second batch of perlpod(1) to mdoc(7) conversion

23 files changed, 1381 insertions, 924 deletions

diff --git a/src/lib/libcrypto/man/BF_set_key.3 b/src/lib/libcrypto/man/BF_set_key.3
new file mode 100644
index 0000000000..53ff53896c
--- /dev/null
+++ b/src/lib/libcrypto/man/BF_set_key.3
@@ -0,0 +1,215 @@
+.Dd July 17, 2014
+.Dt BF_SET_KEY 3
+.Os
+.Sh NAME
+.Nm BF_set_key ,
+.Nm BF_encrypt ,
+.Nm BF_decrypt ,
+.Nm BF_ecb_encrypt ,
+.Nm BF_cbc_encrypt ,
+.Nm BF_cfb64_encrypt ,
+.Nm BF_ofb64_encrypt ,
+.Nm BF_options
+.Nd Blowfish encryption
+.Sh SYNOPSIS
+.In openssl/blowfish.h
+.Ft void
+.Fo BF_set_key
+.Fa "BF_KEY *key"
+.Fa "int len"
+.Fa "const unsigned char *data"
+.Fc
+.Ft void
+.Fo BF_ecb_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "BF_KEY *key"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo BF_cbc_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "BF_KEY *schedule"
+.Fa "unsigned char *ivec"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo BF_cfb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "BF_KEY *schedule"
+.Fa "unsigned char *ivec"
+.Fa "int *num"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo BF_ofb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "BF_KEY *schedule"
+.Fa "unsigned char *ivec"
+.Fa "int *num"
+.Fc
+.Ft const char *
+.Fo BF_options
+.Fa void
+.Fc
+.Ft void
+.Fo BF_encrypt
+.Fa "BF_LONG *data"
+.Fa "const BF_KEY *key"
+.Fc
+.Ft void
+.Fo BF_decrypt
+.Fa "BF_LONG *data"
+.Fa "const BF_KEY *key"
+.Fc
+.Sh DESCRIPTION
+This library implements the Blowfish cipher,
+which was invented and described by
+.An Counterpane .
+.Pp
+Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data.
+It uses a variable size key, but typically, 128 bit (16 byte) keys
+are considered good for strong encryption.
+Blowfish can be used in the same modes as DES (see
+.Xr des_modes 3 ) .
+Blowfish is currently one of the faster block ciphers.
+It is quite a bit faster than DES, and much faster than IDEA or RC2.
+.Pp
+Blowfish consists of a key setup phase
+and the actual encryption or decryption phase.
+.Pp
+.Fn BF_set_key
+sets up the
+.Vt BF_KEY
+.Fa key
+using the
+.Fa len
+bytes long key at
+.Fa data .
+.Pp
+.Fn BF_ecb_encrypt
+is the basic Blowfish encryption and decryption function.
+It encrypts or decrypts the first 64 bits of
+.Fa in
+using the key
+.Fa key ,
+putting the result in
+.Fa out .
+.Fa enc
+decides if encryption
+.Pq Dv BF_ENCRYPT
+or decryption
+.Pq Dv BF_DECRYPT
+shall be performed.
+The vector pointed at by
+.Fa in
+and
+.Fa out
+must be 64 bits in length, no less.
+If they are larger, everything after the first 64 bits is ignored.
+.Pp
+The mode functions
+.Fn BF_cbc_encrypt ,
+.Fn BF_cfb64_encrypt ,
+and
+.Fn BF_ofb64_encrypt
+all operate on variable length data.
+They all take an initialization vector
+.Fa ivec
+which needs to be passed along into the next call of the same function
+for the same message.
+.Fa ivec
+may be initialized with anything, but the recipient needs to know what
+it was initialized with, or it won't be able to decrypt.
+Some programs and protocols simplify this, like SSH, where
+.Fa ivec
+is simply initialized to zero.
+.Fn BF_cbc_encrypt
+operates on data that is a multiple of 8 bytes long, while
+.Fn BF_cfb64_encrypt
+and
+.Fn BF_ofb64_encrypt
+are used to encrypt an variable number of bytes (the amount
+does not have to be an exact multiple of 8).
+The purpose of the latter two is to simulate stream ciphers,
+and therefore, they need the parameter
+.Fa num ,
+which is a pointer to an integer where the current offset in
+.Fa ivec
+is stored between calls.
+This integer must be initialized to zero when
+.Fa ivec
+is initialized.
+.Pp
+.Fn BF_cbc_encrypt
+is the Cipher Block Chaining function for Blowfish.
+It encrypts or decrypts the 64 bits chunks of
+.Fa in
+using the key
+.Fa schedule ,
+putting the result in
+.Fa out .
+.Fa enc
+decides if encryption
+.Pq Dv BF_ENCRYPT
+or decryption
+.Pq Dv BF_DECRYPT
+shall be performed.
+.Fa ivec
+must point at an 8 byte long initialization vector.
+.Pp
+.Fn BF_cfb64_encrypt
+is the CFB mode for Blowfish with 64 bit feedback.
+It encrypts or decrypts the bytes in
+.Fa in
+using the key
+.Fa schedule ,
+putting the result in
+.Fa out .
+.Fa enc
+decides if encryption
+.Pq Dv BF_ENCRYPT
+or decryption
+.Pq Dv BF_DECRYPT
+shall be performed.
+.Fa ivec
+must point at an
+8 byte long initialization vector.
+.Fa num
+must point at an integer which must be initially zero.
+.Pp
+.Fn BF_ofb64_encrypt
+is the OFB mode for Blowfish with 64 bit feedback.
+It uses the same parameters as
+.Fn BF_cfb64_encrypt ,
+which must be initialized the same way.
+.Pp
+.Fn BF_encrypt
+and
+.Fn BF_decrypt
+are the lowest level functions for Blowfish encryption.
+They encrypt/decrypt the first 64 bits of the vector pointed by
+.Fa data ,
+using the key
+.Fa key .
+These functions should not be used unless you implement 'modes' of Blowfish.
+The alternative is to use
+.Fn BF_ecb_encrypt .
+If you still want to use these functions, you should be aware
+that they take each 32-bit chunk in host-byte order,
+which is little-endian on little-endian platforms
+and big-endian on big-endian ones.
+.Sh RETURN VALUES
+None of the functions presented here return any value.
+.Sh NOTE
+Applications should use the higher level functions
+.Xr EVP_EncryptInit 3
+etc. instead of calling the blowfish functions directly.
+.Sh HISTORY
+The Blowfish functions are available in all versions of SSLeay and OpenSSL.
diff --git a/src/lib/libcrypto/man/BIO.3 b/src/lib/libcrypto/man/BIO.3
new file mode 100644
index 0000000000..f352379003
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO.3
@@ -0,0 +1,56 @@
+.Dd July 17, 2014
+.Dt BIO 3
+.Os
+.Sh NAME
+.Nm BIO
+.Nd I/O abstraction
+.Sh SYNOPSIS
+.In openssl/bio.h
+.Sh DESCRIPTION
+A BIO is an I/O abstraction,
+it hides many of the underlying I/O details from an application.
+If an application uses a BIO for its I/O, it can transparently handle
+SSL connections, unencrypted network connections and file I/O.
+.Pp
+There are two types of BIO, a source/sink BIO and a filter BIO.
+.Pp
+As its name implies, a source/sink BIO is a source and/or sink of data,
+examples include a socket BIO and a file BIO.
+.Pp
+A filter BIO takes data from one BIO and passes it through
+to another, or to the application.
