in
+from ATS via OpenSSL.  These hooks are only activated if the ATS implementation of the session
cache is in
 use.  This means :ts:cv:`proxy.config.ssl.session_cache` has been set to 2.
 
 The hook callback has the following signature
@@ -39,7 +39,7 @@ The hook callback has the following signature
 
 The edata parameter is a pointer to a :type:`TSSslSessionID`.
 
-This callback in synchronous since the underlying openssl callback is unable to pause processing.
+This callback in synchronous since the underlying OpenSSL callback is unable to pause processing.
 
 The following events can be sent to this callback
 
diff --git a/doc/getting-started/index.en.rst b/doc/getting-started/index.en.rst
index 036bab1..093d823 100644
--- a/doc/getting-started/index.en.rst
+++ b/doc/getting-started/index.en.rst
@@ -151,9 +151,9 @@ libraries on the machine used to build |TS|:
 
 - pkgconfig
 - libtool
-- gcc (>= 4.3 or clang > 3.0)
+- C++ compiler (gcc >= 4.3 or clang > 3.0)
 - GNU make
-- openssl
+- OpenSSL or BoringSSL
 - pcre
 - libcap
 - flex (for TPROXY)
diff --git a/plugins/experimental/magick/README b/plugins/experimental/magick/README
index cac536b..6b8c1ac 100644
--- a/plugins/experimental/magick/README
+++ b/plugins/experimental/magick/README
@@ -12,7 +12,7 @@ The input for the plug-in's request is the query parameter "magick" which
contai
 
 To avoid being exploited, the plug-in accepts one configuration argument specified on `plugin.config`;
a OpenSSL's RSA256 public key file used to verify if the raw content of the "magick" parameter
is valid and authorized. When it is configured, an additional query parameter "magickSig"
is required on each request.
 
-The size of the keys directly impact how easy to compute (and break) the signature as well
as the length of it. Generate a private & public pair of RSA256 keys using the following
openssl commands:
+The size of the keys directly impact how easy to compute (and break) the signature as well
as the length of it. Generate a private & public pair of RSA256 keys using the following
OpenSSL commands:
 
 ```
 # private key

Mime
View raw message