new manual page SSL_get_server_tmp_key(3)

from Matt Caswell <matt@openssl.org>, OpenSSL commit 508fafd8
author: schwarze <> 2017-04-10 15:54:46 +0000
committer: schwarze <> 2017-04-10 15:54:46 +0000
commit: 866bde2c02a65fb604aee9bf62757d7f52fc3b1c (patch)
tree: 6e938c66ffa77694d4dc59cf8ca14af20cfb5815
parent: 311ed046b5f6bafabbb9b5de9b24e9da8c6d2b01 (diff)
download: openbsd-866bde2c02a65fb604aee9bf62757d7f52fc3b1c.tar.gz
openbsd-866bde2c02a65fb604aee9bf62757d7f52fc3b1c.tar.bz2
openbsd-866bde2c02a65fb604aee9bf62757d7f52fc3b1c.zip
3 files changed, 88 insertions, 2 deletions
diff --git a/src/lib/libssl/man/Makefile b/src/lib/libssl/man/Makefile
index e7c8af7872..c0b304cd80 100644
--- a/src/lib/libssl/man/Makefile
+++ b/src/lib/libssl/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.54 2017/04/10 15:37:55 schwarze Exp $
+# $OpenBSD: Makefile,v 1.55 2017/04/10 15:54:46 schwarze Exp $
 .include <bsd.own.mk>
@@ -77,6 +77,7 @@ MAN =	BIO_f_ssl.3 \
        SSL_get_peer_cert_chain.3 \
        SSL_get_peer_certificate.3 \
        SSL_get_rbio.3 \
+        SSL_get_server_tmp_key.3 \
        SSL_get_session.3 \
        SSL_get_shared_ciphers.3 \
        SSL_get_state.3 \
diff --git a/src/lib/libssl/man/SSL_CTX_ctrl.3 b/src/lib/libssl/man/SSL_CTX_ctrl.3
index 88b907d09b..901a830920 100644
--- a/src/lib/libssl/man/SSL_CTX_ctrl.3
+++ b/src/lib/libssl/man/SSL_CTX_ctrl.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: SSL_CTX_ctrl.3,v 1.3 2017/04/10 14:00:51 schwarze Exp $
+.\"     $OpenBSD: SSL_CTX_ctrl.3,v 1.4 2017/04/10 15:54:46 schwarze Exp $
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -104,6 +104,7 @@ parameter.
 .Xr SSL_CTX_set_tlsext_servername_callback 3 ,
 .Xr SSL_CTX_set_tlsext_status_cb 3 ,
 .Xr SSL_CTX_set_tlsext_ticket_key_cb 3 ,
+.Xr SSL_get_server_tmp_key 3 ,
 .Xr SSL_num_renegotiations 3 ,
 .Xr SSL_session_reused 3 ,
 .Xr SSL_set_max_send_fragment 3
diff --git a/src/lib/libssl/man/SSL_get_server_tmp_key.3 b/src/lib/libssl/man/SSL_get_server_tmp_key.3
new file mode 100644
index 0000000000..66e362f6e9
--- /dev/null
+++ b/src/lib/libssl/man/SSL_get_server_tmp_key.3
@@ -0,0 +1,84 @@
+.\"     $OpenBSD: SSL_get_server_tmp_key.3,v 1.1 2017/04/10 15:54:46 schwarze Exp $
+.\"     OpenSSL SSL_get_server_tmp_key.pod 508fafd8 Apr 3 15:41:21 2017 +0100
+.\"
+.\" This file was written by Matt Caswell <matt@openssl.org>
+.\" Copyright (c) 2017 The OpenSSL Project.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: April 10 2017 $
+.Dt SSL_GET_SERVER_TMP_KEY 3
+.Os
+.Sh NAME
+.Nm SSL_get_server_tmp_key
+.Nd temporary server key during a handshake
+.Sh SYNOPSIS
+.In openssl/ssl.h
+.Ft long
+.Fo SSL_get_server_tmp_key
+.Fa "SSL *ssl"
+.Fa "EVP_PKEY **key"
+.Fc
+.Sh DESCRIPTION
+.Fn SSL_get_server_tmp_key
+retrieves the temporary key provided by the server
+and used during key exchange.