+The data may be left unmodified (for example a message digest BIO)
+or translated (for example an encryption BIO).
+The effect of a filter BIO may change according to the I/O operation
+it is performing: for example an encryption BIO will encrypt data
+if it is being written to and decrypt data if it is being read from.
+.Pp
+BIOs can be joined together to form a chain
+(a single BIO is a chain with one component).
+A chain normally consist of one source/sink BIO
+and one or more filter BIOs.
+Data read from or written to the first BIO then traverses the chain
+to the end (normally a source/sink BIO).
+.Sh SEE ALSO
+.Xr BIO_ctrl 3 ,
+.Xr BIO_f_base64 3 ,
+.Xr BIO_f_buffer 3 ,
+.Xr BIO_f_cipher 3 ,
+.Xr BIO_f_md 3 ,
+.Xr BIO_f_null 3 ,
+.Xr BIO_f_ssl 3 ,
+.Xr BIO_find_type 3 ,
+.Xr BIO_new 3 ,
+.Xr BIO_new_bio_pair 3 ,
+.Xr BIO_push 3 ,
+.Xr BIO_read 3 ,
+.Xr BIO_s_accept 3 ,
+.Xr BIO_s_bio 3 ,
+.Xr BIO_s_connect 3 ,
+.Xr BIO_s_fd 3 ,
+.Xr BIO_s_file 3 ,
+.Xr BIO_s_mem 3 ,
+.Xr BIO_s_null 3 ,
+.Xr BIO_s_socket 3 ,
+.Xr BIO_set_callback 3 ,
+.Xr BIO_should_retry 3
diff --git a/src/lib/libcrypto/man/BIO_ctrl.3 b/src/lib/libcrypto/man/BIO_ctrl.3
new file mode 100644
index 0000000000..75d665a4be
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO_ctrl.3
@@ -0,0 +1,264 @@
+.Dd July 17, 2014
+.Dt BIO_CTRL 3
+.Os
+.Sh NAME
+.Nm BIO_ctrl ,
+.Nm BIO_callback_ctrl ,
+.Nm BIO_ptr_ctrl ,
+.Nm BIO_int_ctrl ,
+.Nm BIO_reset ,
+.Nm BIO_seek ,
+.Nm BIO_tell ,
+.Nm BIO_flush ,
+.Nm BIO_eof ,
+.Nm BIO_set_close ,
+.Nm BIO_get_close ,
+.Nm BIO_pending ,
+.Nm BIO_wpending ,
+.Nm BIO_ctrl_pending ,
+.Nm BIO_ctrl_wpending ,
+.Nm BIO_get_info_callback ,
+.Nm BIO_set_info_callback
+.Nd BIO control operations
+.Sh SYNOPSIS
+.In openssl/bio.h
+.Ft long
+.Fo BIO_ctrl
+.Fa "BIO *bp"
+.Fa "int cmd"
+.Fa "long larg"
+.Fa "void *parg"
+.Fc
+.Ft long
+.Fo BIO_callback_ctrl
+.Fa "BIO *b"
+.Fa "int cmd"
+.Fa "void (*fp)(struct bio_st *, int, const char *, int, long, long)"
+.Fc
+.Ft char *
+.Fo BIO_ptr_ctrl
+.Fa "BIO *bp"
+.Fa "int cmd"
+.Fa "long larg"
+.Fc
+.Ft long
+.Fo BIO_int_ctrl
+.Fa "BIO *bp"
+.Fa "int cmd"
+.Fa "long larg"
+.Fa "int iarg"
+.Fc
+.Ft int
+.Fo BIO_reset
+.Fa "BIO *b"
+.Fc
+.Ft int
+.Fo BIO_seek
+.Fa "BIO *b"
+.Fa "int ofs"
+.Fc
+.Ft int
+.Fo BIO_tell
+.Fa "BIO *b"
+.Fc
+.Ft int
+.Fo BIO_flush
+.Fa "BIO *b"
+.Fc
+.Ft int
+.Fo BIO_eof
+.Fa "BIO *b"
+.Fc
+.Ft int
+.Fo BIO_set_close
+.Fa "BIO *b"
+.Fa "long flag"
+.Fc
+.Ft int
+.Fo BIO_get_close
+.Fa "BIO *b"
+.Fc
+.Ft int
+.Fo BIO_pending
+.Fa "BIO *b"
+.Fc
+.Ft int
+.Fo BIO_wpending
+.Fa "BIO *b"
+.Fc
+.Ft size_t
+.Fo BIO_ctrl_pending
+.Fa "BIO *b"
+.Fc
+.Ft size_t
+.Fo BIO_ctrl_wpending
+.Fa "BIO *b"
+.Fc
+.Ft int
+.Fo BIO_get_info_callback
+.Fa "BIO *b"
+.Fa "bio_info_cb **cbp"
+.Fc
+.Ft int
+.Fo BIO_set_info_callback
+.Fa "BIO *b"
+.Fa "bio_info_cb *cb"
+.Fc
+.Ft typedef void
+.Fo bio_info_cb
+.Fa "BIO *b"
+.Fa "int oper"
+.Fa "const char *ptr"
+.Fa "int arg1"
+.Fa "long arg2"
+.Fa "long arg3"
+.Fc
+.Sh DESCRIPTION
+.Fn BIO_ctrl ,
+.Fn BIO_callback_ctrl ,
+.Fn BIO_ptr_ctrl ,
+and
+.Fn BIO_int_ctrl
+are BIO "control" operations taking arguments of various types.
+These functions are not normally called directly,
+various macros are used instead.
+The standard macros are described below, macros specific to a
+particular type of BIO are described in the specific BIO's manual
+page as well as any special features of the standard calls.
+.Pp
+.Fn BIO_reset
+typically resets a BIO to some initial state, in the case
+of file related BIOs for example it rewinds the file pointer
+to the start of the file.
+.Pp
+.Fn BIO_seek
+resets a file related BIO's (that is file descriptor and
+FILE BIOs) file position pointer to
+.Fa ofs
+bytes from start of file.
+.Pp
+.Fn BIO_tell
+returns the current file position of a file related BIO.
+.Pp
+.Fn BIO_flush
+normally writes out any internally buffered data, in some cases
+it is used to signal EOF and that no more data will be written.
+.Pp
+.Fn BIO_eof
+returns 1 if the BIO has read EOF, the precise meaning of
+"EOF" varies according to the BIO type.
+.Pp
+.Fn BIO_set_close
+sets the BIO
+.Fa b
+close flag to
+.Fa flag .
+.Fa flag
+can take the value
+.Dv BIO_CLOSE
+or
+.Dv BIO_NOCLOSE .
+Typically
+.Dv BIO_CLOSE
+is used in a source/sink BIO to indicate that the underlying I/O stream
+should be closed when the BIO is freed.
+.Pp
+.Fn BIO_get_close
+returns the BIO's close flag.
+.Pp
+.Fn BIO_pending ,
+.Fn BIO_ctrl_pending ,
+.Fn BIO_wpending ,
+and
+.Fn BIO_ctrl_wpending
+return the number of pending characters in the BIO's read and write buffers.
+Not all BIOs support these calls.
+.Fn BIO_ctrl_pending
+and
+.Fn BIO_ctrl_wpending
+return a
+.Vt size_t
+type and are functions,
+.Fn BIO_pending
+and
+.Fn BIO_wpending
+are macros which call
+.Fn BIO_ctrl .
+.Sh RETURN VALUES
+.Fn BIO_reset
+normally returns 1 for success and 0 or -1 for failure.
