diff options
Diffstat (limited to 'secure/lib/libssl')
81 files changed, 0 insertions, 17443 deletions
diff --git a/secure/lib/libssl/Makefile b/secure/lib/libssl/Makefile deleted file mode 100644 index 8c039cad45d9..000000000000 --- a/secure/lib/libssl/Makefile +++ /dev/null @@ -1,26 +0,0 @@ -# $FreeBSD$ - -LIB= ssl -SHLIB_MAJOR= 3 - -NOLINT= true - -.if exists(Makefile.man) -.include "Makefile.man" -.endif -.include "../libcrypto/Makefile.inc" - -SRCS= bio_ssl.c s23_clnt.c s23_lib.c s23_meth.c s23_pkt.c s23_srvr.c \ - s2_clnt.c s2_enc.c s2_lib.c s2_meth.c s2_pkt.c s2_srvr.c \ - s3_both.c s3_clnt.c s3_enc.c s3_lib.c s3_meth.c s3_pkt.c \ - s3_srvr.c ssl_algs.c ssl_asn1.c ssl_cert.c ssl_ciph.c \ - ssl_err.c ssl_err2.c ssl_lib.c ssl_rsa.c ssl_sess.c ssl_stat.c \ - ssl_txt.c t1_clnt.c t1_enc.c t1_lib.c t1_meth.c t1_srvr.c - -INCS= kssl.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h -INCSDIR=${INCLUDEDIR}/openssl - -.include <bsd.lib.mk> - -.PATH: ${LCRYPTO_SRC}/ssl \ - ${.CURDIR}/man diff --git a/secure/lib/libssl/Makefile.man b/secure/lib/libssl/Makefile.man deleted file mode 100644 index 402bdb7a8770..000000000000 --- a/secure/lib/libssl/Makefile.man +++ /dev/null @@ -1,206 +0,0 @@ -# $FreeBSD$ -# DO NOT EDIT: generated from man-makefile-update target -MAN+= SSL_CIPHER_get_name.3 -MAN+= SSL_COMP_add_compression_method.3 -MAN+= SSL_CTX_add_extra_chain_cert.3 -MAN+= SSL_CTX_add_session.3 -MAN+= SSL_CTX_ctrl.3 -MAN+= SSL_CTX_flush_sessions.3 -MAN+= SSL_CTX_free.3 -MAN+= SSL_CTX_get_ex_new_index.3 -MAN+= SSL_CTX_get_verify_mode.3 -MAN+= SSL_CTX_load_verify_locations.3 -MAN+= SSL_CTX_new.3 -MAN+= SSL_CTX_sess_number.3 -MAN+= SSL_CTX_sess_set_cache_size.3 -MAN+= SSL_CTX_sess_set_get_cb.3 -MAN+= SSL_CTX_sessions.3 -MAN+= SSL_CTX_set_cert_store.3 -MAN+= SSL_CTX_set_cert_verify_callback.3 -MAN+= SSL_CTX_set_cipher_list.3 -MAN+= SSL_CTX_set_client_CA_list.3 -MAN+= SSL_CTX_set_client_cert_cb.3 -MAN+= SSL_CTX_set_default_passwd_cb.3 -MAN+= SSL_CTX_set_generate_session_id.3 -MAN+= SSL_CTX_set_info_callback.3 -MAN+= SSL_CTX_set_max_cert_list.3 -MAN+= SSL_CTX_set_mode.3 -MAN+= SSL_CTX_set_msg_callback.3 -MAN+= SSL_CTX_set_options.3 -MAN+= SSL_CTX_set_quiet_shutdown.3 -MAN+= SSL_CTX_set_session_cache_mode.3 -MAN+= SSL_CTX_set_session_id_context.3 -MAN+= SSL_CTX_set_ssl_version.3 -MAN+= SSL_CTX_set_timeout.3 -MAN+= SSL_CTX_set_tmp_dh_callback.3 -MAN+= SSL_CTX_set_tmp_rsa_callback.3 -MAN+= SSL_CTX_set_verify.3 -MAN+= SSL_CTX_use_certificate.3 -MAN+= SSL_SESSION_free.3 -MAN+= SSL_SESSION_get_ex_new_index.3 -MAN+= SSL_SESSION_get_time.3 -MAN+= SSL_accept.3 -MAN+= SSL_alert_type_string.3 -MAN+= SSL_clear.3 -MAN+= SSL_connect.3 -MAN+= SSL_do_handshake.3 -MAN+= SSL_free.3 -MAN+= SSL_get_SSL_CTX.3 -MAN+= SSL_get_ciphers.3 -MAN+= SSL_get_client_CA_list.3 -MAN+= SSL_get_current_cipher.3 -MAN+= SSL_get_default_timeout.3 -MAN+= SSL_get_error.3 -MAN+= SSL_get_ex_data_X509_STORE_CTX_idx.3 -MAN+= SSL_get_ex_new_index.3 -MAN+= SSL_get_fd.3 -MAN+= SSL_get_peer_cert_chain.3 -MAN+= SSL_get_peer_certificate.3 -MAN+= SSL_get_rbio.3 -MAN+= SSL_get_session.3 -MAN+= SSL_get_verify_result.3 -MAN+= SSL_get_version.3 -MAN+= SSL_library_init.3 -MAN+= SSL_load_client_CA_file.3 -MAN+= SSL_new.3 -MAN+= SSL_pending.3 -MAN+= SSL_read.3 -MAN+= SSL_rstate_string.3 -MAN+= SSL_session_reused.3 -MAN+= SSL_set_bio.3 -MAN+= SSL_set_connect_state.3 -MAN+= SSL_set_fd.3 -MAN+= SSL_set_session.3 -MAN+= SSL_set_shutdown.3 -MAN+= SSL_set_verify_result.3 -MAN+= SSL_shutdown.3 -MAN+= SSL_state_string.3 -MAN+= SSL_want.3 -MAN+= SSL_write.3 -MAN+= d2i_SSL_SESSION.3 -MAN+= ssl.3 -MLINKS+= SSL_CIPHER_get_name.3 SSL_CIPHER_get_bits.3 -MLINKS+= SSL_CIPHER_get_name.3 SSL_CIPHER_get_version.3 -MLINKS+= SSL_CIPHER_get_name.3 SSL_CIPHER_description.3 -MLINKS+= SSL_CTX_add_session.3 SSL_add_session.3 -MLINKS+= SSL_CTX_add_session.3 SSL_CTX_remove_session.3 -MLINKS+= SSL_CTX_add_session.3 SSL_remove_session.3 -MLINKS+= SSL_CTX_ctrl.3 SSL_CTX_callback_ctrl.3 -MLINKS+= SSL_CTX_ctrl.3 SSL_ctrl.3 -MLINKS+= SSL_CTX_ctrl.3 SSL_callback_ctrl.3 -MLINKS+= SSL_CTX_flush_sessions.3 SSL_flush_sessions.3 -MLINKS+= SSL_CTX_get_ex_new_index.3 SSL_CTX_set_ex_data.3 -MLINKS+= SSL_CTX_get_ex_new_index.3 SSL_CTX_get_ex_data.3 -MLINKS+= SSL_CTX_get_verify_mode.3 SSL_get_verify_mode.3 -MLINKS+= SSL_CTX_get_verify_mode.3 SSL_CTX_get_verify_depth.3 -MLINKS+= SSL_CTX_get_verify_mode.3 SSL_get_verify_depth.3 -MLINKS+= SSL_CTX_get_verify_mode.3 SSL_get_verify_callback.3 -MLINKS+= SSL_CTX_get_verify_mode.3 SSL_CTX_get_verify_callback.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_connect.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_connect_good.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_connect_renegotiate.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_accept.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_accept_good.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_accept_renegotiate.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_hits.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_cb_hits.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_misses.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_timeouts.3 -MLINKS+= SSL_CTX_sess_number.3 SSL_CTX_sess_cache_full.3 -MLINKS+= SSL_CTX_sess_set_cache_size.3 SSL_CTX_sess_get_cache_size.3 -MLINKS+= SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_set_new_cb.3 -MLINKS+= SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_set_remove_cb.3 -MLINKS+= SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_get_new_cb.3 -MLINKS+= SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_get_remove_cb.3 -MLINKS+= SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_get_get_cb.3 -MLINKS+= SSL_CTX_set_cert_store.3 SSL_CTX_get_cert_store.3 -MLINKS+= SSL_CTX_set_cipher_list.3 SSL_set_cipher_list.3 -MLINKS+= SSL_CTX_set_client_CA_list.3 SSL_set_client_CA_list.3 -MLINKS+= SSL_CTX_set_client_CA_list.3 SSL_CTX_add_client_CA.3 -MLINKS+= SSL_CTX_set_client_CA_list.3 SSL_add_client_CA.3 -MLINKS+= SSL_CTX_set_client_cert_cb.3 SSL_CTX_get_client_cert_cb.3 -MLINKS+= SSL_CTX_set_default_passwd_cb.3 SSL_CTX_set_default_passwd_cb_userdata.3 -MLINKS+= SSL_CTX_set_generate_session_id.3 SSL_set_generate_session_id.3 -MLINKS+= SSL_CTX_set_generate_session_id.3 SSL_has_matching_session_id.3 -MLINKS+= SSL_CTX_set_info_callback.3 SSL_CTX_get_info_callback.3 -MLINKS+= SSL_CTX_set_info_callback.3 SSL_set_info_callback.3 -MLINKS+= SSL_CTX_set_info_callback.3 SSL_get_info_callback.3 -MLINKS+= SSL_CTX_set_max_cert_list.3 SSL_CTX_get_max_cert_list.3 -MLINKS+= SSL_CTX_set_max_cert_list.3 SSL_set_max_cert_list.3 -MLINKS+= SSL_CTX_set_max_cert_list.3 SSL_get_max_cert_list.3 -MLINKS+= SSL_CTX_set_mode.3 SSL_set_mode.3 -MLINKS+= SSL_CTX_set_mode.3 SSL_CTX_get_mode.3 -MLINKS+= SSL_CTX_set_mode.3 SSL_get_mode.3 -MLINKS+= SSL_CTX_set_msg_callback.3 SSL_CTX_set_msg_callback_arg.3 -MLINKS+= SSL_CTX_set_msg_callback.3 SSL_set_msg_callback.3 -MLINKS+= SSL_CTX_set_msg_callback.3 SSL_get_msg_callback_arg.3 -MLINKS+= SSL_CTX_set_options.3 SSL_set_options.3 -MLINKS+= SSL_CTX_set_options.3 SSL_CTX_get_options.3 -MLINKS+= SSL_CTX_set_options.3 SSL_get_options.3 -MLINKS+= SSL_CTX_set_quiet_shutdown.3 SSL_CTX_get_quiet_shutdown.3 -MLINKS+= SSL_CTX_set_quiet_shutdown.3 SSL_set_quiet_shutdown.3 -MLINKS+= SSL_CTX_set_quiet_shutdown.3 SSL_get_quiet_shutdown.3 -MLINKS+= SSL_CTX_set_session_cache_mode.3 SSL_CTX_get_session_cache_mode.3 -MLINKS+= SSL_CTX_set_session_id_context.3 SSL_set_session_id_context.3 -MLINKS+= SSL_CTX_set_ssl_version.3 SSL_set_ssl_method.3 -MLINKS+= SSL_CTX_set_ssl_version.3 SSL_get_ssl_method.3 -MLINKS+= SSL_CTX_set_timeout.3 SSL_CTX_get_timeout.3 -MLINKS+= SSL_CTX_set_tmp_dh_callback.3 SSL_CTX_set_tmp_dh.3 -MLINKS+= SSL_CTX_set_tmp_dh_callback.3 SSL_set_tmp_dh_callback.3 -MLINKS+= SSL_CTX_set_tmp_dh_callback.3 SSL_set_tmp_dh.3 -MLINKS+= SSL_CTX_set_tmp_rsa_callback.3 SSL_CTX_set_tmp_rsa.3 -MLINKS+= SSL_CTX_set_tmp_rsa_callback.3 SSL_CTX_need_tmp_rsa.3 -MLINKS+= SSL_CTX_set_tmp_rsa_callback.3 SSL_set_tmp_rsa_callback.3 -MLINKS+= SSL_CTX_set_tmp_rsa_callback.3 SSL_set_tmp_rsa.3 -MLINKS+= SSL_CTX_set_tmp_rsa_callback.3 SSL_need_tmp_rsa.3 -MLINKS+= SSL_CTX_set_verify.3 SSL_set_verify.3 -MLINKS+= SSL_CTX_set_verify.3 SSL_CTX_set_verify_depth.3 -MLINKS+= SSL_CTX_set_verify.3 SSL_set_verify_depth.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_use_certificate_ASN1.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_use_certificate_file.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_use_certificate.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_use_certificate_ASN1.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_use_certificate_file.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_use_certificate_chain_file.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_use_PrivateKey.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_use_PrivateKey_ASN1.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_use_PrivateKey_file.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_use_RSAPrivateKey.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_use_RSAPrivateKey_ASN1.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_use_RSAPrivateKey_file.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_use_PrivateKey_file.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_use_PrivateKey_ASN1.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_use_PrivateKey.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_use_RSAPrivateKey.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_use_RSAPrivateKey_ASN1.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_use_RSAPrivateKey_file.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_CTX_check_private_key.3 -MLINKS+= SSL_CTX_use_certificate.3 SSL_check_private_key.3 -MLINKS+= SSL_SESSION_get_ex_new_index.3 SSL_SESSION_set_ex_data.3 -MLINKS+= SSL_SESSION_get_ex_new_index.3 SSL_SESSION_get_ex_data.3 -MLINKS+= SSL_SESSION_get_time.3 SSL_SESSION_set_time.3 -MLINKS+= SSL_SESSION_get_time.3 SSL_SESSION_get_timeout.3 -MLINKS+= SSL_SESSION_get_time.3 SSL_SESSION_get_timeout.3 -MLINKS+= SSL_alert_type_string.3 SSL_alert_type_string_long.3 -MLINKS+= SSL_alert_type_string.3 SSL_alert_desc_string.3 -MLINKS+= SSL_alert_type_string.3 SSL_alert_desc_string_long.3 -MLINKS+= SSL_get_ciphers.3 SSL_get_cipher_list.3 -MLINKS+= SSL_get_client_CA_list.3 SSL_CTX_get_client_CA_list.3 -MLINKS+= SSL_get_current_cipher.3 SSL_get_cipher.3 -MLINKS+= SSL_get_current_cipher.3 SSL_get_cipher_name.3 -MLINKS+= SSL_get_current_cipher.3 SSL_get_cipher_bits.3 -MLINKS+= SSL_get_current_cipher.3 SSL_get_cipher_version.3 -MLINKS+= SSL_get_ex_new_index.3 SSL_set_ex_data.3 -MLINKS+= SSL_get_ex_new_index.3 SSL_get_ex_data.3 -MLINKS+= SSL_library_init.3 OpenSSL_add_ssl_algorithms.3 -MLINKS+= SSL_library_init.3 SSLeay_add_ssl_algorithms.3 -MLINKS+= SSL_rstate_string.3 SSL_rstate_string_long.3 -MLINKS+= SSL_set_connect_state.3 SSL_get_accept_state.3 -MLINKS+= SSL_set_shutdown.3 SSL_get_shutdown.3 -MLINKS+= SSL_state_string.3 SSL_state_string_long.3 -MLINKS+= SSL_want.3 SSL_want_nothing.3 -MLINKS+= SSL_want.3 SSL_want_read.3 -MLINKS+= SSL_want.3 SSL_want_write.3 -MLINKS+= SSL_want.3 SSL_want_x509_lookup.3 -MLINKS+= d2i_SSL_SESSION.3 i2d_SSL_SESSION.3 -MLINKS+= ssl.3 SSL.3 diff --git a/secure/lib/libssl/man/SSL_CIPHER_get_name.3 b/secure/lib/libssl/man/SSL_CIPHER_get_name.3 deleted file mode 100644 index e10566cb8420..000000000000 --- a/secure/lib/libssl/man/SSL_CIPHER_get_name.3 +++ /dev/null @@ -1,236 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:37 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CIPHER_get_name 3" -.TH SSL_CIPHER_get_name 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description \- get \s-1SSL_CIPHER\s0 properties -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 4 -\& const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher); -\& int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits); -\& char *SSL_CIPHER_get_version(SSL_CIPHER *cipher); -\& char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int size); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CIPHER_get_name()\fR returns a pointer to the name of \fBcipher\fR. If the -argument is the \s-1NULL\s0 pointer, a pointer to the constant value \*(L"\s-1NONE\s0\*(R" is -returned. -.PP -\&\fISSL_CIPHER_get_bits()\fR returns the number of secret bits used for \fBcipher\fR. If -\&\fBalg_bits\fR is not \s-1NULL\s0, it contains the number of bits processed by the -chosen algorithm. If \fBcipher\fR is \s-1NULL\s0, 0 is returned. -.PP -\&\fISSL_CIPHER_get_version()\fR returns the protocol version for \fBcipher\fR, currently -\&\*(L"SSLv2\*(R", \*(L"SSLv3\*(R", or \*(L"TLSv1\*(R". If \fBcipher\fR is \s-1NULL\s0, \*(L"(\s-1NONE\s0)\*(R" is returned. -.PP -\&\fISSL_CIPHER_description()\fR returns a textual description of the cipher used -into the buffer \fBbuf\fR of length \fBlen\fR provided. \fBlen\fR must be at least -128 bytes, otherwise a pointer to the the string \*(L"Buffer too small\*(R" is -returned. If \fBbuf\fR is \s-1NULL\s0, a buffer of 128 bytes is allocated using -\&\fIOPENSSL_malloc()\fR. If the allocation fails, a pointer to the string -\&\*(L"OPENSSL_malloc Error\*(R" is returned. -.SH "NOTES" -.IX Header "NOTES" -The number of bits processed can be different from the secret bits. An -export cipher like e.g. \s-1EXP-RC4\-MD5\s0 has only 40 secret bits. The algorithm -does use the full 128 bits (which would be returned for \fBalg_bits\fR), of -which however 88bits are fixed. The search space is hence only 40 bits. -.PP -The string returned by \fISSL_CIPHER_description()\fR in case of success consists -of cleartext information separated by one or more blanks in the following -sequence: -.Ip "<ciphername>" 4 -.IX Item "<ciphername>" -Textual representation of the cipher name. -.Ip "<protocol version>" 4 -.IX Item "<protocol version>" -Protocol version: \fBSSLv2\fR, \fBSSLv3\fR. The TLSv1 ciphers are flagged with SSLv3. -.Ip "Kx=<key exchange>" 4 -.IX Item "Kx=<key exchange>" -Key exchange method: \fB\s-1RSA\s0\fR (for export ciphers as \fBRSA(512)\fR or -\&\fBRSA(1024)\fR), \fB\s-1DH\s0\fR (for export ciphers as \fBDH(512)\fR or \fBDH(1024)\fR), -\&\fB\s-1DH/RSA\s0\fR, \fB\s-1DH/DSS\s0\fR, \fBFortezza\fR. -.Ip "Au=<authentication>" 4 -.IX Item "Au=<authentication>" -Authentication method: \fB\s-1RSA\s0\fR, \fB\s-1DSS\s0\fR, \fB\s-1DH\s0\fR, \fBNone\fR. None is the -representation of anonymous ciphers. -.Ip "Enc=<symmetric encryption method>" 4 -.IX Item "Enc=<symmetric encryption method>" -Encryption method with number of secret bits: \fBDES(40)\fR, \fBDES(56)\fR, -\&\fB3DES(168)\fR, \fBRC4(40)\fR, \fBRC4(56)\fR, \fBRC4(64)\fR, \fBRC4(128)\fR, -\&\fBRC2(40)\fR, \fBRC2(56)\fR, \fBRC2(128)\fR, \fBIDEA(128)\fR, \fBFortezza\fR, \fBNone\fR. -.Ip "Mac=<message authentication code>" 4 -.IX Item "Mac=<message authentication code>" -Message digest: \fB\s-1MD5\s0\fR, \fB\s-1SHA1\s0\fR. -.Ip "<export flag>" 4 -.IX Item "<export flag>" -If the cipher is flagged exportable with respect to old \s-1US\s0 crypto -regulations, the word "\fBexport\fR" is printed. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -Some examples for the output of \fISSL_CIPHER_description()\fR: -.PP -.Vb 4 -\& EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 -\& EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1 -\& RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 -\& EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export -.Ve -.SH "BUGS" -.IX Header "BUGS" -If \fISSL_CIPHER_description()\fR is called with \fBcipher\fR being \s-1NULL\s0, the -library crashes. -.PP -If \fISSL_CIPHER_description()\fR cannot handle a built-in cipher, the according -description of the cipher property is \fBunknown\fR. This case should not -occur. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -See \s-1DESCRIPTION\s0 -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_get_current_cipher(3), -SSL_get_ciphers(3), ciphers(1) diff --git a/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 b/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 deleted file mode 100644 index 3da69dbf757d..000000000000 --- a/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 +++ /dev/null @@ -1,197 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:37 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_COMP_add_compression_method 3" -.TH SSL_COMP_add_compression_method 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_COMP_add_compression_method \- handle \s-1SSL/TLS\s0 integrated compression methods -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_COMP_add_compression_method()\fR adds the compression method \fBcm\fR with -the identifier \fBid\fR to the list of available compression methods. This -list is globally maintained for all \s-1SSL\s0 operations within this application. -It cannot be set for specific \s-1SSL_CTX\s0 or \s-1SSL\s0 objects. -.SH "NOTES" -.IX Header "NOTES" -The \s-1TLS\s0 standard (or SSLv3) allows the integration of compression methods -into the communication. The \s-1TLS\s0 \s-1RFC\s0 does however not specify compression -methods or their corresponding identifiers, so there is currently no compatible -way to integrate compression with unknown peers. It is therefore currently not -recommended to integrate compression into applications. Applications for -non-public use may agree on certain compression methods. Using different -compression methods with the same identifier will lead to connection failure. -.PP -An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1) -will unconditionally send the list of all compression methods enabled with -\&\fISSL_COMP_add_compression_method()\fR to the server during the handshake. -Unlike the mechanisms to set a cipher list, there is no method available to -restrict the list of compression method on a per connection basis. -.PP -An OpenSSL server will match the identifiers listed by a client against -its own compression methods and will unconditionally activate compression -when a matching identifier is found. There is no way to restrict the list -of compression methods supported on a per connection basis. -.PP -The OpenSSL library has the compression methods \fB\f(BICOMP_rle()\fB\fR and (when -especially enabled during compilation) \fB\f(BICOMP_zlib()\fB\fR available. -.SH "WARNINGS" -.IX Header "WARNINGS" -Once the identities of the compression methods for the \s-1TLS\s0 protocol have -been standardized, the compression \s-1API\s0 will most likely be changed. Using -it in the current state is not recommended. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_COMP_add_compression_method()\fR may return the following values: -.Ip "1" 4 -.IX Item "1" -The operation succeeded. -.Ip "0" 4 -The operation failed. Check the error queue to find out the reason. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3) diff --git a/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 b/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 deleted file mode 100644 index ffcbacf032dd..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 +++ /dev/null @@ -1,174 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:37 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_add_extra_chain_cert 3" -.TH SSL_CTX_add_extra_chain_cert 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_add_extra_chain_cert \- add certificate to chain -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& long SSL_CTX_add_extra_chain_cert(SSL_CTX ctx, X509 *x509) -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_add_extra_chain_cert()\fR adds the certificate \fBx509\fR to the certificate -chain presented together with the certificate. Several certificates -can be added one after the other. -.SH "NOTES" -.IX Header "NOTES" -When constructing the certificate chain, the chain will be formed from -these certificates explicitly specified. If no chain is specified, -the library will try to complete the chain from the available \s-1CA\s0 -certificates in the trusted \s-1CA\s0 storage, see -SSL_CTX_load_verify_locations(3). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_add_extra_chain_cert()\fR returns 1 on success. Check out the -error stack to find out the reason for failure otherwise. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_use_certificate(3), -SSL_CTX_set_client_cert_cb(3), -SSL_CTX_load_verify_locations(3) diff --git a/secure/lib/libssl/man/SSL_CTX_add_session.3 b/secure/lib/libssl/man/SSL_CTX_add_session.3 deleted file mode 100644 index 74d18a5275f6..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_add_session.3 +++ /dev/null @@ -1,205 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:37 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_add_session 3" -.TH SSL_CTX_add_session 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_add_session, SSL_add_session, SSL_CTX_remove_session, SSL_remove_session \- manipulate session cache -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c); -\& int SSL_add_session(SSL_CTX *ctx, SSL_SESSION *c); -.Ve -.Vb 2 -\& int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c); -\& int SSL_remove_session(SSL_CTX *ctx, SSL_SESSION *c); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_add_session()\fR adds the session \fBc\fR to the context \fBctx\fR. The -reference count for session \fBc\fR is incremented by 1. If a session with -the same session id already exists, the old session is removed by calling -SSL_SESSION_free(3). -.PP -\&\fISSL_CTX_remove_session()\fR removes the session \fBc\fR from the context \fBctx\fR. -SSL_SESSION_free(3) is called once for \fBc\fR. -.PP -\&\fISSL_add_session()\fR and \fISSL_remove_session()\fR are synonyms for their -SSL_CTX_*() counterparts. -.SH "NOTES" -.IX Header "NOTES" -When adding a new session to the internal session cache, it is examined -whether a session with the same session id already exists. In this case -it is assumed that both sessions are identical. If the same session is -stored in a different \s-1SSL_SESSION\s0 object, The old session is -removed and replaced by the new session. If the session is actually -identical (the \s-1SSL_SESSION\s0 object is identical), \fISSL_CTX_add_session()\fR -is a no-op, and the return value is 0. -.PP -If a server \s-1SSL_CTX\s0 is configured with the \s-1SSL_SESS_CACHE_NO_INTERNAL_STORE\s0 -flag then the internal cache will not be populated automatically by new -sessions negotiated by the \s-1SSL/TLS\s0 implementation, even though the internal -cache will be searched automatically for session-resume requests (the -latter can be surpressed by \s-1SSL_SESS_CACHE_NO_INTERNAL_LOOKUP\s0). So the -application can use \fISSL_CTX_add_session()\fR directly to have full control -over the sessions that can be resumed if desired. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following values are returned by all functions: -.Ip "0" 4 -.Vb 3 -\& The operation failed. In case of the add operation, it was tried to add -\& the same (identical) session twice. In case of the remove operation, the -\& session was not found in the cache. -.Ve -.Ip "1" 4 -.IX Item "1" -.Vb 1 -\& The operation succeeded. -.Ve -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_session_cache_mode(3), -SSL_SESSION_free(3) diff --git a/secure/lib/libssl/man/SSL_CTX_ctrl.3 b/secure/lib/libssl/man/SSL_CTX_ctrl.3 deleted file mode 100644 index 3bb2602cbeba..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_ctrl.3 +++ /dev/null @@ -1,171 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:38 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_ctrl 3" -.TH SSL_CTX_ctrl 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_ctrl, SSL_CTX_callback_ctrl, SSL_ctrl, SSL_callback_ctrl \- internal handling functions for \s-1SSL_CTX\s0 and \s-1SSL\s0 objects -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg); -\& long SSL_CTX_callback_ctrl(SSL_CTX *, int cmd, void (*fp)()); -.Ve -.Vb 2 -\& long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg); -\& long SSL_callback_ctrl(SSL *, int cmd, void (*fp)()); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -The SSL_*\fI_ctrl()\fR family of functions is used to manipulate settings of -the \s-1SSL_CTX\s0 and \s-1SSL\s0 objects. Depending on the command \fBcmd\fR the arguments -\&\fBlarg\fR, \fBparg\fR, or \fBfp\fR are evaluated. These functions should never -be called directly. All functionalities needed are made available via -other functions or macros. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The return values of the SSL*\fI_ctrl()\fR functions depend on the command -supplied via the \fBcmd\fR parameter. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3) diff --git a/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 b/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 deleted file mode 100644 index f33b54ebb31e..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 +++ /dev/null @@ -1,185 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:38 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_flush_sessions 3" -.TH SSL_CTX_flush_sessions 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_flush_sessions, SSL_flush_sessions \- remove expired sessions -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm); -\& void SSL_flush_sessions(SSL_CTX *ctx, long tm); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_flush_sessions()\fR causes a run through the session cache of -\&\fBctx\fR to remove sessions expired at time \fBtm\fR. -.PP -\&\fISSL_flush_sessions()\fR is a synonym for \fISSL_CTX_flush_sessions()\fR. -.SH "NOTES" -.IX Header "NOTES" -If enabled, the internal session cache will collect all sessions established -up to the specified maximum number (see \fISSL_CTX_sess_set_cache_size()\fR). -As sessions will not be reused ones they are expired, they should be -removed from the cache to save resources. This can either be done - automatically whenever 255 new sessions were established (see -SSL_CTX_set_session_cache_mode(3)) -or manually by calling \fISSL_CTX_flush_sessions()\fR. -.PP -The parameter \fBtm\fR specifies the time which should be used for the -expiration test, in most cases the actual time given by \fItime\fR\|(0) -will be used. -.PP -\&\fISSL_CTX_flush_sessions()\fR will only check sessions stored in the internal -cache. When a session is found and removed, the remove_session_cb is however -called to synchronize with the external cache (see -SSL_CTX_sess_set_get_cb(3)). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_session_cache_mode(3), -SSL_CTX_set_timeout(3), -SSL_CTX_sess_set_get_cb(3) diff --git a/secure/lib/libssl/man/SSL_CTX_free.3 b/secure/lib/libssl/man/SSL_CTX_free.3 deleted file mode 100644 index 9a91c9b27e05..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_free.3 +++ /dev/null @@ -1,167 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:38 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_free 3" -.TH SSL_CTX_free 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_free \- free an allocated \s-1SSL_CTX\s0 object -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& void SSL_CTX_free(SSL_CTX *ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_free()\fR decrements the reference count of \fBctx\fR, and removes the -\&\s-1SSL_CTX\s0 object pointed to by \fBctx\fR and frees up the allocated memory if the -the reference count has reached 0. -.PP -It also calls the \fIfree()\fRing procedures for indirectly affected items, if -applicable: the session cache, the list of ciphers, the list of Client CAs, -the certificates and keys. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_free()\fR does not provide diagnostic information. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_CTX_new(3), ssl(3) diff --git a/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 b/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 deleted file mode 100644 index 106ede2e42b4..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 +++ /dev/null @@ -1,193 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:38 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_get_ex_new_index 3" -.TH SSL_CTX_get_ex_new_index 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_get_ex_new_index, SSL_CTX_set_ex_data, SSL_CTX_get_ex_data \- internal application specific data functions -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 4 -\& int SSL_CTX_get_ex_new_index(long argl, void *argp, -\& CRYPTO_EX_new *new_func, -\& CRYPTO_EX_dup *dup_func, -\& CRYPTO_EX_free *free_func); -.Ve -.Vb 1 -\& int SSL_CTX_set_ex_data(SSL_CTX *ctx, int idx, void *arg); -.Ve -.Vb 1 -\& void *SSL_CTX_get_ex_data(SSL_CTX *ctx, int idx); -.Ve -.Vb 6 -\& typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, -\& int idx, long argl, void *argp); -\& typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, -\& int idx, long argl, void *argp); -\& typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, -\& int idx, long argl, void *argp); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -Several OpenSSL structures can have application specific data attached to them. -These functions are used internally by OpenSSL to manipulate application -specific data attached to a specific structure. -.PP -\&\fISSL_CTX_get_ex_new_index()\fR is used to register a new index for application -specific data. -.PP -\&\fISSL_CTX_set_ex_data()\fR is used to store application data at \fBarg\fR for \fBidx\fR -into the \fBctx\fR object. -.PP -\&\fISSL_CTX_get_ex_data()\fR is used to retrieve the information for \fBidx\fR from -\&\fBctx\fR. -.PP -A detailed description for the \fB*\f(BI_get_ex_new_index()\fB\fR functionality -can be found in RSA_get_ex_new_index(3). -The \fB*\f(BI_get_ex_data()\fB\fR and \fB*\f(BI_set_ex_data()\fB\fR functionality is described in -CRYPTO_set_ex_data(3). -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -RSA_get_ex_new_index(3), -CRYPTO_set_ex_data(3) diff --git a/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 b/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 deleted file mode 100644 index 3541228fb017..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 +++ /dev/null @@ -1,186 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:38 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_get_verify_mode 3" -.TH SSL_CTX_get_verify_mode 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_verify_depth, SSL_get_verify_callback, SSL_CTX_get_verify_callback \- get currently set verification parameters -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 6 -\& int SSL_CTX_get_verify_mode(SSL_CTX *ctx); -\& int SSL_get_verify_mode(SSL *ssl); -\& int SSL_CTX_get_verify_depth(SSL_CTX *ctx); -\& int SSL_get_verify_depth(SSL *ssl); -\& int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int, X509_STORE_CTX *); -\& int (*SSL_get_verify_callback(SSL *ssl))(int, X509_STORE_CTX *); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_get_verify_mode()\fR returns the verification mode currently set in -\&\fBctx\fR. -.PP -\&\fISSL_get_verify_mode()\fR returns the verification mode currently set in -\&\fBssl\fR. -.PP -\&\fISSL_CTX_get_verify_depth()\fR returns the verification depth limit currently set -in \fBctx\fR. If no limit has been explicitly set, \-1 is returned and the -default value will be used. -.PP -\&\fISSL_get_verify_depth()\fR returns the verification depth limit currently set -in \fBssl\fR. If no limit has been explicitly set, \-1 is returned and the -default value will be used. -.PP -\&\fISSL_CTX_get_verify_callback()\fR returns a function pointer to the verification -callback currently set in \fBctx\fR. If no callback was explicitly set, the -\&\s-1NULL\s0 pointer is returned and the default callback will be used. -.PP -\&\fISSL_get_verify_callback()\fR returns a function pointer to the verification -callback currently set in \fBssl\fR. If no callback was explicitly set, the -\&\s-1NULL\s0 pointer is returned and the default callback will be used. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -See \s-1DESCRIPTION\s0 -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CTX_set_verify(3) diff --git a/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 b/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 deleted file mode 100644 index b2ab727e8b21..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 +++ /dev/null @@ -1,254 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:38 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_load_verify_locations 3" -.TH SSL_CTX_load_verify_locations 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_load_verify_locations \- set default locations for trusted \s-1CA\s0 -certificates -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, -\& const char *CApath); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_load_verify_locations()\fR specifies the locations for \fBctx\fR, at -which \s-1CA\s0 certificates for verification purposes are located. The certificates -available via \fBCAfile\fR and \fBCApath\fR are trusted. -.SH "NOTES" -.IX Header "NOTES" -If \fBCAfile\fR is not \s-1NULL\s0, it points to a file of \s-1CA\s0 certificates in \s-1PEM\s0 -format. The file can contain several \s-1CA\s0 certificates identified by -.PP -.Vb 3 -\& -----BEGIN CERTIFICATE----- -\& ... (CA certificate in base64 encoding) ... -\& -----END CERTIFICATE----- -.Ve -sequences. Before, between, and after the certificates text is allowed -which can be used e.g. for descriptions of the certificates. -.PP -The \fBCAfile\fR is processed on execution of the \fISSL_CTX_load_verify_locations()\fR -function. -.PP -If \fBCApath\fR is not \s-1NULL\s0, it points to a directory containing \s-1CA\s0 certificates -in \s-1PEM\s0 format. The files each contain one \s-1CA\s0 certificate. The files are -looked up by the \s-1CA\s0 subject name hash value, which must hence be available. -If more than one \s-1CA\s0 certificate with the same name hash value exist, the -extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search -is performed in the ordering of the extension number, regardless of other -properties of the certificates. -Use the \fBc_rehash\fR utility to create the necessary links. -.PP -The certificates in \fBCApath\fR are only looked up when required, e.g. when -building the certificate chain or when actually performing the verification -of a peer certificate. -.PP -When looking up \s-1CA\s0 certificates, the OpenSSL library will first search the -certificates in \fBCAfile\fR, then those in \fBCApath\fR. Certificate matching -is done based on the subject name, the key identifier (if present), and the -serial number as taken from the certificate to be verified. If these data -do not match, the next certificate will be tried. If a first certificate -matching the parameters is found, the verification process will be performed; -no other certificates for the same parameters will be searched in case of -failure. -.PP -In server mode, when requesting a client certificate, the server must send -the list of CAs of which it will accept client certificates. This list -is not influenced by the contents of \fBCAfile\fR or \fBCApath\fR and must -explicitly be set using the -SSL_CTX_set_client_CA_list(3) -family of functions. -.PP -When building its own certificate chain, an OpenSSL client/server will -try to fill in missing certificates from \fBCAfile\fR/\fBCApath\fR, if the -certificate chain was not explicitly specified (see -SSL_CTX_add_extra_chain_cert(3), -SSL_CTX_use_certificate(3). -.SH "WARNINGS" -.IX Header "WARNINGS" -If several \s-1CA\s0 certificates matching the name, key identifier, and serial -number condition are available, only the first one will be examined. This -may lead to unexpected results if the same \s-1CA\s0 certificate is available -with different expiration dates. If a \*(L"certificate expired\*(R" verification -error occurs, no other certificate will be searched. Make sure to not -have expired certificates mixed with valid ones. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -Generate a \s-1CA\s0 certificate file with descriptive text from the \s-1CA\s0 certificates -ca1.pem ca2.pem ca3.pem: -.PP -.Vb 5 -\& #!/bin/sh -\& rm CAfile.pem -\& for i in ca1.pem ca2.pem ca3.pem ; do -\& openssl x509 -in $i -text >> CAfile.pem -\& done -.Ve -Prepare the directory /some/where/certs containing several \s-1CA\s0 certificates -for use as \fBCApath\fR: -.PP -.Vb 2 -\& cd /some/where/certs -\& c_rehash . -.Ve -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "0" 4 -The operation failed because \fBCAfile\fR and \fBCApath\fR are \s-1NULL\s0 or the -processing at one of the locations specified failed. Check the error -stack to find out the reason. -.Ip "1" 4 -.IX Item "1" -The operation succeeded. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_client_CA_list(3), -SSL_get_client_CA_list(3), -SSL_CTX_use_certificate(3), -SSL_CTX_add_extra_chain_cert(3), -SSL_CTX_set_cert_store(3) diff --git a/secure/lib/libssl/man/SSL_CTX_new.3 b/secure/lib/libssl/man/SSL_CTX_new.3 deleted file mode 100644 index 0879393befa4..