+For example, if ECDHE is in use,
+this represents the server's public ECDHE key.
+.Pp
+In case of success, a copy of the key is stored in
+.Pf * Fa key .
+It is the caller's responsibility to free this key after use using
+.Xr EVP_PKEY_free 3 .
+.Pp
+This function may only be called by the client.
+.Pp
+This function is implemented as a macro.
+.Sh RETURN VALUES
+.Fn SSL_get_server_tmp_key
+returns 1 on success or 0 on failure.
+.Sh SEE ALSO
+.Xr EVP_PKEY_free 3 ,
+.Xr SSL_ctrl 3
author	schwarze <>	2017-04-10 15:54:46 +0000
committer	schwarze <>	2017-04-10 15:54:46 +0000
commit	866bde2c02a65fb604aee9bf62757d7f52fc3b1c (patch)
tree	6e938c66ffa77694d4dc59cf8ca14af20cfb5815
parent	311ed046b5f6bafabbb9b5de9b24e9da8c6d2b01 (diff)
download	openbsd-866bde2c02a65fb604aee9bf62757d7f52fc3b1c.tar.gz openbsd-866bde2c02a65fb604aee9bf62757d7f52fc3b1c.tar.bz2 openbsd-866bde2c02a65fb604aee9bf62757d7f52fc3b1c.zip

diff --git a/src/lib/libssl/man/Makefile b/src/lib/libssl/man/Makefile index e7c8af7872..c0b304cd80 100644 --- a/src/lib/libssl/man/Makefile +++ b/src/lib/libssl/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.54 2017/04/10 15:37:55 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.55 2017/04/10 15:54:46 schwarze Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4		4
@@ -77,6 +77,7 @@ MAN = BIO_f_ssl.3 \
77	SSL_get_peer_cert_chain.3 \	77	SSL_get_peer_cert_chain.3 \
78	SSL_get_peer_certificate.3 \	78	SSL_get_peer_certificate.3 \
79	SSL_get_rbio.3 \	79	SSL_get_rbio.3 \
		80	SSL_get_server_tmp_key.3 \
80	SSL_get_session.3 \	81	SSL_get_session.3 \
81	SSL_get_shared_ciphers.3 \	82	SSL_get_shared_ciphers.3 \
82	SSL_get_state.3 \	83	SSL_get_state.3 \


diff --git a/src/lib/libssl/man/SSL_CTX_ctrl.3 b/src/lib/libssl/man/SSL_CTX_ctrl.3 index 88b907d09b..901a830920 100644 --- a/src/lib/libssl/man/SSL_CTX_ctrl.3 +++ b/src/lib/libssl/man/SSL_CTX_ctrl.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_CTX_ctrl.3,v 1.3 2017/04/10 14:00:51 schwarze Exp $	1	.\" $OpenBSD: SSL_CTX_ctrl.3,v 1.4 2017/04/10 15:54:46 schwarze Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.	4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -104,6 +104,7 @@ parameter.