+File BIOs are an exception, they return 0 for success and -1 for failure.
+.Pp
+.Fn BIO_seek
+and
+.Fn BIO_tell
+both return the current file position on success
+and -1 for failure, except file BIOs which for
+.Fn BIO_seek
+always return 0 for success and -1 for failure.
+.Pp
+.Fn BIO_flush
+returns 1 for success and 0 or -1 for failure.
+.Pp
+.Fn BIO_eof
+returns 1 if EOF has been reached 0 otherwise.
+.Pp
+.Fn BIO_set_close
+always returns 1.
+.Pp
+.Fn BIO_get_close
+returns the close flag value
+.Dv BIO_CLOSE
+or
+.Dv BIO_NOCLOSE .
+.Pp
+.Fn BIO_pending ,
+.Fn BIO_ctrl_pending ,
+.Fn BIO_wpending ,
+and
+.Fn BIO_ctrl_wpending
+return the amount of pending data.
+.Sh NOTES
+Because it can write data,
+.Fn BIO_flush
+may return 0 or -1 indicating that the call should be retried later
+in a similar manner to
+.Fn BIO_write .
+The
+.Fn BIO_should_retry
+call should be used and appropriate action taken is the call fails.
+.Pp
+The return values of
+.Fn BIO_pending
+and
+.Fn BIO_wpending
+may not reliably determine the amount of pending data in all cases.
+For example in the case of a file BIO some data may be available in the
+.Vt FILE
+structure's internal buffers but it is not possible
+to determine this in a portably way.
+For other types of BIO they may not be supported.
+.Pp
+If they do not internally handle a particular
+.Fn BIO_ctrl
+operation, filter BIOs usually pass the operation
+to the next BIO in the chain.
+This often means there is no need to locate the required BIO for
+a particular operation, it can be called on a chain and it will
+be automatically passed to the relevant BIO.
+However this can cause unexpected results:
+for example no current filter BIOs implement
+.Fn BIO_seek ,
+but this may still succeed if the chain ends
+in a FILE or file descriptor BIO.
+.Pp
+Source/sink BIOs return an 0 if they do not recognize the
+.Fn BIO_ctrl
+operation.
+.Sh BUGS
+Some of the return values are ambiguous and care should be taken.
+In particular a return value of 0 can be returned if an operation
+is not supported, if an error occurred, if EOF has not been reached
+and in the case of
+.Fn BIO_seek
+on a file BIO for a successful operation.
diff --git a/src/lib/libcrypto/man/BIO_f_base64.3 b/src/lib/libcrypto/man/BIO_f_base64.3
new file mode 100644
index 0000000000..e08191b84a
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO_f_base64.3
@@ -0,0 +1,80 @@
+.Dd July 17, 2014
+.Dt BIO_F_BASE64 3
+.Os
+.Sh NAME
+.Nm BIO_f_base64
+.Nd base64 BIO filter
+.Sh SYNOPSIS
+.In openssl/bio.h
+.In openssl/evp.h
+.Ft BIO_METHOD *
+.Fo BIO_f_base64
+.Fa void
+.Fc
+.Sh DESCRIPTION
+.Fn BIO_f_base64
+returns the base64 BIO method.
+This is a filter BIO that base64 encodes any data written through it
+and decodes any data read through it.
+.Pp
+Base64 BIOs do not support
+.Xr BIO_gets 3
+or
+.Xr BIO_puts 3 .
+.Pp
+.Xr BIO_flush 3
+on a base64 BIO that is being written through
+is used to signal that no more data is to be encoded:
+this is used to flush the final block through the BIO.
+.Pp
+The flag
+.Dv BIO_FLAGS_BASE64_NO_NL
+can be set with
+.Xr BIO_set_flags 3
+to encode the data all on one line
+or expect the data to be all on one line.
+.Sh NOTES
+Because of the format of base64 encoding the end of the encoded
+block cannot always be reliably determined.
+.Sh RETURN VALUES
+.Fn BIO_f_base64
+returns the base64 BIO method.
+.Sh EXAMPLES
+Base64 encode the string "Hello World\en"
+and write the result to standard output:
+.Bd -literal -offset indent
+BIO *bio, *b64;
+char message[] = "Hello World \en";
+
+b64 = BIO_new(BIO_f_base64());
+bio = BIO_new_fp(stdout, BIO_NOCLOSE);
+BIO_push(b64, bio);
+BIO_write(b64, message, strlen(message));
+BIO_flush(b64);
+
+BIO_free_all(b64);
+.Ed
+.Pp
+Read Base64 encoded data from standard input
+and write the decoded data to standard output:
+.Bd -literal -offset indent
+BIO *bio, *b64, *bio_out;
+char inbuf[512];
+int inlen;
+
+b64 = BIO_new(BIO_f_base64());
+bio = BIO_new_fp(stdin, BIO_NOCLOSE);
+bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+BIO_push(b64, bio);
+while((inlen = BIO_read(b64, inbuf, 512)) > 0)
+        BIO_write(bio_out, inbuf, inlen);
+
+BIO_flush(bio_out);
+BIO_free_all(b64);
+.Ed
+.Sh BUGS
+The ambiguity of EOF in base64 encoded data can cause additional
+data following the base64 encoded block to be misinterpreted.
+.Pp
+There should be some way of specifying a test that the BIO can perform
+to reliably determine EOF (for example a MIME boundary).
diff --git a/src/lib/libcrypto/man/BIO_f_buffer.3 b/src/lib/libcrypto/man/BIO_f_buffer.3
new file mode 100644
index 0000000000..c01ab4809b
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO_f_buffer.3
@@ -0,0 +1,110 @@
+.Dd July 17, 2014
+.Dt BIO_F_BUFFER 3
+.Os
+.Sh NAME
+.Nm BIO_f_buffer
+.Nd buffering BIO
+.Sh SYNOPSIS
+.In openssl/bio.h
+.Ft BIO_METHOD *
+.Fo BIO_f_buffer
+.Fa void
+.Fc
+.Bd -literal
+#define BIO_get_buffer_num_lines(b) \e
+        BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+#define BIO_set_read_buffer_size(b,size) \e
+        BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
+#define BIO_set_write_buffer_size(b,size) \e
+        BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
+#define BIO_set_buffer_size(b,size) \e
+        BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+#define BIO_set_buffer_read_data(b,buf,num) \e
+        BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
+.Ed
+.Sh DESCRIPTION
+.Fn BIO_f_buffer
+returns the buffering BIO method.
+.Pp
+Data written to a buffering BIO is buffered and periodically written
+to the next BIO in the chain.
+Data read from a buffering BIO comes from an internal buffer
+which is filled from the next BIO in the chain.
+Both
+.Xr BIO_gets 3
+and
+.Xr BIO_puts 3
+are supported.
+.Pp
+Calling
+.Xr BIO_reset 3
+on a buffering BIO clears any buffered data.
+.Pp
+.Fn BIO_get_buffer_num_lines
+returns the number of lines currently buffered.
+.Pp
+.Fn BIO_set_read_buffer_size ,
+.Fn BIO_set_write_buffer_size ,
+and
+.Fn BIO_set_buffer_size
+set the read, write or both read and write buffer sizes to
+.Fa size .
+The initial buffer size is
+.Dv DEFAULT_BUFFER_SIZE ,
+currently 4096.
+Any attempt to reduce the buffer size below
+.Dv DEFAULT_BUFFER_SIZE
+is ignored.
+Any buffered data is cleared when the buffer is resized.