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_new.3 +++ /dev/null @@ -1,215 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:39 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_new 3" -.TH SSL_CTX_new 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_new \- create a new \s-1SSL_CTX\s0 object as framework for \s-1TLS/SSL\s0 enabled functions -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& SSL_CTX *SSL_CTX_new(SSL_METHOD *method); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_new()\fR creates a new \fB\s-1SSL_CTX\s0\fR object as framework to establish -\&\s-1TLS/SSL\s0 enabled connections. -.SH "NOTES" -.IX Header "NOTES" -The \s-1SSL_CTX\s0 object uses \fBmethod\fR as connection method. The methods exist -in a generic type (for client and server use), a server only type, and a -client only type. \fBmethod\fR can be of the following types: -.Ip "SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)" 4 -.IX Item "SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)" -A \s-1TLS/SSL\s0 connection established with these methods will only understand -the SSLv2 protocol. A client will send out SSLv2 client hello messages -and will also indicate that it only understand SSLv2. A server will only -understand SSLv2 client hello messages. -.Ip "SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)" 4 -.IX Item "SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)" -A \s-1TLS/SSL\s0 connection established with these methods will only understand the -SSLv3 protocol. A client will send out SSLv3 client hello messages -and will indicate that it only understands SSLv3. A server will only understand -SSLv3 client hello messages. This especially means, that it will -not understand SSLv2 client hello messages which are widely used for -compatibility reasons, see SSLv23_*\fI_method()\fR. -.Ip "TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void)" 4 -.IX Item "TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void)" -A \s-1TLS/SSL\s0 connection established with these methods will only understand the -TLSv1 protocol. A client will send out TLSv1 client hello messages -and will indicate that it only understands TLSv1. A server will only understand -TLSv1 client hello messages. This especially means, that it will -not understand SSLv2 client hello messages which are widely used for -compatibility reasons, see SSLv23_*\fI_method()\fR. It will also not understand -SSLv3 client hello messages. -.Ip "SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)" 4 -.IX Item "SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)" -A \s-1TLS/SSL\s0 connection established with these methods will understand the SSLv2, -SSLv3, and TLSv1 protocol. A client will send out SSLv2 client hello messages -and will indicate that it also understands SSLv3 and TLSv1. A server will -understand SSLv2, SSLv3, and TLSv1 client hello messages. This is the best -choice when compatibility is a concern. -.PP -The list of protocols available can later be limited using the SSL_OP_NO_SSLv2, -SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1 options of the \fB\f(BISSL_CTX_set_options()\fB\fR or -\&\fB\f(BISSL_set_options()\fB\fR functions. Using these options it is possible to choose -e.g. \fISSLv23_server_method()\fR and be able to negotiate with all possible -clients, but to only allow newer protocols like SSLv3 or TLSv1. -.PP -\&\fISSL_CTX_new()\fR initializes the list of ciphers, the session cache setting, -the callbacks, the keys and certificates, and the options to its default -values. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "\s-1NULL\s0" 4 -.IX Item "NULL" -The creation of a new \s-1SSL_CTX\s0 object failed. Check the error stack to -find out the reason. -.Ip "Pointer to an \s-1SSL_CTX\s0 object" 4 -.IX Item "Pointer to an SSL_CTX object" -The return value points to an allocated \s-1SSL_CTX\s0 object. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_CTX_free(3), SSL_accept(3), -ssl(3), SSL_set_connect_state(3) diff --git a/secure/lib/libssl/man/SSL_CTX_sess_number.3 b/secure/lib/libssl/man/SSL_CTX_sess_number.3 deleted file mode 100644 index 42251e86e30e..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_sess_number.3 +++ /dev/null @@ -1,212 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:39 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_sess_number 3" -.TH SSL_CTX_sess_number 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full \- obtain session cache statistics -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 12 -\& long SSL_CTX_sess_number(SSL_CTX *ctx); -\& long SSL_CTX_sess_connect(SSL_CTX *ctx); -\& long SSL_CTX_sess_connect_good(SSL_CTX *ctx); -\& long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx); -\& long SSL_CTX_sess_accept(SSL_CTX *ctx); -\& long SSL_CTX_sess_accept_good(SSL_CTX *ctx); -\& long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx); -\& long SSL_CTX_sess_hits(SSL_CTX *ctx); -\& long SSL_CTX_sess_cb_hits(SSL_CTX *ctx); -\& long SSL_CTX_sess_misses(SSL_CTX *ctx); -\& long SSL_CTX_sess_timeouts(SSL_CTX *ctx); -\& long SSL_CTX_sess_cache_full(SSL_CTX *ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_sess_number()\fR returns the current number of sessions in the internal -session cache. -.PP -\&\fISSL_CTX_sess_connect()\fR returns the number of started \s-1SSL/TLS\s0 handshakes in -client mode. -.PP -\&\fISSL_CTX_sess_connect_good()\fR returns the number of successfully established -\&\s-1SSL/TLS\s0 sessions in client mode. -.PP -\&\fISSL_CTX_sess_connect_renegotiate()\fR returns the number of start renegotiations -in client mode. -.PP -\&\fISSL_CTX_sess_accept()\fR returns the number of started \s-1SSL/TLS\s0 handshakes in -server mode. -.PP -\&\fISSL_CTX_sess_accept_good()\fR returns the number of successfully established -\&\s-1SSL/TLS\s0 sessions in server mode. -.PP -\&\fISSL_CTX_sess_accept_renegotiate()\fR returns the number of start renegotiations -in server mode. -.PP -\&\fISSL_CTX_sess_hits()\fR returns the number of successfully reused sessions. -In client mode a session set with SSL_set_session(3) -successfully reused is counted as a hit. In server mode a session successfully -retrieved from internal or external cache is counted as a hit. -.PP -\&\fISSL_CTX_sess_cb_hits()\fR returns the number of successfully retrieved sessions -from the external session cache in server mode. -.PP -\&\fISSL_CTX_sess_misses()\fR returns the number of sessions proposed by clients -that were not found in the internal session cache in server mode. -.PP -\&\fISSL_CTX_sess_timeouts()\fR returns the number of sessions proposed by clients -and either found in the internal or external session cache in server mode, - but that were invalid due to timeout. These sessions are not included in -the \fISSL_CTX_sess_hits()\fR count. -.PP -\&\fISSL_CTX_sess_cache_full()\fR returns the number of sessions that were removed -because the maximum session cache size was exceeded. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The functions return the values indicated in the \s-1DESCRIPTION\s0 section. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_set_session(3), -SSL_CTX_set_session_cache_mode(3) -SSL_CTX_sess_set_cache_size(3) diff --git a/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 b/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 deleted file mode 100644 index 1c1fc5113673..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 +++ /dev/null @@ -1,186 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:39 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_sess_set_cache_size 3" -.TH SSL_CTX_sess_set_cache_size 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_sess_set_cache_size, SSL_CTX_sess_get_cache_size \- manipulate session cache size -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, long t); -\& long SSL_CTX_sess_get_cache_size(SSL_CTX *ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_sess_set_cache_size()\fR sets the size of the internal session cache -of context \fBctx\fR to \fBt\fR. -.PP -\&\fISSL_CTX_sess_get_cache_size()\fR returns the currently valid session cache size. -.SH "NOTES" -.IX Header "NOTES" -The internal session cache size is \s-1SSL_SESSION_CACHE_MAX_SIZE_DEFAULT\s0, -currently 1024*20, so that up to 20000 sessions can be held. This size -can be modified using the \fISSL_CTX_sess_set_cache_size()\fR call. A special -case is the size 0, which is used for unlimited size. -.PP -When the maximum number of sessions is reached, no more new sessions are -added to the cache. New space may be added by calling -SSL_CTX_flush_sessions(3) to remove -expired sessions. -.PP -If the size of the session cache is reduced and more sessions are already -in the session cache, old session will be removed at the next time a -session shall be added. This removal is not synchronized with the -expiration of sessions. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_sess_set_cache_size()\fR returns the previously valid size. -.PP -\&\fISSL_CTX_sess_get_cache_size()\fR returns the currently valid size. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_session_cache_mode(3), -SSL_CTX_sess_number(3), -SSL_CTX_flush_sessions(3) diff --git a/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 b/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 deleted file mode 100644 index 1fbb9fa09fce..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 +++ /dev/null @@ -1,223 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:39 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_sess_set_get_cb 3" -.TH SSL_CTX_sess_set_get_cb 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb \- provide callback functions for server side external session caching -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 6 -\& void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, -\& int (*new_session_cb)(SSL *, SSL_SESSION *)); -\& void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, -\& void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *)); -\& void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, -\& SSL_SESSION (*get_session_cb)(SSL *, unsigned char *, int, int *)); -.Ve -.Vb 3 -\& int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl, SSL_SESSION *sess); -\& void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx, SSL_SESSION *sess); -\& SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl, unsigned char *data, int len, int *copy); -.Ve -.Vb 4 -\& int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess); -\& void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess); -\& SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data, -\& int len, int *copy); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_sess_set_new_cb()\fR sets the callback function, which is automatically -called whenever a new session was negotiated. -.PP -\&\fISSL_CTX_sess_set_remove_cb()\fR sets the callback function, which is -automatically called whenever a session is removed by the \s-1SSL\s0 engine, -because it is considered faulty or the session has become obsolete because -of exceeding the timeout value. -.PP -\&\fISSL_CTX_sess_set_get_cb()\fR sets the callback function which is called, -whenever a \s-1SSL/TLS\s0 client proposed to resume a session but the session -could not be found in the internal session cache (see -SSL_CTX_set_session_cache_mode(3)). -(\s-1SSL/TLS\s0 server only.) -.PP -\&\fISSL_CTX_sess_get_new_cb()\fR, \fISSL_CTX_sess_get_remove_cb()\fR, and -\&\fISSL_CTX_sess_get_get_cb()\fR allow to retrieve the function pointers of the -provided callback functions. If a callback function has not been set, -the \s-1NULL\s0 pointer is returned. -.SH "NOTES" -.IX Header "NOTES" -In order to allow external session caching, synchronization with the internal -session cache is realized via callback functions. Inside these callback -functions, session can be saved to disk or put into a database using the -d2i_SSL_SESSION(3) interface. -.PP -The \fInew_session_cb()\fR is called, whenever a new session has been negotiated -and session caching is enabled (see -SSL_CTX_set_session_cache_mode(3)). -The \fInew_session_cb()\fR is passed the \fBssl\fR connection and the ssl session -\&\fBsess\fR. If the callback returns \fB0\fR, the session will be immediately -removed again. -.PP -The \fIremove_session_cb()\fR is called, whenever the \s-1SSL\s0 engine removes a session -from the internal cache. This happens if the session is removed because -it is expired or when a connection was not shutdown cleanly. The -\&\fIremove_session_cb()\fR is passed the \fBctx\fR and the ssl session \fBsess\fR. -It does not provide any feedback. -.PP -The \fIget_session_cb()\fR is only called on \s-1SSL/TLS\s0 servers with the session id -proposed by the client. The \fIget_session_cb()\fR is always called, also when -session caching was disabled. The \fIget_session_cb()\fR is passed the -\&\fBssl\fR connection, the session id of length \fBlength\fR at the memory location -\&\fBdata\fR. With the parameter \fBcopy\fR the callback can require the -\&\s-1SSL\s0 engine to increment the reference count of the \s-1SSL_SESSION\s0 object, -Normally the reference count is not incremented and therefore the -session must not be explicitly freed with -SSL_SESSION_free(3). -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), d2i_SSL_SESSION(3), -SSL_CTX_set_session_cache_mode(3), -SSL_CTX_flush_sessions(3), -SSL_SESSION_free(3) diff --git a/secure/lib/libssl/man/SSL_CTX_sessions.3 b/secure/lib/libssl/man/SSL_CTX_sessions.3 deleted file mode 100644 index fce2b6d74f80..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_sessions.3 +++ /dev/null @@ -1,170 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:39 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_sessions 3" -.TH SSL_CTX_sessions 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_sessions \- access internal session cache -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_sessions()\fR returns a pointer to the lhash databases containing the -internal session cache for \fBctx\fR. -.SH "NOTES" -.IX Header "NOTES" -The sessions in the internal session cache are kept in an -lhash(3) type database. It is possible to directly -access this database e.g. for searching. In parallel, the sessions -form a linked list which is maintained separately from the -lhash(3) operations, so that the database must not be -modified directly but by using the -SSL_CTX_add_session(3) family of functions. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), lhash(3), -SSL_CTX_add_session(3), -SSL_CTX_set_session_cache_mode(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 b/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 deleted file mode 100644 index c27c2aa35430..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 +++ /dev/null @@ -1,192 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:39 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_cert_store 3" -.TH SSL_CTX_set_cert_store 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_cert_store, SSL_CTX_get_cert_store \- manipulate X509 certificate verification storage -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store); -\& X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_cert_store()\fR sets/replaces the certificate verification storage -of \fBctx\fR to/with \fBstore\fR. If another X509_STORE object is currently -set in \fBctx\fR, it will be \fIX509_STORE_free()\fRed. -.PP -\&\fISSL_CTX_get_cert_store()\fR returns a pointer to the current certificate -verification storage. -.SH "NOTES" -.IX Header "NOTES" -In order to verify the certificates presented by the peer, trusted \s-1CA\s0 -certificates must be accessed. These \s-1CA\s0 certificates are made available -via lookup methods, handled inside the X509_STORE. From the X509_STORE -the X509_STORE_CTX used when verifying certificates is created. -.PP -Typically the trusted certificate store is handled indirectly via using -SSL_CTX_load_verify_locations(3). -Using the \fISSL_CTX_set_cert_store()\fR and \fISSL_CTX_get_cert_store()\fR functions -it is possible to manipulate the X509_STORE object beyond the -SSL_CTX_load_verify_locations(3) -call. -.PP -Currently no detailed documentation on how to use the X509_STORE -object is available. Not all members of the X509_STORE are used when -the verification takes place. So will e.g. the \fIverify_callback()\fR be -overridden with the \fIverify_callback()\fR set via the -SSL_CTX_set_verify(3) family of functions. -This document must therefore be updated when documentation about the -X509_STORE object and its handling becomes available. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_cert_store()\fR does not return diagnostic output. -.PP -\&\fISSL_CTX_get_cert_store()\fR returns the current setting. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_load_verify_locations(3), -SSL_CTX_set_verify(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 b/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 deleted file mode 100644 index 5e19a97c66d6..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 +++ /dev/null @@ -1,208 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:40 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_cert_verify_callback 3" -.TH SSL_CTX_set_cert_verify_callback 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_cert_verify_callback \- set peer certificate verification procedure -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *,void *), void *arg); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_cert_verify_callback()\fR sets the verification callback function for -\&\fIctx\fR. \s-1SSL\s0 objects that are created from \fIctx\fR inherit the setting valid at -the time when SSL_new(3) is called. -.SH "NOTES" -.IX Header "NOTES" -Whenever a certificate is verified during a \s-1SSL/TLS\s0 handshake, a verification -function is called. If the application does not explicitly specify a -verification callback function, the built-in verification function is used. -If a verification callback \fIcallback\fR is specified via -\&\fISSL_CTX_set_cert_verify_callback()\fR, the supplied callback function is called -instead. By setting \fIcallback\fR to \s-1NULL\s0, the default behaviour is restored. -.PP -When the verification must be performed, \fIcallback\fR will be called with -the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The -argument \fIarg\fR is specified by the application when setting \fIcallback\fR. -.PP -\&\fIcallback\fR should return 1 to indicate verification success and 0 to -indicate verification failure. If \s-1SSL_VERIFY_PEER\s0 is set and \fIcallback\fR -returns 0, the handshake will fail. As the verification procedure may -allow to continue the connection in case of failure (by always returning 1) -the verification result must be set in any case using the \fBerror\fR -member of \fIx509_store_ctx\fR so that the calling application will be informed -about the detailed result of the verification procedure! -.PP -Within \fIx509_store_ctx\fR, \fIcallback\fR has access to the \fIverify_callback\fR -function set using SSL_CTX_set_verify(3). -.SH "WARNINGS" -.IX Header "WARNINGS" -Do not mix the verification callback described in this function with the -\&\fBverify_callback\fR function called during the verification process. The -latter is set using the SSL_CTX_set_verify(3) -family of functions. -.PP -Providing a complete verification procedure including certificate purpose -settings etc is a complex task. The built-in procedure is quite powerful -and in most cases it should be sufficient to modify its behaviour using -the \fBverify_callback\fR function. -.SH "BUGS" -.IX Header "BUGS" -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_cert_verify_callback()\fR does not provide diagnostic information. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CTX_set_verify(3), -SSL_get_verify_result(3), -SSL_CTX_load_verify_locations(3) -.SH "HISTORY" -.IX Header "HISTORY" -Previous to OpenSSL 0.9.7, the \fIarg\fR argument to \fBSSL_CTX_set_cert_verify_callback\fR -was ignored, and \fIcallback\fR was called simply as - int (*callback)(X509_STORE_CTX *) -To compile software written for previous versions of OpenSSL, a dummy -argument will have to be added to \fIcallback\fR. diff --git a/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 b/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 deleted file mode 100644 index 880205ab69d3..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 +++ /dev/null @@ -1,205 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:40 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_cipher_list 3" -.TH SSL_CTX_set_cipher_list 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_cipher_list, SSL_set_cipher_list \- choose list of available SSL_CIPHERs -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); -\& int SSL_set_cipher_list(SSL *ssl, const char *str); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_cipher_list()\fR sets the list of available ciphers for \fBctx\fR -using the control string \fBstr\fR. The format of the string is described -in ciphers(1). The list of ciphers is inherited by all -\&\fBssl\fR objects created from \fBctx\fR. -.PP -\&\fISSL_set_cipher_list()\fR sets the list of ciphers only for \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -The control string \fBstr\fR should be universally usable and not depend -on details of the library configuration (ciphers compiled in). Thus no -syntax checking takes place. Items that are not recognized, because the -corresponding ciphers are not compiled in or because they are mistyped, -are simply ignored. Failure is only flagged if no ciphers could be collected -at all. -.PP -It should be noted, that inclusion of a cipher to be used into the list is -a necessary condition. On the client side, the inclusion into the list is -also sufficient. On the server side, additional restrictions apply. All ciphers -have additional requirements. \s-1ADH\s0 ciphers don't need a certificate, but -DH-parameters must have been set. All other ciphers need a corresponding -certificate and key. -.PP -A \s-1RSA\s0 cipher can only be chosen, when a \s-1RSA\s0 certificate is available. -\&\s-1RSA\s0 export ciphers with a keylength of 512 bits for the \s-1RSA\s0 key require -a temporary 512 bit \s-1RSA\s0 key, as typically the supplied key has a length -of 1024 bit (see -SSL_CTX_set_tmp_rsa_callback(3)). -\&\s-1RSA\s0 ciphers using \s-1EDH\s0 need a certificate and key and additional DH-parameters -(see SSL_CTX_set_tmp_dh_callback(3)). -.PP -A \s-1DSA\s0 cipher can only be chosen, when a \s-1DSA\s0 certificate is available. -\&\s-1DSA\s0 ciphers always use \s-1DH\s0 key exchange and therefore need DH-parameters -(see SSL_CTX_set_tmp_dh_callback(3)). -.PP -When these conditions are not met for any cipher in the list (e.g. a -client only supports export \s-1RSA\s0 ciphers with a asymmetric key length -of 512 bits and the server is not configured to use temporary \s-1RSA\s0 -keys), the \*(L"no shared cipher\*(R" (\s-1SSL_R_NO_SHARED_CIPHER\s0) error is generated -and the handshake will fail. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_cipher_list()\fR and \fISSL_set_cipher_list()\fR return 1 if any cipher -could be selected and 0 on complete failure. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_get_ciphers(3), -SSL_CTX_use_certificate(3), -SSL_CTX_set_tmp_rsa_callback(3), -SSL_CTX_set_tmp_dh_callback(3), -ciphers(1) diff --git a/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 b/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 deleted file mode 100644 index 4cc034a51b42..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 +++ /dev/null @@ -1,223 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:40 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_client_CA_list 3" -.TH SSL_CTX_set_client_CA_list 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_CTX_add_client_CA, -SSL_add_client_CA \- set list of CAs sent to the client when requesting a -client certificate -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 4 -\& void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list); -\& void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list); -\& int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert); -\& int SSL_add_client_CA(SSL *ssl, X509 *cacert); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_client_CA_list()\fR sets the \fBlist\fR of CAs sent to the client when -requesting a client certificate for \fBctx\fR. -.PP -\&\fISSL_set_client_CA_list()\fR sets the \fBlist\fR of CAs sent to the client when -requesting a client certificate for the chosen \fBssl\fR, overriding the -setting valid for \fBssl\fR's \s-1SSL_CTX\s0 object. -.PP -\&\fISSL_CTX_add_client_CA()\fR adds the \s-1CA\s0 name extracted from \fBcacert\fR to the -list of CAs sent to the client when requesting a client certificate for -\&\fBctx\fR. -.PP -\&\fISSL_add_client_CA()\fR adds the \s-1CA\s0 name extracted from \fBcacert\fR to the -list of CAs sent to the client when requesting a client certificate for -the chosen \fBssl\fR, overriding the setting valid for \fBssl\fR's \s-1SSL_CTX\s0 object. -.SH "NOTES" -.IX Header "NOTES" -When a \s-1TLS/SSL\s0 server requests a client certificate (see -\&\fB\f(BISSL_CTX_set_verify_options()\fB\fR), it sends a list of CAs, for which -it will accept certificates, to the client. -.PP -This list must explicitly be set using \fISSL_CTX_set_client_CA_list()\fR for -\&\fBctx\fR and \fISSL_set_client_CA_list()\fR for the specific \fBssl\fR. The list -specified overrides the previous setting. The CAs listed do not become -trusted (\fBlist\fR only contains the names, not the complete certificates); use -SSL_CTX_load_verify_locations(3) -to additionally load them for verification. -.PP -If the list of acceptable CAs is compiled in a file, the -SSL_load_client_CA_file(3) -function can be used to help importing the necessary data. -.PP -\&\fISSL_CTX_add_client_CA()\fR and \fISSL_add_client_CA()\fR can be used to add additional -items the list of client CAs. If no list was specified before using -\&\fISSL_CTX_set_client_CA_list()\fR or \fISSL_set_client_CA_list()\fR, a new client -\&\s-1CA\s0 list for \fBctx\fR or \fBssl\fR (as appropriate) is opened. -.PP -These functions are only useful for \s-1TLS/SSL\s0 servers. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_client_CA_list()\fR and \fISSL_set_client_CA_list()\fR do not return -diagnostic information. -.PP -\&\fISSL_CTX_add_client_CA()\fR and \fISSL_add_client_CA()\fR have the following return -values: -.Ip "1" 4 -.IX Item "1" -The operation succeeded. -.Ip "0" 4 -A failure while manipulating the STACK_OF(X509_NAME) object occurred or -the X509_NAME could not be extracted from \fBcacert\fR. Check the error stack -to find out the reason. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -Scan all certificates in \fBCAfile\fR and list them as acceptable CAs: -.PP -.Vb 1 -\& SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile)); -.Ve -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_get_client_CA_list(3), -SSL_load_client_CA_file(3), -SSL_CTX_load_verify_locations(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 b/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 deleted file mode 100644 index 32721d8f8073..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 +++ /dev/null @@ -1,229 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:40 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_client_cert_cb 3" -.TH SSL_CTX_set_client_cert_cb 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_client_cert_cb, SSL_CTX_get_client_cert_cb \- handle client certificate callback function -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 3 -\& void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); -\& int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey); -\& int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_client_cert_cb()\fR sets the \fB\f(BIclient_cert_cb()\fB\fR callback, that is -called when a client certificate is requested by a server and no certificate -was yet set for the \s-1SSL\s0 object. -.PP -When \fB\f(BIclient_cert_cb()\fB\fR is \s-1NULL\s0, no callback function is used. -.PP -\&\fISSL_CTX_get_client_cert_cb()\fR returns a pointer to the currently set callback -function. -.PP -\&\fIclient_cert_cb()\fR is the application defined callback. If it wants to -set a certificate, a certificate/private key combination must be set -using the \fBx509\fR and \fBpkey\fR arguments and \*(L"1\*(R" must be returned. The -certificate will be installed into \fBssl\fR, see the \s-1NOTES\s0 and \s-1BUGS\s0 sections. -If no certificate should be set, \*(L"0\*(R" has to be returned and no certificate -will be sent. A negative return value will suspend the handshake and the -handshake function will return immediatly. SSL_get_error(3) -will return \s-1SSL_ERROR_WANT_X509_LOOKUP\s0 to indicate, that the handshake was -suspended. The next call to the handshake function will again lead to the call -of \fIclient_cert_cb()\fR. It is the job of the \fIclient_cert_cb()\fR to store information -about the state of the last call, if required to continue. -.SH "NOTES" -.IX Header "NOTES" -During a handshake (or renegotiation) a server may request a certificate -from the client. A client certificate must only be sent, when the server -did send the request. -.PP -When a certificate was set using the -SSL_CTX_use_certificate(3) family of functions, -it will be sent to the server. The \s-1TLS\s0 standard requires that only a -certificate is sent, if it matches the list of acceptable CAs sent by the -server. This constraint is violated by the default behavior of the OpenSSL -library. Using the callback function it is possible to implement a proper -selection routine or to allow a user interaction to choose the certificate to -be sent. -.PP -If a callback function is defined and no certificate was yet defined for the -\&\s-1SSL\s0 object, the callback function will be called. -If the callback function returns a certificate, the OpenSSL library -will try to load the private key and certificate data into the \s-1SSL\s0 -object using the \fISSL_use_certificate()\fR and \fISSL_use_private_key()\fR functions. -Thus it will permanently install the certificate and key for this \s-1SSL\s0 -object. It will not be reset by calling SSL_clear(3). -If the callback returns no certificate, the OpenSSL library will not send -a certificate. -.SH "BUGS" -.IX Header "BUGS" -The \fIclient_cert_cb()\fR cannot return a complete certificate chain, it can -only return one client certificate. If the chain only has a length of 2, -the root \s-1CA\s0 certificate may be omitted according to the \s-1TLS\s0 standard and -thus a standard conforming answer can be sent to the server. For a -longer chain, the client must send the complete chain (with the option -to leave out the root \s-1CA\s0 certificate). This can only be accomplished by -either adding the intermediate \s-1CA\s0 certificates into the trusted -certificate store for the \s-1SSL_CTX\s0 object (resulting in having to add -\&\s-1CA\s0 certificates that otherwise maybe would not be trusted), or by adding -the chain certificates using the -SSL_CTX_add_extra_chain_cert(3) -function, which is only available for the \s-1SSL_CTX\s0 object as a whole and that -therefore probably can only apply for one client certificate, making -the concept of the callback function (to allow the choice from several -certificates) questionable. -.PP -Once the \s-1SSL\s0 object has been used in conjunction with the callback function, -the certificate will be set for the \s-1SSL\s0 object and will not be cleared -even when SSL_clear(3) is being called. It is therefore -mandatory to destroy the \s-1SSL\s0 object using SSL_free(3) -and create a new one to return to the previous state. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CTX_use_certificate(3), -SSL_CTX_add_extra_chain_cert(3), -SSL_get_client_CA_list(3), -SSL_clear(3), SSL_free(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 b/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 deleted file mode 100644 index 2a19c0f81cd3..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 +++ /dev/null @@ -1,213 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:40 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_default_passwd_cb 3" -.TH SSL_CTX_set_default_passwd_cb 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata \- set passwd callback for encrypted \s-1PEM\s0 file handling -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb); -\& void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u); -.Ve -.Vb 1 -\& int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_default_passwd_cb()\fR sets the default password callback called -when loading/storing a \s-1PEM\s0 certificate with encryption. -.PP -\&\fISSL_CTX_set_default_passwd_cb_userdata()\fR sets a pointer to \fBuserdata\fR which -will be provided to the password callback on invocation. -.PP -The \fIpem_passwd_cb()\fR, which must be provided by the application, hands back the -password to be used during decryption. On invocation a pointer to \fBuserdata\fR -is provided. The pem_passwd_cb must write the password into the provided buffer -\&\fBbuf\fR which is of size \fBsize\fR. The actual length of the password must -be returned to the calling function. \fBrwflag\fR indicates whether the -callback is used for reading/decryption (rwflag=0) or writing/encryption -(rwflag=1). -.SH "NOTES" -.IX Header "NOTES" -When loading or storing private keys, a password might be supplied to -protect the private key. The way this password can be supplied may depend -on the application. If only one private key is handled, it can be practical -to have \fIpem_passwd_cb()\fR handle the password dialog interactively. If several -keys have to be handled, it can be practical to ask for the password once, -then keep it in memory and use it several times. In the last case, the -password could be stored into the \fBuserdata\fR storage and the -\&\fIpem_passwd_cb()\fR only returns the password already stored. -.PP -When asking for the password interactively, \fIpem_passwd_cb()\fR can use -\&\fBrwflag\fR to check, whether an item shall be encrypted (rwflag=1). -In this case the password dialog may ask for the same password twice -for comparison in order to catch typos, that would make decryption -impossible. -.PP -Other items in \s-1PEM\s0 formatting (certificates) can also be encrypted, it is -however not usual, as certificate information is considered public. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_default_passwd_cb()\fR and \fISSL_CTX_set_default_passwd_cb_userdata()\fR -do not provide diagnostic information. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -The following example returns the password provided as \fBuserdata\fR to the -calling function. The password is considered to be a '\e0' terminated -string. If the password does not fit into the buffer, the password is -truncated. -.PP -.Vb 6 -\& int pem_passwd_cb(char *buf, int size, int rwflag, void *password) -\& { -\& strncpy(buf, (char *)(password), size); -\& buf[size - 1] = '\e0'; -\& return(strlen(buf)); -\& } -.Ve -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_use_certificate(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 b/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 deleted file mode 100644 index 4f9c69cec09d..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 +++ /dev/null @@ -1,288 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:41 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_generate_session_id 3" -.TH SSL_CTX_set_generate_session_id 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id \- manipulate generation of \s-1SSL\s0 session IDs (server only) -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id, -\& unsigned int *id_len); -.Ve -.Vb 4 -\& int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb); -\& int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb); -\& int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, -\& unsigned int id_len); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_generate_session_id()\fR sets the callback function for generating -new session ids for \s-1SSL/TLS\s0 sessions for \fBctx\fR to be \fBcb\fR. -.PP -\&\fISSL_set_generate_session_id()\fR sets the callback function for generating -new session ids for \s-1SSL/TLS\s0 sessions for \fBssl\fR to be \fBcb\fR. -.PP -\&\fISSL_has_matching_session_id()\fR checks, whether a session with id \fBid\fR -(of length \fBid_len\fR) is already contained in the internal session cache -of the parent context of \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -When a new session is established between client and server, the server -generates a session id. The session id is an arbitrary sequence of bytes. -The length of the session id is 16 bytes for SSLv2 sessions and between -1 and 32 bytes for SSLv3/TLSv1. The session id is not security critical -but must be unique for the server. Additionally, the session id is -transmitted in the clear when reusing the session so it must not contain -sensitive information. -.PP -Without a callback being set, an OpenSSL server will generate a unique -session id from pseudo random numbers of the maximum possible length. -Using the callback function, the session id can be changed to contain -additional information like e.g. a host id in order to improve load balancing -or external caching techniques. -.PP -The callback function receives a pointer to the memory location to put -\&\fBid\fR into and a pointer to the maximum allowed length \fBid_len\fR. The -buffer at location \fBid\fR is only guaranteed to have the size \fBid_len\fR. -The callback is only allowed to generate a shorter id and reduce \fBid_len\fR; -the callback \fBmust never\fR increase \fBid_len\fR or write to the location -\&\fBid\fR exceeding the given limit. -.PP -If a SSLv2 session id is generated and \fBid_len\fR is reduced, it will be -restored after the callback has finished and the session id will be padded -with 0x00. It is not recommended to change the \fBid_len\fR for SSLv2 sessions. -The callback can use the SSL_get_version(3) function -to check, whether the session is of type SSLv2. -.PP -The location \fBid\fR is filled with 0x00 before the callback is called, so the -callback may only fill part of the possible length and leave \fBid_len\fR -untouched while maintaining reproducibility. -.PP -Since the sessions must be distinguished, session ids must be unique. -Without the callback a random number is used, so that the probability -of generating the same session id is extremely small (2^128 possible ids -for an SSLv2 session, 2^256 for SSLv3/TLSv1). In order to assure the -uniqueness of the generated session id, the callback must call -\&\fISSL_has_matching_session_id()\fR and generate another id if a conflict occurs. -If an id conflict is not resolved, the handshake will fail. -If the application codes e.g. a unique host id, a unique process number, and -a unique sequence number into the session id, uniqueness could easily be -achieved without randomness added (it should however be taken care that -no confidential information is leaked this way). If the application can not -guarantee uniqueness, it is recommended to use the maximum \fBid_len\fR and -fill in the bytes not used to code special information with random data -to avoid collisions. -.PP -\&\fISSL_has_matching_session_id()\fR will only query the internal session cache, -not the external one. Since the session id is generated before the -handshake is completed, it is not immediately added to the cache. If -another thread is using the same internal session cache, a race condition -can occur in that another thread generates the same session id. -Collisions can also occur when using an external session cache, since -the external cache is not tested with \fISSL_has_matching_session_id()\fR -and the same race condition applies. -.PP -When calling \fISSL_has_matching_session_id()\fR for an SSLv2 session with -reduced \fBid_len\fR, the match operation will be performed using the -fixed length required and with a 0x00 padded id. -.PP -The callback must return 0 if it cannot generate a session id for whatever -reason and return 1 on success. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -The callback function listed will generate a session id with the -server id given, and will fill the rest with pseudo random bytes: -.PP -.Vb 1 -\& const char session_id_prefix = "www-18"; -.Ve -.Vb 6 -\& #define MAX_SESSION_ID_ATTEMPTS 10 -\& static int generate_session_id(const SSL *ssl, unsigned char *id, -\& unsigned int *id_len) -\& { -\& unsigned int count = 0; -\& const char *version; -.Ve -.Vb 3 -\& version = SSL_get_version(ssl); -\& if (!strcmp(version, "SSLv2")) -\& /* we must not change id_len */; -.Ve -.Vb 17 -\& do { -\& RAND_pseudo_bytes(id, *id_len); -\& /* Prefix the session_id with the required prefix. NB: If our -\& * prefix is too long, clip it - but there will be worse effects -\& * anyway, eg. the server could only possibly create 1 session -\& * ID (ie. the prefix!) so all future session negotiations will -\& * fail due to conflicts. */ -\& memcpy(id, session_id_prefix, -\& (strlen(session_id_prefix) < *id_len) ? -\& strlen(session_id_prefix) : *id_len); -\& } -\& while(SSL_has_matching_session_id(ssl, id, *id_len) && -\& (++count < MAX_SESSION_ID_ATTEMPTS)); -\& if(count >= MAX_SESSION_ID_ATTEMPTS) -\& return 0; -\& return 1; -\& } -.Ve -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_generate_session_id()\fR and \fISSL_set_generate_session_id()\fR -always return 1. -.PP -\&\fISSL_has_matching_session_id()\fR returns 1 if another session with the -same id is already in the cache. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_get_version(3) -.SH "HISTORY" -.IX Header "HISTORY" -\&\fISSL_CTX_set_generate_session_id()\fR, \fISSL_set_generate_session_id()\fR -and \fISSL_has_matching_session_id()\fR have been introduced in -OpenSSL 0.9.7. diff --git a/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 b/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 deleted file mode 100644 index 1eab312125cf..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 +++ /dev/null @@ -1,284 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:41 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_info_callback 3" -.TH SSL_CTX_set_info_callback 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, SSL_get_info_callback \- handle information callback for \s-1SSL\s0 connections -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)()); -\& void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(); -.Ve -.Vb 2 -\& void SSL_set_info_callback(SSL *ssl, void (*callback)()); -\& void (*SSL_get_info_callback(SSL *ssl))(); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_info_callback()\fR sets the \fBcallback\fR function, that can be used to -obtain state information for \s-1SSL\s0 objects created from \fBctx\fR during connection -setup and use. The setting for \fBctx\fR is overridden from the setting for -a specific \s-1SSL\s0 object, if specified. -When \fBcallback\fR is \s-1NULL\s0, not callback function is used. -.PP -\&\fISSL_set_info_callback()\fR sets the \fBcallback\fR function, that can be used to -obtain state information for \fBssl\fR during connection setup and use. -When \fBcallback\fR is \s-1NULL\s0, the callback setting currently valid for -\&\fBctx\fR is used. -.PP -\&\fISSL_CTX_get_info_callback()\fR returns a pointer to the currently set information -callback function for \fBctx\fR. -.PP -\&\fISSL_get_info_callback()\fR returns a pointer to the currently set information -callback function for \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -When setting up a connection and during use, it is possible to obtain state -information from the \s-1SSL/TLS\s0 engine. When set, an information callback function -is called whenever the state changes, an alert appears, or an error occurs. -.PP -The callback function is called as \fBcallback(\s-1SSL\s0 *ssl, int where, int ret)\fR. -The \fBwhere\fR argument specifies information about where (in which context) -the callback function was called. If \fBret\fR is 0, an error condition occurred. -If an alert is handled, \s-1SSL_CB_ALERT\s0 is set and \fBret\fR specifies the alert -information. -.PP -\&\fBwhere\fR is a bitmask made up of the following bits: -.Ip "\s-1SSL_CB_LOOP\s0" 4 -.IX Item "SSL_CB_LOOP" -Callback has been called to indicate state change inside a loop. -.Ip "\s-1SSL_CB_EXIT\s0" 4 -.IX Item "SSL_CB_EXIT" -Callback has been called to indicate error exit of a handshake function. -(May be soft error with retry option for non-blocking setups.) -.Ip "\s-1SSL_CB_READ\s0" 4 -.IX Item "SSL_CB_READ" -Callback has been called during read operation. -.Ip "\s-1SSL_CB_WRITE\s0" 4 -.IX Item "SSL_CB_WRITE" -Callback has been called during write operation. -.Ip "\s-1SSL_CB_ALERT\s0" 4 -.IX Item "SSL_CB_ALERT" -Callback has been called due to an alert being sent or received. -.Ip "\s-1SSL_CB_READ_ALERT\s0 (SSL_CB_ALERT|SSL_CB_READ)" 4 -.IX Item "SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)" -.PD 0 -.Ip "\s-1SSL_CB_WRITE_ALERT\s0 (SSL_CB_ALERT|SSL_CB_WRITE)" 4 -.IX Item "SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)" -.Ip "\s-1SSL_CB_ACCEPT_LOOP\s0 (SSL_ST_ACCEPT|SSL_CB_LOOP)" 4 -.IX Item "SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)" -.Ip "\s-1SSL_CB_ACCEPT_EXIT\s0 (SSL_ST_ACCEPT|SSL_CB_EXIT)" 4 -.IX Item "SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)" -.Ip "\s-1SSL_CB_CONNECT_LOOP\s0 (SSL_ST_CONNECT|SSL_CB_LOOP)" 4 -.IX Item "SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)" -.Ip "\s-1SSL_CB_CONNECT_EXIT\s0 (SSL_ST_CONNECT|SSL_CB_EXIT)" 4 -.IX Item "SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)" -.Ip "\s-1SSL_CB_HANDSHAKE_START\s0" 4 -.IX Item "SSL_CB_HANDSHAKE_START" -.PD -Callback has been called because a new handshake is started. -.Ip "\s-1SSL_CB_HANDSHAKE_DONE\s0 0x20" 4 -.IX Item "SSL_CB_HANDSHAKE_DONE 0x20" -Callback has been called because a handshake is finished. -.PP -The current state information can be obtained using the -SSL_state_string(3) family of functions. -.PP -The \fBret\fR information can be evaluated using the -SSL_alert_type_string(3) family of functions. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_set_info_callback()\fR does not provide diagnostic information. -.PP -\&\fISSL_get_info_callback()\fR returns the current setting. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -The following example callback function prints state strings, information -about alerts being handled and error messages to the \fBbio_err\fR \s-1BIO\s0. -.PP -.Vb 4 -\& void apps_ssl_info_callback(SSL *s, int where, int ret) -\& { -\& const char *str; -\& int w; -.Ve -.Vb 1 -\& w=where& ~SSL_ST_MASK; -.Ve -.Vb 3 -\& if (w & SSL_ST_CONNECT) str="SSL_connect"; -\& else if (w & SSL_ST_ACCEPT) str="SSL_accept"; -\& else str="undefined"; -.Ve -.Vb 24 -\& if (where & SSL_CB_LOOP) -\& { -\& BIO_printf(bio_err,"%s:%s\en",str,SSL_state_string_long(s)); -\& } -\& else if (where & SSL_CB_ALERT) -\& { -\& str=(where & SSL_CB_READ)?"read":"write"; -\& BIO_printf(bio_err,"SSL3 alert %s:%s:%s\en", -\& str, -\& SSL_alert_type_string_long(ret), -\& SSL_alert_desc_string_long(ret)); -\& } -\& else if (where & SSL_CB_EXIT) -\& { -\& if (ret == 0) -\& BIO_printf(bio_err,"%s:failed in %s\en", -\& str,SSL_state_string_long(s)); -\& else if (ret < 0) -\& { -\& BIO_printf(bio_err,"%s:error in %s\en", -\& str,SSL_state_string_long(s)); -\& } -\& } -\& } -.Ve -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_state_string(3), -SSL_alert_type_string(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 b/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 deleted file mode 100644 index 05e48b1bffb2..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 +++ /dev/null @@ -1,212 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:41 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_max_cert_list 3" -.TH SSL_CTX_set_max_cert_list 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL_get_max_cert_list, \- manipulate allowed for the peer's certificate chain -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& long SSL_CTX_set_max_cert_list(SSL_CTX *ctx, long size); -\& long SSL_CTX_get_max_cert_list(SSL_CTX *ctx); -.Ve -.Vb 2 -\& long SSL_set_max_cert_list(SSL *ssl, long size); -\& long SSL_get_max_cert_list(SSL *ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_max_cert_list()\fR sets the maximum size allowed for the peer's -certificate chain for all \s-1SSL\s0 objects created from \fBctx\fR to be <size> bytes. -The \s-1SSL\s0 objects inherit the setting valid for \fBctx\fR at the time -SSL_new(3) is being called. -.PP -\&\fISSL_CTX_get_max_cert_list()\fR returns the currently set maximum size for \fBctx\fR. -.PP -\&\fISSL_set_max_cert_list()\fR sets the maximum size allowed for the peer's -certificate chain for \fBssl\fR to be <size> bytes. This setting stays valid -until a new value is set. -.PP -\&\fISSL_get_max_cert_list()\fR returns the currently set maximum size for \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -During the handshake process, the peer may send a certificate chain. -The \s-1TLS/SSL\s0 standard does not give any maximum size of the certificate chain. -The OpenSSL library handles incoming data by a dynamically allocated buffer. -In order to prevent this buffer from growing without bounds due to data -received from a faulty or malicious peer, a maximum size for the certificate -chain is set. -.PP -The default value for the maximum certificate chain size is 100kB (30kB -on the 16bit \s-1DOS\s0 platform). This should be sufficient for usual certificate -chains (OpenSSL's default maximum chain length is 10, see -SSL_CTX_set_verify(3), and certificates -without special extensions have a typical size of 1\-2kB). -.PP -For special applications it can be necessary to extend the maximum certificate -chain size allowed to be sent by the peer, see e.g. the work on -\&\*(L"Internet X.509 Public Key Infrastructure Proxy Certificate Profile\*(R" -and \*(L"\s-1TLS\s0 Delegation Protocol\*(R" at http://www.ietf.org/ and -http://www.globus.org/ . -.PP -Under normal conditions it should never be necessary to set a value smaller -than the default, as the buffer is handled dynamically and only uses the -memory actually required by the data sent by the peer. -.PP -If the maximum certificate chain size allowed is exceeded, the handshake will -fail with a \s-1SSL_R_EXCESSIVE_MESSAGE_SIZE\s0 error. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_max_cert_list()\fR and \fISSL_set_max_cert_list()\fR return the previously -set value. -.PP -\&\fISSL_CTX_get_max_cert_list()\fR and \fISSL_get_max_cert_list()\fR return the currently -set value. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_new(3), -SSL_CTX_set_verify(3) -.SH "HISTORY" -.IX Header "HISTORY" -SSL*_set/\fIget_max_cert_list()\fR have been introduced in OpenSSL 0.9.7. diff --git a/secure/lib/libssl/man/SSL_CTX_set_mode.3 b/secure/lib/libssl/man/SSL_CTX_set_mode.3 deleted file mode 100644 index 841a600de486..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_mode.3 +++ /dev/null @@ -1,209 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:41 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_mode 3" -.TH SSL_CTX_set_mode 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode, SSL_get_mode \- manipulate \s-1SSL\s0 engine mode -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& long SSL_CTX_set_mode(SSL_CTX *ctx, long mode); -\& long SSL_set_mode(SSL *ssl, long mode); -.Ve -.Vb 2 -\& long SSL_CTX_get_mode(SSL_CTX *ctx); -\& long SSL_get_mode(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBctx\fR. -Options already set before are not cleared. -.PP -\&\fISSL_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBssl\fR. -Options already set before are not cleared. -.PP -\&\fISSL_CTX_get_mode()\fR returns the mode set for \fBctx\fR. -.PP -\&\fISSL_get_mode()\fR returns the mode set for \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -The following mode changes are available: -.Ip "\s-1SSL_MODE_ENABLE_PARTIAL_WRITE\s0" 4 -.IX Item "SSL_MODE_ENABLE_PARTIAL_WRITE" -Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success -when just a single record has been written). When not set (the default), -\&\fISSL_write()\fR will only report success once the complete chunk was written. -Once \fISSL_write()\fR returns with r, r bytes have been successfully written -and the next call to \fISSL_write()\fR must only send the n-r bytes left, -imitating the behaviour of \fIwrite()\fR. -.Ip "\s-1SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER\s0" 4 -.IX Item "SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER" -Make it possible to retry \fISSL_write()\fR with changed buffer location -(the buffer contents must stay the same). This is not the default to avoid -the misconception that non-blocking \fISSL_write()\fR behaves like -non-blocking \fIwrite()\fR. -.Ip "\s-1SSL_MODE_AUTO_RETRY\s0" 4 -.IX Item "SSL_MODE_AUTO_RETRY" -Never bother the application with retries if the transport is blocking. -If a renegotiation take place during normal operation, a -SSL_read(3) or SSL_write(3) would return -with \-1 and indicate the need to retry with \s-1SSL_ERROR_WANT_READ\s0. -In a non-blocking environment applications must be prepared to handle -incomplete read/write operations. -In a blocking environment, applications are not always prepared to -deal with read/write operations returning without success report. The -flag \s-1SSL_MODE_AUTO_RETRY\s0 will cause read/write operations to only -return after the handshake and successful completion. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_mode()\fR and \fISSL_set_mode()\fR return the new mode bitmask -after adding \fBmode\fR. -.PP -\&\fISSL_CTX_get_mode()\fR and \fISSL_get_mode()\fR return the current bitmask. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_read(3), SSL_write(3) -.SH "HISTORY" -.IX Header "HISTORY" -\&\s-1SSL_MODE_AUTO_RETRY\s0 as been added in OpenSSL 0.9.6. diff --git a/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 b/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 deleted file mode 100644 index 3e96a470e24b..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 +++ /dev/null @@ -1,225 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:41 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_msg_callback 3" -.TH SSL_CTX_set_msg_callback 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, SSL_set_msg_callback, SSL_get_msg_callback_arg \- install callback for observing protocol messages -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); -\& void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg); -.Ve -.Vb 2 -\& void SSL_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); -\& void SSL_set_msg_callback_arg(SSL_CTX *ctx, void *arg); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_msg_callback()\fR or \fISSL_set_msg_callback()\fR can be used to -define a message callback function \fIcb\fR for observing all \s-1SSL/TLS\s0 -protocol messages (such as handshake messages) that are received or -sent. \fISSL_CTX_set_msg_callback_arg()\fR and \fISSL_set_msg_callback_arg()\fR -can be used to set argument \fIarg\fR to the callback function, which is -available for arbitrary application use. -.PP -\&\fISSL_CTX_set_msg_callback()\fR and \fISSL_CTX_set_msg_callback_arg()\fR specify -default settings that will be copied to new \fB\s-1SSL\s0\fR objects by -SSL_new(3). \fISSL_set_msg_callback()\fR and -\&\fISSL_set_msg_callback_arg()\fR modify the actual settings of an \fB\s-1SSL\s0\fR -object. Using a \fB0\fR pointer for \fIcb\fR disables the message callback. -.PP -When \fIcb\fR is called by the \s-1SSL/TLS\s0 library for a protocol message, -the function arguments have the following meaning: -.Ip "\fIwrite_p\fR" 4 -.IX Item "write_p" -This flag is \fB0\fR when a protocol message has been received and \fB1\fR -when a protocol message has been sent. -.Ip "\fIversion\fR" 4 -.IX Item "version" -The protocol version according to which the protocol message is -interpreted by the library. Currently, this is one of -\&\fB\s-1SSL2_VERSION\s0\fR, \fB\s-1SSL3_VERSION\s0\fR and \fB\s-1TLS1_VERSION\s0\fR (for \s-1SSL\s0 2.0, \s-1SSL\s0 -3.0 and \s-1TLS\s0 1.0, respectively). -.Ip "\fIcontent_type\fR" 4 -.IX Item "content_type" -In the case of \s-1SSL\s0 2.0, this is always \fB0\fR. In the case of \s-1SSL\s0 3.0 -or \s-1TLS\s0 1.0, this is one of the \fBContentType\fR values defined in the -protocol specification (\fBchange_cipher_spec(20)\fR, \fBalert(21)\fR, -\&\fBhandshake(22)\fR; but never \fBapplication_data(23)\fR because the -callback will only be called for protocol messages). -.Ip "\fIbuf\fR, \fIlen\fR" 4 -.IX Item "buf, len" -\&\fIbuf\fR points to a buffer containing the protocol message, which -consists of \fIlen\fR bytes. The buffer is no longer valid after the -callback function has returned. -.Ip "\fIssl\fR" 4 -.IX Item "ssl" -The \fB\s-1SSL\s0\fR object that received or sent the message. -.Ip "\fIarg\fR" 4 -.IX Item "arg" -The user-defined argument optionally defined by -\&\fISSL_CTX_set_msg_callback_arg()\fR or \fISSL_set_msg_callback_arg()\fR. -.SH "NOTES" -.IX Header "NOTES" -Protocol messages are passed to the callback function after decryption -and fragment collection where applicable. (Thus record boundaries are -not visible.) -.PP -If processing a received protocol message results in an error, -the callback function may not be called. For example, the callback -function will never see messages that are considered too large to be -processed. -.PP -Due to automatic protocol version negotiation, \fIversion\fR is not -necessarily the protocol version used by the sender of the message: If -a \s-1TLS\s0 1.0 ClientHello message is received by an \s-1SSL\s0 3.0\-only server, -\&\fIversion\fR will be \fB\s-1SSL3_VERSION\s0\fR. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_new(3) -.SH "HISTORY" -.IX Header "HISTORY" -\&\fISSL_CTX_set_msg_callback()\fR, \fISSL_CTX_set_msg_callback_arg()\fR, -\&\fISSL_set_msg_callback()\fR and \fISSL_get_msg_callback_arg()\fR were added in OpenSSL 0.9.7. diff --git a/secure/lib/libssl/man/SSL_CTX_set_options.3 b/secure/lib/libssl/man/SSL_CTX_set_options.3 deleted file mode 100644 index 2d2604d6a3c0..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_options.3 +++ /dev/null @@ -1,339 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:41 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_options 3" -.TH SSL_CTX_set_options 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_options, SSL_set_options, SSL_CTX_get_options, SSL_get_options \- manipulate \s-1SSL\s0 engine options -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& long SSL_CTX_set_options(SSL_CTX *ctx, long options); -\& long SSL_set_options(SSL *ssl, long options); -.Ve -.Vb 2 -\& long SSL_CTX_get_options(SSL_CTX *ctx); -\& long SSL_get_options(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_options()\fR adds the options set via bitmask in \fBoptions\fR to \fBctx\fR. -Options already set before are not cleared! -.PP -\&\fISSL_set_options()\fR adds the options set via bitmask in \fBoptions\fR to \fBssl\fR. -Options already set before are not cleared! -.PP -\&\fISSL_CTX_get_options()\fR returns the options set for \fBctx\fR. -.PP -\&\fISSL_get_options()\fR returns the options set for \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -The behaviour of the \s-1SSL\s0 library can be changed by setting several options. -The options are coded as bitmasks and can be combined by a logical \fBor\fR -operation (|). Options can only be added but can never be reset. -.PP -\&\fISSL_CTX_set_options()\fR and \fISSL_set_options()\fR affect the (external) -protocol behaviour of the \s-1SSL\s0 library. The (internal) behaviour of -the \s-1API\s0 can be changed by using the similar -SSL_CTX_set_mode(3) and \fISSL_set_mode()\fR functions. -.PP -During a handshake, the option settings of the \s-1SSL\s0 object are used. When -a new \s-1SSL\s0 object is created from a context using \fISSL_new()\fR, the current -option setting is copied. Changes to \fBctx\fR do not affect already created -\&\s-1SSL\s0 objects. \fISSL_clear()\fR does not affect the settings. -.PP -The following \fBbug workaround\fR options are available: -.Ip "\s-1SSL_OP_MICROSOFT_SESS_ID_BUG\s0" 4 -.IX Item "SSL_OP_MICROSOFT_SESS_ID_BUG" -www.microsoft.com \- when talking SSLv2, if session-id reuse is -performed, the session-id passed back in the server-finished message -is different from the one decided upon. -.Ip "\s-1SSL_OP_NETSCAPE_CHALLENGE_BUG\s0" 4 -.IX Item "SSL_OP_NETSCAPE_CHALLENGE_BUG" -Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte -challenge but then appears to only use 16 bytes when generating the -encryption keys. Using 16 bytes is ok but it should be ok to use 32. -According to the SSLv3 spec, one should use 32 bytes for the challenge -when operating in SSLv2/v3 compatibility mode, but as mentioned above, -this breaks this server so 16 bytes is the way to go. -.Ip "\s-1SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\s0" 4 -.IX Item "SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG" -ssl3.netscape.com:443, first a connection is established with \s-1RC4\-MD5\s0. -If it is then resumed, we end up using \s-1DES-CBC3\-SHA\s0. It should be -\&\s-1RC4\-MD5\s0 according to 7.6.1.3, 'cipher_suite'. -.Sp -Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug. -It only really shows up when connecting via SSLv2/v3 then reconnecting -via SSLv3. The cipher list changes.... -.Sp -\&\s-1NEW\s0 \s-1INFORMATION\s0. Try connecting with a cipher list of just -\&\s-1DES-CBC-SHA:RC4\-MD5\s0. For some weird reason, each new connection uses -\&\s-1RC4\-MD5\s0, but a re-connect tries to use \s-1DES-CBC-SHA\s0. So netscape, when -doing a re-connect, always takes the first cipher in the cipher list. -.Ip "\s-1SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG\s0" 4 -.IX Item "SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG" -\&... -.Ip "\s-1SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER\s0" 4 -.IX Item "SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER" -\&... -.Ip "\s-1SSL_OP_MSIE_SSLV2_RSA_PADDING\s0" 4 -.IX Item "SSL_OP_MSIE_SSLV2_RSA_PADDING" -\&... -.Ip "\s-1SSL_OP_SSLEAY_080_CLIENT_DH_BUG\s0" 4 -.IX Item "SSL_OP_SSLEAY_080_CLIENT_DH_BUG" -\&... -.Ip "\s-1SSL_OP_TLS_D5_BUG\s0" 4 -.IX Item "SSL_OP_TLS_D5_BUG" -\&... -.Ip "\s-1SSL_OP_TLS_BLOCK_PADDING_BUG\s0" 4 -.IX Item "SSL_OP_TLS_BLOCK_PADDING_BUG" -\&... -.Ip "\s-1SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS\s0" 4 -.IX Item "SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS" -Disables a countermeasure against a \s-1SSL\s0 3.0/TLS 1.0 protocol -vulnerability affecting \s-1CBC\s0 ciphers, which cannot be handled by some -broken \s-1SSL\s0 implementations. This option has no effect for connections -using other ciphers. -.Ip "\s-1SSL_OP_ALL\s0" 4 -.IX Item "SSL_OP_ALL" -All of the above bug workarounds. -.PP -It is usually safe to use \fB\s-1SSL_OP_ALL\s0\fR to enable the bug workaround -options if compatibility with somewhat broken implementations is -desired. -.PP -The following \fBmodifying\fR options are available: -.Ip "\s-1SSL_OP_TLS_ROLLBACK_BUG\s0" 4 -.IX Item "SSL_OP_TLS_ROLLBACK_BUG" -Disable version rollback attack detection. -.Sp -During the client key exchange, the client must send the same information -about acceptable \s-1SSL/TLS\s0 protocol levels as during the first hello. Some -clients violate this rule by adapting to the server's answer. (Example: -the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server -only understands up to SSLv3. In this case the client must still use the -same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect -to the server's answer and violate the version rollback protection.) -.Ip "\s-1SSL_OP_SINGLE_DH_USE\s0" 4 -.IX Item "SSL_OP_SINGLE_DH_USE" -Always create a new key when using temporary/ephemeral \s-1DH\s0 parameters -(see SSL_CTX_set_tmp_dh_callback(3)). -This option must be used to prevent small subgroup attacks, when -the \s-1DH\s0 parameters were not generated using \*(L"strong\*(R" primes -(e.g. when using DSA-parameters, see dhparam(1)). -If \*(L"strong\*(R" primes were used, it is not strictly necessary to generate -a new \s-1DH\s0 key during each handshake but it is also recommended. -\&\fB\s-1SSL_OP_SINGLE_DH_USE\s0\fR should therefore be enabled whenever -temporary/ephemeral \s-1DH\s0 parameters are used. -.Ip "\s-1SSL_OP_EPHEMERAL_RSA\s0" 4 -.IX Item "SSL_OP_EPHEMERAL_RSA" -Always use ephemeral (temporary) \s-1RSA\s0 key when doing \s-1RSA\s0 operations -(see SSL_CTX_set_tmp_rsa_callback(3)). -According to the specifications this is only done, when a \s-1RSA\s0 key -can only be used for signature operations (namely under export ciphers -with restricted \s-1RSA\s0 keylength). By setting this option, ephemeral -\&\s-1RSA\s0 keys are always used. This option breaks compatibility with the -\&\s-1SSL/TLS\s0 specifications and may lead to interoperability problems with -clients and should therefore never be used. Ciphers with \s-1EDH\s0 (ephemeral -Diffie-Hellman) key exchange should be used instead. -.Ip "\s-1SSL_OP_CIPHER_SERVER_PREFERENCE\s0" 4 -.IX Item "SSL_OP_CIPHER_SERVER_PREFERENCE" -When choosing a cipher, use the server's preferences instead of the client -preferences. When not set, the \s-1SSL\s0 server will always follow the clients -preferences. When set, the SSLv3/TLSv1 server will choose following its -own preferences. Because of the different protocol, for SSLv2 the server -will send his list of preferences to the client and the client chooses. -.Ip "\s-1SSL_OP_PKCS1_CHECK_1\s0" 4 -.IX Item "SSL_OP_PKCS1_CHECK_1" -\&... -.Ip "\s-1SSL_OP_PKCS1_CHECK_2\s0" 4 -.IX Item "SSL_OP_PKCS1_CHECK_2" -\&... -.Ip "\s-1SSL_OP_NETSCAPE_CA_DN_BUG\s0" 4 -.IX Item "SSL_OP_NETSCAPE_CA_DN_BUG" -If we accept a netscape connection, demand a client cert, have a -non-self-sighed \s-1CA\s0 which does not have it's \s-1CA\s0 in netscape, and the -browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta -.Ip "\s-1SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG\s0" 4 -.IX Item "SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG" -\&... -.Ip "SSL_OP_NO_SSLv2" 4 -.IX Item "SSL_OP_NO_SSLv2" -Do not use the SSLv2 protocol. -.Ip "SSL_OP_NO_SSLv3" 4 -.IX Item "SSL_OP_NO_SSLv3" -Do not use the SSLv3 protocol. -.Ip "SSL_OP_NO_TLSv1" 4 -.IX Item "SSL_OP_NO_TLSv1" -Do not use the TLSv1 protocol. -.Ip "\s-1SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION\s0" 4 -.IX Item "SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION" -When performing renegotiation as a server, always start a new session -(i.e., session resumption requests are only accepted in the initial -handshake). This option is not needed for clients. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_options()\fR and \fISSL_set_options()\fR return the new options bitmask -after adding \fBoptions\fR. -.PP -\&\fISSL_CTX_get_options()\fR and \fISSL_get_options()\fR return the current bitmask. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_new(3), SSL_clear(3), -SSL_CTX_set_tmp_dh_callback(3), -SSL_CTX_set_tmp_rsa_callback(3), -dhparam(1) -.SH "HISTORY" -.IX Header "HISTORY" -\&\fB\s-1SSL_OP_CIPHER_SERVER_PREFERENCE\s0\fR and -\&\fB\s-1SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION\s0\fR have been added in -OpenSSL 0.9.7. -.PP -\&\fB\s-1SSL_OP_TLS_ROLLBACK_BUG\s0\fR has been added in OpenSSL 0.9.6 and was automatically -enabled with \fB\s-1SSL_OP_ALL\s0\fR. As of 0.9.7, it is no longer included in \fB\s-1SSL_OP_ALL\s0\fR -and must be explicitly set. -.PP -\&\fB\s-1SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS\s0\fR has been added in OpenSSL 0.9.6e. -Versions up to OpenSSL 0.9.6c do not include the countermeasure that -can be disabled with this option (in OpenSSL 0.9.6d, it was always -enabled). diff --git a/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 b/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 deleted file mode 100644 index c9bbc305c24d..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 +++ /dev/null @@ -1,199 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:42 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_quiet_shutdown 3" -.TH SSL_CTX_set_quiet_shutdown 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown, SSL_get_quiet_shutdown \- manipulate shutdown behaviour -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode); -\& int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx); -.Ve -.Vb 2 -\& void SSL_set_quiet_shutdown(SSL *ssl, int mode); -\& int SSL_get_quiet_shutdown(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_quiet_shutdown()\fR sets the \*(L"quiet shutdown\*(R" flag for \fBctx\fR to be -\&\fBmode\fR. \s-1SSL\s0 objects created from \fBctx\fR inherit the \fBmode\fR valid at the time -SSL_new(3) is called. \fBmode\fR may be 0 or 1. -.PP -\&\fISSL_CTX_get_quiet_shutdown()\fR returns the \*(L"quiet shutdown\*(R" setting of \fBctx\fR. -.PP -\&\fISSL_set_quiet_shutdown()\fR sets the \*(L"quiet shutdown\*(R" flag for \fBssl\fR to be -\&\fBmode\fR. The setting stays valid until \fBssl\fR is removed with -SSL_free(3) or \fISSL_set_quiet_shutdown()\fR is called again. -It is not changed when SSL_clear(3) is called. -\&\fBmode\fR may be 0 or 1. -.PP -\&\fISSL_get_quiet_shutdown()\fR returns the \*(L"quiet shutdown\*(R" setting of \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -Normally when a \s-1SSL\s0 connection is finished, the parties must send out -\&\*(L"close notify\*(R" alert messages using SSL_shutdown(3) -for a clean shutdown. -.PP -When setting the \*(L"quiet shutdown\*(R" flag to 1, SSL_shutdown(3) -will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN. -(SSL_shutdown(3) then behaves like -SSL_set_shutdown(3) called with -SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.) -The session is thus considered to be shutdown, but no \*(L"close notify\*(R" alert -is sent to the peer. This behaviour violates the \s-1TLS\s0 standard. -.PP -The default is normal shutdown behaviour as described by the \s-1TLS\s0 standard. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_quiet_shutdown()\fR and \fISSL_set_quiet_shutdown()\fR do not return -diagnostic information. -.PP -\&\fISSL_CTX_get_quiet_shutdown()\fR and SSL_get_quiet_shutdown return the current -setting. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_shutdown(3), -SSL_set_shutdown(3), SSL_new(3), -SSL_clear(3), SSL_free(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 b/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 deleted file mode 100644 index a9ceab56c24a..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 +++ /dev/null @@ -1,257 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:42 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_session_cache_mode 3" -.TH SSL_CTX_set_session_cache_mode 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode \- enable/disable session caching -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode); -\& long SSL_CTX_get_session_cache_mode(SSL_CTX ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_session_cache_mode()\fR enables/disables session caching -by setting the operational mode for \fBctx\fR to <mode>. -.PP -\&\fISSL_CTX_get_session_cache_mode()\fR returns the currently used cache mode. -.SH "NOTES" -.IX Header "NOTES" -The OpenSSL library can store/retrieve \s-1SSL/TLS\s0 sessions for later reuse. -The sessions can be held in memory for each \fBctx\fR, if more than one -\&\s-1SSL_CTX\s0 object is being maintained, the sessions are unique for each \s-1SSL_CTX\s0 -object. -.PP -In order to reuse a session, a client must send the session's id to the -server. It can only send exactly one id. The server then either -agrees to reuse the session or it starts a full handshake (to create a new -session). -.PP -A server will lookup up the session in its internal session storage. If the -session is not found in internal storage or lookups for the internal storage -have been deactivated (\s-1SSL_SESS_CACHE_NO_INTERNAL_LOOKUP\s0), the server will try -the external storage if available. -.PP -Since a client may try to reuse a session intended for use in a different -context, the session id context must be set by the server (see -SSL_CTX_set_session_id_context(3)). -.PP -The following session cache modes and modifiers are available: -.Ip "\s-1SSL_SESS_CACHE_OFF\s0" 4 -.IX Item "SSL_SESS_CACHE_OFF" -No session caching for client or server takes place. -.Ip "\s-1SSL_SESS_CACHE_CLIENT\s0" 4 -.IX Item "SSL_SESS_CACHE_CLIENT" -Client sessions are added to the session cache. As there is no reliable way -for the OpenSSL library to know whether a session should be reused or which -session to choose (due to the abstract \s-1BIO\s0 layer the \s-1SSL\s0 engine does not -have details about the connection), the application must select the session -to be reused by using the SSL_set_session(3) -function. This option is not activated by default. -.Ip "\s-1SSL_SESS_CACHE_SERVER\s0" 4 -.IX Item "SSL_SESS_CACHE_SERVER" -Server sessions are added to the session cache. When a client proposes a -session to be reused, the server looks for the corresponding session in (first) -the internal session cache (unless \s-1SSL_SESS_CACHE_NO_INTERNAL_LOOKUP\s0 is set), -then (second) in the external cache if available. If the session is found, the -server will try to reuse the session. This is the default. -.Ip "\s-1SSL_SESS_CACHE_BOTH\s0" 4 -.IX Item "SSL_SESS_CACHE_BOTH" -Enable both \s-1SSL_SESS_CACHE_CLIENT\s0 and \s-1SSL_SESS_CACHE_SERVER\s0 at the same time. -.Ip "\s-1SSL_SESS_CACHE_NO_AUTO_CLEAR\s0" 4 -.IX Item "SSL_SESS_CACHE_NO_AUTO_CLEAR" -Normally the session cache is checked for expired sessions every -255 connections using the -SSL_CTX_flush_sessions(3) function. Since -this may lead to a delay which cannot be controlled, the automatic -flushing may be disabled and -SSL_CTX_flush_sessions(3) can be called -explicitly by the application. -.Ip "\s-1SSL_SESS_CACHE_NO_INTERNAL_LOOKUP\s0" 4 -.IX Item "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" -By setting this flag, session-resume operations in an \s-1SSL/TLS\s0 server will not -automatically look up sessions in the internal cache, even if sessions are -automatically stored there. If external session caching callbacks are in use, -this flag guarantees that all lookups are directed to the external cache. -As automatic lookup only applies for \s-1SSL/TLS\s0 servers, the flag has no effect on -clients. -.Ip "\s-1SSL_SESS_CACHE_NO_INTERNAL_STORE\s0" 4 -.IX Item "SSL_SESS_CACHE_NO_INTERNAL_STORE" -Depending on the presence of \s-1SSL_SESS_CACHE_CLIENT\s0 and/or \s-1SSL_SESS_CACHE_SERVER\s0, -sessions negotiated in an \s-1SSL/TLS\s0 handshake may be cached for possible reuse. -Normally a new session is added to the internal cache as well as any external -session caching (callback) that is configured for the \s-1SSL_CTX\s0. This flag will -prevent sessions being stored in the internal cache (though the application can -add them manually using SSL_CTX_add_session(3)). Note: -in any \s-1SSL/TLS\s0 servers where external caching is configured, any successful -session lookups in the external cache (ie. for session-resume requests) would -normally be copied into the local cache before processing continues \- this flag -prevents these additions to the internal cache as well. -.Ip "\s-1SSL_SESS_CACHE_NO_INTERNAL\s0" 4 -.IX Item "SSL_SESS_CACHE_NO_INTERNAL" -Enable both \s-1SSL_SESS_CACHE_NO_INTERNAL_LOOKUP\s0 and -\&\s-1SSL_SESS_CACHE_NO_INTERNAL_STORE\s0 at the same time. -.PP -The default mode is \s-1SSL_SESS_CACHE_SERVER\s0. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_session_cache_mode()\fR returns the previously set cache mode. -.PP -\&\fISSL_CTX_get_session_cache_mode()\fR returns the currently set cache mode. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_set_session(3), -SSL_session_reused(3), -SSL_CTX_add_session(3), -SSL_CTX_sess_number(3), -SSL_CTX_sess_set_cache_size(3), -SSL_CTX_sess_set_get_cb(3), -SSL_CTX_set_session_id_context(3), -SSL_CTX_set_timeout(3), -SSL_CTX_flush_sessions(3) -.SH "HISTORY" -.IX Header "HISTORY" -\&\s-1SSL_SESS_CACHE_NO_INTERNAL_STORE\s0 and \s-1SSL_SESS_CACHE_NO_INTERNAL\s0 -were introduced in OpenSSL 0.9.6h. diff --git a/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 b/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 deleted file mode 100644 index a93e08736f09..