1 files changed, 45 insertions, 33 deletions

diff --git a/secure/lib/libcrypto/man/SSL_CTX_set_mode.3 b/secure/lib/libcrypto/man/SSL_CTX_set_mode.3
index 72263e57e0a66..b1be601175686 100644
--- a/secure/lib/libcrypto/man/SSL_CTX_set_mode.3
+++ b/secure/lib/libcrypto/man/SSL_CTX_set_mode.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
+.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35)
 .\"
 .\" Standard preamble:
 .\" ========================================================================
@@ -54,16 +54,20 @@
 .\" Avoid warning from groff about undefined register 'F'.
 .de IX
 ..
-.if !\nF .nr F 0
-.if \nF>0 \{\
-.    de IX
-.    tm Index:\\$1\t\\n%\t"\\$2"
+.nr rF 0
+.if \n(.g .if rF .nr rF 1
+.if (\n(rF:(\n(.g==0)) \{\
+.    if \nF \{\
+.        de IX
+.        tm Index:\\$1\t\\n%\t"\\$2"
 ..
-.    if !\nF==2 \{\
-.        nr % 0
-.        nr F 2
+.        if !\nF==2 \{\
+.            nr % 0
+.            nr F 2
+.        \}
 .    \}
 .\}
+.rr rF
 .\"
 .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
 .\" Fear.  Run.  Save yourself.  No user-serviceable parts.
@@ -129,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "SSL_CTX_SET_MODE 3"
-.TH SSL_CTX_SET_MODE 3 "2018-11-20" "1.1.1a" "OpenSSL"
+.TH SSL_CTX_SET_MODE 3 "2019-02-26" "1.1.1b" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -151,17 +155,17 @@ SSL_CTX_set_mode, SSL_CTX_clear_mode, SSL_set_mode, SSL_clear_mode, SSL_CTX_get_
 .Ve
 .SH "DESCRIPTION"
 .IX Header "DESCRIPTION"
-\&\fISSL_CTX_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBctx\fR.
+\&\fBSSL_CTX_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBctx\fR.
 Options already set before are not cleared.
-\&\fISSL_CTX_clear_mode()\fR removes the mode set via bitmask in \fBmode\fR from \fBctx\fR.
+\&\fBSSL_CTX_clear_mode()\fR removes the mode set via bitmask in \fBmode\fR from \fBctx\fR.
 .PP
-\&\fISSL_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBssl\fR.
+\&\fBSSL_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBssl\fR.
 Options already set before are not cleared.
-\&\fISSL_clear_mode()\fR removes the mode set via bitmask in \fBmode\fR from \fBssl\fR.
+\&\fBSSL_clear_mode()\fR removes the mode set via bitmask in \fBmode\fR from \fBssl\fR.
 .PP
-\&\fISSL_CTX_get_mode()\fR returns the mode set for \fBctx\fR.
+\&\fBSSL_CTX_get_mode()\fR returns the mode set for \fBctx\fR.
 .PP
-\&\fISSL_get_mode()\fR returns the mode set for \fBssl\fR.
+\&\fBSSL_get_mode()\fR returns the mode set for \fBssl\fR.
 .SH "NOTES"
 .IX Header "NOTES"
 The following mode changes are available:
@@ -169,23 +173,23 @@ The following mode changes are available:
 .IX Item "SSL_MODE_ENABLE_PARTIAL_WRITE"
 Allow SSL_write_ex(..., n, &r) to return with 0 < r < n (i.e. report success
 when just a single record has been written). This works in a similar way for
-\&\fISSL_write()\fR. When not set (the default), \fISSL_write_ex()\fR or \fISSL_write()\fR will only
-report success once the complete chunk was written. Once \fISSL_write_ex()\fR or
-\&\fISSL_write()\fR returns successful, \fBr\fR bytes have been written and the next call
-to \fISSL_write_ex()\fR or \fISSL_write()\fR must only send the n\-r bytes left, imitating
-the behaviour of \fIwrite()\fR.
+\&\fBSSL_write()\fR. When not set (the default), \fBSSL_write_ex()\fR or \fBSSL_write()\fR will only
+report success once the complete chunk was written. Once \fBSSL_write_ex()\fR or
+\&\fBSSL_write()\fR returns successful, \fBr\fR bytes have been written and the next call
+to \fBSSL_write_ex()\fR or \fBSSL_write()\fR must only send the n\-r bytes left, imitating
+the behaviour of \fBwrite()\fR.
 .IP "\s-1SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER\s0" 4
 .IX Item "SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER"
-Make it possible to retry \fISSL_write_ex()\fR or \fISSL_write()\fR with changed buffer
+Make it possible to retry \fBSSL_write_ex()\fR or \fBSSL_write()\fR with changed buffer
 location (the buffer contents must stay the same). This is not the default to
-avoid the misconception that non-blocking \fISSL_write()\fR behaves like
-non-blocking \fIwrite()\fR.