+.Pp
+.Fn BIO_set_buffer_read_data
+clears the read buffer and fills it with
+.Fa num
+bytes of
+.Fa buf .
+If
+.Fa num
+is larger than the current buffer size the buffer is expanded.
+.Sh NOTES
+Buffering BIOs implement
+.Xr BIO_gets 3
+by using
+.Xr BIO_read 3
+operations on the next BIO in the chain.
+By prepending a buffering BIO to a chain
+it is therefore possible to provide
+.Xr BIO_gets 3
+functionality if the following BIOs do not support it (for example SSL BIOs).
+.Pp
+Data is only written to the next BIO in the chain
+when the write buffer fills or when
+.Xr BIO_flush 3
+is called.
+It is therefore important to call
+.Xr BIO_flush 3
+whenever any pending data should be written
+such as when removing a buffering BIO using
+.Xr BIO_pop 3 .
+.Xr BIO_flush 3
+may need to be retried if the ultimate source/sink BIO is non blocking.
+.Sh RETURN VALUES
+.Fn BIO_f_buffer
+returns the buffering BIO method.
+.Pp
+.Fn BIO_get_buffer_num_lines
+returns the number of lines buffered (may be 0).
+.Pp
+.Fn BIO_set_read_buffer_size ,
+.Fn BIO_set_write_buffer_size ,
+and
+.Fn BIO_set_buffer_size
+return 1 if the buffer was successfully resized or 0 for failure.
+.Pp
+.Fn BIO_set_buffer_read_data
+returns 1 if the data was set correctly or 0 if there was an error.
+.Sh SEE ALSO
+.Xr BIO 3 ,
+.Xr BIO_ctrl 3 ,
+.Xr BIO_flush 3 ,
+.Xr BIO_pop 3 ,
+.Xr BIO_reset 3
diff --git a/src/lib/libcrypto/man/BIO_f_cipher.3 b/src/lib/libcrypto/man/BIO_f_cipher.3
new file mode 100644
index 0000000000..68f425eb75
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO_f_cipher.3
@@ -0,0 +1,114 @@
+.Dd July 17, 2014
+.Dt BIO_F_CIPHER 3
+.Os
+.Sh NAME
+.Nm BIO_f_cipher ,
+.Nm BIO_set_cipher ,
+.Nm BIO_get_cipher_status ,
+.Nm BIO_get_cipher_ctx
+.Nd cipher BIO filter
+.Sh SYNOPSIS
+.In openssl/bio.h
+.In openssl/evp.h
+.Ft BIO_METHOD *
+.Fo BIO_f_cipher
+.Fa void
+.Fc
+.Ft void
+.Fo BIO_set_cipher
+.Fa "BIO *b"
+.Fa "const EVP_CIPHER *cipher"
+.Fa "unsigned char *key"
+.Fa "unsigned char *iv"
+.Fa "int enc"
+.Fc
+.Ft int
+.Fo BIO_get_cipher_status
+.Fa "BIO *b"
+.Fc
+.Ft int
+.Fo BIO_get_cipher_ctx
+.Fa "BIO *b"
+.Fa "EVP_CIPHER_CTX **pctx"
+.Fc
+.Sh DESCRIPTION
+.Fn BIO_f_cipher
+returns the cipher BIO method.
+This is a filter BIO that encrypts any data written through it,
+and decrypts any data read from it.
+It is a BIO wrapper for the cipher routines
+.Xr EVP_CipherInit 3 ,
+.Xr EVP_CipherUpdate 3 ,
+and
+.Xr EVP_CipherFinal 3 .
+.Pp
+Cipher BIOs do not support
+.Xr BIO_gets 3
+or
+.Xr BIO_puts 3 .
+.Pp
+.Xr BIO_flush 3
+on an encryption BIO that is being written through
+is used to signal that no more data is to be encrypted:
+this is used to flush and possibly pad the final block through the BIO.
+.Pp
+.Fn BIO_set_cipher
+sets the cipher of BIO
+.Fa b
+to
+.Fa cipher
+using key
+.Fa key
+and IV
+.Fa iv .
+.Fa enc
+should be set to 1 for encryption and zero for decryption.
+.Pp
+When reading from an encryption BIO, the final block is automatically
+decrypted and checked when EOF is detected.
+.Fn BIO_get_cipher_status
+is a
+.Xr BIO_ctrl 3
+macro which can be called to determine
+whether the decryption operation was successful.
+.Pp
+.Fn BIO_get_cipher_ctx
+is a
+.Xr BIO_ctrl 3
+macro which retrieves the internal BIO cipher context.
+The retrieved context can be used in conjunction
+with the standard cipher routines to set it up.
+This is useful when
+.Fn BIO_set_cipher
+is not flexible enough for the applications needs.
+.Sh NOTES
+When encrypting,
+.Xr BIO_flush 3
+must be called to flush the final block through the BIO.
+If it is not, then the final block will fail a subsequent decrypt.
+.Pp
+When decrypting, an error on the final block is signalled
+by a zero return value from the read operation.
+A successful decrypt followed by EOF
+will also return zero for the final read.
+.Fn BIO_get_cipher_status
+should be called to determine if the decrypt was successful.
+.Pp
+As always, if
+.Xr BIO_gets 3
+or
+.Xr BIO_puts 3
+support is needed, then it can be achieved
+by preceding the cipher BIO with a buffering BIO.
+.Sh RETURN VALUES
+.Fn BIO_f_cipher
+returns the cipher BIO method.
+.Pp
+.Fn BIO_set_cipher
+does not return a value.
+.Pp
+.Fn BIO_get_cipher_status
+returns 1 for a successful decrypt and 0 for failure.
+.Pp
+.Fn BIO_get_cipher_ctx
+currently always returns 1.
diff --git a/src/lib/libcrypto/man/BIO_f_md.3 b/src/lib/libcrypto/man/BIO_f_md.3
new file mode 100644
index 0000000000..de21722608
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO_f_md.3
@@ -0,0 +1,209 @@
+.Dd July 17, 2014
+.Dt BIO_F_MD 3
+.Os
+.Sh NAME
+.Nm BIO_f_md ,
+.Nm BIO_set_md ,
+.Nm BIO_get_md ,
+.Nm BIO_get_md_ctx
+.Nd message digest BIO filter
+.Sh SYNOPSIS
+.In openssl/bio.h
+.In openssl/evp.h
+.Ft BIO_METHOD *
+.Fo BIO_f_md
+.Fa void
+.Fc
+.Ft int
+.Fo BIO_set_md
+.Fa "BIO *b"
+.Fa "EVP_MD *md"
+.Fc
+.Ft int
+.Fo BIO_get_md
+.Fa "BIO *b"
+.Fa "EVP_MD **mdp"
+.Fc
+.Ft int
+.Fo BIO_get_md_ctx
+.Fa "BIO *b"
+.Fa "EVP_MD_CTX **mdcp"
+.Fc
+.Sh DESCRIPTION
+.Fn BIO_f_md
+returns the message digest BIO method.
+This is a filter BIO that digests any data passed through it.
+It is a BIO wrapper for the digest routines
+.Fn EVP_DigestInit ,
+.Fn EVP_DigestUpdate ,
+and
+.Fn EVP_DigestFinal .
+.Pp
+Any data written or read through a digest BIO using
+.Xr BIO_read 3
+and
+.Xr BIO_write 3
+is digested.
+.Pp
+.Xr BIO_gets 3 ,
+if its
+.Sy size
+parameter is large enough,
+finishes the digest calculation and returns the digest value.