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 +++ /dev/null @@ -1,209 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:42 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_session_id_context 3" -.TH SSL_CTX_set_session_id_context 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_session_id_context, SSL_set_session_id_context \- set context within which session can be reused (server side only) -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 4 -\& int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, -\& unsigned int sid_ctx_len); -\& int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, -\& unsigned int sid_ctx_len); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_session_id_context()\fR sets the context \fBsid_ctx\fR of length -\&\fBsid_ctx_len\fR within which a session can be reused for the \fBctx\fR object. -.PP -\&\fISSL_set_session_id_context()\fR sets the context \fBsid_ctx\fR of length -\&\fBsid_ctx_len\fR within which a session can be reused for the \fBssl\fR object. -.SH "NOTES" -.IX Header "NOTES" -Sessions are generated within a certain context. When exporting/importing -sessions with \fBi2d_SSL_SESSION\fR/\fBd2i_SSL_SESSION\fR it would be possible, -to re-import a session generated from another context (e.g. another -application), which might lead to malfunctions. Therefore each application -must set its own session id context \fBsid_ctx\fR which is used to distinguish -the contexts and is stored in exported sessions. The \fBsid_ctx\fR can be -any kind of binary data with a given length, it is therefore possible -to use e.g. the name of the application and/or the hostname and/or service -name ... -.PP -The session id context becomes part of the session. The session id context -is set by the \s-1SSL/TLS\s0 server. The \fISSL_CTX_set_session_id_context()\fR and -\&\fISSL_set_session_id_context()\fR functions are therefore only useful on the -server side. -.PP -OpenSSL clients will check the session id context returned by the server -when reusing a session. -.PP -The maximum length of the \fBsid_ctx\fR is limited to -\&\fB\s-1SSL_MAX_SSL_SESSION_ID_LENGTH\s0\fR. -.SH "WARNINGS" -.IX Header "WARNINGS" -If the session id context is not set on an \s-1SSL/TLS\s0 server, stored sessions -will not be reused but a fatal error will be flagged and the handshake -will fail. -.PP -If a server returns a different session id context to an OpenSSL client -when reusing a session, an error will be flagged and the handshake will -fail. OpenSSL servers will always return the correct session id context, -as an OpenSSL server checks the session id context itself before reusing -a session as described above. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_session_id_context()\fR and \fISSL_set_session_id_context()\fR -return the following values: -.Ip "0" 4 -The length \fBsid_ctx_len\fR of the session id context \fBsid_ctx\fR exceeded -the maximum allowed length of \fB\s-1SSL_MAX_SSL_SESSION_ID_LENGTH\s0\fR. The error -is logged to the error stack. -.Ip "1" 4 -.IX Item "1" -The operation succeeded. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 b/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 deleted file mode 100644 index 7f081b5a4c88..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 +++ /dev/null @@ -1,189 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:42 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_ssl_version 3" -.TH SSL_CTX_set_ssl_version 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method -\&\- choose a new \s-1TLS/SSL\s0 method -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 3 -\& int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *method); -\& int SSL_set_ssl_method(SSL *s, SSL_METHOD *method); -\& SSL_METHOD *SSL_get_ssl_method(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_ssl_version()\fR sets a new default \s-1TLS/SSL\s0 \fBmethod\fR for \s-1SSL\s0 objects -newly created from this \fBctx\fR. \s-1SSL\s0 objects already created with -SSL_new(3) are not affected, except when -SSL_clear(3) is being called. -.PP -\&\fISSL_set_ssl_method()\fR sets a new \s-1TLS/SSL\s0 \fBmethod\fR for a particular \fBssl\fR -object. It may be reset, when \fISSL_clear()\fR is called. -.PP -\&\fISSL_get_ssl_method()\fR returns a function pointer to the \s-1TLS/SSL\s0 method -set in \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -The available \fBmethod\fR choices are described in -SSL_CTX_new(3). -.PP -When SSL_clear(3) is called and no session is connected to -an \s-1SSL\s0 object, the method of the \s-1SSL\s0 object is reset to the method currently -set in the corresponding \s-1SSL_CTX\s0 object. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur for \fISSL_CTX_set_ssl_version()\fR -and \fISSL_set_ssl_method()\fR: -.Ip "0" 4 -The new choice failed, check the error stack to find out the reason. -.Ip "1" 4 -.IX Item "1" -The operation succeeded. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_CTX_new(3), SSL_new(3), -SSL_clear(3), ssl(3), -SSL_set_connect_state(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_timeout.3 b/secure/lib/libssl/man/SSL_CTX_set_timeout.3 deleted file mode 100644 index 16bfc73d8409..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_timeout.3 +++ /dev/null @@ -1,194 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:42 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_timeout 3" -.TH SSL_CTX_set_timeout 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_timeout, SSL_CTX_get_timeout \- manipulate timeout values for session caching -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& long SSL_CTX_set_timeout(SSL_CTX *ctx, long t); -\& long SSL_CTX_get_timeout(SSL_CTX *ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_timeout()\fR sets the timeout for newly created sessions for -\&\fBctx\fR to \fBt\fR. The timeout value \fBt\fR must be given in seconds. -.PP -\&\fISSL_CTX_get_timeout()\fR returns the currently set timeout value for \fBctx\fR. -.SH "NOTES" -.IX Header "NOTES" -Whenever a new session is created, it is assigned a maximum lifetime. This -lifetime is specified by storing the creation time of the session and the -timeout value valid at this time. If the actual time is later than creation -time plus timeout, the session is not reused. -.PP -Due to this realization, all sessions behave according to the timeout value -valid at the time of the session negotiation. Changes of the timeout value -do not affect already established sessions. -.PP -The expiration time of a single session can be modified using the -SSL_SESSION_get_time(3) family of functions. -.PP -Expired sessions are removed from the internal session cache, whenever -SSL_CTX_flush_sessions(3) is called, either -directly by the application or automatically (see -SSL_CTX_set_session_cache_mode(3)) -.PP -The default value for session timeout is decided on a per protocol -basis, see SSL_get_default_timeout(3). -All currently supported protocols have the same default timeout value -of 300 seconds. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_timeout()\fR returns the previously set timeout value. -.PP -\&\fISSL_CTX_get_timeout()\fR returns the currently set timeout value. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_session_cache_mode(3), -SSL_SESSION_get_time(3), -SSL_CTX_flush_sessions(3), -SSL_get_default_timeout(3) diff --git a/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 b/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 deleted file mode 100644 index 6b798b6e7b12..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 +++ /dev/null @@ -1,312 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:42 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_tmp_dh_callback 3" -.TH SSL_CTX_set_tmp_dh_callback 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh \- handle \s-1DH\s0 keys for ephemeral key exchange -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 3 -\& void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, -\& DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength)); -\& long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh); -.Ve -.Vb 3 -\& void SSL_set_tmp_dh_callback(SSL_CTX *ctx, -\& DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength)); -\& long SSL_set_tmp_dh(SSL *ssl, DH *dh) -.Ve -.Vb 1 -\& DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength)); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_tmp_dh_callback()\fR sets the callback function for \fBctx\fR to be -used when a \s-1DH\s0 parameters are required to \fBtmp_dh_callback\fR. -The callback is inherited by all \fBssl\fR objects created from \fBctx\fR. -.PP -\&\fISSL_CTX_set_tmp_dh()\fR sets \s-1DH\s0 parameters to be used to be \fBdh\fR. -The key is inherited by all \fBssl\fR objects created from \fBctx\fR. -.PP -\&\fISSL_set_tmp_dh_callback()\fR sets the callback only for \fBssl\fR. -.PP -\&\fISSL_set_tmp_dh()\fR sets the parameters only for \fBssl\fR. -.PP -These functions apply to \s-1SSL/TLS\s0 servers only. -.SH "NOTES" -.IX Header "NOTES" -When using a cipher with \s-1RSA\s0 authentication, an ephemeral \s-1DH\s0 key exchange -can take place. Ciphers with \s-1DSA\s0 keys always use ephemeral \s-1DH\s0 keys as well. -In these cases, the session data are negotiated using the -ephemeral/temporary \s-1DH\s0 key and the key supplied and certified -by the certificate chain is only used for signing. -Anonymous ciphers (without a permanent server key) also use ephemeral \s-1DH\s0 keys. -.PP -Using ephemeral \s-1DH\s0 key exchange yields forward secrecy, as the connection -can only be decrypted, when the \s-1DH\s0 key is known. By generating a temporary -\&\s-1DH\s0 key inside the server application that is lost when the application -is left, it becomes impossible for an attacker to decrypt past sessions, -even if he gets hold of the normal (certified) key, as this key was -only used for signing. -.PP -In order to perform a \s-1DH\s0 key exchange the server must use a \s-1DH\s0 group -(\s-1DH\s0 parameters) and generate a \s-1DH\s0 key. The server will always generate a new -\&\s-1DH\s0 key during the negotiation, when the \s-1DH\s0 parameters are supplied via -callback and/or when the \s-1SSL_OP_SINGLE_DH_USE\s0 option of -SSL_CTX_set_options(3) is set. It will -immediately create a \s-1DH\s0 key, when \s-1DH\s0 parameters are supplied via -\&\fISSL_CTX_set_tmp_dh()\fR and \s-1SSL_OP_SINGLE_DH_USE\s0 is not set. In this case, -it may happen that a key is generated on initialization without later -being needed, while on the other hand the computer time during the -negotiation is being saved. -.PP -If \*(L"strong\*(R" primes were used to generate the \s-1DH\s0 parameters, it is not strictly -necessary to generate a new key for each handshake but it does improve forward -secrecy. If it is not assured, that \*(L"strong\*(R" primes were used (see especially -the section about \s-1DSA\s0 parameters below), \s-1SSL_OP_SINGLE_DH_USE\s0 must be used -in order to prevent small subgroup attacks. Always using \s-1SSL_OP_SINGLE_DH_USE\s0 -has an impact on the computer time needed during negotiation, but it is not -very large, so application authors/users should consider to always enable -this option. -.PP -As generating \s-1DH\s0 parameters is extremely time consuming, an application -should not generate the parameters on the fly but supply the parameters. -\&\s-1DH\s0 parameters can be reused, as the actual key is newly generated during -the negotiation. The risk in reusing \s-1DH\s0 parameters is that an attacker -may specialize on a very often used \s-1DH\s0 group. Applications should therefore -generate their own \s-1DH\s0 parameters during the installation process using the -openssl dhparam(1) application. In order to reduce the computer -time needed for this generation, it is possible to use \s-1DSA\s0 parameters -instead (see dhparam(1)), but in this case \s-1SSL_OP_SINGLE_DH_USE\s0 -is mandatory. -.PP -Application authors may compile in \s-1DH\s0 parameters. Files dh512.pem, -dh1024.pem, dh2048.pem, and dh4096 in the 'apps' directory of current -version of the OpenSSL distribution contain the '\s-1SKIP\s0' \s-1DH\s0 parameters, -which use safe primes and were generated verifiably pseudo-randomly. -These files can be converted into C code using the \fB\-C\fR option of the -dhparam(1) application. -Authors may also generate their own set of parameters using -dhparam(1), but a user may not be sure how the parameters were -generated. The generation of \s-1DH\s0 parameters during installation is therefore -recommended. -.PP -An application may either directly specify the \s-1DH\s0 parameters or -can supply the \s-1DH\s0 parameters via a callback function. The callback approach -has the advantage, that the callback may supply \s-1DH\s0 parameters for different -key lengths. -.PP -The \fBtmp_dh_callback\fR is called with the \fBkeylength\fR needed and -the \fBis_export\fR information. The \fBis_export\fR flag is set, when the -ephemeral \s-1DH\s0 key exchange is performed with an export cipher. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -Handle \s-1DH\s0 parameters for key lengths of 512 and 1024 bits. (Error handling -partly left out.) -.PP -.Vb 5 -\& ... -\& /* Set up ephemeral DH stuff */ -\& DH *dh_512 = NULL; -\& DH *dh_1024 = NULL; -\& FILE *paramfile; -.Ve -.Vb 14 -\& ... -\& /* "openssl dhparam -out dh_param_512.pem -2 512" */ -\& paramfile = fopen("dh_param_512.pem", "r"); -\& if (paramfile) { -\& dh_512 = PEM_read_DHparams(paramfile, NULL, NULL, NULL); -\& fclose(paramfile); -\& } -\& /* "openssl dhparam -out dh_param_1024.pem -2 1024" */ -\& paramfile = fopen("dh_param_1024.pem", "r"); -\& if (paramfile) { -\& dh_1024 = PEM_read_DHparams(paramfile, NULL, NULL, NULL); -\& fclose(paramfile); -\& } -\& ... -.Ve -.Vb 3 -\& /* "openssl dhparam -C -2 512" etc... */ -\& DH *get_dh512() { ... } -\& DH *get_dh1024() { ... } -.Ve -.Vb 3 -\& DH *tmp_dh_callback(SSL *s, int is_export, int keylength) -\& { -\& DH *dh_tmp=NULL; -.Ve -.Vb 17 -\& switch (keylength) { -\& case 512: -\& if (!dh_512) -\& dh_512 = get_dh512(); -\& dh_tmp = dh_512; -\& break; -\& case 1024: -\& if (!dh_1024) -\& dh_1024 = get_dh1024(); -\& dh_tmp = dh_1024; -\& break; -\& default: -\& /* Generating a key on the fly is very costly, so use what is there */ -\& setup_dh_parameters_like_above(); -\& } -\& return(dh_tmp); -\& } -.Ve -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_tmp_dh_callback()\fR and \fISSL_set_tmp_dh_callback()\fR do not return -diagnostic output. -.PP -\&\fISSL_CTX_set_tmp_dh()\fR and \fISSL_set_tmp_dh()\fR do return 1 on success and 0 -on failure. Check the error queue to find out the reason of failure. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CTX_set_cipher_list(3), -SSL_CTX_set_tmp_rsa_callback(3), -SSL_CTX_set_options(3), -ciphers(1), dhparam(1) diff --git a/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 b/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 deleted file mode 100644 index 8391b4947aac..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 +++ /dev/null @@ -1,309 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:43 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_tmp_rsa_callback 3" -.TH SSL_CTX_set_tmp_rsa_callback 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_tmp_rsa_callback, SSL_CTX_set_tmp_rsa, SSL_CTX_need_tmp_rsa, SSL_set_tmp_rsa_callback, SSL_set_tmp_rsa, SSL_need_tmp_rsa \- handle \s-1RSA\s0 keys for ephemeral key exchange -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 4 -\& void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, -\& RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength)); -\& long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa); -\& long SSL_CTX_need_tmp_rsa(SSL_CTX *ctx); -.Ve -.Vb 4 -\& void SSL_set_tmp_rsa_callback(SSL_CTX *ctx, -\& RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength)); -\& long SSL_set_tmp_rsa(SSL *ssl, RSA *rsa) -\& long SSL_need_tmp_rsa(SSL *ssl) -.Ve -.Vb 1 -\& RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength)); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_tmp_rsa_callback()\fR sets the callback function for \fBctx\fR to be -used when a temporary/ephemeral \s-1RSA\s0 key is required to \fBtmp_rsa_callback\fR. -The callback is inherited by all \s-1SSL\s0 objects newly created from \fBctx\fR -with <\fISSL_new\fR\|(3)|\fISSL_new\fR\|(3)>. Already created \s-1SSL\s0 objects are not affected. -.PP -\&\fISSL_CTX_set_tmp_rsa()\fR sets the temporary/ephemeral \s-1RSA\s0 key to be used to be -\&\fBrsa\fR. The key is inherited by all \s-1SSL\s0 objects newly created from \fBctx\fR -with <\fISSL_new\fR\|(3)|\fISSL_new\fR\|(3)>. Already created \s-1SSL\s0 objects are not affected. -.PP -\&\fISSL_CTX_need_tmp_rsa()\fR returns 1, if a temporary/ephemeral \s-1RSA\s0 key is needed -for RSA-based strength-limited 'exportable' ciphersuites because a \s-1RSA\s0 key -with a keysize larger than 512 bits is installed. -.PP -\&\fISSL_set_tmp_rsa_callback()\fR sets the callback only for \fBssl\fR. -.PP -\&\fISSL_set_tmp_rsa()\fR sets the key only for \fBssl\fR. -.PP -\&\fISSL_need_tmp_rsa()\fR returns 1, if a temporary/ephemeral \s-1RSA\s0 key is needed, -for RSA-based strength-limited 'exportable' ciphersuites because a \s-1RSA\s0 key -with a keysize larger than 512 bits is installed. -.PP -These functions apply to \s-1SSL/TLS\s0 servers only. -.SH "NOTES" -.IX Header "NOTES" -When using a cipher with \s-1RSA\s0 authentication, an ephemeral \s-1RSA\s0 key exchange -can take place. In this case the session data are negotiated using the -ephemeral/temporary \s-1RSA\s0 key and the \s-1RSA\s0 key supplied and certified -by the certificate chain is only used for signing. -.PP -Under previous export restrictions, ciphers with \s-1RSA\s0 keys shorter (512 bits) -than the usual key length of 1024 bits were created. To use these ciphers -with \s-1RSA\s0 keys of usual length, an ephemeral key exchange must be performed, -as the normal (certified) key cannot be directly used. -.PP -Using ephemeral \s-1RSA\s0 key exchange yields forward secrecy, as the connection -can only be decrypted, when the \s-1RSA\s0 key is known. By generating a temporary -\&\s-1RSA\s0 key inside the server application that is lost when the application -is left, it becomes impossible for an attacker to decrypt past sessions, -even if he gets hold of the normal (certified) \s-1RSA\s0 key, as this key was -used for signing only. The downside is that creating a \s-1RSA\s0 key is -computationally expensive. -.PP -Additionally, the use of ephemeral \s-1RSA\s0 key exchange is only allowed in -the \s-1TLS\s0 standard, when the \s-1RSA\s0 key can be used for signing only, that is -for export ciphers. Using ephemeral \s-1RSA\s0 key exchange for other purposes -violates the standard and can break interoperability with clients. -It is therefore strongly recommended to not use ephemeral \s-1RSA\s0 key -exchange and use \s-1EDH\s0 (Ephemeral Diffie-Hellman) key exchange instead -in order to achieve forward secrecy (see -SSL_CTX_set_tmp_dh_callback(3)). -.PP -On OpenSSL servers ephemeral \s-1RSA\s0 key exchange is therefore disabled by default -and must be explicitly enabled using the \s-1SSL_OP_EPHEMERAL_RSA\s0 option of -SSL_CTX_set_options(3), violating the \s-1TLS/SSL\s0 -standard. When ephemeral \s-1RSA\s0 key exchange is required for export ciphers, -it will automatically be used without this option! -.PP -An application may either directly specify the key or can supply the key via -a callback function. The callback approach has the advantage, that the -callback may generate the key only in case it is actually needed. As the -generation of a \s-1RSA\s0 key is however costly, it will lead to a significant -delay in the handshake procedure. Another advantage of the callback function -is that it can supply keys of different size (e.g. for \s-1SSL_OP_EPHEMERAL_RSA\s0 -usage) while the explicit setting of the key is only useful for key size of -512 bits to satisfy the export restricted ciphers and does give away key length -if a longer key would be allowed. -.PP -The \fBtmp_rsa_callback\fR is called with the \fBkeylength\fR needed and -the \fBis_export\fR information. The \fBis_export\fR flag is set, when the -ephemeral \s-1RSA\s0 key exchange is performed with an export cipher. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -Generate temporary \s-1RSA\s0 keys to prepare ephemeral \s-1RSA\s0 key exchange. As the -generation of a \s-1RSA\s0 key costs a lot of computer time, they saved for later -reuse. For demonstration purposes, two keys for 512 bits and 1024 bits -respectively are generated. -.PP -.Vb 4 -\& ... -\& /* Set up ephemeral RSA stuff */ -\& RSA *rsa_512 = NULL; -\& RSA *rsa_1024 = NULL; -.Ve -.Vb 3 -\& rsa_512 = RSA_generate_key(512,RSA_F4,NULL,NULL); -\& if (rsa_512 == NULL) -\& evaluate_error_queue(); -.Ve -.Vb 3 -\& rsa_1024 = RSA_generate_key(1024,RSA_F4,NULL,NULL); -\& if (rsa_1024 == NULL) -\& evaluate_error_queue(); -.Ve -.Vb 1 -\& ... -.Ve -.Vb 3 -\& RSA *tmp_rsa_callback(SSL *s, int is_export, int keylength) -\& { -\& RSA *rsa_tmp=NULL; -.Ve -.Vb 24 -\& switch (keylength) { -\& case 512: -\& if (rsa_512) -\& rsa_tmp = rsa_512; -\& else { /* generate on the fly, should not happen in this example */ -\& rsa_tmp = RSA_generate_key(keylength,RSA_F4,NULL,NULL); -\& rsa_512 = rsa_tmp; /* Remember for later reuse */ -\& } -\& break; -\& case 1024: -\& if (rsa_1024) -\& rsa_tmp=rsa_1024; -\& else -\& should_not_happen_in_this_example(); -\& break; -\& default: -\& /* Generating a key on the fly is very costly, so use what is there */ -\& if (rsa_1024) -\& rsa_tmp=rsa_1024; -\& else -\& rsa_tmp=rsa_512; /* Use at least a shorter key */ -\& } -\& return(rsa_tmp); -\& } -.Ve -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_tmp_rsa_callback()\fR and \fISSL_set_tmp_rsa_callback()\fR do not return -diagnostic output. -.PP -\&\fISSL_CTX_set_tmp_rsa()\fR and \fISSL_set_tmp_rsa()\fR do return 1 on success and 0 -on failure. Check the error queue to find out the reason of failure. -.PP -\&\fISSL_CTX_need_tmp_rsa()\fR and \fISSL_need_tmp_rsa()\fR return 1 if a temporary -\&\s-1RSA\s0 key is needed and 0 otherwise. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CTX_set_cipher_list(3), -SSL_CTX_set_options(3), -SSL_CTX_set_tmp_dh_callback(3), -SSL_new(3), ciphers(1) diff --git a/secure/lib/libssl/man/SSL_CTX_set_verify.3 b/secure/lib/libssl/man/SSL_CTX_set_verify.3 deleted file mode 100644 index 491c0549e93a..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_set_verify.3 +++ /dev/null @@ -1,434 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:43 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_set_verify 3" -.TH SSL_CTX_set_verify 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth \- set peer certificate verification parameters -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 6 -\& void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, -\& int (*verify_callback)(int, X509_STORE_CTX *)); -\& void SSL_set_verify(SSL *s, int mode, -\& int (*verify_callback)(int, X509_STORE_CTX *)); -\& void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth); -\& void SSL_set_verify_depth(SSL *s, int depth); -.Ve -.Vb 1 -\& int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_set_verify()\fR sets the verification flags for \fBctx\fR to be \fBmode\fR and -specifies the \fBverify_callback\fR function to be used. If no callback function -shall be specified, the \s-1NULL\s0 pointer can be used for \fBverify_callback\fR. -.PP -\&\fISSL_set_verify()\fR sets the verification flags for \fBssl\fR to be \fBmode\fR and -specifies the \fBverify_callback\fR function to be used. If no callback function -shall be specified, the \s-1NULL\s0 pointer can be used for \fBverify_callback\fR. In -this case last \fBverify_callback\fR set specifically for this \fBssl\fR remains. If -no special \fBcallback\fR was set before, the default callback for the underlying -\&\fBctx\fR is used, that was valid at the the time \fBssl\fR was created with -SSL_new(3). -.PP -\&\fISSL_CTX_set_verify_depth()\fR sets the maximum \fBdepth\fR for the certificate chain -verification that shall be allowed for \fBctx\fR. (See the \s-1BUGS\s0 section.) -.PP -\&\fISSL_set_verify_depth()\fR sets the maximum \fBdepth\fR for the certificate chain -verification that shall be allowed for \fBssl\fR. (See the \s-1BUGS\s0 section.) -.SH "NOTES" -.IX Header "NOTES" -The verification of certificates can be controlled by a set of logically -or'ed \fBmode\fR flags: -.Ip "\s-1SSL_VERIFY_NONE\s0" 4 -.IX Item "SSL_VERIFY_NONE" -\&\fBServer mode:\fR the server will not send a client certificate request to the -client, so the client will not send a certificate. -.Sp -\&\fBClient mode:\fR if not using an anonymous cipher (by default disabled), the -server will send a certificate which will be checked. The result of the -certificate verification process can be checked after the \s-1TLS/SSL\s0 handshake -using the SSL_get_verify_result(3) function. -The handshake will be continued regardless of the verification result. -.Ip "\s-1SSL_VERIFY_PEER\s0" 4 -.IX Item "SSL_VERIFY_PEER" -\&\fBServer mode:\fR the server sends a client certificate request to the client. -The certificate returned (if any) is checked. If the verification process -fails, the \s-1TLS/SSL\s0 handshake is -immediately terminated with an alert message containing the reason for -the verification failure. -The behaviour can be controlled by the additional -\&\s-1SSL_VERIFY_FAIL_IF_NO_PEER_CERT\s0 and \s-1SSL_VERIFY_CLIENT_ONCE\s0 flags. -.Sp -\&\fBClient mode:\fR the server certificate is verified. If the verification process -fails, the \s-1TLS/SSL\s0 handshake is -immediately terminated with an alert message containing the reason for -the verification failure. If no server certificate is sent, because an -anonymous cipher is used, \s-1SSL_VERIFY_PEER\s0 is ignored. -.Ip "\s-1SSL_VERIFY_FAIL_IF_NO_PEER_CERT\s0" 4 -.IX Item "SSL_VERIFY_FAIL_IF_NO_PEER_CERT" -\&\fBServer mode:\fR if the client did not return a certificate, the \s-1TLS/SSL\s0 -handshake is immediately terminated with a \*(L"handshake failure\*(R" alert. -This flag must be used together with \s-1SSL_VERIFY_PEER\s0. -.Sp -\&\fBClient mode:\fR ignored -.Ip "\s-1SSL_VERIFY_CLIENT_ONCE\s0" 4 -.IX Item "SSL_VERIFY_CLIENT_ONCE" -\&\fBServer mode:\fR only request a client certificate on the initial \s-1TLS/SSL\s0 -handshake. Do not ask for a client certificate again in case of a -renegotiation. This flag must be used together with \s-1SSL_VERIFY_PEER\s0. -.Sp -\&\fBClient mode:\fR ignored -.PP -Exactly one of the \fBmode\fR flags \s-1SSL_VERIFY_NONE\s0 and \s-1SSL_VERIFY_PEER\s0 must be -set at any time. -.PP -The actual verification procedure is performed either using the built-in -verification procedure or using another application provided verification -function set with -SSL_CTX_set_cert_verify_callback(3). -The following descriptions apply in the case of the built-in procedure. An -application provided procedure also has access to the verify depth information -and the \fIverify_callback()\fR function, but the way this information is used -may be different. -.PP -\&\fISSL_CTX_set_verify_depth()\fR and \fISSL_set_verify_depth()\fR set the limit up -to which depth certificates in a chain are used during the verification -procedure. If the certificate chain is longer than allowed, the certificates -above the limit are ignored. Error messages are generated as if these -certificates would not be present, most likely a -X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY will be issued. -The depth count is \*(L"level 0:peer certificate\*(R", \*(L"level 1: \s-1CA\s0 certificate\*(R", -\&\*(L"level 2: higher level \s-1CA\s0 certificate\*(R", and so on. Setting the maximum -depth to 2 allows the levels 0, 1, and 2. The default depth limit is 9, -allowing for the peer certificate and additional 9 \s-1CA\s0 certificates. -.PP -The \fBverify_callback\fR function is used to control the behaviour when the -\&\s-1SSL_VERIFY_PEER\s0 flag is set. It must be supplied by the application and -receives two arguments: \fBpreverify_ok\fR indicates, whether the verification of -the certificate in question was passed (preverify_ok=1) or not -(preverify_ok=0). \fBx509_ctx\fR is a pointer to the complete context used -for the certificate chain verification. -.PP -The certificate chain is checked starting with the deepest nesting level -(the root \s-1CA\s0 certificate) and worked upward to the peer's certificate. -At each level signatures and issuer attributes are checked. Whenever -a verification error is found, the error number is stored in \fBx509_ctx\fR -and \fBverify_callback\fR is called with \fBpreverify_ok\fR=0. By applying -X509_CTX_store_* functions \fBverify_callback\fR can locate the certificate -in question and perform additional steps (see \s-1EXAMPLES\s0). If no error is -found for a certificate, \fBverify_callback\fR is called with \fBpreverify_ok\fR=1 -before advancing to the next level. -.PP -The return value of \fBverify_callback\fR controls the strategy of the further -verification process. If \fBverify_callback\fR returns 0, the verification -process is immediately stopped with \*(L"verification failed\*(R" state. If -\&\s-1SSL_VERIFY_PEER\s0 is set, a verification failure alert is sent to the peer and -the \s-1TLS/SSL\s0 handshake is terminated. If \fBverify_callback\fR returns 1, -the verification process is continued. If \fBverify_callback\fR always returns -1, the \s-1TLS/SSL\s0 handshake will never be terminated because of this application -experiencing a verification failure. The calling process can however -retrieve the error code of the last verification error using -SSL_get_verify_result(3) or by maintaining its -own error storage managed by \fBverify_callback\fR. -.PP -If no \fBverify_callback\fR is specified, the default callback will be used. -Its return value is identical to \fBpreverify_ok\fR, so that any verification -failure will lead to a termination of the \s-1TLS/SSL\s0 handshake with an -alert message, if \s-1SSL_VERIFY_PEER\s0 is set. -.SH "BUGS" -.IX Header "BUGS" -In client mode, it is not checked whether the \s-1SSL_VERIFY_PEER\s0 flag -is set, but whether \s-1SSL_VERIFY_NONE\s0 is not set. This can lead to -unexpected behaviour, if the \s-1SSL_VERIFY_PEER\s0 and \s-1SSL_VERIFY_NONE\s0 are not -used as required (exactly one must be set at any time). -.PP -The certificate verification depth set with SSL[_CTX]\fI_verify_depth()\fR -stops the verification at a certain depth. The error message produced -will be that of an incomplete certificate chain and not -X509_V_ERR_CERT_CHAIN_TOO_LONG as may be expected. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The SSL*_set_verify*() functions do not provide diagnostic information. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -The following code sequence realizes an example \fBverify_callback\fR function -that will always continue the \s-1TLS/SSL\s0 handshake regardless of verification -failure, if wished. The callback realizes a verification depth limit with -more informational output. -.PP -All verification errors are printed, informations about the certificate chain -are printed on request. -The example is realized for a server that does allow but not require client -certificates. -.PP -The example makes use of the ex_data technique to store application data -into/retrieve application data from the \s-1SSL\s0 structure -(see SSL_get_ex_new_index(3), -SSL_get_ex_data_X509_STORE_CTX_idx(3)). -.PP -.Vb 15 -\& ... -\& typedef struct { -\& int verbose_mode; -\& int verify_depth; -\& int always_continue; -\& } mydata_t; -\& int mydata_index; -\& ... -\& static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) -\& { -\& char buf[256]; -\& X509 *err_cert; -\& int err, depth; -\& SSL *ssl; -\& mydata_t *mydata; -.Ve -.Vb 3 -\& err_cert = X509_STORE_CTX_get_current_cert(ctx); -\& err = X509_STORE_CTX_get_error(ctx); -\& depth = X509_STORE_CTX_get_error_depth(ctx); -.Ve -.Vb 6 -\& /* -\& * Retrieve the pointer to the SSL of the connection currently treated -\& * and the application specific data stored into the SSL object. -\& */ -\& ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); -\& mydata = SSL_get_ex_data(ssl, mydata_index); -.Ve -.Vb 1 -\& X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256); -.Ve -.Vb 22 -\& /* -\& * Catch a too long certificate chain. The depth limit set using -\& * SSL_CTX_set_verify_depth() is by purpose set to "limit+1" so -\& * that whenever the "depth>verify_depth" condition is met, we -\& * have violated the limit and want to log this error condition. -\& * We must do it here, because the CHAIN_TOO_LONG error would not -\& * be found explicitly; only errors introduced by cutting off the -\& * additional certificates would be logged. -\& */ -\& if (depth > mydata->verify_depth) { -\& preverify_ok = 0; -\& err = X509_V_ERR_CERT_CHAIN_TOO_LONG; -\& X509_STORE_CTX_set_error(ctx, err); -\& } -\& if (!preverify_ok) { -\& printf("verify error:num=%d:%s:depth=%d:%s\en", err, -\& X509_verify_cert_error_string(err), depth, buf); -\& } -\& else if (mydata->verbose_mode) -\& { -\& printf("depth=%d:%s\en", depth, buf); -\& } -.Ve -.Vb 9 -\& /* -\& * At this point, err contains the last verification error. We can use -\& * it for something special -\& */ -\& if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) -\& { -\& X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256); -\& printf("issuer= %s\en", buf); -\& } -.Ve -.Vb 6 -\& if (mydata->always_continue) -\& return 1; -\& else -\& return preverify_ok; -\& } -\& ... -.Ve -.Vb 1 -\& mydata_t mydata; -.Ve -.Vb 2 -\& ... -\& mydata_index = SSL_get_ex_new_index(0, "mydata index", NULL, NULL, NULL); -.Ve -.Vb 3 -\& ... -\& SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE, -\& verify_callback); -.Ve -.Vb 5 -\& /* -\& * Let the verify_callback catch the verify_depth error so that we get -\& * an appropriate error in the logfile. -\& */ -\& SSL_CTX_set_verify_depth(verify_depth + 1); -.Ve -.Vb 6 -\& /* -\& * Set up the SSL specific data into "mydata" and store it into th SSL -\& * structure. -\& */ -\& mydata.verify_depth = verify_depth; ... -\& SSL_set_ex_data(ssl, mydata_index, &mydata); -.Ve -.Vb 9 -\& ... -\& SSL_accept(ssl); /* check of success left out for clarity */ -\& if (peer = SSL_get_peer_certificate(ssl)) -\& { -\& if (SSL_get_verify_result(ssl) == X509_V_OK) -\& { -\& /* The client sent a certificate which verified OK */ -\& } -\& } -.Ve -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_new(3), -SSL_CTX_get_verify_mode(3), -SSL_get_verify_result(3), -SSL_CTX_load_verify_locations(3), -SSL_get_peer_certificate(3), -SSL_CTX_set_cert_verify_callback(3), -SSL_get_ex_data_X509_STORE_CTX_idx(3), -SSL_get_ex_new_index(3) diff --git a/secure/lib/libssl/man/SSL_CTX_use_certificate.3 b/secure/lib/libssl/man/SSL_CTX_use_certificate.3 deleted file mode 100644 index d45fda34429c..000000000000 --- a/secure/lib/libssl/man/SSL_CTX_use_certificate.3 +++ /dev/null @@ -1,293 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:43 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_CTX_use_certificate 3" -.TH SSL_CTX_use_certificate 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key \- load certificate and key data -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 6 -\& int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); -\& int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d); -\& int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type); -\& int SSL_use_certificate(SSL *ssl, X509 *x); -\& int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len); -\& int SSL_use_certificate_file(SSL *ssl, const char *file, int type); -.Ve -.Vb 1 -\& int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); -.Ve -.Vb 13 -\& int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); -\& int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d, -\& long len); -\& int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); -\& int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); -\& int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len); -\& int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type); -\& int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); -\& int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len); -\& int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type); -\& int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); -\& int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len); -\& int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type); -.Ve -.Vb 2 -\& int SSL_CTX_check_private_key(SSL_CTX *ctx); -\& int SSL_check_private_key(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -These functions load the certificates and private keys into the \s-1SSL_CTX\s0 -or \s-1SSL\s0 object, respectively. -.PP -The SSL_CTX_* class of functions loads the certificates and keys into the -\&\s-1SSL_CTX\s0 object \fBctx\fR. The information is passed to \s-1SSL\s0 objects \fBssl\fR -created from \fBctx\fR with SSL_new(3) by copying, so that -changes applied to \fBctx\fR do not propagate to already existing \s-1SSL\s0 objects. -.PP -The SSL_* class of functions only loads certificates and keys into a -specific \s-1SSL\s0 object. The specific information is kept, when -SSL_clear(3) is called for this \s-1SSL\s0 object. -.PP -\&\fISSL_CTX_use_certificate()\fR loads the certificate \fBx\fR into \fBctx\fR, -\&\fISSL_use_certificate()\fR loads \fBx\fR into \fBssl\fR. The rest of the -certificates needed to form the complete certificate chain can be -specified using the -SSL_CTX_add_extra_chain_cert(3) -function. -.PP -\&\fISSL_CTX_use_certificate_ASN1()\fR loads the \s-1ASN1\s0 encoded certificate from -the memory location \fBd\fR (with length \fBlen\fR) into \fBctx\fR, -\&\fISSL_use_certificate_ASN1()\fR loads the \s-1ASN1\s0 encoded certificate into \fBssl\fR. -.PP -\&\fISSL_CTX_use_certificate_file()\fR loads the first certificate stored in \fBfile\fR -into \fBctx\fR. The formatting \fBtype\fR of the certificate must be specified -from the known types \s-1SSL_FILETYPE_PEM\s0, \s-1SSL_FILETYPE_ASN1\s0. -\&\fISSL_use_certificate_file()\fR loads the certificate from \fBfile\fR into \fBssl\fR. -See the \s-1NOTES\s0 section on why \fISSL_CTX_use_certificate_chain_file()\fR -should be preferred. -.PP -\&\fISSL_CTX_use_certificate_chain_file()\fR loads a certificate chain from -\&\fBfile\fR into \fBctx\fR. The certificates must be in \s-1PEM\s0 format and must -be sorted starting with the certificate to the highest level (root \s-1CA\s0). -There is no corresponding function working on a single \s-1SSL\s0 object. -.PP -\&\fISSL_CTX_use_PrivateKey()\fR adds \fBpkey\fR as private key to \fBctx\fR. -\&\fISSL_CTX_use_RSAPrivateKey()\fR adds the private key \fBrsa\fR of type \s-1RSA\s0 -to \fBctx\fR. \fISSL_use_PrivateKey()\fR adds \fBpkey\fR as private key to \fBssl\fR; -\&\fISSL_use_RSAPrivateKey()\fR adds \fBrsa\fR as private key of type \s-1RSA\s0 to \fBssl\fR. -.PP -\&\fISSL_CTX_use_PrivateKey_ASN1()\fR adds the private key of type \fBpk\fR -stored at memory location \fBd\fR (length \fBlen\fR) to \fBctx\fR. -\&\fISSL_CTX_use_RSAPrivateKey_ASN1()\fR adds the private key of type \s-1RSA\s0 -stored at memory location \fBd\fR (length \fBlen\fR) to \fBctx\fR. -\&\fISSL_use_PrivateKey_ASN1()\fR and \fISSL_use_RSAPrivateKey_ASN1()\fR add the private -key to \fBssl\fR. -.PP -\&\fISSL_CTX_use_PrivateKey_file()\fR adds the first private key found in -\&\fBfile\fR to \fBctx\fR. The formatting \fBtype\fR of the certificate must be specified -from the known types \s-1SSL_FILETYPE_PEM\s0, \s-1SSL_FILETYPE_ASN1\s0. -\&\fISSL_CTX_use_RSAPrivateKey_file()\fR adds the first private \s-1RSA\s0 key found in -\&\fBfile\fR to \fBctx\fR. \fISSL_use_PrivateKey_file()\fR adds the first private key found -in \fBfile\fR to \fBssl\fR; \fISSL_use_RSAPrivateKey_file()\fR adds the first private -\&\s-1RSA\s0 key found to \fBssl\fR. -.PP -\&\fISSL_CTX_check_private_key()\fR checks the consistency of a private key with -the corresponding certificate loaded into \fBctx\fR. If more than one -key/certificate pair (\s-1RSA/DSA\s0) is installed, the last item installed will -be checked. If e.g. the last item was a \s-1RSA\s0 certificate or key, the \s-1RSA\s0 -key/certificate pair will be checked. \fISSL_check_private_key()\fR performs -the same check for \fBssl\fR. If no key/certificate was explicitly added for -this \fBssl\fR, the last item added into \fBctx\fR will be checked. -.SH "NOTES" -.IX Header "NOTES" -The internal certificate store of OpenSSL can hold two private key/certificate -pairs at a time: one key/certificate of type \s-1RSA\s0 and one key/certificate -of type \s-1DSA\s0. The certificate used depends on the cipher select, see -also SSL_CTX_set_cipher_list(3). -.PP -When reading certificates and private keys from file, files of type -\&\s-1SSL_FILETYPE_ASN1\s0 (also known as \fB\s-1DER\s0\fR, binary encoding) can only contain -one certificate or private key, consequently -\&\fISSL_CTX_use_certificate_chain_file()\fR is only applicable to \s-1PEM\s0 formatting. -Files of type \s-1SSL_FILETYPE_PEM\s0 can contain more than one item. -.PP -\&\fISSL_CTX_use_certificate_chain_file()\fR adds the first certificate found -in the file to the certificate store. The other certificates are added -to the store of chain certificates using -SSL_CTX_add_extra_chain_cert(3). -There exists only one extra chain store, so that the same chain is appended -to both types of certificates, \s-1RSA\s0 and \s-1DSA\s0! If it is not intended to use -both type of certificate at the same time, it is recommended to use the -\&\fISSL_CTX_use_certificate_chain_file()\fR instead of the -\&\fISSL_CTX_use_certificate_file()\fR function in order to allow the use of -complete certificate chains even when no trusted \s-1CA\s0 storage is used or -when the \s-1CA\s0 issuing the certificate shall not be added to the trusted -\&\s-1CA\s0 storage. -.PP -If additional certificates are needed to complete the chain during the -\&\s-1TLS\s0 negotiation, \s-1CA\s0 certificates are additionally looked up in the -locations of trusted \s-1CA\s0 certificates, see -SSL_CTX_load_verify_locations(3). -.PP -The private keys loaded from file can be encrypted. In order to successfully -load encrypted keys, a function returning the passphrase must have been -supplied, see -SSL_CTX_set_default_passwd_cb(3). -(Certificate files might be encrypted as well from the technical point -of view, it however does not make sense as the data in the certificate -is considered public anyway.) -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -On success, the functions return 1. -Otherwise check out the error stack to find out the reason. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_new(3), SSL_clear(3), -SSL_CTX_load_verify_locations(3), -SSL_CTX_set_default_passwd_cb(3), -SSL_CTX_set_cipher_list(3), -SSL_CTX_set_client_cert_cb(3), -SSL_CTX_add_extra_chain_cert(3) diff --git a/secure/lib/libssl/man/SSL_SESSION_free.3 b/secure/lib/libssl/man/SSL_SESSION_free.3 deleted file mode 100644 index 9d01628a0895..000000000000 --- a/secure/lib/libssl/man/SSL_SESSION_free.3 +++ /dev/null @@ -1,190 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:43 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_SESSION_free 3" -.TH SSL_SESSION_free 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_SESSION_free \- free an allocated \s-1SSL_SESSION\s0 structure -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& void SSL_SESSION_free(SSL_SESSION *session); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_SESSION_free()\fR decrements the reference count of \fBsession\fR and removes -the \fB\s-1SSL_SESSION\s0\fR structure pointed to by \fBsession\fR and frees up the allocated -memory, if the the reference count has reached 0. -.SH "NOTES" -.IX Header "NOTES" -\&\s-1SSL_SESSION\s0 objects are allocated, when a \s-1TLS/SSL\s0 handshake operation -is successfully completed. Depending on the settings, see -SSL_CTX_set_session_cache_mode(3), -the \s-1SSL_SESSION\s0 objects are internally referenced by the \s-1SSL_CTX\s0 and -linked into its session cache. \s-1SSL\s0 objects may be using the \s-1SSL_SESSION\s0 object; -as a session may be reused, several \s-1SSL\s0 objects may be using one \s-1SSL_SESSION\s0 -object at the same time. It is therefore crucial to keep the reference -count (usage information) correct and not delete a \s-1SSL_SESSION\s0 object -that is still used, as this may lead to program failures due to -dangling pointers. These failures may also appear delayed, e.g. -when an \s-1SSL_SESSION\s0 object was completely freed as the reference count -incorrectly became 0, but it is still referenced in the internal -session cache and the cache list is processed during a -SSL_CTX_flush_sessions(3) operation. -.PP -\&\fISSL_SESSION_free()\fR must only be called for \s-1SSL_SESSION\s0 objects, for -which the reference count was explicitly incremented (e.g. -by calling \fISSL_get1_session()\fR, see SSL_get_session(3)) -or when the \s-1SSL_SESSION\s0 object was generated outside a \s-1TLS\s0 handshake -operation, e.g. by using d2i_SSL_SESSION(3). -It must not be called on other \s-1SSL_SESSION\s0 objects, as this would cause -incorrect reference counts and therefore program failures. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_SESSION_free()\fR does not provide diagnostic information. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_get_session(3), -SSL_CTX_set_session_cache_mode(3), -SSL_CTX_flush_sessions(3), - d2i_SSL_SESSION(3) diff --git a/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 b/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 deleted file mode 100644 index 6b8425f039ab..000000000000 --- a/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 +++ /dev/null @@ -1,200 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:43 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_SESSION_get_ex_new_index 3" -.TH SSL_SESSION_get_ex_new_index 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_SESSION_get_ex_new_index, SSL_SESSION_set_ex_data, SSL_SESSION_get_ex_data \- internal application specific data functions -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 4 -\& int SSL_SESSION_get_ex_new_index(long argl, void *argp, -\& CRYPTO_EX_new *new_func, -\& CRYPTO_EX_dup *dup_func, -\& CRYPTO_EX_free *free_func); -.Ve -.Vb 1 -\& int SSL_SESSION_set_ex_data(SSL_SESSION *session, int idx, void *arg); -.Ve -.Vb 1 -\& void *SSL_SESSION_get_ex_data(SSL_SESSION *session, int idx); -.Ve -.Vb 6 -\& typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, -\& int idx, long argl, void *argp); -\& typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, -\& int idx, long argl, void *argp); -\& typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, -\& int idx, long argl, void *argp); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -Several OpenSSL structures can have application specific data attached to them. -These functions are used internally by OpenSSL to manipulate application -specific data attached to a specific structure. -.PP -\&\fISSL_SESSION_get_ex_new_index()\fR is used to register a new index for application -specific data. -.PP -\&\fISSL_SESSION_set_ex_data()\fR is used to store application data at \fBarg\fR for \fBidx\fR -into the \fBsession\fR object. -.PP -\&\fISSL_SESSION_get_ex_data()\fR is used to retrieve the information for \fBidx\fR from -\&\fBsession\fR. -.PP -A detailed description for the \fB*\f(BI_get_ex_new_index()\fB\fR functionality -can be found in RSA_get_ex_new_index(3). -The \fB*\f(BI_get_ex_data()\fB\fR and \fB*\f(BI_set_ex_data()\fB\fR functionality is described in -CRYPTO_set_ex_data(3). -.SH "WARNINGS" -.IX Header "WARNINGS" -The application data is only maintained for sessions held in memory. The -application data is not included when dumping the session with -\&\fIi2d_SSL_SESSION()\fR (and all functions indirectly calling the dump functions -like \fIPEM_write_SSL_SESSION()\fR and \fIPEM_write_bio_SSL_SESSION()\fR) and can -therefore not be restored. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -RSA_get_ex_new_index(3), -CRYPTO_set_ex_data(3) diff --git a/secure/lib/libssl/man/SSL_SESSION_get_time.3 b/secure/lib/libssl/man/SSL_SESSION_get_time.3 deleted file mode 100644 index 7d268b3370f0..000000000000 --- a/secure/lib/libssl/man/SSL_SESSION_get_time.3 +++ /dev/null @@ -1,200 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:44 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_SESSION_get_time 3" -.TH SSL_SESSION_get_time 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_get_timeout \- retrieve and manipulate session time and timeout settings -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 4 -\& long SSL_SESSION_get_time(SSL_SESSION *s); -\& long SSL_SESSION_set_time(SSL_SESSION *s, long tm); -\& long SSL_SESSION_get_timeout(SSL_SESSION *s); -\& long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm); -.Ve -.Vb 4 -\& long SSL_get_time(SSL_SESSION *s); -\& long SSL_set_time(SSL_SESSION *s, long tm); -\& long SSL_get_timeout(SSL_SESSION *s); -\& long SSL_set_timeout(SSL_SESSION *s, long tm); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_SESSION_get_time()\fR returns the time at which the session \fBs\fR was -established. The time is given in seconds since the Epoch and therefore -compatible to the time delivered by the \fItime()\fR call. -.PP -\&\fISSL_SESSION_set_time()\fR replaces the creation time of the session \fBs\fR with -the chosen value \fBtm\fR. -.PP -\&\fISSL_SESSION_get_timeout()\fR returns the timeout value set for session \fBs\fR -in seconds. -.PP -\&\fISSL_SESSION_set_timeout()\fR sets the timeout value for session \fBs\fR in seconds -to \fBtm\fR. -.PP -The \fISSL_get_time()\fR, \fISSL_set_time()\fR, \fISSL_get_timeout()\fR, and \fISSL_set_timeout()\fR -functions are synonyms for the SSL_SESSION_*() counterparts. -.SH "NOTES" -.IX Header "NOTES" -Sessions are expired by examining the creation time and the timeout value. -Both are set at creation time of the session to the actual time and the -default timeout value at creation, respectively, as set by -SSL_CTX_set_timeout(3). -Using these functions it is possible to extend or shorten the lifetime -of the session. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_SESSION_get_time()\fR and \fISSL_SESSION_get_timeout()\fR return the currently -valid values. -.PP -\&\fISSL_SESSION_set_time()\fR and \fISSL_SESSION_set_timeout()\fR return 1 on success. -.PP -If any of the function is passed the \s-1NULL\s0 pointer for the session \fBs\fR, -0 is returned. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_timeout(3), -SSL_get_default_timeout(3) diff --git a/secure/lib/libssl/man/SSL_accept.3 b/secure/lib/libssl/man/SSL_accept.3 deleted file mode 100644 index 2e44eedb6105..000000000000 --- a/secure/lib/libssl/man/SSL_accept.3 +++ /dev/null @@ -1,202 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:44 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_accept 3" -.TH SSL_accept 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_accept \- wait for a \s-1TLS/SSL\s0 client to initiate a \s-1TLS/SSL\s0 handshake -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_accept(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_accept()\fR waits for a \s-1TLS/SSL\s0 client to initiate the \s-1TLS/SSL\s0 handshake. -The communication channel must already have been set and assigned to the -\&\fBssl\fR by setting an underlying \fB\s-1BIO\s0\fR. -.SH "NOTES" -.IX Header "NOTES" -The behaviour of \fISSL_accept()\fR depends on the underlying \s-1BIO\s0. -.PP -If the underlying \s-1BIO\s0 is \fBblocking\fR, \fISSL_accept()\fR will only return once the -handshake has been finished or an error occurred, except for \s-1SGC\s0 (Server -Gated Cryptography). For \s-1SGC\s0, \fISSL_accept()\fR may return with \-1, but -\&\fISSL_get_error()\fR will yield \fB\s-1SSL_ERROR_WANT_READ/WRITE\s0\fR and \fISSL_accept()\fR -should be called again. -.PP -If the underlying \s-1BIO\s0 is \fBnon-blocking\fR, \fISSL_accept()\fR will also return -when the underlying \s-1BIO\s0 could not satisfy the needs of \fISSL_accept()\fR -to continue the handshake. In this case a call to \fISSL_get_error()\fR with the -return value of \fISSL_accept()\fR will yield \fB\s-1SSL_ERROR_WANT_READ\s0\fR or -\&\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. The calling process then must repeat the call after -taking appropriate action to satisfy the needs of \fISSL_accept()\fR. -The action depends on the underlying \s-1BIO\s0. When using a non-blocking socket, -nothing is to be done, but \fIselect()\fR can be used to check for the required -condition. When using a buffering \s-1BIO\s0, like a \s-1BIO\s0 pair, data must be written -into or retrieved out of the \s-1BIO\s0 before being able to continue. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "1" 4 -.IX Item "1" -The \s-1TLS/SSL\s0 handshake was successfully completed, a \s-1TLS/SSL\s0 connection has been -established. -.Ip "0" 4 -The \s-1TLS/SSL\s0 handshake was not successful but was shut down controlled and -by the specifications of the \s-1TLS/SSL\s0 protocol. Call \fISSL_get_error()\fR with the -return value \fBret\fR to find out the reason. -.Ip "<0" 4 -.IX Item "<0" -The \s-1TLS/SSL\s0 handshake was not successful because a fatal error occurred either -at the protocol level or a connection failure occurred. The shutdown was -not clean. It can also occur of action is need to continue the operation -for non-blocking BIOs. Call \fISSL_get_error()\fR with the return value \fBret\fR -to find out the reason. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_get_error(3), SSL_connect(3), -SSL_shutdown(3), ssl(3), bio(3), -SSL_set_connect_state(3), -SSL_do_handshake(3), -SSL_CTX_new(3) diff --git a/secure/lib/libssl/man/SSL_alert_type_string.3 b/secure/lib/libssl/man/SSL_alert_type_string.3 deleted file mode 100644 index 114cd499bcd9..000000000000 --- a/secure/lib/libssl/man/SSL_alert_type_string.3 +++ /dev/null @@ -1,360 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:44 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_alert_type_string 3" -.TH SSL_alert_type_string 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_alert_type_string, SSL_alert_type_string_long, SSL_alert_desc_string, SSL_alert_desc_string_long \- get textual description of alert information -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& const char *SSL_alert_type_string(int value); -\& const char *SSL_alert_type_string_long(int value); -.Ve -.Vb 2 -\& const char *SSL_alert_desc_string(int value); -\& const char *SSL_alert_desc_string_long(int value); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_alert_type_string()\fR returns a one letter string indicating the -type of the alert specified by \fBvalue\fR. -.PP -\&\fISSL_alert_type_string_long()\fR returns a string indicating the type of the alert -specified by \fBvalue\fR. -.PP -\&\fISSL_alert_desc_string()\fR returns a two letter string as a short form -describing the reason of the alert specified by \fBvalue\fR. -.PP -\&\fISSL_alert_desc_string_long()\fR returns a string describing the reason -of the alert specified by \fBvalue\fR. -.SH "NOTES" -.IX Header "NOTES" -When one side of an \s-1SSL/TLS\s0 communication wants to inform the peer about -a special situation, it sends an alert. The alert is sent as a special message -and does not influence the normal data stream (unless its contents results -in the communication being canceled). -.PP -A warning alert is sent, when a non-fatal error condition occurs. The -\&\*(L"close notify\*(R" alert is sent as a warning alert. Other examples for -non-fatal errors are certificate errors (\*(L"certificate expired\*(R", -\&\*(L"unsupported certificate\*(R"), for which a warning alert may be sent. -(The sending party may however decide to send a fatal error.) The -receiving side may cancel the connection on reception of a warning -alert on it discretion. -.PP -Several alert messages must be sent as fatal alert messages as specified -by the \s-1TLS\s0 \s-1RFC\s0. A fatal alert always leads to a connection abort. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following strings can occur for \fISSL_alert_type_string()\fR or -\&\fISSL_alert_type_string_long()\fR: -.if n .Ip """""W""""/""""warning""""" 4 -.el .Ip "``W''/``warning''" 4 -.IX Item ""W/warning" -.PD 0 -.if n .Ip """""F""""/""""fatal""""" 4 -.el .Ip "``F''/``fatal''" 4 -.IX Item ""F/fatal" -.if n .Ip """""U""""/""""unknown""""" 4 -.el .Ip "``U''/``unknown''" 4 -.IX Item ""U/unknown" -.PD -This indicates that no support is available for this alert type. -Probably \fBvalue\fR does not contain a correct alert message. -.PP -The following strings can occur for \fISSL_alert_desc_string()\fR or -\&\fISSL_alert_desc_string_long()\fR: -.if n .Ip """""\s-1CN\s0""""/""""close notify""""" 4 -.el .Ip "``\s-1CN\s0''/``close notify''" 4 -.IX Item ""CN/close notify" -The connection shall be closed. This is a warning alert. -.if n .Ip """""\s-1UM\s0""""/""""unexpected message""""" 4 -.el .Ip "``\s-1UM\s0''/``unexpected message''" 4 -.IX Item ""UM/unexpected message" -An inappropriate message was received. This alert is always fatal -and should never be observed in communication between proper -implementations. -.if n .Ip """""\s-1BM\s0""""/""""bad record mac""""" 4 -.el .Ip "``\s-1BM\s0''/``bad record mac''" 4 -.IX Item ""BM/bad record mac" -This alert is returned if a record is received with an incorrect -\&\s-1MAC\s0. This message is always fatal. -.if n .Ip """""\s-1DF\s0""""/""""decompression failure""""" 4 -.el .Ip "``\s-1DF\s0''/``decompression failure''" 4 -.IX Item ""DF/decompression failure" -The decompression function received improper input (e.g. data -that would expand to excessive length). This message is always -fatal. -.if n .Ip """""\s-1HF\s0""""/""""handshake failure""""" 4 -.el .Ip "``\s-1HF\s0''/``handshake failure''" 4 -.IX Item ""HF/handshake failure" -Reception of a handshake_failure alert message indicates that the -sender was unable to negotiate an acceptable set of security -parameters given the options available. This is a fatal error. -.if n .Ip """""\s-1NC\s0""""/""""no certificate""""" 4 -.el .Ip "``\s-1NC\s0''/``no certificate''" 4 -.IX Item ""NC/no certificate" -A client, that was asked to send a certificate, does not send a certificate -(SSLv3 only). -.if n .Ip """""\s-1BC\s0""""/""""bad certificate""""" 4 -.el .Ip "``\s-1BC\s0''/``bad certificate''" 4 -.IX Item ""BC/bad certificate" -A certificate was corrupt, contained signatures that did not -verify correctly, etc -.if n .Ip """""\s-1UC\s0""""/""""unsupported certificate""""" 4 -.el .Ip "``\s-1UC\s0''/``unsupported certificate''" 4 -.IX Item ""UC/unsupported certificate" -A certificate was of an unsupported type. -.if n .Ip """""\s-1CR\s0""""/""""certificate revoked""""" 4 -.el .Ip "``\s-1CR\s0''/``certificate revoked''" 4 -.IX Item ""CR/certificate revoked" -A certificate was revoked by its signer. -.if n .Ip """""\s-1CE\s0""""/""""certificate expired""""" 4 -.el .Ip "``\s-1CE\s0''/``certificate expired''" 4 -.IX Item ""CE/certificate expired" -A certificate has expired or is not currently valid. -.if n .Ip """""\s-1CU\s0""""/""""certificate unknown""""" 4 -.el .Ip "``\s-1CU\s0''/``certificate unknown''" 4 -.IX Item ""CU/certificate unknown" -Some other (unspecified) issue arose in processing the -certificate, rendering it unacceptable. -.if n .Ip """""\s-1IP\s0""""/""""illegal parameter""""" 4 -.el .Ip "``\s-1IP\s0''/``illegal parameter''" 4 -.IX Item ""IP/illegal parameter" -A field in the handshake was out of range or inconsistent with -other fields. This is always fatal. -.if n .Ip """""\s-1DC\s0""""/""""decryption failed""""" 4 -.el .Ip "``\s-1DC\s0''/``decryption failed''" 4 -.IX Item ""DC/decryption failed" -A TLSCiphertext decrypted in an invalid way: either it wasn't an -even multiple of the block length or its padding values, when -checked, weren't correct. This message is always fatal. -.if n .Ip """""\s-1RO\s0""""/""""record overflow""""" 4 -.el .Ip "``\s-1RO\s0''/``record overflow''" 4 -.IX Item ""RO/record overflow" -A TLSCiphertext record was received which had a length more than -2^14+2048 bytes, or a record decrypted to a TLSCompressed record -with more than 2^14+1024 bytes. This message is always fatal. -.if n .Ip """""\s-1CA\s0""""/""""unknown \s-1CA\s0""""" 4 -.el .Ip "``\s-1CA\s0''/``unknown \s-1CA\s0''" 4 -.IX Item ""CA/unknown CA" -A valid certificate chain or partial chain was received, but the -certificate was not accepted because the \s-1CA\s0 certificate could not -be located or couldn't be matched with a known, trusted \s-1CA\s0. This -message is always fatal. -.if n .Ip """""\s-1AD\s0""""/""""access denied""""" 4 -.el .Ip "``\s-1AD\s0''/``access denied''" 4 -.IX Item ""AD/access denied" -A valid certificate was received, but when access control was -applied, the sender decided not to proceed with negotiation. -This message is always fatal. -.if n .Ip """""\s-1DE\s0""""/""""decode error""""" 4 -.el .Ip "``\s-1DE\s0''/``decode error''" 4 -.IX Item ""DE/decode error" -A message could not be decoded because some field was out of the -specified range or the length of the message was incorrect. This -message is always fatal. -.if n .Ip """""\s-1CY\s0""""/""""decrypt error""""" 4 -.el .Ip "``\s-1CY\s0''/``decrypt error''" 4 -.IX Item ""CY/decrypt error" -A handshake cryptographic operation failed, including being -unable to correctly verify a signature, decrypt a key exchange, -or validate a finished message. -.if n .Ip """""\s-1ER\s0""""/""""export restriction""""" 4 -.el .Ip "``\s-1ER\s0''/``export restriction''" 4 -.IX Item ""ER/export restriction" -A negotiation not in compliance with export restrictions was -detected; for example, attempting to transfer a 1024 bit -ephemeral \s-1RSA\s0 key for the \s-1RSA_EXPORT\s0 handshake method. This -message is always fatal. -.if n .Ip """""\s-1PV\s0""""/""""protocol version""""" 4 -.el .Ip "``\s-1PV\s0''/``protocol version''" 4 -.IX Item ""PV/protocol version" -The protocol version the client has attempted to negotiate is -recognized, but not supported. (For example, old protocol -versions might be avoided for security reasons). This message is -always fatal. -.if n .Ip """""\s-1IS\s0""""/""""insufficient security""""" 4 -.el .Ip "``\s-1IS\s0''/``insufficient security''" 4 -.IX Item ""IS/insufficient security" -Returned instead of handshake_failure when a negotiation has -failed specifically because the server requires ciphers more -secure than those supported by the client. This message is always -fatal. -.if n .Ip """""\s-1IE\s0""""/""""internal error""""" 4 -.el .Ip "``\s-1IE\s0''/``internal error''" 4 -.IX Item ""IE/internal error" -An internal error unrelated to the peer or the correctness of the -protocol makes it impossible to continue (such as a memory -allocation failure). This message is always fatal. -.if n .Ip """""\s-1US\s0""""/""""user canceled""""" 4 -.el .Ip "``\s-1US\s0''/``user canceled''" 4 -.IX Item ""US/user canceled" -This handshake is being canceled for some reason unrelated to a -protocol failure. If the user cancels an operation after the -handshake is complete, just closing the connection by sending a -close_notify is more appropriate. This alert should be followed -by a close_notify. This message is generally a warning. -.if n .Ip """""\s-1NR\s0""""/""""no renegotiation""""" 4 -.el .Ip "``\s-1NR\s0''/``no renegotiation''" 4 -.IX Item ""NR/no renegotiation" -Sent by the client in response to a hello request or by the -server in response to a client hello after initial handshaking. -Either of these would normally lead to renegotiation; when that -is not appropriate, the recipient should respond with this alert; -at that point, the original requester can decide whether to -proceed with the connection. One case where this would be -appropriate would be where a server has spawned a process to -satisfy a request; the process might receive security parameters -(key length, authentication, etc.) at startup and it might be -difficult to communicate changes to these parameters after that -point. This message is always a warning. -.if n .Ip """""\s-1UK\s0""""/""""unknown""""" 4 -.el .Ip "``\s-1UK\s0''/``unknown''" 4 -.IX Item ""UK/unknown" -This indicates that no description is available for this alert type. -Probably \fBvalue\fR does not contain a correct alert message. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CTX_set_info_callback(3) diff --git a/secure/lib/libssl/man/SSL_clear.3 b/secure/lib/libssl/man/SSL_clear.3 deleted file mode 100644 index 26afe9eee008..000000000000 --- a/secure/lib/libssl/man/SSL_clear.3 +++ /dev/null @@ -1,197 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:44 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_clear 3" -.TH SSL_clear 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_clear \- reset \s-1SSL\s0 object to allow another connection -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_clear(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -Reset \fBssl\fR to allow another connection. All settings (method, ciphers, -BIOs) are kept. -.SH "NOTES" -.IX Header "NOTES" -SSL_clear is used to prepare an \s-1SSL\s0 object for a new connection. While all -settings are kept, a side effect is the handling of the current \s-1SSL\s0 session. -If a session is still \fBopen\fR, it is considered bad and will be removed -from the session cache, as required by \s-1RFC2246\s0. A session is considered open, -if SSL_shutdown(3) was not called for the connection -or at least SSL_set_shutdown(3) was used to -set the \s-1SSL_SENT_SHUTDOWN\s0 state. -.PP -If a session was closed cleanly, the session object will be kept and all -settings corresponding. This explicitly means, that e.g. the special method -used during the session will be kept for the next handshake. So if the -session was a TLSv1 session, a \s-1SSL\s0 client object will use a TLSv1 client -method for the next handshake and a \s-1SSL\s0 server object will use a TLSv1 -server method, even if SSLv23_*_methods were chosen on startup. This -will might lead to connection failures (see SSL_new(3)) -for a description of the method's properties. -.SH "WARNINGS" -.IX Header "WARNINGS" -\&\fISSL_clear()\fR resets the \s-1SSL\s0 object to allow for another connection. The -reset operation however keeps several settings of the last sessions -(some of these settings were made automatically during the last -handshake). It only makes sense when opening a new session (or reusing -an old one) with the same peer that shares these settings. -\&\fISSL_clear()\fR is not a short form for the sequence -SSL_free(3); SSL_new(3); . -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "0" 4 -The \fISSL_clear()\fR operation could not be performed. Check the error stack to -find out the reason. -.Ip "1" 4 -.IX Item "1" -The \fISSL_clear()\fR operation was successful. -.PP -SSL_new(3), SSL_free(3), -SSL_shutdown(3), SSL_set_shutdown(3), -SSL_CTX_set_options(3), ssl(3), -SSL_CTX_set_client_cert_cb(3) diff --git a/secure/lib/libssl/man/SSL_connect.3 b/secure/lib/libssl/man/SSL_connect.3 deleted file mode 100644 index f79ab0048b71..000000000000 --- a/secure/lib/libssl/man/SSL_connect.3 +++ /dev/null @@ -1,199 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:44 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_connect 3" -.TH SSL_connect 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_connect \- initiate the \s-1TLS/SSL\s0 handshake with an \s-1TLS/SSL\s0 server -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_connect(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_connect()\fR initiates the \s-1TLS/SSL\s0 handshake with a server. The communication -channel must already have been set and assigned to the \fBssl\fR by setting an -underlying \fB\s-1BIO\s0\fR. -.SH "NOTES" -.IX Header "NOTES" -The behaviour of \fISSL_connect()\fR depends on the underlying \s-1BIO\s0. -.PP -If the underlying \s-1BIO\s0 is \fBblocking\fR, \fISSL_connect()\fR will only return once the -handshake has been finished or an error occurred. -.PP -If the underlying \s-1BIO\s0 is \fBnon-blocking\fR, \fISSL_connect()\fR will also return -when the underlying \s-1BIO\s0 could not satisfy the needs of \fISSL_connect()\fR -to continue the handshake. In this case a call to \fISSL_get_error()\fR with the -return value of \fISSL_connect()\fR will yield \fB\s-1SSL_ERROR_WANT_READ\s0\fR or -\&\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. The calling process then must repeat the call after -taking appropriate action to satisfy the needs of \fISSL_connect()\fR. -The action depends on the underlying \s-1BIO\s0. When using a non-blocking socket, -nothing is to be done, but \fIselect()\fR can be used to check for the required -condition. When using a buffering \s-1BIO\s0, like a \s-1BIO\s0 pair, data must be written -into or retrieved out of the \s-1BIO\s0 before being able to continue. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "1" 4 -.IX Item "1" -The \s-1TLS/SSL\s0 handshake was successfully completed, a \s-1TLS/SSL\s0 connection has been -established. -.Ip "0" 4 -The \s-1TLS/SSL\s0 handshake was not successful but was shut down controlled and -by the specifications of the \s-1TLS/SSL\s0 protocol. Call \fISSL_get_error()\fR with the -return value \fBret\fR to find out the reason. -.Ip "<0" 4 -.IX Item "<0" -The \s-1TLS/SSL\s0 handshake was not successful, because a fatal error occurred either -at the protocol level or a connection failure occurred. The shutdown was -not clean. It can also occur of action is need to continue the operation -for non-blocking BIOs. Call \fISSL_get_error()\fR with the return value \fBret\fR -to find out the reason. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_get_error(3), SSL_accept(3), -SSL_shutdown(3), ssl(3), bio(3), -SSL_set_connect_state(3), -SSL_do_handshake(3), -SSL_CTX_new(3) diff --git a/secure/lib/libssl/man/SSL_do_handshake.3 b/secure/lib/libssl/man/SSL_do_handshake.3 deleted file mode 100644 index 0b3dfa22e39b..000000000000 --- a/secure/lib/libssl/man/SSL_do_handshake.3 +++ /dev/null @@ -1,202 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:44 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_do_handshake 3" -.TH SSL_do_handshake 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_do_handshake \- perform a \s-1TLS/SSL\s0 handshake -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_do_handshake(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_do_handshake()\fR will wait for a \s-1SSL/TLS\s0 handshake to take place. If the -connection is in client mode, the handshake will be started. The handshake -routines may have to be explicitly set in advance using either -SSL_set_connect_state(3) or -SSL_set_accept_state(3). -.SH "NOTES" -.IX Header "NOTES" -The behaviour of \fISSL_do_handshake()\fR depends on the underlying \s-1BIO\s0. -.PP -If the underlying \s-1BIO\s0 is \fBblocking\fR, \fISSL_do_handshake()\fR will only return -once the handshake has been finished or an error occurred, except for \s-1SGC\s0 -(Server Gated Cryptography). For \s-1SGC\s0, \fISSL_do_handshake()\fR may return with \-1, -but \fISSL_get_error()\fR will yield \fB\s-1SSL_ERROR_WANT_READ/WRITE\s0\fR and -\&\fISSL_do_handshake()\fR should be called again. -.PP -If the underlying \s-1BIO\s0 is \fBnon-blocking\fR, \fISSL_do_handshake()\fR will also return -when the underlying \s-1BIO\s0 could not satisfy the needs of \fISSL_do_handshake()\fR -to continue the handshake. In this case a call to \fISSL_get_error()\fR with the -return value of \fISSL_do_handshake()\fR will yield \fB\s-1SSL_ERROR_WANT_READ\s0\fR or -\&\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. The calling process then must repeat the call after -taking appropriate action to satisfy the needs of \fISSL_do_handshake()\fR. -The action depends on the underlying \s-1BIO\s0. When using a non-blocking socket, -nothing is to be done, but \fIselect()\fR can be used to check for the required -condition. When using a buffering \s-1BIO\s0, like a \s-1BIO\s0 pair, data must be written -into or retrieved out of the \s-1BIO\s0 before being able to continue. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "1" 4 -.IX Item "1" -The \s-1TLS/SSL\s0 handshake was successfully completed, a \s-1TLS/SSL\s0 connection has been -established. -.Ip "0" 4 -The \s-1TLS/SSL\s0 handshake was not successful but was shut down controlled and -by the specifications of the \s-1TLS/SSL\s0 protocol. Call \fISSL_get_error()\fR with the -return value \fBret\fR to find out the reason. -.Ip "<0" 4 -.IX Item "<0" -The \s-1TLS/SSL\s0 handshake was not successful because a fatal error occurred either -at the protocol level or a connection failure occurred. The shutdown was -not clean. It can also occur of action is need to continue the operation -for non-blocking BIOs. Call \fISSL_get_error()\fR with the return value \fBret\fR -to find out the reason. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_get_error(3), SSL_connect(3), -SSL_accept(3), ssl(3), bio(3), -SSL_set_connect_state(3) diff --git a/secure/lib/libssl/man/SSL_free.3 b/secure/lib/libssl/man/SSL_free.3 deleted file mode 100644 index fb0f40d0c322..000000000000 --- a/secure/lib/libssl/man/SSL_free.3 +++ /dev/null @@ -1,180 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:45 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_free 3" -.TH SSL_free 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_free \- free an allocated \s-1SSL\s0 structure -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& void SSL_free(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_free()\fR decrements the reference count of \fBssl\fR, and removes the \s-1SSL\s0 -structure pointed to by \fBssl\fR and frees up the allocated memory if the -the reference count has reached 0. -.SH "NOTES" -.IX Header "NOTES" -\&\fISSL_free()\fR also calls the \fIfree()\fRing procedures for indirectly affected items, if -applicable: the buffering \s-1BIO\s0, the read and write BIOs, -cipher lists specially created for this \fBssl\fR, the \fB\s-1SSL_SESSION\s0\fR. -Do not explicitly free these indirectly freed up items before or after -calling \fISSL_free()\fR, as trying to free things twice may lead to program -failure. -.PP -The ssl session has reference counts from two users: the \s-1SSL\s0 object, for -which the reference count is removed by \fISSL_free()\fR and the internal -session cache. If the session is considered bad, because -SSL_shutdown(3) was not called for the connection -and SSL_set_shutdown(3) was not used to set the -\&\s-1SSL_SENT_SHUTDOWN\s0 state, the session will also be removed -from the session cache as required by \s-1RFC2246\s0. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_free()\fR does not provide diagnostic information. -.PP -SSL_new(3), SSL_clear(3), -SSL_shutdown(3), SSL_set_shutdown(3), -ssl(3) diff --git a/secure/lib/libssl/man/SSL_get_SSL_CTX.3 b/secure/lib/libssl/man/SSL_get_SSL_CTX.3 deleted file mode 100644 index be2587ce1830..000000000000 --- a/secure/lib/libssl/man/SSL_get_SSL_CTX.3 +++ /dev/null @@ -1,162 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:45 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_SSL_CTX 3" -.TH SSL_get_SSL_CTX 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_SSL_CTX \- get the \s-1SSL_CTX\s0 from which an \s-1SSL\s0 is created -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& SSL_CTX *SSL_get_SSL_CTX(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_SSL_CTX()\fR returns a pointer to the \s-1SSL_CTX\s0 object, from which -\&\fBssl\fR was created with SSL_new(3). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The pointer to the \s-1SSL_CTX\s0 object is returned. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_new(3) diff --git a/secure/lib/libssl/man/SSL_get_ciphers.3 b/secure/lib/libssl/man/SSL_get_ciphers.3 deleted file mode 100644 index d5bd175aea78..000000000000 --- a/secure/lib/libssl/man/SSL_get_ciphers.3 +++ /dev/null @@ -1,177 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:45 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_ciphers 3" -.TH SSL_get_ciphers 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_ciphers, SSL_get_cipher_list \- get list of available SSL_CIPHERs -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *ssl); -\& const char *SSL_get_cipher_list(SSL *ssl, int priority); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_ciphers()\fR returns the stack of available SSL_CIPHERs for \fBssl\fR, -sorted by preference. If \fBssl\fR is \s-1NULL\s0 or no ciphers are available, \s-1NULL\s0 -is returned. -.PP -\&\fISSL_get_cipher_list()\fR returns a pointer to the name of the \s-1SSL_CIPHER\s0 -listed for \fBssl\fR with \fBpriority\fR. If \fBssl\fR is \s-1NULL\s0, no ciphers are -available, or there are less ciphers than \fBpriority\fR available, \s-1NULL\s0 -is returned. -.SH "NOTES" -.IX Header "NOTES" -The details of the ciphers obtained by \fISSL_get_ciphers()\fR can be obtained using -the SSL_CIPHER_get_name(3) family of functions. -.PP -Call \fISSL_get_cipher_list()\fR with \fBpriority\fR starting from 0 to obtain the -sorted list of available ciphers, until \s-1NULL\s0 is returned. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -See \s-1DESCRIPTION\s0 -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CTX_set_cipher_list(3), -SSL_CIPHER_get_name(3) diff --git a/secure/lib/libssl/man/SSL_get_client_CA_list.3 b/secure/lib/libssl/man/SSL_get_client_CA_list.3 deleted file mode 100644 index 32c28f85a385..000000000000 --- a/secure/lib/libssl/man/SSL_get_client_CA_list.3 +++ /dev/null @@ -1,183 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:45 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_client_CA_list 3" -.TH SSL_get_client_CA_list 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_client_CA_list, SSL_CTX_get_client_CA_list \- get list of client CAs -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s); -\& STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_CTX_get_client_CA_list()\fR returns the list of client CAs explicitly set for -\&\fBctx\fR using SSL_CTX_set_client_CA_list(3). -.PP -\&\fISSL_get_client_CA_list()\fR returns the list of client CAs explicitly -set for \fBssl\fR using \fISSL_set_client_CA_list()\fR or \fBssl\fR's \s-1SSL_CTX\s0 object with -SSL_CTX_set_client_CA_list(3), when in -server mode. In client mode, SSL_get_client_CA_list returns the list of -client CAs sent from the server, if any. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_CTX_set_client_CA_list()\fR and \fISSL_set_client_CA_list()\fR do not return -diagnostic information. -.PP -\&\fISSL_CTX_add_client_CA()\fR and \fISSL_add_client_CA()\fR have the following return -values: -.Ip "STACK_OF(X509_NAMES)" 4 -.IX Item "STACK_OF(X509_NAMES)" -List of \s-1CA\s0 names explicitly set (for \fBctx\fR or in server mode) or send -by the server (client mode). -.Ip "\s-1NULL\s0" 4 -.IX Item "NULL" -No client \s-1CA\s0 list was explicitly set (for \fBctx\fR or in server mode) or -the server did not send a list of CAs (client mode). -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_client_CA_list(3), -SSL_CTX_set_client_cert_cb(3) diff --git a/secure/lib/libssl/man/SSL_get_current_cipher.3 b/secure/lib/libssl/man/SSL_get_current_cipher.3 deleted file mode 100644 index 368303c7d12b..000000000000 --- a/secure/lib/libssl/man/SSL_get_current_cipher.3 +++ /dev/null @@ -1,179 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:45 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_current_cipher 3" -.TH SSL_get_current_cipher 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_current_cipher, SSL_get_cipher, SSL_get_cipher_name, -SSL_get_cipher_bits, SSL_get_cipher_version \- get \s-1SSL_CIPHER\s0 of a connection -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 9 -\& SSL_CIPHER *SSL_get_current_cipher(SSL *ssl); -\& #define SSL_get_cipher(s) \e -\& SSL_CIPHER_get_name(SSL_get_current_cipher(s)) -\& #define SSL_get_cipher_name(s) \e -\& SSL_CIPHER_get_name(SSL_get_current_cipher(s)) -\& #define SSL_get_cipher_bits(s,np) \e -\& SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np) -\& #define SSL_get_cipher_version(s) \e -\& SSL_CIPHER_get_version(SSL_get_current_cipher(s)) -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_current_cipher()\fR returns a pointer to an \s-1SSL_CIPHER\s0 object containing -the description of the actually used cipher of a connection established with -the \fBssl\fR object. -.PP -\&\fISSL_get_cipher()\fR and \fISSL_get_cipher_name()\fR are identical macros to obtain the -name of the currently used cipher. \fISSL_get_cipher_bits()\fR is a -macro to obtain the number of secret/algorithm bits used and -\&\fISSL_get_cipher_version()\fR returns the protocol name. -See SSL_CIPHER_get_name(3) for more details. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_get_current_cipher()\fR returns the cipher actually used or \s-1NULL\s0, when -no session has been established. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CIPHER_get_name(3) diff --git a/secure/lib/libssl/man/SSL_get_default_timeout.3 b/secure/lib/libssl/man/SSL_get_default_timeout.3 deleted file mode 100644 index 07736d3ac2e2..000000000000 --- a/secure/lib/libssl/man/SSL_get_default_timeout.3 +++ /dev/null @@ -1,176 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:45 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_default_timeout 3" -.TH SSL_get_default_timeout 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_default_timeout \- get default session timeout value -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& long SSL_get_default_timeout(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_default_timeout()\fR returns the default timeout value assigned to -\&\s-1SSL_SESSION\s0 objects negotiated for the protocol valid for \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -Whenever a new session is negotiated, it is assigned a timeout value, -after which it will not be accepted for session reuse. If the timeout -value was not explicitly set using -SSL_CTX_set_timeout(3), the hardcoded default -timeout for the protocol will be used. -.PP -\&\fISSL_get_default_timeout()\fR return this hardcoded value, which is 300 seconds -for all currently supported protocols (SSLv2, SSLv3, and TLSv1). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -See description. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_session_cache_mode(3), -SSL_SESSION_get_time(3), -SSL_CTX_flush_sessions(3), -SSL_get_default_timeout(3) diff --git a/secure/lib/libssl/man/SSL_get_error.3 b/secure/lib/libssl/man/SSL_get_error.3 deleted file mode 100644 index 9422117e396c..000000000000 --- a/secure/lib/libssl/man/SSL_get_error.3 +++ /dev/null @@ -1,238 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:46 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_error 3" -.TH SSL_get_error 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_error \- obtain result code for \s-1TLS/SSL\s0 I/O operation -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_get_error(SSL *ssl, int ret); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_error()\fR returns a result code (suitable for the C \*(L"switch\*(R" -statement) for a preceding call to \fISSL_connect()\fR, \fISSL_accept()\fR, \fISSL_do_handshake()\fR, -\&\fISSL_read()\fR, \fISSL_peek()\fR, or \fISSL_write()\fR on \fBssl\fR. The value returned by -that \s-1TLS/SSL\s0 I/O function must be passed to \fISSL_get_error()\fR in parameter -\&\fBret\fR. -.PP -In addition to \fBssl\fR and \fBret\fR, \fISSL_get_error()\fR inspects the -current thread's OpenSSL error queue. Thus, \fISSL_get_error()\fR must be -used in the same thread that performed the \s-1TLS/SSL\s0 I/O operation, and no -other OpenSSL function calls should appear in between. The current -thread's error queue must be empty before the \s-1TLS/SSL\s0 I/O operation is -attempted, or \fISSL_get_error()\fR will not work reliably. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can currently occur: -.Ip "\s-1SSL_ERROR_NONE\s0" 4 -.IX Item "SSL_ERROR_NONE" -The \s-1TLS/SSL\s0 I/O operation completed. This result code is returned -if and only if \fBret > 0\fR. -.Ip "\s-1SSL_ERROR_ZERO_RETURN\s0" 4 -.IX Item "SSL_ERROR_ZERO_RETURN" -The \s-1TLS/SSL\s0 connection has been closed. If the protocol version is \s-1SSL\s0 3.0 -or \s-1TLS\s0 1.0, this result code is returned only if a closure -alert has occurred in the protocol, i.e. if the connection has been -closed cleanly. Note that in this case \fB\s-1SSL_ERROR_ZERO_RETURN\s0\fR -does not necessarily indicate that the underlying transport -has been closed. -.Ip "\s-1SSL_ERROR_WANT_READ\s0, \s-1SSL_ERROR_WANT_WRITE\s0" 4 -.IX Item "SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE" -The operation did not complete; the same \s-1TLS/SSL\s0 I/O function should be -called again later. If, by then, the underlying \fB\s-1BIO\s0\fR has data -available for reading (if the result code is \fB\s-1SSL_ERROR_WANT_READ\s0\fR) -or allows writing data (\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR), then some \s-1TLS/SSL\s0 -protocol progress will take place, i.e. at least part of an \s-1TLS/SSL\s0 -record will be read or written. Note that the retry may again lead to -a \fB\s-1SSL_ERROR_WANT_READ\s0\fR or \fB\s-1SSL_ERROR_WANT_WRITE\s0\fR condition. -There is no fixed upper limit for the number of iterations that -may be necessary until progress becomes visible at application -protocol level. -.Sp -For socket \fB\s-1BIO\s0\fRs (e.g. when \fISSL_set_fd()\fR was used), \fIselect()\fR or -\&\fIpoll()\fR on the underlying socket can be used to find out when the -\&\s-1TLS/SSL\s0 I/O function should be retried. -.Sp -Caveat: Any \s-1TLS/SSL\s0 I/O function can lead to either of -\&\fB\s-1SSL_ERROR_WANT_READ\s0\fR and \fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. In particular, -\&\fISSL_read()\fR or \fISSL_peek()\fR may want to write data and \fISSL_write()\fR may want -to read data. This is mainly because \s-1TLS/SSL\s0 handshakes may occur at any -time during the protocol (initiated by either the client or the server); -\&\fISSL_read()\fR, \fISSL_peek()\fR, and \fISSL_write()\fR will handle any pending handshakes. -.Ip "\s-1SSL_ERROR_WANT_CONNECT\s0, \s-1SSL_ERROR_WANT_ACCEPT\s0" 4 -.IX Item "SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT" -The operation did not complete; the same \s-1TLS/SSL\s0 I/O function should be -called again later. The underlying \s-1BIO\s0 was not connected yet to the peer -and the call would block in \fIconnect()\fR/\fIaccept()\fR. The \s-1SSL\s0 function should be -called again when the connection is established. These messages can only -appear with a \fIBIO_s_connect()\fR or \fIBIO_s_accept()\fR \s-1BIO\s0, respectively. -In order to find out, when the connection has been successfully established, -on many platforms \fIselect()\fR or \fIpoll()\fR for writing on the socket file descriptor -can be used. -.Ip "\s-1SSL_ERROR_WANT_X509_LOOKUP\s0" 4 -.IX Item "SSL_ERROR_WANT_X509_LOOKUP" -The operation did not complete because an application callback set by -\&\fISSL_CTX_set_client_cert_cb()\fR has asked to be called again. -The \s-1TLS/SSL\s0 I/O function should be called again later. -Details depend on the application. -.Ip "\s-1SSL_ERROR_SYSCALL\s0" 4 -.IX Item "SSL_ERROR_SYSCALL" -Some I/O error occurred. The OpenSSL error queue may contain more -information on the error. If the error queue is empty -(i.e. \fIERR_get_error()\fR returns 0), \fBret\fR can be used to find out more -about the error: If \fBret == 0\fR, an \s-1EOF\s0 was observed that violates -the protocol. If \fBret == \-1\fR, the underlying \fB\s-1BIO\s0\fR reported an -I/O error (for socket I/O on Unix systems, consult \fBerrno\fR for details). -.Ip "\s-1SSL_ERROR_SSL\s0" 4 -.IX Item "SSL_ERROR_SSL" -A failure in the \s-1SSL\s0 library occurred, usually a protocol error. The -OpenSSL error queue contains more information on the error. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), err(3) -.SH "HISTORY" -.IX Header "HISTORY" -\&\fISSL_get_error()\fR was added in SSLeay 0.8. diff --git a/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 b/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 deleted file mode 100644 index 8cc28037ec94..000000000000 --- a/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 +++ /dev/null @@ -1,190 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:46 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_ex_data_X509_STORE_CTX_idx 3" -.TH SSL_get_ex_data_X509_STORE_CTX_idx 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_ex_data_X509_STORE_CTX_idx \- get ex_data index to access \s-1SSL\s0 structure -from X509_STORE_CTX -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_get_ex_data_X509_STORE_CTX_idx(void); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_ex_data_X509_STORE_CTX_idx()\fR returns the index number under which -the pointer to the \s-1SSL\s0 object is stored into the X509_STORE_CTX object. -.SH "NOTES" -.IX Header "NOTES" -Whenever a X509_STORE_CTX object is created for the verification of the -peers certificate during a handshake, a pointer to the \s-1SSL\s0 object is -stored into the X509_STORE_CTX object to identify the connection affected. -To retrieve this pointer the \fIX509_STORE_CTX_get_ex_data()\fR function can -be used with the correct index. This index is globally the same for all -X509_STORE_CTX objects and can be retrieved using -\&\fISSL_get_ex_data_X509_STORE_CTX_idx()\fR. The index value is set when -\&\fISSL_get_ex_data_X509_STORE_CTX_idx()\fR is first called either by the application -program directly or indirectly during other \s-1SSL\s0 setup functions or during -the handshake. -.PP -The value depends on other index values defined for X509_STORE_CTX objects -before the \s-1SSL\s0 index is created. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -.Ip ">=0" 4 -.IX Item ">=0" -The index value to access the pointer. -.Ip "<0" 4 -.IX Item "<0" -An error occurred, check the error stack for a detailed error message. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -The index returned from \fISSL_get_ex_data_X509_STORE_CTX_idx()\fR allows to -access the \s-1SSL\s0 object for the connection to be accessed during the -\&\fIverify_callback()\fR when checking the peers certificate. Please check -the example in SSL_CTX_set_verify(3), -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CTX_set_verify(3), -CRYPTO_set_ex_data(3) diff --git a/secure/lib/libssl/man/SSL_get_ex_new_index.3 b/secure/lib/libssl/man/SSL_get_ex_new_index.3 deleted file mode 100644 index 50369ce974ca..000000000000 --- a/secure/lib/libssl/man/SSL_get_ex_new_index.3 +++ /dev/null @@ -1,198 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:46 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_ex_new_index 3" -.TH SSL_get_ex_new_index 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_ex_new_index, SSL_set_ex_data, SSL_get_ex_data \- internal application specific data functions -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 4 -\& int SSL_get_ex_new_index(long argl, void *argp, -\& CRYPTO_EX_new *new_func, -\& CRYPTO_EX_dup *dup_func, -\& CRYPTO_EX_free *free_func); -.Ve -.Vb 1 -\& int SSL_set_ex_data(SSL *ssl, int idx, void *arg); -.Ve -.Vb 1 -\& void *SSL_get_ex_data(SSL *ssl, int idx); -.Ve -.Vb 6 -\& typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, -\& int idx, long argl, void *argp); -\& typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, -\& int idx, long argl, void *argp); -\& typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, -\& int idx, long argl, void *argp); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -Several OpenSSL structures can have application specific data attached to them. -These functions are used internally by OpenSSL to manipulate application -specific data attached to a specific structure. -.PP -\&\fISSL_get_ex_new_index()\fR is used to register a new index for application -specific data. -.PP -\&\fISSL_set_ex_data()\fR is used to store application data at \fBarg\fR for \fBidx\fR into -the \fBssl\fR object. -.PP -\&\fISSL_get_ex_data()\fR is used to retrieve the information for \fBidx\fR from -\&\fBssl\fR. -.PP -A detailed description for the \fB*\f(BI_get_ex_new_index()\fB\fR functionality -can be found in RSA_get_ex_new_index(3). -The \fB*\f(BI_get_ex_data()\fB\fR and \fB*\f(BI_set_ex_data()\fB\fR functionality is described in -CRYPTO_set_ex_data(3). -.SH "EXAMPLES" -.IX Header "EXAMPLES" -An example on how to use the functionality is included in the example -\&\fIverify_callback()\fR in SSL_CTX_set_verify(3). -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -RSA_get_ex_new_index(3), -CRYPTO_set_ex_data(3), -SSL_CTX_set_verify(3) diff --git a/secure/lib/libssl/man/SSL_get_fd.3 b/secure/lib/libssl/man/SSL_get_fd.3 deleted file mode 100644 index f504acf37841..000000000000 --- a/secure/lib/libssl/man/SSL_get_fd.3 +++ /dev/null @@ -1,174 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:46 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_fd 3" -.TH SSL_get_fd 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_fd \- get file descriptor linked to an \s-1SSL\s0 object -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 3 -\& int SSL_get_fd(SSL *ssl); -\& int SSL_get_rfd(SSL *ssl); -\& int SSL_get_wfd(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_fd()\fR returns the file descriptor which is linked to \fBssl\fR. -\&\fISSL_get_rfd()\fR and \fISSL_get_wfd()\fR return the file descriptors for the -read or the write channel, which can be different. If the read and the -write channel are different, \fISSL_get_fd()\fR will return the file descriptor -of the read channel. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "\-1" 4 -.IX Item "-1" -The operation failed, because the underlying \s-1BIO\s0 is not of the correct type -(suitable for file descriptors). -.Ip ">=0" 4 -.IX Item ">=0" -The file descriptor linked to \fBssl\fR. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_set_fd(3), ssl(3) , bio(3) diff --git a/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 b/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 deleted file mode 100644 index 5710dbfabd14..000000000000 --- a/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 +++ /dev/null @@ -1,181 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:46 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_peer_cert_chain 3" -.TH SSL_get_peer_cert_chain 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_peer_cert_chain \- get the X509 certificate chain of the peer -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& STACKOF(X509) *SSL_get_peer_cert_chain(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_peer_cert_chain()\fR returns a pointer to STACKOF(X509) certificates -forming the certificate chain of the peer. If called on the client side, -the stack also contains the peer's certificate; if called on the server -side, the peer's certificate must be obtained separately using -SSL_get_peer_certificate(3). -If the peer did not present a certificate, \s-1NULL\s0 is returned. -.SH "NOTES" -.IX Header "NOTES" -The peer certificate chain is not necessarily available after reusing -a session, in which case a \s-1NULL\s0 pointer is returned. -.PP -The reference count of the STACKOF(X509) object is not incremented. -If the corresponding session is freed, the pointer must not be used -any longer. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "\s-1NULL\s0" 4 -.IX Item "NULL" -No certificate was presented by the peer or no connection was established -or the certificate chain is no longer available when a session is reused. -.Ip "Pointer to a STACKOF(X509)" 4 -.IX Item "Pointer to a STACKOF(X509)" -The return value points to the certificate chain presented by the peer. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_get_peer_certificate(3) diff --git a/secure/lib/libssl/man/SSL_get_peer_certificate.3 b/secure/lib/libssl/man/SSL_get_peer_certificate.3 deleted file mode 100644 index de49701e4a8c..000000000000 --- a/secure/lib/libssl/man/SSL_get_peer_certificate.3 +++ /dev/null @@ -1,184 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:47 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_peer_certificate 3" -.TH SSL_get_peer_certificate 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_peer_certificate \- get the X509 certificate of the peer -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& X509 *SSL_get_peer_certificate(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_peer_certificate()\fR returns a pointer to the X509 certificate the -peer presented. If the peer did not present a certificate, \s-1NULL\s0 is returned. -.SH "NOTES" -.IX Header "NOTES" -Due to the protocol definition, a \s-1TLS/SSL\s0 server will always send a -certificate, if present. A client will only send a certificate when -explicitly requested to do so by the server (see -SSL_CTX_set_verify(3)). If an anonymous cipher -is used, no certificates are sent. -.PP -That a certificate is returned does not indicate information about the -verification state, use SSL_get_verify_result(3) -to check the verification state. -.PP -The reference count of the X509 object is incremented by one, so that it -will not be destroyed when the session containing the peer certificate is -freed. The X509 object must be explicitly freed using \fIX509_free()\fR. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "\s-1NULL\s0" 4 -.IX Item "NULL" -No certificate was presented by the peer or no connection was established. -.Ip "Pointer to an X509 certificate" 4 -.IX Item "Pointer to an X509 certificate" -The return value points to the certificate presented by the peer. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_get_verify_result(3), -SSL_CTX_set_verify(3) diff --git a/secure/lib/libssl/man/SSL_get_rbio.3 b/secure/lib/libssl/man/SSL_get_rbio.3 deleted file mode 100644 index 843a7b365a4e..000000000000 --- a/secure/lib/libssl/man/SSL_get_rbio.3 +++ /dev/null @@ -1,170 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:47 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_rbio 3" -.TH SSL_get_rbio 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_rbio \- get \s-1BIO\s0 linked to an \s-1SSL\s0 object -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& BIO *SSL_get_rbio(SSL *ssl); -\& BIO *SSL_get_wbio(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_rbio()\fR and \fISSL_get_wbio()\fR return pointers to the BIOs for the -read or the write channel, which can be different. The reference count -of the \s-1BIO\s0 is not incremented. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "\s-1NULL\s0" 4 -.IX Item "NULL" -No \s-1BIO\s0 was connected to the \s-1SSL\s0 object -.Ip "Any other pointer" 4 -.IX Item "Any other pointer" -The \s-1BIO\s0 linked to \fBssl\fR. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_set_bio(3), ssl(3) , bio(3) diff --git a/secure/lib/libssl/man/SSL_get_session.3 b/secure/lib/libssl/man/SSL_get_session.3 deleted file mode 100644 index 1d936f9e072a..000000000000 --- a/secure/lib/libssl/man/SSL_get_session.3 +++ /dev/null @@ -1,202 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:47 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_session 3" -.TH SSL_get_session 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_session \- retrieve \s-1TLS/SSL\s0 session data -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 3 -\& SSL_SESSION *SSL_get_session(SSL *ssl); -\& SSL_SESSION *SSL_get0_session(SSL *ssl); -\& SSL_SESSION *SSL_get1_session(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_session()\fR returns a pointer to the \fB\s-1SSL_SESSION\s0\fR actually used in -\&\fBssl\fR. The reference count of the \fB\s-1SSL_SESSION\s0\fR is not incremented, so -that the pointer can become invalid by other operations. -.PP -\&\fISSL_get0_session()\fR is the same as \fISSL_get_session()\fR. -.PP -\&\fISSL_get1_session()\fR is the same as \fISSL_get_session()\fR, but the reference -count of the \fB\s-1SSL_SESSION\s0\fR is incremented by one. -.SH "NOTES" -.IX Header "NOTES" -The ssl session contains all information required to re-establish the -connection without a new handshake. -.PP -\&\fISSL_get0_session()\fR returns a pointer to the actual session. As the -reference counter is not incremented, the pointer is only valid while -the connection is in use. If SSL_clear(3) or -SSL_free(3) is called, the session may be removed completely -(if considered bad), and the pointer obtained will become invalid. Even -if the session is valid, it can be removed at any time due to timeout -during SSL_CTX_flush_sessions(3). -.PP -If the data is to be kept, \fISSL_get1_session()\fR will increment the reference -count, so that the session will not be implicitly removed by other operations -but stays in memory. In order to remove the session -SSL_SESSION_free(3) must be explicitly called once -to decrement the reference count again. -.PP -\&\s-1SSL_SESSION\s0 objects keep internal link information about the session cache -list, when being inserted into one \s-1SSL_CTX\s0 object's session cache. -One \s-1SSL_SESSION\s0 object, regardless of its reference count, must therefore -only be used with one \s-1SSL_CTX\s0 object (and the \s-1SSL\s0 objects created -from this \s-1SSL_CTX\s0 object). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "\s-1NULL\s0" 4 -.IX Item "NULL" -There is no session available in \fBssl\fR. -.Ip "Pointer to an \s-1SSL\s0" 4 -.IX Item "Pointer to an SSL" -The return value points to the data of an \s-1SSL\s0 session. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_free(3), -SSL_clear(3), -SSL_SESSION_free(3) diff --git a/secure/lib/libssl/man/SSL_get_verify_result.3 b/secure/lib/libssl/man/SSL_get_verify_result.3 deleted file mode 100644 index a9ca9f7d36ad..000000000000 --- a/secure/lib/libssl/man/SSL_get_verify_result.3 +++ /dev/null @@ -1,185 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:47 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_verify_result 3" -.TH SSL_get_verify_result 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_verify_result \- get result of peer certificate verification -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& long SSL_get_verify_result(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_verify_result()\fR returns the result of the verification of the -X509 certificate presented by the peer, if any. -.SH "NOTES" -.IX Header "NOTES" -\&\fISSL_get_verify_result()\fR can only return one error code while the verification -of a certificate can fail because of many reasons at the same time. Only -the last verification error that occurred during the processing is available -from \fISSL_get_verify_result()\fR. -.PP -The verification result is part of the established session and is restored -when a session is reused. -.SH "BUGS" -.IX Header "BUGS" -If no peer certificate was presented, the returned result code is -X509_V_OK. This is because no verification error occurred, it does however -not indicate success. \fISSL_get_verify_result()\fR is only useful in connection -with SSL_get_peer_certificate(3). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can currently occur: -.Ip "X509_V_OK" 4 -.IX Item "X509_V_OK" -The verification succeeded or no peer certificate was presented. -.Ip "Any other value" 4 -.IX Item "Any other value" -Documented in verify(1). -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_set_verify_result(3), -SSL_get_peer_certificate(3), -verify(1) diff --git a/secure/lib/libssl/man/SSL_get_version.3 b/secure/lib/libssl/man/SSL_get_version.3 deleted file mode 100644 index c8b806fb4311..000000000000 --- a/secure/lib/libssl/man/SSL_get_version.3 +++ /dev/null @@ -1,174 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:47 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_get_version 3" -.TH SSL_get_version 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_get_version \- get the protocol version of a connection. -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& const char *SSL_get_version(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_get_cipher_version()\fR returns the name of the protocol used for the -connection \fBssl\fR. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following strings can occur: -.Ip "SSLv2" 4 -.IX Item "SSLv2" -The connection uses the SSLv2 protocol. -.Ip "SSLv3" 4 -.IX Item "SSLv3" -The connection uses the SSLv3 protocol. -.Ip "TLSv1" 4 -.IX Item "TLSv1" -The connection uses the TLSv1 protocol. -.Ip "unknown" 4 -.IX Item "unknown" -This indicates that no version has been set (no connection established). -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3) diff --git a/secure/lib/libssl/man/SSL_library_init.3 b/secure/lib/libssl/man/SSL_library_init.3 deleted file mode 100644 index 67dac8108725..000000000000 --- a/secure/lib/libssl/man/SSL_library_init.3 +++ /dev/null @@ -1,187 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:47 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_library_init 3" -.TH SSL_library_init 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_library_init, OpenSSL_add_ssl_algorithms, SSLeay_add_ssl_algorithms -\&\- initialize \s-1SSL\s0 library by registering algorithms -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 3 -\& int SSL_library_init(void); -\& #define OpenSSL_add_ssl_algorithms() SSL_library_init() -\& #define SSLeay_add_ssl_algorithms() SSL_library_init() -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_library_init()\fR registers the available ciphers and digests. -.PP -\&\fIOpenSSL_add_ssl_algorithms()\fR and \fISSLeay_add_ssl_algorithms()\fR are synonyms -for \fISSL_library_init()\fR. -.SH "NOTES" -.IX Header "NOTES" -\&\fISSL_library_init()\fR must be called before any other action takes place. -.SH "WARNING" -.IX Header "WARNING" -\&\fISSL_library_init()\fR only registers ciphers. Another important initialization -is the seeding of the \s-1PRNG\s0 (Pseudo Random Number Generator), which has to -be performed separately. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -A typical \s-1TLS/SSL\s0 application will start with the library initialization, -will provide readable error messages and will seed the \s-1PRNG\s0. -.PP -.Vb 3 -\& SSL_load_error_strings(); /* readable error messages */ -\& SSL_library_init(); /* initialize library */ -\& actions_to_seed_PRNG(); -.Ve -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_library_init()\fR always returns \*(L"1\*(R", so it is safe to discard the return -value. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_load_error_strings(3), -RAND_add(3) diff --git a/secure/lib/libssl/man/SSL_load_client_CA_file.3 b/secure/lib/libssl/man/SSL_load_client_CA_file.3 deleted file mode 100644 index d6fb1a837cf7..000000000000 --- a/secure/lib/libssl/man/SSL_load_client_CA_file.3 +++ /dev/null @@ -1,193 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:48 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_load_client_CA_file 3" -.TH SSL_load_client_CA_file 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_load_client_CA_file \- load certificate names from file -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_load_client_CA_file()\fR reads certificates from \fBfile\fR and returns -a STACK_OF(X509_NAME) with the subject names found. -.SH "NOTES" -.IX Header "NOTES" -\&\fISSL_load_client_CA_file()\fR reads a file of \s-1PEM\s0 formatted certificates and -extracts the X509_NAMES of the certificates found. While the name suggests -the specific usage as support function for -SSL_CTX_set_client_CA_list(3), -it is not limited to \s-1CA\s0 certificates. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -Load names of CAs from file and use it as a client \s-1CA\s0 list: -.PP -.Vb 2 -\& SSL_CTX *ctx; -\& STACK_OF(X509_NAME) *cert_names; -.Ve -.Vb 7 -\& ... -\& cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem"); -\& if (cert_names != NULL) -\& SSL_CTX_set_client_CA_list(ctx, cert_names); -\& else -\& error_handling(); -\& ... -.Ve -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "\s-1NULL\s0" 4 -.IX Item "NULL" -The operation failed, check out the error stack for the reason. -.Ip "Pointer to STACK_OF(X509_NAME)" 4 -.IX Item "Pointer to STACK_OF(X509_NAME)" -Pointer to the subject names of the successfully read certificates. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_client_CA_list(3) diff --git a/secure/lib/libssl/man/SSL_new.3 b/secure/lib/libssl/man/SSL_new.3 deleted file mode 100644 index 8c758609d8ab..000000000000 --- a/secure/lib/libssl/man/SSL_new.3 +++ /dev/null @@ -1,174 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:48 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_new 3" -.TH SSL_new 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_new \- create a new \s-1SSL\s0 structure for a connection -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& SSL *SSL_new(SSL_CTX *ctx); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_new()\fR creates a new \fB\s-1SSL\s0\fR structure which is needed to hold the -data for a \s-1TLS/SSL\s0 connection. The new structure inherits the settings -of the underlying context \fBctx\fR: connection method (SSLv2/v3/TLSv1), -options, verification settings, timeout settings. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "\s-1NULL\s0" 4 -.IX Item "NULL" -The creation of a new \s-1SSL\s0 structure failed. Check the error stack to -find out the reason. -.Ip "Pointer to an \s-1SSL\s0 structure" 4 -.IX Item "Pointer to an SSL structure" -The return value points to an allocated \s-1SSL\s0 structure. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_free(3), SSL_clear(3), -SSL_CTX_set_options(3), -SSL_get_SSL_CTX(3), -ssl(3) diff --git a/secure/lib/libssl/man/SSL_pending.3 b/secure/lib/libssl/man/SSL_pending.3 deleted file mode 100644 index 2e96208c7388..000000000000 --- a/secure/lib/libssl/man/SSL_pending.3 +++ /dev/null @@ -1,177 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:48 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_pending 3" -.TH SSL_pending 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_pending \- obtain number of readable bytes buffered in an \s-1SSL\s0 object -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_pending(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_pending()\fR returns the number of bytes which are available inside -\&\fBssl\fR for immediate read. -.SH "NOTES" -.IX Header "NOTES" -Data are received in blocks from the peer. Therefore data can be buffered -inside \fBssl\fR and are ready for immediate retrieval with -SSL_read(3). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The number of bytes pending is returned. -.SH "BUGS" -.IX Header "BUGS" -\&\fISSL_pending()\fR takes into account only bytes from the \s-1TLS/SSL\s0 record -that is currently being processed (if any). If the \fB\s-1SSL\s0\fR object's -\&\fIread_ahead\fR flag is set, additional protocol bytes may have been -read containing more \s-1TLS/SSL\s0 records; these are ignored by -\&\fISSL_pending()\fR. -.PP -Up to OpenSSL 0.9.6, \fISSL_pending()\fR does not check if the record type -of pending data is application data. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_read(3), ssl(3) diff --git a/secure/lib/libssl/man/SSL_read.3 b/secure/lib/libssl/man/SSL_read.3 deleted file mode 100644 index 5e4194232b14..000000000000 --- a/secure/lib/libssl/man/SSL_read.3 +++ /dev/null @@ -1,244 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:48 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_read 3" -.TH SSL_read 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_read \- read bytes from a \s-1TLS/SSL\s0 connection. -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_read(SSL *ssl, void *buf, int num); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_read()\fR tries to read \fBnum\fR bytes from the specified \fBssl\fR into the -buffer \fBbuf\fR. -.SH "NOTES" -.IX Header "NOTES" -If necessary, \fISSL_read()\fR will negotiate a \s-1TLS/SSL\s0 session, if -not already explicitly performed by SSL_connect(3) or -SSL_accept(3). If the -peer requests a re-negotiation, it will be performed transparently during -the \fISSL_read()\fR operation. The behaviour of \fISSL_read()\fR depends on the -underlying \s-1BIO\s0. -.PP -For the transparent negotiation to succeed, the \fBssl\fR must have been -initialized to client or server mode. This is being done by calling -SSL_set_connect_state(3) or \fISSL_set_accept_state()\fR -before the first call to an \fISSL_read()\fR or SSL_write(3) -function. -.PP -\&\fISSL_read()\fR works based on the \s-1SSL/TLS\s0 records. The data are received in -records (with a maximum record size of 16kB for SSLv3/TLSv1). Only when a -record has been completely received, it can be processed (decryption and -check of integrity). Therefore data that was not retrieved at the last -call of \fISSL_read()\fR can still be buffered inside the \s-1SSL\s0 layer and will be -retrieved on the next call to \fISSL_read()\fR. If \fBnum\fR is higher than the -number of bytes buffered, \fISSL_read()\fR will return with the bytes buffered. -If no more bytes are in the buffer, \fISSL_read()\fR will trigger the processing -of the next record. Only when the record has been received and processed -completely, \fISSL_read()\fR will return reporting success. At most the contents -of the record will be returned. As the size of an \s-1SSL/TLS\s0 record may exceed -the maximum packet size of the underlying transport (e.g. \s-1TCP\s0), it may -be necessary to read several packets from the transport layer before the -record is complete and \fISSL_read()\fR can succeed. -.PP -If the underlying \s-1BIO\s0 is \fBblocking\fR, \fISSL_read()\fR will only return, once the -read operation has been finished or an error occurred, except when a -renegotiation take place, in which case a \s-1SSL_ERROR_WANT_READ\s0 may occur. -This behaviour can be controlled with the \s-1SSL_MODE_AUTO_RETRY\s0 flag of the -SSL_CTX_set_mode(3) call. -.PP -If the underlying \s-1BIO\s0 is \fBnon-blocking\fR, \fISSL_read()\fR will also return -when the underlying \s-1BIO\s0 could not satisfy the needs of \fISSL_read()\fR -to continue the operation. In this case a call to -SSL_get_error(3) with the -return value of \fISSL_read()\fR will yield \fB\s-1SSL_ERROR_WANT_READ\s0\fR or -\&\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. As at any time a re-negotiation is possible, a -call to \fISSL_read()\fR can also cause write operations! The calling process -then must repeat the call after taking appropriate action to satisfy the -needs of \fISSL_read()\fR. The action depends on the underlying \s-1BIO\s0. When using a -non-blocking socket, nothing is to be done, but \fIselect()\fR can be used to check -for the required condition. When using a buffering \s-1BIO\s0, like a \s-1BIO\s0 pair, data -must be written into or retrieved out of the \s-1BIO\s0 before being able to continue. -.SH "WARNING" -.IX Header "WARNING" -When an \fISSL_read()\fR operation has to be repeated because of -\&\fB\s-1SSL_ERROR_WANT_READ\s0\fR or \fB\s-1SSL_ERROR_WANT_WRITE\s0\fR, it must be repeated -with the same arguments. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip ">0" 4 -.IX Item ">0" -The read operation was successful; the return value is the number of -bytes actually read from the \s-1TLS/SSL\s0 connection. -.Ip "0" 4 -The read operation was not successful. The reason may either be a clean -shutdown due to a \*(L"close notify\*(R" alert sent by the peer (in which case -the \s-1SSL_RECEIVED_SHUTDOWN\s0 flag in the ssl shutdown state is set -(see SSL_shutdown(3), -SSL_set_shutdown(3)). It is also possible, that -the peer simply shut down the underlying transport and the shutdown is -incomplete. Call \fISSL_get_error()\fR with the return value \fBret\fR to find out, -whether an error occurred or the connection was shut down cleanly -(\s-1SSL_ERROR_ZERO_RETURN\s0). -.Sp -SSLv2 (deprecated) does not support a shutdown alert protocol, so it can -only be detected, whether the underlying connection was closed. It cannot -be checked, whether the closure was initiated by the peer or by something -else. -.Ip "<0" 4 -.IX Item "<0" -The read operation was not successful, because either an error occurred -or action must be taken by the calling process. Call \fISSL_get_error()\fR with the -return value \fBret\fR to find out the reason. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_get_error(3), SSL_write(3), -SSL_CTX_set_mode(3), SSL_CTX_new(3), -SSL_connect(3), SSL_accept(3) -SSL_set_connect_state(3), -SSL_shutdown(3), SSL_set_shutdown(3), -ssl(3), bio(3) diff --git a/secure/lib/libssl/man/SSL_rstate_string.3 b/secure/lib/libssl/man/SSL_rstate_string.3 deleted file mode 100644 index 48214cff8bdb..000000000000 --- a/secure/lib/libssl/man/SSL_rstate_string.3 +++ /dev/null @@ -1,190 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:48 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_rstate_string 3" -.TH SSL_rstate_string 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_rstate_string, SSL_rstate_string_long \- get textual description of state of an \s-1SSL\s0 object during read operation -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& const char *SSL_rstate_string(SSL *ssl); -\& const char *SSL_rstate_string_long(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_rstate_string()\fR returns a 2 letter string indicating the current read state -of the \s-1SSL\s0 object \fBssl\fR. -.PP -\&\fISSL_rstate_string_long()\fR returns a string indicating the current read state of -the \s-1SSL\s0 object \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -When performing a read operation, the \s-1SSL/TLS\s0 engine must parse the record, -consisting of header and body. When working in a blocking environment, -SSL_rstate_string[_long]() should always return \*(L"\s-1RD\s0\*(R"/\*(L"read done\*(R". -.PP -This function should only seldom be needed in applications. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_rstate_string()\fR and \fISSL_rstate_string_long()\fR can return the following -values: -.if n .Ip """""\s-1RH\s0""""/""""read header""""" 4 -.el .Ip "``\s-1RH\s0''/``read header''" 4 -.IX Item ""RH/read header" -The header of the record is being evaluated. -.if n .Ip """""\s-1RB\s0""""/""""read body""""" 4 -.el .Ip "``\s-1RB\s0''/``read body''" 4 -.IX Item ""RB/read body" -The body of the record is being evaluated. -.if n .Ip """""\s-1RD\s0""""/""""read done""""" 4 -.el .Ip "``\s-1RD\s0''/``read done''" 4 -.IX Item ""RD/read done" -The record has been completely processed. -.if n .Ip """""unknown""""/""""unknown""""" 4 -.el .Ip "``unknown''/``unknown''" 4 -.IX Item ""unknown/unknown" -The read state is unknown. This should never happen. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3) diff --git a/secure/lib/libssl/man/SSL_session_reused.3 b/secure/lib/libssl/man/SSL_session_reused.3 deleted file mode 100644 index 262903ac6026..000000000000 --- a/secure/lib/libssl/man/SSL_session_reused.3 +++ /dev/null @@ -1,173 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:48 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_session_reused 3" -.TH SSL_session_reused 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_session_reused \- query whether a reused session was negotiated during handshake -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_session_reused(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -Query, whether a reused session was negotiated during the handshake. -.SH "NOTES" -.IX Header "NOTES" -During the negotiation, a client can propose to reuse a session. The server -then looks up the session in its cache. If both client and server agree -on the session, it will be reused and a flag is being set that can be -queried by the application. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "0" 4 -A new session was negotiated. -.Ip "1" 4 -.IX Item "1" -A session was reused. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_set_session(3), -SSL_CTX_set_session_cache_mode(3) diff --git a/secure/lib/libssl/man/SSL_set_bio.3 b/secure/lib/libssl/man/SSL_set_bio.3 deleted file mode 100644 index a45734a0f5db..000000000000 --- a/secure/lib/libssl/man/SSL_set_bio.3 +++ /dev/null @@ -1,170 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:49 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_set_bio 3" -.TH SSL_set_bio 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_set_bio \- connect the \s-1SSL\s0 object with a \s-1BIO\s0 -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_set_bio()\fR connects the BIOs \fBrbio\fR and \fBwbio\fR for the read and write -operations of the \s-1TLS/SSL\s0 (encrypted) side of \fBssl\fR. -.PP -The \s-1SSL\s0 engine inherits the behaviour of \fBrbio\fR and \fBwbio\fR, respectively. -If a \s-1BIO\s0 is non-blocking, the \fBssl\fR will also have non-blocking behaviour. -.PP -If there was already a \s-1BIO\s0 connected to \fBssl\fR, \fIBIO_free()\fR will be called -(for both the reading and writing side, if different). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_set_bio()\fR cannot fail. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_get_rbio(3), -SSL_connect(3), SSL_accept(3), -SSL_shutdown(3), ssl(3), bio(3) diff --git a/secure/lib/libssl/man/SSL_set_connect_state.3 b/secure/lib/libssl/man/SSL_set_connect_state.3 deleted file mode 100644 index 4987f4e032be..000000000000 --- a/secure/lib/libssl/man/SSL_set_connect_state.3 +++ /dev/null @@ -1,191 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:49 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_set_connect_state 3" -.TH SSL_set_connect_state 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_set_connect_state, SSL_get_accept_state \- prepare \s-1SSL\s0 object to work in client or server mode -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& void SSL_set_connect_state(SSL *ssl); -.Ve -.Vb 1 -\& void SSL_set_accept_state(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_set_connect_state()\fR sets \fBssl\fR to work in client mode. -.PP -\&\fISSL_set_accept_state()\fR sets \fBssl\fR to work in server mode. -.SH "NOTES" -.IX Header "NOTES" -When the \s-1SSL_CTX\s0 object was created with SSL_CTX_new(3), -it was either assigned a dedicated client method, a dedicated server -method, or a generic method, that can be used for both client and -server connections. (The method might have been changed with -SSL_CTX_set_ssl_version(3) or -\&\fISSL_set_ssl_method()\fR.) -.PP -When beginning a new handshake, the \s-1SSL\s0 engine must know whether it must -call the connect (client) or accept (server) routines. Even though it may -be clear from the method chosen, whether client or server mode was -requested, the handshake routines must be explicitly set. -.PP -When using the SSL_connect(3) or -SSL_accept(3) routines, the correct handshake -routines are automatically set. When performing a transparent negotiation -using SSL_write(3) or SSL_read(3), the -handshake routines must be explicitly set in advance using either -\&\fISSL_set_connect_state()\fR or \fISSL_set_accept_state()\fR. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_set_connect_state()\fR and \fISSL_set_accept_state()\fR do not return diagnostic -information. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_new(3), SSL_CTX_new(3), -SSL_connect(3), SSL_accept(3), -SSL_write(3), SSL_read(3), -SSL_do_handshake(3), -SSL_CTX_set_ssl_version(3) diff --git a/secure/lib/libssl/man/SSL_set_fd.3 b/secure/lib/libssl/man/SSL_set_fd.3 deleted file mode 100644 index 45d3728e2bef..000000000000 --- a/secure/lib/libssl/man/SSL_set_fd.3 +++ /dev/null @@ -1,183 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:49 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_set_fd 3" -.TH SSL_set_fd 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_set_fd \- connect the \s-1SSL\s0 object with a file descriptor -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 3 -\& int SSL_set_fd(SSL *ssl, int fd); -\& int SSL_set_rfd(SSL *ssl, int fd); -\& int SSL_set_wfd(SSL *ssl, int fd); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_set_fd()\fR sets the file descriptor \fBfd\fR as the input/output facility -for the \s-1TLS/SSL\s0 (encrypted) side of \fBssl\fR. \fBfd\fR will typically be the -socket file descriptor of a network connection. -.PP -When performing the operation, a \fBsocket \s-1BIO\s0\fR is automatically created to -interface between the \fBssl\fR and \fBfd\fR. The \s-1BIO\s0 and hence the \s-1SSL\s0 engine -inherit the behaviour of \fBfd\fR. If \fBfd\fR is non-blocking, the \fBssl\fR will -also have non-blocking behaviour. -.PP -If there was already a \s-1BIO\s0 connected to \fBssl\fR, \fIBIO_free()\fR will be called -(for both the reading and writing side, if different). -.PP -\&\fISSL_set_rfd()\fR and \fISSL_set_wfd()\fR perform the respective action, but only -for the read channel or the write channel, which can be set independently. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "0" 4 -The operation failed. Check the error stack to find out why. -.Ip "1" 4 -.IX Item "1" -The operation succeeded. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_get_fd(3), SSL_set_bio(3), -SSL_connect(3), SSL_accept(3), -SSL_shutdown(3), ssl(3) , bio(3) diff --git a/secure/lib/libssl/man/SSL_set_session.3 b/secure/lib/libssl/man/SSL_set_session.3 deleted file mode 100644 index a977d4e8f0b1..000000000000 --- a/secure/lib/libssl/man/SSL_set_session.3 +++ /dev/null @@ -1,185 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:49 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_set_session 3" -.TH SSL_set_session 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_set_session \- set a \s-1TLS/SSL\s0 session to be used during \s-1TLS/SSL\s0 connect -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_set_session(SSL *ssl, SSL_SESSION *session); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_set_session()\fR sets \fBsession\fR to be used when the \s-1TLS/SSL\s0 connection -is to be established. \fISSL_set_session()\fR is only useful for \s-1TLS/SSL\s0 clients. -When the session is set, the reference count of \fBsession\fR is incremented -by 1. If the session is not reused, the reference count is decremented -again during \fISSL_connect()\fR. Whether the session was reused can be queried -with the SSL_session_reused(3) call. -.PP -If there is already a session set inside \fBssl\fR (because it was set with -\&\fISSL_set_session()\fR before or because the same \fBssl\fR was already used for -a connection), \fISSL_SESSION_free()\fR will be called for that session. -.SH "NOTES" -.IX Header "NOTES" -\&\s-1SSL_SESSION\s0 objects keep internal link information about the session cache -list, when being inserted into one \s-1SSL_CTX\s0 object's session cache. -One \s-1SSL_SESSION\s0 object, regardless of its reference count, must therefore -only be used with one \s-1SSL_CTX\s0 object (and the \s-1SSL\s0 objects created -from this \s-1SSL_CTX\s0 object). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "0" 4 -The operation failed; check the error stack to find out the reason. -.Ip "1" 4 -.IX Item "1" -The operation succeeded. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_SESSION_free(3), -SSL_get_session(3), -SSL_session_reused(3), -SSL_CTX_set_session_cache_mode(3) diff --git a/secure/lib/libssl/man/SSL_set_shutdown.3 b/secure/lib/libssl/man/SSL_set_shutdown.3 deleted file mode 100644 index 8b69112f4e7b..000000000000 --- a/secure/lib/libssl/man/SSL_set_shutdown.3 +++ /dev/null @@ -1,200 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:49 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_set_shutdown 3" -.TH SSL_set_shutdown 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_set_shutdown, SSL_get_shutdown \- manipulate shutdown state of an \s-1SSL\s0 connection -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& void SSL_set_shutdown(SSL *ssl, int mode); -.Ve -.Vb 1 -\& int SSL_get_shutdown(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_set_shutdown()\fR sets the shutdown state of \fBssl\fR to \fBmode\fR. -.PP -\&\fISSL_get_shutdown()\fR returns the shutdown mode of \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -The shutdown state of an ssl connection is a bitmask of: -.Ip "0" 4 -No shutdown setting, yet. -.Ip "\s-1SSL_SENT_SHUTDOWN\s0" 4 -.IX Item "SSL_SENT_SHUTDOWN" -A \*(L"close notify\*(R" shutdown alert was sent to the peer, the connection is being -considered closed and the session is closed and correct. -.Ip "\s-1SSL_RECEIVED_SHUTDOWN\s0" 4 -.IX Item "SSL_RECEIVED_SHUTDOWN" -A shutdown alert was received form the peer, either a normal \*(L"close notify\*(R" -or a fatal error. -.PP -\&\s-1SSL_SENT_SHUTDOWN\s0 and \s-1SSL_RECEIVED_SHUTDOWN\s0 can be set at the same time. -.PP -The shutdown state of the connection is used to determine the state of -the ssl session. If the session is still open, when -SSL_clear(3) or SSL_free(3) is called, -it is considered bad and removed according to \s-1RFC2246\s0. -The actual condition for a correctly closed session is \s-1SSL_SENT_SHUTDOWN\s0 -(according to the \s-1TLS\s0 \s-1RFC\s0, it is acceptable to only send the \*(L"close notify\*(R" -alert but to not wait for the peer's answer, when the underlying connection -is closed). -\&\fISSL_set_shutdown()\fR can be used to set this state without sending a -close alert to the peer (see SSL_shutdown(3)). -.PP -If a \*(L"close notify\*(R" was received, \s-1SSL_RECEIVED_SHUTDOWN\s0 will be set, -for setting \s-1SSL_SENT_SHUTDOWN\s0 the application must however still call -SSL_shutdown(3) or \fISSL_set_shutdown()\fR itself. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_set_shutdown()\fR does not return diagnostic information. -.PP -\&\fISSL_get_shutdown()\fR returns the current setting. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_shutdown(3), -SSL_CTX_set_quiet_shutdown(3), -SSL_clear(3), SSL_free(3) diff --git a/secure/lib/libssl/man/SSL_set_verify_result.3 b/secure/lib/libssl/man/SSL_set_verify_result.3 deleted file mode 100644 index 8a7a0c0aeacd..000000000000 --- a/secure/lib/libssl/man/SSL_set_verify_result.3 +++ /dev/null @@ -1,173 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:49 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_set_verify_result 3" -.TH SSL_set_verify_result 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_set_verify_result \- override result of peer certificate verification -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& void SSL_set_verify_result(SSL *ssl, long verify_result); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_set_verify_result()\fR sets \fBverify_result\fR of the object \fBssl\fR to be the -result of the verification of the X509 certificate presented by the peer, -if any. -.SH "NOTES" -.IX Header "NOTES" -\&\fISSL_set_verify_result()\fR overrides the verification result. It only changes -the verification result of the \fBssl\fR object. It does not become part of the -established session, so if the session is to be reused later, the original -value will reappear. -.PP -The valid codes for \fBverify_result\fR are documented in verify(1). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fISSL_set_verify_result()\fR does not provide a return value. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_get_verify_result(3), -SSL_get_peer_certificate(3), -verify(1) diff --git a/secure/lib/libssl/man/SSL_shutdown.3 b/secure/lib/libssl/man/SSL_shutdown.3 deleted file mode 100644 index 291aa32dbcf8..000000000000 --- a/secure/lib/libssl/man/SSL_shutdown.3 +++ /dev/null @@ -1,237 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:49 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_shutdown 3" -.TH SSL_shutdown 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_shutdown \- shut down a \s-1TLS/SSL\s0 connection -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_shutdown(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_shutdown()\fR shuts down an active \s-1TLS/SSL\s0 connection. It sends the -\&\*(L"close notify\*(R" shutdown alert to the peer. -.SH "NOTES" -.IX Header "NOTES" -\&\fISSL_shutdown()\fR tries to send the \*(L"close notify\*(R" shutdown alert to the peer. -Whether the operation succeeds or not, the \s-1SSL_SENT_SHUTDOWN\s0 flag is set and -a currently open session is considered closed and good and will be kept in the -session cache for further reuse. -.PP -The shutdown procedure consists of 2 steps: the sending of the \*(L"close notify\*(R" -shutdown alert and the reception of the peer's \*(L"close notify\*(R" shutdown -alert. According to the \s-1TLS\s0 standard, it is acceptable for an application -to only send its shutdown alert and then close the underlying connection -without waiting for the peer's response (this way resources can be saved, -as the process can already terminate or serve another connection). -When the underlying connection shall be used for more communications, the -complete shutdown procedure (bidirectional \*(L"close notify\*(R" alerts) must be -performed, so that the peers stay synchronized. -.PP -\&\fISSL_shutdown()\fR supports both uni- and bidirectional shutdown by its 2 step -behaviour. -.if n .Ip "When the application is the first party to send the """"close notify"""" alert, \fISSL_shutdown()\fR will only send the alert and the set the \s-1SSL_SENT_SHUTDOWN\s0 flag (so that the session is considered good and will be kept in cache). \fISSL_shutdown()\fR will then return with 0. If a unidirectional shutdown is enough (the underlying connection shall be closed anyway), this first call to \fISSL_shutdown()\fR is sufficient. In order to complete the bidirectional shutdown handshake, \fISSL_shutdown()\fR must be called again. The second call will make \fISSL_shutdown()\fR wait for the peer's """"close notify"""" shutdown alert. On success, the second call to \fISSL_shutdown()\fR will return with 1." 4 -.el .Ip "When the application is the first party to send the ``close notify'' alert, \fISSL_shutdown()\fR will only send the alert and the set the \s-1SSL_SENT_SHUTDOWN\s0 flag (so that the session is considered good and will be kept in cache). \fISSL_shutdown()\fR will then return with 0. If a unidirectional shutdown is enough (the underlying connection shall be closed anyway), this first call to \fISSL_shutdown()\fR is sufficient. In order to complete the bidirectional shutdown handshake, \fISSL_shutdown()\fR must be called again. The second call will make \fISSL_shutdown()\fR wait for the peer's ``close notify'' shutdown alert. On success, the second call to \fISSL_shutdown()\fR will return with 1." 4 -.IX Item "When the application is the first party to send the "close notify alert, SSL_shutdown() will only send the alert and the set the SSL_SENT_SHUTDOWN flag (so that the session is considered good and will be kept in cache). SSL_shutdown() will then return with 0. If a unidirectional shutdown is enough (the underlying connection shall be closed anyway), this first call to SSL_shutdown() is sufficient. In order to complete the bidirectional shutdown handshake, SSL_shutdown() must be called again. The second call will make SSL_shutdown() wait for the peer's close notify shutdown alert. On success, the second call to SSL_shutdown() will return with 1." -.PD 0 -.if n .Ip "If the peer already sent the """"close notify"""" alert \fBand\fR it was already processed implicitly inside another function (SSL_read(3)), the \s-1SSL_RECEIVED_SHUTDOWN\s0 flag is set. \fISSL_shutdown()\fR will send the """"close notify"""" alert, set the \s-1SSL_SENT_SHUTDOWN\s0 flag and will immediately return with 1. Whether \s-1SSL_RECEIVED_SHUTDOWN\s0 is already set can be checked using the \fISSL_get_shutdown()\fR (see also SSL_set_shutdown(3) call." 4 -.el .Ip "If the peer already sent the ``close notify'' alert \fBand\fR it was already processed implicitly inside another function (SSL_read(3)), the \s-1SSL_RECEIVED_SHUTDOWN\s0 flag is set. \fISSL_shutdown()\fR will send the ``close notify'' alert, set the \s-1SSL_SENT_SHUTDOWN\s0 flag and will immediately return with 1. Whether \s-1SSL_RECEIVED_SHUTDOWN\s0 is already set can be checked using the \fISSL_get_shutdown()\fR (see also SSL_set_shutdown(3) call." 4 -.IX Item "If the peer already sent the "close notify alert and it was already processed implicitly inside another function (SSL_read(3)), the SSL_RECEIVED_SHUTDOWN flag is set. SSL_shutdown() will send the close notify alert, set the SSL_SENT_SHUTDOWN flag and will immediately return with 1. Whether SSL_RECEIVED_SHUTDOWN is already set can be checked using the SSL_get_shutdown() (see also SSL_set_shutdown(3) call." -.PD -.PP -It is therefore recommended, to check the return value of \fISSL_shutdown()\fR -and call \fISSL_shutdown()\fR again, if the bidirectional shutdown is not yet -complete (return value of the first call is 0). As the shutdown is not -specially handled in the SSLv2 protocol, \fISSL_shutdown()\fR will succeed on -the first call. -.PP -The behaviour of \fISSL_shutdown()\fR additionally depends on the underlying \s-1BIO\s0. -.PP -If the underlying \s-1BIO\s0 is \fBblocking\fR, \fISSL_shutdown()\fR will only return once the -handshake step has been finished or an error occurred. -.PP -If the underlying \s-1BIO\s0 is \fBnon-blocking\fR, \fISSL_shutdown()\fR will also return -when the underlying \s-1BIO\s0 could not satisfy the needs of \fISSL_shutdown()\fR -to continue the handshake. In this case a call to \fISSL_get_error()\fR with the -return value of \fISSL_shutdown()\fR will yield \fB\s-1SSL_ERROR_WANT_READ\s0\fR or -\&\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. The calling process then must repeat the call after -taking appropriate action to satisfy the needs of \fISSL_shutdown()\fR. -The action depends on the underlying \s-1BIO\s0. When using a non-blocking socket, -nothing is to be done, but \fIselect()\fR can be used to check for the required -condition. When using a buffering \s-1BIO\s0, like a \s-1BIO\s0 pair, data must be written -into or retrieved out of the \s-1BIO\s0 before being able to continue. -.PP -\&\fISSL_shutdown()\fR can be modified to only set the connection to \*(L"shutdown\*(R" -state but not actually send the \*(L"close notify\*(R" alert messages, -see SSL_CTX_set_quiet_shutdown(3). -When \*(L"quiet shutdown\*(R" is enabled, \fISSL_shutdown()\fR will always succeed -and return 1. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip "1" 4 -.IX Item "1" -The shutdown was successfully completed. The \*(L"close notify\*(R" alert was sent -and the peer's \*(L"close notify\*(R" alert was received. -.Ip "0" 4 -The shutdown is not yet finished. Call \fISSL_shutdown()\fR for a second time, -if a bidirectional shutdown shall be performed. -The output of SSL_get_error(3) may be misleading, as an -erroneous \s-1SSL_ERROR_SYSCALL\s0 may be flagged even though no error occurred. -.Ip "\-1" 4 -.IX Item "-1" -The shutdown was not successful because a fatal error occurred either -at the protocol level or a connection failure occurred. It can also occur if -action is need to continue the operation for non-blocking BIOs. -Call SSL_get_error(3) with the return value \fBret\fR -to find out the reason. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_get_error(3), SSL_connect(3), -SSL_accept(3), SSL_set_shutdown(3), -SSL_CTX_set_quiet_shutdown(3), -SSL_clear(3), SSL_free(3), -ssl(3), bio(3) diff --git a/secure/lib/libssl/man/SSL_state_string.3 b/secure/lib/libssl/man/SSL_state_string.3 deleted file mode 100644 index 5d5c23298016..000000000000 --- a/secure/lib/libssl/man/SSL_state_string.3 +++ /dev/null @@ -1,180 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:50 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_state_string 3" -.TH SSL_state_string 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_state_string, SSL_state_string_long \- get textual description of state of an \s-1SSL\s0 object -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& const char *SSL_state_string(SSL *ssl); -\& const char *SSL_state_string_long(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_state_string()\fR returns a 6 letter string indicating the current state -of the \s-1SSL\s0 object \fBssl\fR. -.PP -\&\fISSL_state_string_long()\fR returns a string indicating the current state of -the \s-1SSL\s0 object \fBssl\fR. -.SH "NOTES" -.IX Header "NOTES" -During its use, an \s-1SSL\s0 objects passes several states. The state is internally -maintained. Querying the state information is not very informative before -or when a connection has been established. It however can be of significant -interest during the handshake. -.PP -When using non-blocking sockets, the function call performing the handshake -may return with \s-1SSL_ERROR_WANT_READ\s0 or \s-1SSL_ERROR_WANT_WRITE\s0 condition, -so that SSL_state_string[_long]() may be called. -.PP -For both blocking or non-blocking sockets, the details state information -can be used within the info_callback function set with the -\&\fISSL_set_info_callback()\fR call. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -Detailed description of possible states to be included later. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_CTX_set_info_callback(3) diff --git a/secure/lib/libssl/man/SSL_want.3 b/secure/lib/libssl/man/SSL_want.3 deleted file mode 100644 index 2fef873f4671..000000000000 --- a/secure/lib/libssl/man/SSL_want.3 +++ /dev/null @@ -1,204 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:50 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_want 3" -.TH SSL_want 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup \- obtain state information \s-1TLS/SSL\s0 I/O operation -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 5 -\& int SSL_want(SSL *ssl); -\& int SSL_want_nothing(SSL *ssl); -\& int SSL_want_read(SSL *ssl); -\& int SSL_want_write(SSL *ssl); -\& int SSL_want_x509_lookup(SSL *ssl); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_want()\fR returns state information for the \s-1SSL\s0 object \fBssl\fR. -.PP -The other SSL_want_*() calls are shortcuts for the possible states returned -by \fISSL_want()\fR. -.SH "NOTES" -.IX Header "NOTES" -\&\fISSL_want()\fR examines the internal state information of the \s-1SSL\s0 object. Its -return values are similar to that of SSL_get_error(3). -Unlike SSL_get_error(3), which also evaluates the -error queue, the results are obtained by examining an internal state flag -only. The information must therefore only be used for normal operation under -non-blocking I/O. Error conditions are not handled and must be treated -using SSL_get_error(3). -.PP -The result returned by \fISSL_want()\fR should always be consistent with -the result of SSL_get_error(3). -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can currently occur for \fISSL_want()\fR: -.Ip "\s-1SSL_NOTHING\s0" 4 -.IX Item "SSL_NOTHING" -There is no data to be written or to be read. -.Ip "\s-1SSL_WRITING\s0" 4 -.IX Item "SSL_WRITING" -There are data in the \s-1SSL\s0 buffer that must be written to the underlying -\&\fB\s-1BIO\s0\fR layer in order to complete the actual SSL_*() operation. -A call to SSL_get_error(3) should return -\&\s-1SSL_ERROR_WANT_WRITE\s0. -.Ip "\s-1SSL_READING\s0" 4 -.IX Item "SSL_READING" -More data must be read from the underlying \fB\s-1BIO\s0\fR layer in order to -complete the actual SSL_*() operation. -A call to SSL_get_error(3) should return -\&\s-1SSL_ERROR_WANT_READ\s0. -.Ip "\s-1SSL_X509_LOOKUP\s0" 4 -.IX Item "SSL_X509_LOOKUP" -The operation did not complete because an application callback set by -\&\fISSL_CTX_set_client_cert_cb()\fR has asked to be called again. -A call to SSL_get_error(3) should return -\&\s-1SSL_ERROR_WANT_X509_LOOKUP\s0. -.PP -\&\fISSL_want_nothing()\fR, \fISSL_want_read()\fR, \fISSL_want_write()\fR, \fISSL_want_x509_lookup()\fR -return 1, when the corresponding condition is true or 0 otherwise. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), err(3), SSL_get_error(3) diff --git a/secure/lib/libssl/man/SSL_write.3 b/secure/lib/libssl/man/SSL_write.3 deleted file mode 100644 index 4edfc84e74da..000000000000 --- a/secure/lib/libssl/man/SSL_write.3 +++ /dev/null @@ -1,235 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:50 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "SSL_write 3" -.TH SSL_write 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -SSL_write \- write bytes to a \s-1TLS/SSL\s0 connection. -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 1 -\& int SSL_write(SSL *ssl, const void *buf, int num); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fISSL_write()\fR writes \fBnum\fR bytes from the buffer \fBbuf\fR into the specified -\&\fBssl\fR connection. -.SH "NOTES" -.IX Header "NOTES" -If necessary, \fISSL_write()\fR will negotiate a \s-1TLS/SSL\s0 session, if -not already explicitly performed by SSL_connect(3) or -SSL_accept(3). If the -peer requests a re-negotiation, it will be performed transparently during -the \fISSL_write()\fR operation. The behaviour of \fISSL_write()\fR depends on the -underlying \s-1BIO\s0. -.PP -For the transparent negotiation to succeed, the \fBssl\fR must have been -initialized to client or server mode. This is being done by calling -SSL_set_connect_state(3) or \fISSL_set_accept_state()\fR -before the first call to an SSL_read(3) or \fISSL_write()\fR function. -.PP -If the underlying \s-1BIO\s0 is \fBblocking\fR, \fISSL_write()\fR will only return, once the -write operation has been finished or an error occurred, except when a -renegotiation take place, in which case a \s-1SSL_ERROR_WANT_READ\s0 may occur. -This behaviour can be controlled with the \s-1SSL_MODE_AUTO_RETRY\s0 flag of the -SSL_CTX_set_mode(3) call. -.PP -If the underlying \s-1BIO\s0 is \fBnon-blocking\fR, \fISSL_write()\fR will also return, -when the underlying \s-1BIO\s0 could not satisfy the needs of \fISSL_write()\fR -to continue the operation. In this case a call to -SSL_get_error(3) with the -return value of \fISSL_write()\fR will yield \fB\s-1SSL_ERROR_WANT_READ\s0\fR or -\&\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. As at any time a re-negotiation is possible, a -call to \fISSL_write()\fR can also cause read operations! The calling process -then must repeat the call after taking appropriate action to satisfy the -needs of \fISSL_write()\fR. The action depends on the underlying \s-1BIO\s0. When using a -non-blocking socket, nothing is to be done, but \fIselect()\fR can be used to check -for the required condition. When using a buffering \s-1BIO\s0, like a \s-1BIO\s0 pair, data -must be written into or retrieved out of the \s-1BIO\s0 before being able to continue. -.PP -\&\fISSL_write()\fR will only return with success, when the complete contents -of \fBbuf\fR of length \fBnum\fR has been written. This default behaviour -can be changed with the \s-1SSL_MODE_ENABLE_PARTIAL_WRITE\s0 option of -SSL_CTX_set_mode(3). When this flag is set, -\&\fISSL_write()\fR will also return with success, when a partial write has been -successfully completed. In this case the \fISSL_write()\fR operation is considered -completed. The bytes are sent and a new \fISSL_write()\fR operation with a new -buffer (with the already sent bytes removed) must be started. -A partial write is performed with the size of a message block, which is -16kB for SSLv3/TLSv1. -.SH "WARNING" -.IX Header "WARNING" -When an \fISSL_write()\fR operation has to be repeated because of -\&\fB\s-1SSL_ERROR_WANT_READ\s0\fR or \fB\s-1SSL_ERROR_WANT_WRITE\s0\fR, it must be repeated -with the same arguments. -.PP -When calling \fISSL_write()\fR with num=0 bytes to be sent the behaviour is -undefined. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -The following return values can occur: -.Ip ">0" 4 -.IX Item ">0" -The write operation was successful, the return value is the number of -bytes actually written to the \s-1TLS/SSL\s0 connection. -.Ip "0" 4 -The write operation was not successful. Probably the underlying connection -was closed. Call \fISSL_get_error()\fR with the return value \fBret\fR to find out, -whether an error occurred or the connection was shut down cleanly -(\s-1SSL_ERROR_ZERO_RETURN\s0). -.Sp -SSLv2 (deprecated) does not support a shutdown alert protocol, so it can -only be detected, whether the underlying connection was closed. It cannot -be checked, why the closure happened. -.Ip "<0" 4 -.IX Item "<0" -The write operation was not successful, because either an error occurred -or action must be taken by the calling process. Call \fISSL_get_error()\fR with the -return value \fBret\fR to find out the reason. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -SSL_get_error(3), SSL_read(3), -SSL_CTX_set_mode(3), SSL_CTX_new(3), -SSL_connect(3), SSL_accept(3) -SSL_set_connect_state(3), -ssl(3), bio(3) diff --git a/secure/lib/libssl/man/d2i_SSL_SESSION.3 b/secure/lib/libssl/man/d2i_SSL_SESSION.3 deleted file mode 100644 index 8a9e70e6afc8..000000000000 --- a/secure/lib/libssl/man/d2i_SSL_SESSION.3 +++ /dev/null @@ -1,201 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:50 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "d2i_SSL_SESSION 3" -.TH d2i_SSL_SESSION 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -d2i_SSL_SESSION, i2d_SSL_SESSION \- convert \s-1SSL_SESSION\s0 object from/to \s-1ASN1\s0 representation -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.Vb 1 -\& #include <openssl/ssl.h> -.Ve -.Vb 2 -\& SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length); -\& int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); -.Ve -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -\&\fId2i_SSL_SESSION()\fR transforms the external \s-1ASN1\s0 representation of an \s-1SSL/TLS\s0 -session, stored as binary data at location \fBpp\fR with length \fBlength\fR, into -an \s-1SSL_SESSION\s0 object. -.PP -\&\fIi2d_SSL_SESSION()\fR transforms the \s-1SSL_SESSION\s0 object \fBin\fR into the \s-1ASN1\s0 -representation and stores it into the memory location pointed to by \fBpp\fR. -The length of the resulting \s-1ASN1\s0 representation is returned. If \fBpp\fR is -the \s-1NULL\s0 pointer, only the length is calculated and returned. -.SH "NOTES" -.IX Header "NOTES" -The \s-1SSL_SESSION\s0 object is built from several \fImalloc()\fRed parts, it can -therefore not be moved, copied or stored directly. In order to store -session data on disk or into a database, it must be transformed into -a binary \s-1ASN1\s0 representation. -.PP -When using \fId2i_SSL_SESSION()\fR, the \s-1SSL_SESSION\s0 object is automatically -allocated. The reference count is 1, so that the session must be -explicitly removed using SSL_SESSION_free(3), -unless the \s-1SSL_SESSION\s0 object is completely taken over, when being called -inside the \fIget_session_cb()\fR (see -SSL_CTX_sess_set_get_cb(3)). -.PP -\&\s-1SSL_SESSION\s0 objects keep internal link information about the session cache -list, when being inserted into one \s-1SSL_CTX\s0 object's session cache. -One \s-1SSL_SESSION\s0 object, regardless of its reference count, must therefore -only be used with one \s-1SSL_CTX\s0 object (and the \s-1SSL\s0 objects created -from this \s-1SSL_CTX\s0 object). -.PP -When using \fIi2d_SSL_SESSION()\fR, the memory location pointed to by \fBpp\fR must be -large enough to hold the binary representation of the session. There is no -known limit on the size of the created \s-1ASN1\s0 representation, so the necessary -amount of space should be obtained by first calling \fIi2d_SSL_SESSION()\fR with -\&\fBpp=NULL\fR, and obtain the size needed, then allocate the memory and -call \fIi2d_SSL_SESSION()\fR again. -.SH "RETURN VALUES" -.IX Header "RETURN VALUES" -\&\fId2i_SSL_SESSION()\fR returns a pointer to the newly allocated \s-1SSL_SESSION\s0 -object. In case of failure the NULL-pointer is returned and the error message -can be retrieved from the error stack. -.PP -\&\fIi2d_SSL_SESSION()\fR returns the size of the \s-1ASN1\s0 representation in bytes. -When the session is not valid, \fB0\fR is returned and no operation is performed. -.SH "SEE ALSO" -.IX Header "SEE ALSO" -ssl(3), SSL_SESSION_free(3), -SSL_CTX_sess_set_get_cb(3) diff --git a/secure/lib/libssl/man/ssl.3 b/secure/lib/libssl/man/ssl.3 deleted file mode 100644 index 38a1a43c1abf..000000000000 --- a/secure/lib/libssl/man/ssl.3 +++ /dev/null @@ -1,814 +0,0 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:50 2003 -.\" -.\" Standard preamble: -.\" ====================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R - -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> -.tr \(*W-|\(bv\*(Tr -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -'br\} -.\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. nr % 0 -. rr F -.\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. -.hy 0 -.if n .na -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ====================================================================== -.