104	.Xr SSL_CTX_set_tlsext_servername_callback 3 ,	104	.Xr SSL_CTX_set_tlsext_servername_callback 3 ,
105	.Xr SSL_CTX_set_tlsext_status_cb 3 ,	105	.Xr SSL_CTX_set_tlsext_status_cb 3 ,
106	.Xr SSL_CTX_set_tlsext_ticket_key_cb 3 ,	106	.Xr SSL_CTX_set_tlsext_ticket_key_cb 3 ,
		107	.Xr SSL_get_server_tmp_key 3 ,
107	.Xr SSL_num_renegotiations 3 ,	108	.Xr SSL_num_renegotiations 3 ,
108	.Xr SSL_session_reused 3 ,	109	.Xr SSL_session_reused 3 ,
109	.Xr SSL_set_max_send_fragment 3	110	.Xr SSL_set_max_send_fragment 3


diff --git a/src/lib/libssl/man/SSL_get_server_tmp_key.3 b/src/lib/libssl/man/SSL_get_server_tmp_key.3 new file mode 100644 index 0000000000..66e362f6e9 --- /dev/null +++ b/src/lib/libssl/man/SSL_get_server_tmp_key.3
@@ -0,0 +1,84 @@
		1	.\" $OpenBSD: SSL_get_server_tmp_key.3,v 1.1 2017/04/10 15:54:46 schwarze Exp $
		2	.\" OpenSSL SSL_get_server_tmp_key.pod 508fafd8 Apr 3 15:41:21 2017 +0100
		3	.\"
		4	.\" This file was written by Matt Caswell <matt@openssl.org>
		5	.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved.
		6	.\"
		7	.\" Redistribution and use in source and binary forms, with or without
		8	.\" modification, are permitted provided that the following conditions
		9	.\" are met:
		10	.\"
		11	.\" 1. Redistributions of source code must retain the above copyright
		12	.\" notice, this list of conditions and the following disclaimer.
		13	.\"
		14	.\" 2. Redistributions in binary form must reproduce the above copyright
		15	.\" notice, this list of conditions and the following disclaimer in
		16	.\" the documentation and/or other materials provided with the
		17	.\" distribution.
		18	.\"
		19	.\" 3. All advertising materials mentioning features or use of this
		20	.\" software must display the following acknowledgment:
		21	.\" "This product includes software developed by the OpenSSL Project
		22	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
		23	.\"
		24	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
		25	.\" endorse or promote products derived from this software without
		26	.\" prior written permission. For written permission, please contact
		27	.\" openssl-core@openssl.org.
		28	.\"
		29	.\" 5. Products derived from this software may not be called "OpenSSL"
		30	.\" nor may "OpenSSL" appear in their names without prior written
		31	.\" permission of the OpenSSL Project.
		32	.\"
		33	.\" 6. Redistributions of any form whatsoever must retain the following
		34	.\" acknowledgment:
		35	.\" "This product includes software developed by the OpenSSL Project
		36	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
		37	.\"
		38	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
		39	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
		40	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
		41	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
		42	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
		43	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
		44	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
		45	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
		46	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
		47	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
		48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
		49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
		50	.\"
		51	.Dd $Mdocdate: April 10 2017 $
		52	.Dt SSL_GET_SERVER_TMP_KEY 3
		53	.Os
		54	.Sh NAME
		55	.Nm SSL_get_server_tmp_key
		56	.Nd temporary server key during a handshake
		57	.Sh SYNOPSIS
		58	.In openssl/ssl.h
		59	.Ft long
		60	.Fo SSL_get_server_tmp_key
		61	.Fa "SSL *ssl"
		62	.Fa "EVP_PKEY **key"
		63	.Fc
		64	.Sh DESCRIPTION
		65	.Fn SSL_get_server_tmp_key
		66	retrieves the temporary key provided by the server
		67	and used during key exchange.
		68	For example, if ECDHE is in use,
		69	this represents the server's public ECDHE key.
		70	.Pp
		71	In case of success, a copy of the key is stored in
		72	.Pf * Fa key .
		73	It is the caller's responsibility to free this key after use using
		74	.Xr EVP_PKEY_free 3 .
		75	.Pp
		76	This function may only be called by the client.
		77	.Pp
		78	This function is implemented as a macro.
		79	.Sh RETURN VALUES
		80	.Fn SSL_get_server_tmp_key
		81	returns 1 on success or 0 on failure.
		82	.Sh SEE ALSO
		83	.Xr EVP_PKEY_free 3 ,
		84	.Xr SSL_ctrl 3