+.Xr BIO_puts 3
+is
+not supported.
+.Pp
+.Xr BIO_reset 3
+reinitialises a digest BIO.
+.Pp
+.Fn BIO_set_md
+sets the message digest of BIO
+.Fa b
+to
+.Fa md :
+this must be called to initialize a digest BIO
+before any data is passed through it.
+It is a
+.Xr BIO_ctrl 3
+macro.
+.Pp
+.Fn BIO_get_md
+places the a pointer to the digest BIOs digest method in
+.Fa mdp .
+It is a
+.Xr BIO_ctrl 3
+macro.
+.Pp
+.Fn BIO_get_md_ctx
+returns the digest BIOs context in
+.Fa mdcp .
+.Sh NOTES
+The context returned by
+.Fn BIO_get_md_ctx
+can be used in calls to
+.Xr EVP_DigestFinal 3
+and also in the signature routines
+.Xr EVP_SignFinal 3
+and
+.Xr EVP_VerifyFinal 3 .
+.Pp
+The context returned by
+.Fn BIO_get_md_ctx
+is an internal context structure.
+Changes made to this context will affect the digest BIO itself, and
+the context pointer will become invalid when the digest BIO is freed.
+.Pp
+After the digest has been retrieved from a digest BIO,
+it must be reinitialized by calling
+.Xr BIO_reset 3
+or
+.Fn BIO_set_md
+before any more data is passed through it.
+.Pp
+If an application needs to call
+.Xr BIO_gets 3
+or
+.Xr BIO_puts 3
+through a chain containing digest BIOs,
+then this can be done by prepending a buffering BIO.
+.Pp
+Before OpenSSL 1.0.0 the call to
+.Fn BIO_get_md_ctx
+would only work if the BIO had been initialized for example by calling
+.Fn BIO_set_md .
+In OpenSSL 1.0.0 and later the context is always returned
+and the BIO is state is set to initialized.
+This allows applications to initialize the context externally
+if the standard calls such as
+.Fn BIO_set_md
+are not sufficiently flexible.
+.Sh RETURN VALUES
+.Fn BIO_f_md
+returns the digest BIO method.
+.Pp
+.Fn BIO_set_md ,
+.Fn BIO_get_md ,
+and
+.Fn BIO_get_md_ctx
+return 1 for success and 0 for failure.
+.Sh EXAMPLES
+The following example creates a BIO chain containing an SHA1 and MD5
+digest BIO and passes the string "Hello World" through it.
+Error checking has been omitted for clarity.
+.Bd -literal -offset 2n
+BIO *bio, *mdtmp;
+const char message[] = "Hello World";
+bio = BIO_new(BIO_s_null());
+mdtmp = BIO_new(BIO_f_md());
+BIO_set_md(mdtmp, EVP_sha1());
+/*
+ * For BIO_push() we want to append the sink BIO
+ * and keep a note of the start of the chain.
+ */
+bio = BIO_push(mdtmp, bio);
+mdtmp = BIO_new(BIO_f_md());
+BIO_set_md(mdtmp, EVP_md5());
+bio = BIO_push(mdtmp, bio);
+/* Note: mdtmp can now be discarded */
+BIO_write(bio, message, strlen(message));
+.Ed
+.Pp
+The next example digests data by reading through a chain instead:
+.Bd -literal -offset 2n
+BIO *bio, *mdtmp;
+char buf[1024];
+int rdlen;
+
+bio = BIO_new_file(file, "rb");
+mdtmp = BIO_new(BIO_f_md());
+BIO_set_md(mdtmp, EVP_sha1());
+bio = BIO_push(mdtmp, bio);
+mdtmp = BIO_new(BIO_f_md());
+BIO_set_md(mdtmp, EVP_md5());
+bio = BIO_push(mdtmp, bio);
+do {
+        rdlen = BIO_read(bio, buf, sizeof(buf));
+        /* Might want to do something with the data here */
+} while (rdlen > 0);
+.Ed
+.Pp
+This next example retrieves the message digests from a BIO chain
+and outputs them.
+This could be used with the examples above.
+.Bd -literal -offset 2n
+BIO *mdtmp;
+unsigned char mdbuf[EVP_MAX_MD_SIZE];
+int mdlen;
+int i;
+
+mdtmp = bio;    /* Assume bio has previously been set up */
+do {
+        EVP_MD *md;
+        mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
+        if (!mdtmp)
+                break;
+        BIO_get_md(mdtmp, &md);
+        printf("%s digest", OBJ_nid2sn(EVP_MD_type(md)));
+        mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
+        for(i = 0; i < mdlen; i++)
+                printf(":%02X", mdbuf[i]);
+        printf("\en");
+        mdtmp = BIO_next(mdtmp);
+} while(mdtmp);
+BIO_free_all(bio);
+.Ed
+.Sh BUGS
+The lack of support for
+.Xr BIO_puts 3
+and the non standard behaviour of
+.Xr BIO_gets 3
+could be regarded as anomalous.
+It could be argued that
+.Xr BIO_gets 3
+and
+.Xr BIO_puts 3
+should be passed to the next BIO in the chain and digest the data
+passed through and that digests should be retrieved using a separate
+.Xr BIO_ctrl 3
+call.
diff --git a/src/lib/libcrypto/man/BIO_f_null.3 b/src/lib/libcrypto/man/BIO_f_null.3
new file mode 100644
index 0000000000..a09cc77631
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO_f_null.3
@@ -0,0 +1,25 @@
+.Dd July 17, 2014
+.Dt BIO_F_NULL 3
+.Os
+.Sh NAME
+.Nm BIO_f_null
+.Nd null filter
+.Sh SYNOPSIS
+.In openssl/bio.h
+.Ft BIO_METHOD *
+.Fo BIO_f_null
+.Fa void
+.Fc
+.Sh DESCRIPTION
+.Fn BIO_f_null
+returns the null filter BIO method.
+This is a filter BIO that does nothing.
+.Pp
+All requests to a null filter BIO are passed through to the next BIO
+in the chain: this means that a BIO chain containing a null filter BIO
+behaves just as though the BIO was not there.
+.Sh NOTES
+As may be apparent, a null filter BIO is not particularly useful.
+.Sh RETURN VALUES
+.Fn BIO_f_null
+returns the null filter BIO method.