\" -.IX Title "ssl 3" -.TH ssl 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC -.SH "NAME" -\&\s-1SSL\s0 \- OpenSSL \s-1SSL/TLS\s0 library -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -The OpenSSL \fBssl\fR library implements the Secure Sockets Layer (\s-1SSL\s0 v2/v3) and -Transport Layer Security (\s-1TLS\s0 v1) protocols. It provides a rich \s-1API\s0 which is -documented here. -.PP -At first the library must be initialized; see -SSL_library_init(3). -.PP -Then an \fB\s-1SSL_CTX\s0\fR object is created as a framework to establish -\&\s-1TLS/SSL\s0 enabled connections (see SSL_CTX_new(3)). -Various options regarding certificates, algorithms etc. can be set -in this object. -.PP -When a network connection has been created, it can be assigned to an -\&\fB\s-1SSL\s0\fR object. After the \fB\s-1SSL\s0\fR object has been created using -SSL_new(3), SSL_set_fd(3) or -SSL_set_bio(3) can be used to associate the network -connection with the object. -.PP -Then the \s-1TLS/SSL\s0 handshake is performed using -SSL_accept(3) or SSL_connect(3) -respectively. -SSL_read(3) and SSL_write(3) are used -to read and write data on the \s-1TLS/SSL\s0 connection. -SSL_shutdown(3) can be used to shut down the -\&\s-1TLS/SSL\s0 connection. -.SH "DATA STRUCTURES" -.IX Header "DATA STRUCTURES" -Currently the OpenSSL \fBssl\fR library functions deals with the following data -structures: -.Ip "\fB\s-1SSL_METHOD\s0\fR (\s-1SSL\s0 Method)" 4 -.IX Item "SSL_METHOD (SSL Method)" -That's a dispatch structure describing the internal \fBssl\fR library -methods/functions which implement the various protocol versions (SSLv1, SSLv2 -and TLSv1). It's needed to create an \fB\s-1SSL_CTX\s0\fR. -.Ip "\fB\s-1SSL_CIPHER\s0\fR (\s-1SSL\s0 Cipher)" 4 -.IX Item "SSL_CIPHER (SSL Cipher)" -This structure holds the algorithm information for a particular cipher which -are a core part of the \s-1SSL/TLS\s0 protocol. The available ciphers are configured -on a \fB\s-1SSL_CTX\s0\fR basis and the actually used ones are then part of the -\&\fB\s-1SSL_SESSION\s0\fR. -.Ip "\fB\s-1SSL_CTX\s0\fR (\s-1SSL\s0 Context)" 4 -.IX Item "SSL_CTX (SSL Context)" -That's the global context structure which is created by a server or client -once per program life-time and which holds mainly default values for the -\&\fB\s-1SSL\s0\fR structures which are later created for the connections. -.Ip "\fB\s-1SSL_SESSION\s0\fR (\s-1SSL\s0 Session)" 4 -.IX Item "SSL_SESSION (SSL Session)" -This is a structure containing the current \s-1TLS/SSL\s0 session details for a -connection: \fB\s-1SSL_CIPHER\s0\fRs, client and server certificates, keys, etc. -.Ip "\fB\s-1SSL\s0\fR (\s-1SSL\s0 Connection)" 4 -.IX Item "SSL (SSL Connection)" -That's the main \s-1SSL/TLS\s0 structure which is created by a server or client per -established connection. This actually is the core structure in the \s-1SSL\s0 \s-1API\s0. -Under run-time the application usually deals with this structure which has -links to mostly all other structures. -.SH "HEADER FILES" -.IX Header "HEADER FILES" -Currently the OpenSSL \fBssl\fR library provides the following C header files -containing the prototypes for the data structures and and functions: -.Ip "\fBssl.h\fR" 4 -.IX Item "ssl.h" -That's the common header file for the \s-1SSL/TLS\s0 \s-1API\s0. Include it into your -program to make the \s-1API\s0 of the \fBssl\fR library available. It internally -includes both more private \s-1SSL\s0 headers and headers from the \fBcrypto\fR library. -Whenever you need hard-core details on the internals of the \s-1SSL\s0 \s-1API\s0, look -inside this header file. -.Ip "\fBssl2.h\fR" 4 -.IX Item "ssl2.h" -That's the sub header file dealing with the SSLv2 protocol only. -\&\fIUsually you don't have to include it explicitly because -it's already included by ssl.h\fR. -.Ip "\fBssl3.h\fR" 4 -.IX Item "ssl3.h" -That's the sub header file dealing with the SSLv3 protocol only. -\&\fIUsually you don't have to include it explicitly because -it's already included by ssl.h\fR. -.Ip "\fBssl23.h\fR" 4 -.IX Item "ssl23.h" -That's the sub header file dealing with the combined use of the SSLv2 and -SSLv3 protocols. -\&\fIUsually you don't have to include it explicitly because -it's already included by ssl.h\fR. -.Ip "\fBtls1.h\fR" 4 -.IX Item "tls1.h" -That's the sub header file dealing with the TLSv1 protocol only. -\&\fIUsually you don't have to include it explicitly because -it's already included by ssl.h\fR. -.SH "API FUNCTIONS" -.IX Header "API FUNCTIONS" -Currently the OpenSSL \fBssl\fR library exports 214 \s-1API\s0 functions. -They are documented in the following: -.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1METHODS\s0" -.IX Subsection "DEALING WITH PROTOCOL METHODS" -Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 -protocol methods defined in \fB\s-1SSL_METHOD\s0\fR structures. -.Ip "\s-1SSL_METHOD\s0 *\fBSSLv2_client_method\fR(void);" 4 -.IX Item "SSL_METHOD *SSLv2_client_method(void);" -Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for a dedicated client. -.Ip "\s-1SSL_METHOD\s0 *\fBSSLv2_server_method\fR(void);" 4 -.IX Item "SSL_METHOD *SSLv2_server_method(void);" -Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for a dedicated server. -.Ip "\s-1SSL_METHOD\s0 *\fBSSLv2_method\fR(void);" 4 -.IX Item "SSL_METHOD *SSLv2_method(void);" -Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for combined client and server. -.Ip "\s-1SSL_METHOD\s0 *\fBSSLv3_client_method\fR(void);" 4 -.IX Item "SSL_METHOD *SSLv3_client_method(void);" -Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for a dedicated client. -.Ip "\s-1SSL_METHOD\s0 *\fBSSLv3_server_method\fR(void);" 4 -.IX Item "SSL_METHOD *SSLv3_server_method(void);" -Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for a dedicated server. -.Ip "\s-1SSL_METHOD\s0 *\fBSSLv3_method\fR(void);" 4 -.IX Item "SSL_METHOD *SSLv3_method(void);" -Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for combined client and server. -.Ip "\s-1SSL_METHOD\s0 *\fBTLSv1_client_method\fR(void);" 4 -.IX Item "SSL_METHOD *TLSv1_client_method(void);" -Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated client. -.Ip "\s-1SSL_METHOD\s0 *\fBTLSv1_server_method\fR(void);" 4 -.IX Item "SSL_METHOD *TLSv1_server_method(void);" -Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated server. -.Ip "\s-1SSL_METHOD\s0 *\fBTLSv1_method\fR(void);" 4 -.IX Item "SSL_METHOD *TLSv1_method(void);" -Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for combined client and server. -.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1CIPHERS\s0" -.IX Subsection "DEALING WITH CIPHERS" -Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 -ciphers defined in \fB\s-1SSL_CIPHER\s0\fR structures. -.Ip "char *\fBSSL_CIPHER_description\fR(\s-1SSL_CIPHER\s0 *cipher, char *buf, int len);" 4 -.IX Item "char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len);" -Write a string to \fIbuf\fR (with a maximum size of \fIlen\fR) containing a human -readable description of \fIcipher\fR. Returns \fIbuf\fR. -.Ip "int \fBSSL_CIPHER_get_bits\fR(\s-1SSL_CIPHER\s0 *cipher, int *alg_bits);" 4 -.IX Item "int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);" -Determine the number of bits in \fIcipher\fR. Because of export crippled ciphers -there are two bits: The bits the algorithm supports in general (stored to -\&\fIalg_bits\fR) and the bits which are actually used (the return value). -.Ip "const char *\fBSSL_CIPHER_get_name\fR(\s-1SSL_CIPHER\s0 *cipher);" 4 -.IX Item "const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);" -Return the internal name of \fIcipher\fR as a string. These are the various -strings defined by the \fISSL2_TXT_xxx\fR, \fISSL3_TXT_xxx\fR and \fITLS1_TXT_xxx\fR -definitions in the header files. -.Ip "char *\fBSSL_CIPHER_get_version\fR(\s-1SSL_CIPHER\s0 *cipher);" 4 -.IX Item "char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);" -Returns a string like "\f(CW\*(C`TLSv1/SSLv3\*(C'\fR\*(L" or \*(R"\f(CW\*(C`SSLv2\*(C'\fR" which indicates the -\&\s-1SSL/TLS\s0 protocol version to which \fIcipher\fR belongs (i.e. where it was defined -in the specification the first time). -.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1CONTEXTS\s0" -.IX Subsection "DEALING WITH PROTOCOL CONTEXTS" -Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 -protocol context defined in the \fB\s-1SSL_CTX\s0\fR structure. -.Ip "int \fBSSL_CTX_add_client_CA\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4 -.IX Item "int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);" -.PD 0 -.Ip "long \fBSSL_CTX_add_extra_chain_cert\fR(\s-1SSL_CTX\s0 *ctx, X509 *x509);" 4 -.IX Item "long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);" -.Ip "int \fBSSL_CTX_add_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);" 4 -.IX Item "int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);" -.Ip "int \fBSSL_CTX_check_private_key\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_check_private_key(SSL_CTX *ctx);" -.Ip "long \fBSSL_CTX_ctrl\fR(\s-1SSL_CTX\s0 *ctx, int cmd, long larg, char *parg);" 4 -.IX Item "long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg);" -.Ip "void \fBSSL_CTX_flush_sessions\fR(\s-1SSL_CTX\s0 *s, long t);" 4 -.IX Item "void SSL_CTX_flush_sessions(SSL_CTX *s, long t);" -.Ip "void \fBSSL_CTX_free\fR(\s-1SSL_CTX\s0 *a);" 4 -.IX Item "void SSL_CTX_free(SSL_CTX *a);" -.Ip "char *\fBSSL_CTX_get_app_data\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "char *SSL_CTX_get_app_data(SSL_CTX *ctx);" -.Ip "X509_STORE *\fBSSL_CTX_get_cert_store\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);" -.Ip "\s-1STACK\s0 *\fBSSL_CTX_get_client_CA_list\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "STACK *SSL_CTX_get_client_CA_list(SSL_CTX *ctx);" -.Ip "int (*\fBSSL_CTX_get_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey);" 4 -.IX Item "int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);" -.Ip "char *\fBSSL_CTX_get_ex_data\fR(\s-1SSL_CTX\s0 *s, int idx);" 4 -.IX Item "char *SSL_CTX_get_ex_data(SSL_CTX *s, int idx);" -.Ip "int \fBSSL_CTX_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4 -.IX Item "int SSL_CTX_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" -.Ip "void (*\fBSSL_CTX_get_info_callback\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, int cb, int ret);" 4 -.IX Item "void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);" -.Ip "int \fBSSL_CTX_get_quiet_shutdown\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_get_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_get_session_cache_mode(SSL_CTX *ctx);" -.Ip "long \fBSSL_CTX_get_timeout\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "long SSL_CTX_get_timeout(SSL_CTX *ctx);" -.Ip "int (*\fBSSL_CTX_get_verify_callback\fR(\s-1SSL_CTX\s0 *ctx))(int ok, X509_STORE_CTX *ctx);" 4 -.IX Item "int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);" -.Ip "int \fBSSL_CTX_get_verify_mode\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_get_verify_mode(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_load_verify_locations\fR(\s-1SSL_CTX\s0 *ctx, char *CAfile, char *CApath);" 4 -.IX Item "int SSL_CTX_load_verify_locations(SSL_CTX *ctx, char *CAfile, char *CApath);" -.Ip "long \fBSSL_CTX_need_tmp_RSA\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "long SSL_CTX_need_tmp_RSA(SSL_CTX *ctx);" -.Ip "\s-1SSL_CTX\s0 *\fBSSL_CTX_new\fR(\s-1SSL_METHOD\s0 *meth);" 4 -.IX Item "SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);" -.Ip "int \fBSSL_CTX_remove_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);" 4 -.IX Item "int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);" -.Ip "int \fBSSL_CTX_sess_accept\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_accept(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_accept_good\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_accept_good(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_accept_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_cache_full\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_cache_full(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_cb_hits\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_cb_hits(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_connect\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_connect(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_connect_good\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_connect_good(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_connect_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_get_cache_size\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);" -.Ip "\s-1SSL_SESSION\s0 *(*\fBSSL_CTX_sess_get_get_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy);" 4 -.IX Item "SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy);" -.Ip "int (*\fBSSL_CTX_sess_get_new_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess);" 4 -.IX Item "int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess);" -.Ip "void (*\fBSSL_CTX_sess_get_remove_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess);" 4 -.IX Item "void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess);" -.Ip "int \fBSSL_CTX_sess_hits\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_hits(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_misses\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_misses(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_sess_number\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_number(SSL_CTX *ctx);" -.Ip "void \fBSSL_CTX_sess_set_cache_size\fR(\s-1SSL_CTX\s0 *ctx,t);" 4 -.IX Item "void SSL_CTX_sess_set_cache_size(SSL_CTX *ctx,t);" -.Ip "void \fBSSL_CTX_sess_set_get_cb\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *(*cb)(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy));" 4 -.IX Item "void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));" -.Ip "void \fBSSL_CTX_sess_set_new_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess));" 4 -.IX Item "void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess));" -.Ip "void \fBSSL_CTX_sess_set_remove_cb\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess));" 4 -.IX Item "void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess));" -.Ip "int \fBSSL_CTX_sess_timeouts\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_sess_timeouts(SSL_CTX *ctx);" -.Ip "\s-1LHASH\s0 *\fBSSL_CTX_sessions\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "LHASH *SSL_CTX_sessions(SSL_CTX *ctx);" -.Ip "void \fBSSL_CTX_set_app_data\fR(\s-1SSL_CTX\s0 *ctx, void *arg);" 4 -.IX Item "void SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg);" -.Ip "void \fBSSL_CTX_set_cert_store\fR(\s-1SSL_CTX\s0 *ctx, X509_STORE *cs);" 4 -.IX Item "void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *cs);" -.Ip "void \fBSSL_CTX_set_cert_verify_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(), char *arg)" 4 -.IX Item "void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(), char *arg)" -.Ip "int \fBSSL_CTX_set_cipher_list\fR(\s-1SSL_CTX\s0 *ctx, char *str);" 4 -.IX Item "int SSL_CTX_set_cipher_list(SSL_CTX *ctx, char *str);" -.Ip "void \fBSSL_CTX_set_client_CA_list\fR(\s-1SSL_CTX\s0 *ctx, \s-1STACK\s0 *list);" 4 -.IX Item "void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);" -.Ip "void \fBSSL_CTX_set_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey));" 4 -.IX Item "void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));" -.Ip "void \fBSSL_CTX_set_default_passwd_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb);(void))" 4 -.IX Item "void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, int (*cb);(void))" -.Ip "void \fBSSL_CTX_set_default_read_ahead\fR(\s-1SSL_CTX\s0 *ctx, int m);" 4 -.IX Item "void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m);" -.Ip "int \fBSSL_CTX_set_default_verify_paths\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);" -.Ip "int \fBSSL_CTX_set_ex_data\fR(\s-1SSL_CTX\s0 *s, int idx, char *arg);" 4 -.IX Item "int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg);" -.Ip "void \fBSSL_CTX_set_info_callback\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL\s0 *ssl, int cb, int ret));" 4 -.IX Item "void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret));" -.Ip "void \fBSSL_CTX_set_msg_callback\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, \s-1SSL\s0 *ssl, void *arg));" 4 -.IX Item "void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));" -.Ip "void \fBSSL_CTX_set_msg_callback_arg\fR(\s-1SSL_CTX\s0 *ctx, void *arg);" 4 -.IX Item "void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);" -.Ip "void \fBSSL_CTX_set_options\fR(\s-1SSL_CTX\s0 *ctx, unsigned long op);" 4 -.IX Item "void SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);" -.Ip "void \fBSSL_CTX_set_quiet_shutdown\fR(\s-1SSL_CTX\s0 *ctx, int mode);" 4 -.IX Item "void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);" -.Ip "void \fBSSL_CTX_set_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx, int mode);" 4 -.IX Item "void SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode);" -.Ip "int \fBSSL_CTX_set_ssl_version\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_METHOD\s0 *meth);" 4 -.IX Item "int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *meth);" -.Ip "void \fBSSL_CTX_set_timeout\fR(\s-1SSL_CTX\s0 *ctx, long t);" 4 -.IX Item "void SSL_CTX_set_timeout(SSL_CTX *ctx, long t);" -.Ip "long \fBSSL_CTX_set_tmp_dh\fR(SSL_CTX* ctx, \s-1DH\s0 *dh);" 4 -.IX Item "long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH *dh);" -.Ip "long \fBSSL_CTX_set_tmp_dh_callback\fR(\s-1SSL_CTX\s0 *ctx, \s-1DH\s0 *(*cb)(void));" 4 -.IX Item "long SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*cb)(void));" -.Ip "long \fBSSL_CTX_set_tmp_rsa\fR(\s-1SSL_CTX\s0 *ctx, \s-1RSA\s0 *rsa);" 4 -.IX Item "long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa);" -.Ip "SSL_CTX_set_tmp_rsa_callback" 4 -.IX Item "SSL_CTX_set_tmp_rsa_callback" -.PD -\&\f(CW\*(C`long \f(CBSSL_CTX_set_tmp_rsa_callback\f(CW(SSL_CTX *\f(CBctx\f(CW, RSA *(*\f(CBcb\f(CW)(SSL *\f(CBssl\f(CW, int \f(CBexport\f(CW, int \f(CBkeylength\f(CW));\*(C'\fR -.Sp -Sets the callback which will be called when a temporary private key is -required. The \fB\f(CB\*(C`export\*(C'\fB\fR flag will be set if the reason for needing -a temp key is that an export ciphersuite is in use, in which case, -\&\fB\f(CB\*(C`keylength\*(C'\fB\fR will contain the required keylength in bits. Generate a key of -appropriate size (using ???) and return it. -.Ip "SSL_set_tmp_rsa_callback" 4 -.IX Item "SSL_set_tmp_rsa_callback" -long \fBSSL_set_tmp_rsa_callback\fR(\s-1SSL\s0 *ssl, \s-1RSA\s0 *(*cb)(\s-1SSL\s0 *ssl, int export, int keylength)); -.Sp -The same as \fBSSL_CTX_set_tmp_rsa_callback\fR, except it operates on an \s-1SSL\s0 -session instead of a context. -.Ip "void \fBSSL_CTX_set_verify\fR(\s-1SSL_CTX\s0 *ctx, int mode, int (*cb);(void))" 4 -.IX Item "void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb);(void))" -.PD 0 -.Ip "int \fBSSL_CTX_use_PrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1EVP_PKEY\s0 *pkey);" 4 -.IX Item "int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);" -.Ip "int \fBSSL_CTX_use_PrivateKey_ASN1\fR(int type, \s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);" 4 -.IX Item "int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d, long len);" -.Ip "int \fBSSL_CTX_use_PrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4 -.IX Item "int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);" -.Ip "int \fBSSL_CTX_use_RSAPrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1RSA\s0 *rsa);" 4 -.IX Item "int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);" -.Ip "int \fBSSL_CTX_use_RSAPrivateKey_ASN1\fR(\s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);" 4 -.IX Item "int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);" -.Ip "int \fBSSL_CTX_use_RSAPrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4 -.IX Item "int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);" -.Ip "int \fBSSL_CTX_use_certificate\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4 -.IX Item "int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);" -.Ip "int \fBSSL_CTX_use_certificate_ASN1\fR(\s-1SSL_CTX\s0 *ctx, int len, unsigned char *d);" 4 -.IX Item "int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);" -.Ip "int \fBSSL_CTX_use_certificate_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4 -.IX Item "int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);" -.PD -.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1SESSIONS\s0" -.IX Subsection "DEALING WITH SESSIONS" -Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 -sessions defined in the \fB\s-1SSL_SESSION\s0\fR structures. -.Ip "int \fBSSL_SESSION_cmp\fR(\s-1SSL_SESSION\s0 *a, \s-1SSL_SESSION\s0 *b);" 4 -.IX Item "int SSL_SESSION_cmp(SSL_SESSION *a, SSL_SESSION *b);" -.PD 0 -.Ip "void \fBSSL_SESSION_free\fR(\s-1SSL_SESSION\s0 *ss);" 4 -.IX Item "void SSL_SESSION_free(SSL_SESSION *ss);" -.Ip "char *\fBSSL_SESSION_get_app_data\fR(\s-1SSL_SESSION\s0 *s);" 4 -.IX Item "char *SSL_SESSION_get_app_data(SSL_SESSION *s);" -.Ip "char *\fBSSL_SESSION_get_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx);" 4 -.IX Item "char *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx);" -.Ip "int \fBSSL_SESSION_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4 -.IX Item "int SSL_SESSION_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" -.Ip "long \fBSSL_SESSION_get_time\fR(\s-1SSL_SESSION\s0 *s);" 4 -.IX Item "long SSL_SESSION_get_time(SSL_SESSION *s);" -.Ip "long \fBSSL_SESSION_get_timeout\fR(\s-1SSL_SESSION\s0 *s);" 4 -.IX Item "long SSL_SESSION_get_timeout(SSL_SESSION *s);" -.Ip "unsigned long \fBSSL_SESSION_hash\fR(\s-1SSL_SESSION\s0 *a);" 4 -.IX Item "unsigned long SSL_SESSION_hash(SSL_SESSION *a);" -.Ip "\s-1SSL_SESSION\s0 *\fBSSL_SESSION_new\fR(void);" 4 -.IX Item "SSL_SESSION *SSL_SESSION_new(void);" -.Ip "int \fBSSL_SESSION_print\fR(\s-1BIO\s0 *bp, \s-1SSL_SESSION\s0 *x);" 4 -.IX Item "int SSL_SESSION_print(BIO *bp, SSL_SESSION *x);" -.Ip "int \fBSSL_SESSION_print_fp\fR(\s-1FILE\s0 *fp, \s-1SSL_SESSION\s0 *x);" 4 -.IX Item "int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x);" -.Ip "void \fBSSL_SESSION_set_app_data\fR(\s-1SSL_SESSION\s0 *s, char *a);" 4 -.IX Item "void SSL_SESSION_set_app_data(SSL_SESSION *s, char *a);" -.Ip "int \fBSSL_SESSION_set_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx, char *arg);" 4 -.IX Item "int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, char *arg);" -.Ip "long \fBSSL_SESSION_set_time\fR(\s-1SSL_SESSION\s0 *s, long t);" 4 -.IX Item "long SSL_SESSION_set_time(SSL_SESSION *s, long t);" -.Ip "long \fBSSL_SESSION_set_timeout\fR(\s-1SSL_SESSION\s0 *s, long t);" 4 -.IX Item "long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);" -.PD -.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1CONNECTIONS\s0" -.IX Subsection "DEALING WITH CONNECTIONS" -Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 -connection defined in the \fB\s-1SSL\s0\fR structure. -.Ip "int \fBSSL_accept\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_accept(SSL *ssl);" -.PD 0 -.Ip "int \fBSSL_add_dir_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *dir);" 4 -.IX Item "int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir);" -.Ip "int \fBSSL_add_file_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *file);" 4 -.IX Item "int SSL_add_file_cert_subjects_to_stack(STACK *stack, const char *file);" -.Ip "int \fBSSL_add_client_CA\fR(\s-1SSL\s0 *ssl, X509 *x);" 4 -.IX Item "int SSL_add_client_CA(SSL *ssl, X509 *x);" -.Ip "char *\fBSSL_alert_desc_string\fR(int value);" 4 -.IX Item "char *SSL_alert_desc_string(int value);" -.Ip "char *\fBSSL_alert_desc_string_long\fR(int value);" 4 -.IX Item "char *SSL_alert_desc_string_long(int value);" -.Ip "char *\fBSSL_alert_type_string\fR(int value);" 4 -.IX Item "char *SSL_alert_type_string(int value);" -.Ip "char *\fBSSL_alert_type_string_long\fR(int value);" 4 -.IX Item "char *SSL_alert_type_string_long(int value);" -.Ip "int \fBSSL_check_private_key\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_check_private_key(SSL *ssl);" -.Ip "void \fBSSL_clear\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "void SSL_clear(SSL *ssl);" -.Ip "long \fBSSL_clear_num_renegotiations\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "long SSL_clear_num_renegotiations(SSL *ssl);" -.Ip "int \fBSSL_connect\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_connect(SSL *ssl);" -.Ip "void \fBSSL_copy_session_id\fR(\s-1SSL\s0 *t, \s-1SSL\s0 *f);" 4 -.IX Item "void SSL_copy_session_id(SSL *t, SSL *f);" -.Ip "long \fBSSL_ctrl\fR(\s-1SSL\s0 *ssl, int cmd, long larg, char *parg);" 4 -.IX Item "long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg);" -.Ip "int \fBSSL_do_handshake\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_do_handshake(SSL *ssl);" -.Ip "\s-1SSL\s0 *\fBSSL_dup\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "SSL *SSL_dup(SSL *ssl);" -.Ip "\s-1STACK\s0 *\fBSSL_dup_CA_list\fR(\s-1STACK\s0 *sk);" 4 -.IX Item "STACK *SSL_dup_CA_list(STACK *sk);" -.Ip "void \fBSSL_free\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "void SSL_free(SSL *ssl);" -.Ip "\s-1SSL_CTX\s0 *\fBSSL_get_SSL_CTX\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);" -.Ip "char *\fBSSL_get_app_data\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "char *SSL_get_app_data(SSL *ssl);" -.Ip "X509 *\fBSSL_get_certificate\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "X509 *SSL_get_certificate(SSL *ssl);" -.Ip "const char *\fBSSL_get_cipher\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "const char *SSL_get_cipher(SSL *ssl);" -.Ip "int \fBSSL_get_cipher_bits\fR(\s-1SSL\s0 *ssl, int *alg_bits);" 4 -.IX Item "int SSL_get_cipher_bits(SSL *ssl, int *alg_bits);" -.Ip "char *\fBSSL_get_cipher_list\fR(\s-1SSL\s0 *ssl, int n);" 4 -.IX Item "char *SSL_get_cipher_list(SSL *ssl, int n);" -.Ip "char *\fBSSL_get_cipher_name\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "char *SSL_get_cipher_name(SSL *ssl);" -.Ip "char *\fBSSL_get_cipher_version\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "char *SSL_get_cipher_version(SSL *ssl);" -.Ip "\s-1STACK\s0 *\fBSSL_get_ciphers\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "STACK *SSL_get_ciphers(SSL *ssl);" -.Ip "\s-1STACK\s0 *\fBSSL_get_client_CA_list\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "STACK *SSL_get_client_CA_list(SSL *ssl);" -.Ip "\s-1SSL_CIPHER\s0 *\fBSSL_get_current_cipher\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);" -.Ip "long \fBSSL_get_default_timeout\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "long SSL_get_default_timeout(SSL *ssl);" -.Ip "int \fBSSL_get_error\fR(\s-1SSL\s0 *ssl, int i);" 4 -.IX Item "int SSL_get_error(SSL *ssl, int i);" -.Ip "char *\fBSSL_get_ex_data\fR(\s-1SSL\s0 *ssl, int idx);" 4 -.IX Item "char *SSL_get_ex_data(SSL *ssl, int idx);" -.Ip "int \fBSSL_get_ex_data_X509_STORE_CTX_idx\fR(void);" 4 -.IX Item "int SSL_get_ex_data_X509_STORE_CTX_idx(void);" -.Ip "int \fBSSL_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4 -.IX Item "int SSL_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" -.Ip "int \fBSSL_get_fd\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_get_fd(SSL *ssl);" -.Ip "void (*\fBSSL_get_info_callback\fR(\s-1SSL\s0 *ssl);)(void)" 4 -.IX Item "void (*SSL_get_info_callback(SSL *ssl);)(void)" -.Ip "\s-1STACK\s0 *\fBSSL_get_peer_cert_chain\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "STACK *SSL_get_peer_cert_chain(SSL *ssl);" -.Ip "X509 *\fBSSL_get_peer_certificate\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "X509 *SSL_get_peer_certificate(SSL *ssl);" -.Ip "\s-1EVP_PKEY\s0 *\fBSSL_get_privatekey\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "EVP_PKEY *SSL_get_privatekey(SSL *ssl);" -.Ip "int \fBSSL_get_quiet_shutdown\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_get_quiet_shutdown(SSL *ssl);" -.Ip "\s-1BIO\s0 *\fBSSL_get_rbio\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "BIO *SSL_get_rbio(SSL *ssl);" -.Ip "int \fBSSL_get_read_ahead\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_get_read_ahead(SSL *ssl);" -.Ip "\s-1SSL_SESSION\s0 *\fBSSL_get_session\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "SSL_SESSION *SSL_get_session(SSL *ssl);" -.Ip "char *\fBSSL_get_shared_ciphers\fR(\s-1SSL\s0 *ssl, char *buf, int len);" 4 -.IX Item "char *SSL_get_shared_ciphers(SSL *ssl, char *buf, int len);" -.Ip "int \fBSSL_get_shutdown\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_get_shutdown(SSL *ssl);" -.Ip "\s-1SSL_METHOD\s0 *\fBSSL_get_ssl_method\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "SSL_METHOD *SSL_get_ssl_method(SSL *ssl);" -.Ip "int \fBSSL_get_state\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_get_state(SSL *ssl);" -.Ip "long \fBSSL_get_time\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "long SSL_get_time(SSL *ssl);" -.Ip "long \fBSSL_get_timeout\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "long SSL_get_timeout(SSL *ssl);" -.Ip "int (*\fBSSL_get_verify_callback\fR(\s-1SSL\s0 *ssl);)(void)" 4 -.IX Item "int (*SSL_get_verify_callback(SSL *ssl);)(void)" -.Ip "int \fBSSL_get_verify_mode\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_get_verify_mode(SSL *ssl);" -.Ip "long \fBSSL_get_verify_result\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "long SSL_get_verify_result(SSL *ssl);" -.Ip "char *\fBSSL_get_version\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "char *SSL_get_version(SSL *ssl);" -.Ip "\s-1BIO\s0 *\fBSSL_get_wbio\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "BIO *SSL_get_wbio(SSL *ssl);" -.Ip "int \fBSSL_in_accept_init\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_in_accept_init(SSL *ssl);" -.Ip "int \fBSSL_in_before\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_in_before(SSL *ssl);" -.Ip "int \fBSSL_in_connect_init\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_in_connect_init(SSL *ssl);" -.Ip "int \fBSSL_in_init\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_in_init(SSL *ssl);" -.Ip "int \fBSSL_is_init_finished\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_is_init_finished(SSL *ssl);" -.Ip "\s-1STACK\s0 *\fBSSL_load_client_CA_file\fR(char *file);" 4 -.IX Item "STACK *SSL_load_client_CA_file(char *file);" -.Ip "void \fBSSL_load_error_strings\fR(void);" 4 -.IX Item "void SSL_load_error_strings(void);" -.Ip "\s-1SSL\s0 *\fBSSL_new\fR(\s-1SSL_CTX\s0 *ctx);" 4 -.IX Item "SSL *SSL_new(SSL_CTX *ctx);" -.Ip "long \fBSSL_num_renegotiations\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "long SSL_num_renegotiations(SSL *ssl);" -.Ip "int \fBSSL_peek\fR(\s-1SSL\s0 *ssl, void *buf, int num);" 4 -.IX Item "int SSL_peek(SSL *ssl, void *buf, int num);" -.Ip "int \fBSSL_pending\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_pending(SSL *ssl);" -.Ip "int \fBSSL_read\fR(\s-1SSL\s0 *ssl, void *buf, int num);" 4 -.IX Item "int SSL_read(SSL *ssl, void *buf, int num);" -.Ip "int \fBSSL_renegotiate\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_renegotiate(SSL *ssl);" -.Ip "char *\fBSSL_rstate_string\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "char *SSL_rstate_string(SSL *ssl);" -.Ip "char *\fBSSL_rstate_string_long\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "char *SSL_rstate_string_long(SSL *ssl);" -.Ip "long \fBSSL_session_reused\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "long SSL_session_reused(SSL *ssl);" -.Ip "void \fBSSL_set_accept_state\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "void SSL_set_accept_state(SSL *ssl);" -.Ip "void \fBSSL_set_app_data\fR(\s-1SSL\s0 *ssl, char *arg);" 4 -.IX Item "void SSL_set_app_data(SSL *ssl, char *arg);" -.Ip "void \fBSSL_set_bio\fR(\s-1SSL\s0 *ssl, \s-1BIO\s0 *rbio, \s-1BIO\s0 *wbio);" 4 -.IX Item "void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);" -.Ip "int \fBSSL_set_cipher_list\fR(\s-1SSL\s0 *ssl, char *str);" 4 -.IX Item "int SSL_set_cipher_list(SSL *ssl, char *str);" -.Ip "void \fBSSL_set_client_CA_list\fR(\s-1SSL\s0 *ssl, \s-1STACK\s0 *list);" 4 -.IX Item "void SSL_set_client_CA_list(SSL *ssl, STACK *list);" -.Ip "void \fBSSL_set_connect_state\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "void SSL_set_connect_state(SSL *ssl);" -.Ip "int \fBSSL_set_ex_data\fR(\s-1SSL\s0 *ssl, int idx, char *arg);" 4 -.IX Item "int SSL_set_ex_data(SSL *ssl, int idx, char *arg);" -.Ip "int \fBSSL_set_fd\fR(\s-1SSL\s0 *ssl, int fd);" 4 -.IX Item "int SSL_set_fd(SSL *ssl, int fd);" -.Ip "void \fBSSL_set_info_callback\fR(\s-1SSL\s0 *ssl, void (*cb);(void))" 4 -.IX Item "void SSL_set_info_callback(SSL *ssl, void (*cb);(void))" -.Ip "void \fBSSL_set_msg_callback\fR(\s-1SSL\s0 *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, \s-1SSL\s0 *ssl, void *arg));" 4 -.IX Item "void SSL_set_msg_callback(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));" -.Ip "void \fBSSL_set_msg_callback_arg\fR(\s-1SSL\s0 *ctx, void *arg);" 4 -.IX Item "void SSL_set_msg_callback_arg(SSL *ctx, void *arg);" -.Ip "void \fBSSL_set_options\fR(\s-1SSL\s0 *ssl, unsigned long op);" 4 -.IX Item "void SSL_set_options(SSL *ssl, unsigned long op);" -.Ip "void \fBSSL_set_quiet_shutdown\fR(\s-1SSL\s0 *ssl, int mode);" 4 -.IX Item "void SSL_set_quiet_shutdown(SSL *ssl, int mode);" -.Ip "void \fBSSL_set_read_ahead\fR(\s-1SSL\s0 *ssl, int yes);" 4 -.IX Item "void SSL_set_read_ahead(SSL *ssl, int yes);" -.Ip "int \fBSSL_set_rfd\fR(\s-1SSL\s0 *ssl, int fd);" 4 -.IX Item "int SSL_set_rfd(SSL *ssl, int fd);" -.Ip "int \fBSSL_set_session\fR(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *session);" 4 -.IX Item "int SSL_set_session(SSL *ssl, SSL_SESSION *session);" -.Ip "void \fBSSL_set_shutdown\fR(\s-1SSL\s0 *ssl, int mode);" 4 -.IX Item "void SSL_set_shutdown(SSL *ssl, int mode);" -.Ip "int \fBSSL_set_ssl_method\fR(\s-1SSL\s0 *ssl, \s-1SSL_METHOD\s0 *meth);" 4 -.IX Item "int SSL_set_ssl_method(SSL *ssl, SSL_METHOD *meth);" -.Ip "void \fBSSL_set_time\fR(\s-1SSL\s0 *ssl, long t);" 4 -.IX Item "void SSL_set_time(SSL *ssl, long t);" -.Ip "void \fBSSL_set_timeout\fR(\s-1SSL\s0 *ssl, long t);" 4 -.IX Item "void SSL_set_timeout(SSL *ssl, long t);" -.Ip "void \fBSSL_set_verify\fR(\s-1SSL\s0 *ssl, int mode, int (*callback);(void))" 4 -.IX Item "void SSL_set_verify(SSL *ssl, int mode, int (*callback);(void))" -.Ip "void \fBSSL_set_verify_result\fR(\s-1SSL\s0 *ssl, long arg);" 4 -.IX Item "void SSL_set_verify_result(SSL *ssl, long arg);" -.Ip "int \fBSSL_set_wfd\fR(\s-1SSL\s0 *ssl, int fd);" 4 -.IX Item "int SSL_set_wfd(SSL *ssl, int fd);" -.Ip "int \fBSSL_shutdown\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_shutdown(SSL *ssl);" -.Ip "int \fBSSL_state\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_state(SSL *ssl);" -.Ip "char *\fBSSL_state_string\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "char *SSL_state_string(SSL *ssl);" -.Ip "char *\fBSSL_state_string_long\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "char *SSL_state_string_long(SSL *ssl);" -.Ip "long \fBSSL_total_renegotiations\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "long SSL_total_renegotiations(SSL *ssl);" -.Ip "int \fBSSL_use_PrivateKey\fR(\s-1SSL\s0 *ssl, \s-1EVP_PKEY\s0 *pkey);" 4 -.IX Item "int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);" -.Ip "int \fBSSL_use_PrivateKey_ASN1\fR(int type, \s-1SSL\s0 *ssl, unsigned char *d, long len);" 4 -.IX Item "int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len);" -.Ip "int \fBSSL_use_PrivateKey_file\fR(\s-1SSL\s0 *ssl, char *file, int type);" 4 -.IX Item "int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);" -.Ip "int \fBSSL_use_RSAPrivateKey\fR(\s-1SSL\s0 *ssl, \s-1RSA\s0 *rsa);" 4 -.IX Item "int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);" -.Ip "int \fBSSL_use_RSAPrivateKey_ASN1\fR(\s-1SSL\s0 *ssl, unsigned char *d, long len);" 4 -.IX Item "int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);" -.Ip "int \fBSSL_use_RSAPrivateKey_file\fR(\s-1SSL\s0 *ssl, char *file, int type);" 4 -.IX Item "int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);" -.Ip "int \fBSSL_use_certificate\fR(\s-1SSL\s0 *ssl, X509 *x);" 4 -.IX Item "int SSL_use_certificate(SSL *ssl, X509 *x);" -.Ip "int \fBSSL_use_certificate_ASN1\fR(\s-1SSL\s0 *ssl, int len, unsigned char *d);" 4 -.IX Item "int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);" -.Ip "int \fBSSL_use_certificate_file\fR(\s-1SSL\s0 *ssl, char *file, int type);" 4 -.IX Item "int SSL_use_certificate_file(SSL *ssl, char *file, int type);" -.Ip "int \fBSSL_version\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_version(SSL *ssl);" -.Ip "int \fBSSL_want\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_want(SSL *ssl);" -.Ip "int \fBSSL_want_nothing\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_want_nothing(SSL *ssl);" -.Ip "int \fBSSL_want_read\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_want_read(SSL *ssl);" -.Ip "int \fBSSL_want_write\fR(\s-1SSL\s0 *ssl);" 4 -.IX Item "int SSL_want_write(SSL *ssl);" -.Ip "int \fBSSL_want_x509_lookup\fR(s);" 4 -.IX Item "int SSL_want_x509_lookup(s);" -.Ip "int \fBSSL_write\fR(\s-1SSL\s0 *ssl, const void *buf, int num);" 4 -.IX Item "int SSL_write(SSL *ssl, const void *buf, int num);" -.PD -.SH "SEE ALSO" -.IX Header "SEE ALSO" -openssl(1), crypto(3), -SSL_accept(3), SSL_clear(3), -SSL_connect(3), -SSL_CIPHER_get_name(3), -SSL_COMP_add_compression_method(3), -SSL_CTX_add_extra_chain_cert(3), -SSL_CTX_add_session(3), -SSL_CTX_ctrl(3), -SSL_CTX_flush_sessions(3), -SSL_CTX_get_ex_new_index(3), -SSL_CTX_get_verify_mode(3), -SSL_CTX_load_verify_locations(3) -SSL_CTX_new(3), -SSL_CTX_sess_number(3), -SSL_CTX_sess_set_cache_size(3), -SSL_CTX_sess_set_get_cb(3), -SSL_CTX_sessions(3), -SSL_CTX_set_cert_store(3), -SSL_CTX_set_cert_verify_callback(3), -SSL_CTX_set_cipher_list(3), -SSL_CTX_set_client_CA_list(3), -SSL_CTX_set_client_cert_cb(3), -SSL_CTX_set_default_passwd_cb(3), -SSL_CTX_set_generate_session_id(3), -SSL_CTX_set_info_callback(3), -SSL_CTX_set_max_cert_list(3), -SSL_CTX_set_mode(3), -SSL_CTX_set_msg_callback(3), -SSL_CTX_set_options(3), -SSL_CTX_set_quiet_shutdown(3), -SSL_CTX_set_session_cache_mode(3), -SSL_CTX_set_session_id_context(3), -SSL_CTX_set_ssl_version(3), -SSL_CTX_set_timeout(3), -SSL_CTX_set_tmp_rsa_callback(3), -SSL_CTX_set_tmp_dh_callback(3), -SSL_CTX_set_verify(3), -SSL_CTX_use_certificate(3), -SSL_alert_type_string(3), -SSL_do_handshake(3), -SSL_get_SSL_CTX(3), -SSL_get_ciphers(3), -SSL_get_client_CA_list(3), -SSL_get_default_timeout(3), -SSL_get_error(3), -SSL_get_ex_data_X509_STORE_CTX_idx(3), -SSL_get_ex_new_index(3), -SSL_get_fd(3), -SSL_get_peer_cert_chain(3), -SSL_get_rbio(3), -SSL_get_session(3), -SSL_get_verify_result(3), -SSL_get_version(3), -SSL_library_init(3), -SSL_load_client_CA_file(3), -SSL_new(3), -SSL_pending(3), -SSL_read(3), -SSL_rstate_string(3), -SSL_session_reused(3), -SSL_set_bio(3), -SSL_set_connect_state(3), -SSL_set_fd(3), -SSL_set_session(3), -SSL_set_shutdown(3), -SSL_shutdown(3), -SSL_state_string(3), -SSL_want(3), -SSL_write(3), -SSL_SESSION_free(3), -SSL_SESSION_get_ex_new_index(3), -SSL_SESSION_get_time(3), -d2i_SSL_SESSION(3) -.SH "HISTORY" -.IX Header "HISTORY" -The ssl(3) document appeared in OpenSSL 0.9.2 |