+avoid the misconception that non-blocking \fBSSL_write()\fR behaves like
+non-blocking \fBwrite()\fR.
 .IP "\s-1SSL_MODE_AUTO_RETRY\s0" 4
 .IX Item "SSL_MODE_AUTO_RETRY"
 During normal operations, non-application data records might need to be sent or
 received that the application is not aware of.
 If a non-application data record was processed,
-\&\fISSL_read_ex\fR\|(3) and \fISSL_read\fR\|(3) can return with a failure and indicate the
+\&\fBSSL_read_ex\fR\|(3) and \fBSSL_read\fR\|(3) can return with a failure and indicate the
 need to retry with \fB\s-1SSL_ERROR_WANT_READ\s0\fR.
 If such a non-application data record was processed, the flag
 \&\fB\s-1SSL_MODE_AUTO_RETRY\s0\fR causes it to try to process the next record instead of
@@ -204,8 +208,8 @@ to only return after successfully processing an application data record or a
 failure.
 .Sp
 Turning off \fB\s-1SSL_MODE_AUTO_RETRY\s0\fR can be useful with blocking \fB\s-1BIO\s0\fRs in case
-they are used in combination with something like \fIselect()\fR or \fIpoll()\fR.
-Otherwise the call to \fISSL_read()\fR or \fISSL_read_ex()\fR might hang when a
+they are used in combination with something like \fBselect()\fR or \fBpoll()\fR.
+Otherwise the call to \fBSSL_read()\fR or \fBSSL_read_ex()\fR might hang when a
 non-application record was sent and no application data was sent.
 .IP "\s-1SSL_MODE_RELEASE_BUFFERS\s0" 4
 .IX Item "SSL_MODE_RELEASE_BUFFERS"
@@ -227,26 +231,34 @@ in draft\-ietf\-tls\-downgrade\-scsv\-00.
 .IX Item "SSL_MODE_ASYNC"
 Enable asynchronous processing. \s-1TLS I/O\s0 operations may indicate a retry with
 \&\s-1SSL_ERROR_WANT_ASYNC\s0 with this mode set if an asynchronous capable engine is
-used to perform cryptographic operations. See \fISSL_get_error\fR\|(3).
+used to perform cryptographic operations. See \fBSSL_get_error\fR\|(3).
+.IP "\s-1SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG\s0" 4
+.IX Item "SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG"
+Older versions of OpenSSL had a bug in the computation of the label length
+used for computing the endpoint-pair shared secret. The bug was that the
+terminating zero was included in the length of the label. Setting this option
+enables this behaviour to allow interoperability with such broken
+implementations. Please note that setting this option breaks interoperability
+with correct implementations. This option only applies to \s-1DTLS\s0 over \s-1SCTP.\s0
 .PP
 All modes are off by default except for \s-1SSL_MODE_AUTO_RETRY\s0 which is on by
 default since 1.1.1.
 .SH "RETURN VALUES"
 .IX Header "RETURN VALUES"
-\&\fISSL_CTX_set_mode()\fR and \fISSL_set_mode()\fR return the new mode bitmask
+\&\fBSSL_CTX_set_mode()\fR and \fBSSL_set_mode()\fR return the new mode bitmask
 after adding \fBmode\fR.
 .PP
-\&\fISSL_CTX_get_mode()\fR and \fISSL_get_mode()\fR return the current bitmask.
+\&\fBSSL_CTX_get_mode()\fR and \fBSSL_get_mode()\fR return the current bitmask.
 .SH "SEE ALSO"
 .IX Header "SEE ALSO"
-\&\fIssl\fR\|(7), \fISSL_read_ex\fR\|(3), \fISSL_read\fR\|(3), \fISSL_write_ex\fR\|(3) or
-\&\fISSL_write\fR\|(3), \fISSL_get_error\fR\|(3)
+\&\fBssl\fR\|(7), \fBSSL_read_ex\fR\|(3), \fBSSL_read\fR\|(3), \fBSSL_write_ex\fR\|(3) or
+\&\fBSSL_write\fR\|(3), \fBSSL_get_error\fR\|(3)
 .SH "HISTORY"
 .IX Header "HISTORY"
-\&\s-1SSL_MODE_ASYNC\s0 was first added to OpenSSL 1.1.0.
+\&\s-1SSL_MODE_ASYNC\s0 was added in OpenSSL 1.1.0.
 .SH "COPYRIGHT"
 .IX Header "COPYRIGHT"
-Copyright 2001\-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001\-2019 The OpenSSL Project Authors. All Rights Reserved.
 .PP
 Licensed under the OpenSSL license (the \*(L"License\*(R").  You may not use
 this file except in compliance with the License.  You can obtain a copy