diff --git a/src/lib/libcrypto/man/BIO_find_type.3 b/src/lib/libcrypto/man/BIO_find_type.3
new file mode 100644
index 0000000000..f573ad7675
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO_find_type.3
@@ -0,0 +1,117 @@
+.Dd July 17, 2014
+.Dt BIO_FIND_TYPE 3
+.Os
+.Sh NAME
+.Nm BIO_find_type ,
+.Nm BIO_next ,
+.Nm BIO_method_type
+.Nd BIO chain traversal
+.Sh SYNOPSIS
+.In openssl/bio.h
+.Ft BIO *
+.Fo BIO_find_type
+.Fa "BIO *b"
+.Fa "int bio_type"
+.Fc
+.Ft BIO *
+.Fo BIO_next
+.Fa "BIO *b"
+.Fc
+.Fd #define BIO_method_type(b)  ((b)->method->type)
+.Fd #define BIO_TYPE_NONE               0
+.Fd #define BIO_TYPE_MEM                (1|0x0400)
+.Fd #define BIO_TYPE_FILE               (2|0x0400)
+.Fd #define BIO_TYPE_FD                 (4|0x0400|0x0100)
+.Fd #define BIO_TYPE_SOCKET             (5|0x0400|0x0100)
+.Fd #define BIO_TYPE_NULL               (6|0x0400)
+.Fd #define BIO_TYPE_SSL                (7|0x0200)
+.Fd #define BIO_TYPE_MD                 (8|0x0200)
+.Fd #define BIO_TYPE_BUFFER             (9|0x0200)
+.Fd #define BIO_TYPE_CIPHER             (10|0x0200)
+.Fd #define BIO_TYPE_BASE64             (11|0x0200)
+.Fd #define BIO_TYPE_CONNECT            (12|0x0400|0x0100)
+.Fd #define BIO_TYPE_ACCEPT             (13|0x0400|0x0100)
+.Fd #define BIO_TYPE_PROXY_CLIENT       (14|0x0200)
+.Fd #define BIO_TYPE_PROXY_SERVER       (15|0x0200)
+.Fd #define BIO_TYPE_NBIO_TEST  (16|0x0200)
+.Fd #define BIO_TYPE_NULL_FILTER        (17|0x0200)
+.Fd #define BIO_TYPE_BER                (18|0x0200)
+.Fd #define BIO_TYPE_BIO                (19|0x0400)
+.Fd #define BIO_TYPE_DESCRIPTOR 0x0100
+.Fd #define BIO_TYPE_FILTER             0x0200
+.Fd #define BIO_TYPE_SOURCE_SINK        0x0400
+.Sh DESCRIPTION
+The function
+.Fn BIO_find_type
+searches for a BIO of a given type in a chain, starting at BIO
+.Fa b .
+If
+.Fa bio_type
+is a specific type (such as
+.Dv BIO_TYPE_MEM ) ,
+then a search is made for a BIO of that type.
+If
+.Fa bio_type
+is a general type (such as
+.Dv BIO_TYPE_SOURCE_SINK ) ,
+then the next matching BIO of the given general type is searched for.
+.Fn BIO_find_type
+returns the next matching BIO or
+.Dv NULL
+if none is found.
+.Pp
+Note: not all the
+.Dv BIO_TYPE_*
+types above have corresponding BIO implementations.
+.Pp
+.Fn BIO_next
+returns the next BIO in a chain.
+It can be used to traverse all BIOs in a chain or used in conjunction with
+.Fn BIO_find_type
+to find all BIOs of a certain type.
+.Pp
+.Fn BIO_method_type
+returns the type of a BIO.
+.Sh RETURN VALUES
+.Fn BIO_find_type
+returns a matching BIO or
+.Dv NULL
+for no match.
+.Pp
+.Fn BIO_next
+returns the next BIO in a chain.
+.Pp
+.Fn BIO_method_type
+returns the type of the BIO
+.Fa b .
+.Sh NOTES
+.Fn BIO_next
+was added to OpenSSL 0.9.6 to provide a 'clean' way to traverse a BIO
+chain or find multiple matches using
+.Fn BIO_find_type .
+Previous versions had to use:
+.Pp
+.Dl next = bio->next_bio;
+.Sh BUGS
+.Fn BIO_find_type
+in OpenSSL 0.9.5a and earlier could not be safely passed a
+.Dv NULL
+pointer for the
+.Fa b
+argument.
+.Sh EXAMPLE
+Traverse a chain looking for digest BIOs:
+.Bd -literal -offset 2n
+BIO *btmp;
+btmp = in_bio;  /* in_bio is chain to search through */
+
+do {
+        btmp = BIO_find_type(btmp, BIO_TYPE_MD);
+        if (btmp == NULL)
+                break;  /* Not found */
+        /* btmp is a digest BIO, do something with it ...*/
+        ...
+
+        btmp = BIO_next(btmp);
+} while(btmp);
+.Ed
diff --git a/src/lib/libcrypto/man/BIO_new.3 b/src/lib/libcrypto/man/BIO_new.3
new file mode 100644
index 0000000000..5f5030cdfa
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO_new.3
@@ -0,0 +1,104 @@
+.Dd July 17, 2014
+.Dt BIO_NEW 3
+.Os
+.Sh NAME
+.Nm BIO_new ,
+.Nm BIO_set ,
+.Nm BIO_free ,
+.Nm BIO_vfree ,
+.Nm BIO_free_all
+.Nd BIO allocation and freeing functions
+.Sh SYNOPSIS
+.In openssl/bio.h
+.Ft BIO *
+.Fo BIO_new
+.Fa "BIO_METHOD *type"
+.Fc
+.Ft int
+.Fo BIO_set
+.Fa "BIO *a"
+.Fa "BIO_METHOD *type"
+.Fc
+.Ft int
+.Fo BIO_free
+.Fa "BIO *a"
+.Fc
+.Ft void
+.Fo BIO_vfree
+.Fa "BIO *a"
+.Fc
+.Ft void
+.Fo BIO_free_all
+.Fa "BIO *a"
+.Fc
+.Sh DESCRIPTION
+The
+.Fn BIO_new
+function returns a new BIO using method
+.Fa type .
+.Pp
+.Fn BIO_set
+sets the method of an already existing BIO.
+.Pp
+.Fn BIO_free
+frees up a single BIO,
+.Fn BIO_vfree
+also frees up a single BIO, but it does not return a value.
+Calling
+.Fn BIO_free
+may also have some effect on the underlying I/O structure,
+for example it may close the file being
+referred to under certain circumstances.
+For more details see the individual
+.Vt BIO_METHOD
+descriptions.
+.Pp
+.Fn BIO_free_all
+frees up an entire BIO chain.
+It does not halt if an error occurs
+freeing up an individual BIO in the chain.
+.Sh RETURN VALUES
+.Fn BIO_new
+returns a newly created BIO or
+.Dv NULL
+if the call fails.
+.Pp
+.Fn BIO_set
+and
+.Fn BIO_free
+return 1 for success and 0 for failure.
+.Pp
+.Fn BIO_free_all
+and
+.Fn BIO_vfree
+do not return values.
+.Sh NOTES
+Some BIOs (such as memory BIOs) can be used immediately after calling
+.Fn BIO_new .
+Others (such as file BIOs) need some additional initialization, and
+frequently a utility function exists to create and initialize such BIOs.
+.Pp
+If
+.Fn BIO_free
+is called on a BIO chain, it will only free one BIO,
+resulting in a memory leak.
+.Pp
+Calling
+.Fn BIO_free_all
+on a single BIO has the same effect as calling
+.Fn BIO_free
+on it other than the discarded return value.
+.Pp
+Normally the
+.Fa type
+argument is supplied by a function which returns a pointer to a
+.Vt BIO_METHOD .
+There is a naming convention for such functions:
+a source/sink BIO is normally called
+.Fn BIO_s_*
+and a filter BIO
+.Fn BIO_f_* .
+.Sh EXAMPLES
+Create a memory BIO:
+.Pp
+.Dl BIO *mem = BIO_new(BIO_s_mem());
diff --git a/src/lib/libcrypto/man/BIO_new_CMS.3 b/src/lib/libcrypto/man/BIO_new_CMS.3
new file mode 100644
index 0000000000..59c20347e5
--- /dev/null
+++ b/src/lib/libcrypto/man/BIO_new_CMS.3
@@ -0,0 +1,83 @@
+.Dd October 2, 2010
+.Dt BIO_NEW_CMS 3
+.Os
+.Sh NAME
+.Nm BIO_new_CMS
+.Nd CMS streaming filter BIO
+.Sh SYNOPSIS
+.In openssl/cms.h
+.Ft BIO *
+.Fo BIO_new_CMS
+.Fa "BIO *out"
+.Fa "CMS_ContentInfo *cms"
+.Fc
+.Sh DESCRIPTION
+.Fn BIO_new_CMS
+returns a streaming filter BIO chain based on
+.Fa cms .
+The output of the filter is written to
+.Fa out .
+Any data written to the chain is automatically translated
+to a BER format CMS structure of the appropriate type.
+.Sh RETURN VALUES
+.Fn BIO_new_CMS
+returns a BIO chain when successful or
+.Dv NULL
+if an error occurred.
+The error can be obtained from
+.Xr ERR_get_error 3 .
+.Sh NOTES
+The chain returned by this function behaves like a standard filter BIO.
+It supports non blocking I/O.
+Content is processed and streamed on the fly and not all held in memory
+at once: so it is possible to encode very large structures.
+After all content has been written through the chain
+.Xr BIO_flush 3
+must be called to finalise the structure.
+.Pp
+The
+.Dv CMS_STREAM
+flag must be included in the corresponding
+.Fa flags
+parameter of the
+.Fa cms
+creation function.
+.Pp
+If an application wishes to write additional data to
+.Fa out ,
+BIOs should be removed from the chain using
+.Xr BIO_pop 3
+and freed with
+.Xr BIO_free 3
+until
+.Fa out
+is reached.
+If no additional data needs to be written,
+.Xr BIO_free_all 3
+can be called to free up the whole chain.
+.Pp
+Any content written through the filter is used verbatim:
+no canonical translation is performed.
+.Pp
+It is possible to chain multiple BIOs to, for example,
+create a triple wrapped signed, enveloped, signed structure.
+In this case it is the application's responsibility
+to set the inner content type of any outer
+.Vt CMS_ContentInfo
+structures.
+.Pp
+Large numbers of small writes through the chain should be avoided as this
+will produce an output consisting of lots of OCTET STRING structures.
+Prepending a
+.Xr BIO_f_buffer 3
+buffering BIO will prevent this.
+.Sh SEE ALSO
+.Xr CMS_encrypt 3 ,
+.Xr CMS_sign 3 ,
+.Xr ERR_get_error 3
+.Sh HISTORY
+.Fn BIO_new_CMS
+was added to OpenSSL 1.0.0.
+.Sh BUGS
+There is currently no corresponding inverse BIO
+which can decode a CMS structure on the fly.
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index 5edbf7e394..fcf9416248 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.16 2015/02/14 13:54:59 schwarze Exp $
+# $OpenBSD: Makefile,v 1.17 2015/02/14 14:09:01 schwarze Exp $
 
 .include <bsd.own.mk>           # for NOMAN
 
@@ -10,9 +10,7 @@ MAN=	\
         ASN1_STRING_length.3 \
         ASN1_STRING_new.3 \
         ASN1_STRING_print_ex.3 \
-        ASN1_generate_nconf.3
-
-GENMAN= \
+        ASN1_generate_nconf.3 \
         BF_set_key.3 \
         BIO.3 \
         BIO_ctrl.3 \
@@ -23,6 +21,8 @@ GENMAN= \
         BIO_f_null.3 \
         BIO_find_type.3 \
         BIO_new.3 \
+
+GENMAN= \
         BIO_push.3 \
         BIO_read.3 \
         BIO_s_accept.3 \
diff --git a/src/lib/libssl/src/doc/crypto/BF_set_key.pod b/src/lib/libssl/src/doc/crypto/BF_set_key.pod
deleted file mode 100644
index 7d2d96fc45..0000000000
--- a/src/lib/libssl/src/doc/crypto/BF_set_key.pod
+++ /dev/null
@@ -1,107 +0,0 @@
-=pod
-
-=head1 NAME
-
-BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt,
-BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption
-
-=head1 SYNOPSIS
-
- #include <openssl/blowfish.h>
-
- void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-
- void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-         BF_KEY *key, int enc);
- void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
-         long length, BF_KEY *schedule, unsigned char *ivec, int enc);
- void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-         long length, BF_KEY *schedule, unsigned char *ivec, int *num,
-         int enc);
- void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-         long length, BF_KEY *schedule, unsigned char *ivec, int *num);
- const char *BF_options(void);
-
- void BF_encrypt(BF_LONG *data,const BF_KEY *key);
- void BF_decrypt(BF_LONG *data,const BF_KEY *key);
-
-=head1 DESCRIPTION
-
-This library implements the Blowfish cipher, which was invented and described
-by Counterpane (see http://www.counterpane.com/blowfish.html ).
-
-Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data.
-It uses a variable size key, but typically, 128 bit (16 byte) keys are
-considered good for strong encryption.  Blowfish can be used in the same
-modes as DES (see L<des_modes(7)|des_modes(7)>).  Blowfish is currently one
-of the faster block ciphers.  It is quite a bit faster than DES, and much
-faster than IDEA or RC2.
-
-Blowfish consists of a key setup phase and the actual encryption or decryption
-phase.
-
-BF_set_key() sets up the B<BF_KEY> B<key> using the B<len> bytes long key
-at B<data>.
-
-BF_ecb_encrypt() is the basic Blowfish encryption and decryption function.
-It encrypts or decrypts the first 64 bits of B<in> using the key B<key>,
-putting the result in B<out>.  B<enc> decides if encryption (B<BF_ENCRYPT>)
-or decryption (B<BF_DECRYPT>) shall be performed.  The vector pointed at by
-B<in> and B<out> must be 64 bits in length, no less.  If they are larger,
-everything after the first 64 bits is ignored.
-
-The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt()
-all operate on variable length data.  They all take an initialization vector
-B<ivec> which needs to be passed along into the next call of the same function
-for the same message.  B<ivec> may be initialized with anything, but the
-recipient needs to know what it was initialized with, or it won't be able
-to decrypt.  Some programs and protocols simplify this, like SSH, where
-B<ivec> is simply initialized to zero.
-BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while
-BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable
-number of bytes (the amount does not have to be an exact multiple of 8).  The
-purpose of the latter two is to simulate stream ciphers, and therefore, they
-need the parameter B<num>, which is a pointer to an integer where the current
-offset in B<ivec> is stored between calls.  This integer must be initialized
-to zero when B<ivec> is initialized.
-
-BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish.  It
-encrypts or decrypts the 64 bits chunks of B<in> using the key B<schedule>,
-putting the result in B<out>.  B<enc> decides if encryption (BF_ENCRYPT) or
-decryption (BF_DECRYPT) shall be performed.  B<ivec> must point at an 8 byte
-long initialization vector.
-
-BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback.
-It encrypts or decrypts the bytes in B<in> using the key B<schedule>,
-putting the result in B<out>.  B<enc> decides if encryption (B<BF_ENCRYPT>)
-or decryption (B<BF_DECRYPT>) shall be performed.  B<ivec> must point at an
-8 byte long initialization vector. B<num> must point at an integer which must
-be initially zero.
-
-BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback.
-It uses the same parameters as BF_cfb64_encrypt(), which must be initialized
-the same way.
-
-BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish
-encryption.  They encrypt/decrypt the first 64 bits of the vector pointed by
-B<data>, using the key B<key>.  These functions should not be used unless you
-implement 'modes' of Blowfish.  The alternative is to use BF_ecb_encrypt().
-If you still want to use these functions, you should be aware that they take
-each 32-bit chunk in host-byte order, which is little-endian on little-endian
-platforms and big-endian on big-endian ones.
-
-=head1 RETURN VALUES
-
-None of the functions presented here return any value.
-
-=head1 NOTE
-
-Applications should use the higher level functions
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> etc. instead of calling the
-blowfish functions directly.
-
-=head1 HISTORY
-
-The Blowfish functions are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO.pod b/src/lib/libssl/src/doc/crypto/BIO.pod
deleted file mode 100644
index f01ced7d8e..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO.pod
+++ /dev/null
@@ -1,54 +0,0 @@
-=pod
-
-=head1 NAME
-
-bio - I/O abstraction
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
-
-=head1 DESCRIPTION
-
-A BIO is an I/O abstraction, it hides many of the underlying I/O
-details from an application. If an application uses a BIO for its
-I/O it can transparently handle SSL connections, unencrypted network
-connections and file I/O.
-
-There are two type of BIO, a source/sink BIO and a filter BIO.
-
-As its name implies a source/sink BIO is a source and/or sink of data,
-examples include a socket BIO and a file BIO.
-
-A filter BIO takes data from one BIO and passes it through to
-another, or the application. The data may be left unmodified (for
-example a message digest BIO) or translated (for example an
-encryption BIO). The effect of a filter BIO may change according
-to the I/O operation it is performing: for example an encryption
-BIO will encrypt data if it is being written to and decrypt data
-if it is being read from.
-
-BIOs can be joined together to form a chain (a single BIO is a chain
-with one component). A chain normally consist of one source/sink
-BIO and one or more filter BIOs. Data read from or written to the
-first BIO then traverses the chain to the end (normally a source/sink
-BIO).
-
-=head1 SEE ALSO
-
-L<BIO_ctrl(3)|BIO_ctrl(3)>,
-L<BIO_f_base64(3)|BIO_f_base64(3)>, L<BIO_f_buffer(3)|BIO_f_buffer(3)>,
-L<BIO_f_cipher(3)|BIO_f_cipher(3)>, L<BIO_f_md(3)|BIO_f_md(3)>,
-L<BIO_f_null(3)|BIO_f_null(3)>, L<BIO_f_ssl(3)|BIO_f_ssl(3)>,
-L<BIO_find_type(3)|BIO_find_type(3)>, L<BIO_new(3)|BIO_new(3)>,
-L<BIO_new_bio_pair(3)|BIO_new_bio_pair(3)>,
-L<BIO_push(3)|BIO_push(3)>, L<BIO_read(3)|BIO_read(3)>,
-L<BIO_s_accept(3)|BIO_s_accept(3)>, L<BIO_s_bio(3)|BIO_s_bio(3)>,
-L<BIO_s_connect(3)|BIO_s_connect(3)>, L<BIO_s_fd(3)|BIO_s_fd(3)>,
-L<BIO_s_file(3)|BIO_s_file(3)>, L<BIO_s_mem(3)|BIO_s_mem(3)>,
-L<BIO_s_null(3)|BIO_s_null(3)>, L<BIO_s_socket(3)|BIO_s_socket(3)>,
-L<BIO_set_callback(3)|BIO_set_callback(3)>,
-L<BIO_should_retry(3)|BIO_should_retry(3)>
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO_ctrl.pod b/src/lib/libssl/src/doc/crypto/BIO_ctrl.pod
deleted file mode 100644
index 2271e52c9e..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO_ctrl.pod
+++ /dev/null
@@ -1,128 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset,
-BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close,
-BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending,
-BIO_get_info_callback, BIO_set_info_callback - BIO control operations
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
- long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int,
-   const char *, int, long, long));
- char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
- long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
-
- int BIO_reset(BIO *b);
- int BIO_seek(BIO *b, int ofs);
- int BIO_tell(BIO *b);
- int BIO_flush(BIO *b);
- int BIO_eof(BIO *b);
- int BIO_set_close(BIO *b,long flag);
- int BIO_get_close(BIO *b);
- int BIO_pending(BIO *b);
- int BIO_wpending(BIO *b);
- size_t BIO_ctrl_pending(BIO *b);
- size_t BIO_ctrl_wpending(BIO *b);
-
- int BIO_get_info_callback(BIO *b,bio_info_cb **cbp);
- int BIO_set_info_callback(BIO *b,bio_info_cb *cb);
-
- typedef void bio_info_cb(BIO *b, int oper, const char *ptr, int arg1,
-   long arg2, long arg3);
-
-=head1 DESCRIPTION
-
-BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl()
-are BIO "control" operations taking arguments of various types.
-These functions are not normally called directly, various macros
-are used instead. The standard macros are described below, macros
-specific to a particular type of BIO are described in the specific
-BIOs manual page as well as any special features of the standard
-calls.
-
-BIO_reset() typically resets a BIO to some initial state, in the case
-of file related BIOs for example it rewinds the file pointer to the
-start of the file.
-
-BIO_seek() resets a file related BIO's (that is file descriptor and
-FILE BIOs) file position pointer to B<ofs> bytes from start of file.
-
-BIO_tell() returns the current file position of a file related BIO.
-
-BIO_flush() normally writes out any internally buffered data, in some
-cases it is used to signal EOF and that no more data will be written.
-
-BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of
-"EOF" varies according to the BIO type.
-
-BIO_set_close() sets the BIO B<b> close flag to B<flag>. B<flag> can
-take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used
-in a source/sink BIO to indicate that the underlying I/O stream should
-be closed when the BIO is freed.
-
-BIO_get_close() returns the BIOs close flag.
-
-BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending()
-return the number of pending characters in the BIOs read and write buffers.
-Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending()
-return a size_t type and are functions, BIO_pending() and BIO_wpending() are
-macros which call BIO_ctrl().
-
-=head1 RETURN VALUES
-
-BIO_reset() normally returns 1 for success and 0 or -1 for failure. File
-BIOs are an exception, they return 0 for success and -1 for failure.
-
-BIO_seek() and BIO_tell() both return the current file position on success
-and -1 for failure, except file BIOs which for BIO_seek() always return 0
-for success and -1 for failure.
-
-BIO_flush() returns 1 for success and 0 or -1 for failure.
-
-BIO_eof() returns 1 if EOF has been reached 0 otherwise.
-
-BIO_set_close() always returns 1.
-
-BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.
-
-BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending()
-return the amount of pending data.
-
-=head1 NOTES
-
-BIO_flush(), because it can write data may return 0 or -1 indicating
-that the call should be retried later in a similar manner to BIO_write().
-The BIO_should_retry() call should be used and appropriate action taken
-is the call fails.
-
-The return values of BIO_pending() and BIO_wpending() may not reliably
-determine the amount of pending data in all cases. For example in the
-case of a file BIO some data may be available in the FILE structures
-internal buffers but it is not possible to determine this in a
-portably way. For other types of BIO they may not be supported.
-
-Filter BIOs if they do not internally handle a particular BIO_ctrl()
-operation usually pass the operation to the next BIO in the chain.
-This often means there is no need to locate the required BIO for
-a particular operation, it can be called on a chain and it will
-be automatically passed to the relevant BIO. However this can cause
-unexpected results: for example no current filter BIOs implement
-BIO_seek(), but this may still succeed if the chain ends in a FILE
-or file descriptor BIO.
-
-Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl()
-operation.
-
-=head1 BUGS
-
-Some of the return values are ambiguous and care should be taken. In
-particular a return value of 0 can be returned if an operation is not
-supported, if an error occurred, if EOF has not been reached and in
-the case of BIO_seek() on a file BIO for a successful operation.
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO_f_base64.pod b/src/lib/libssl/src/doc/crypto/BIO_f_base64.pod
deleted file mode 100644
index c1c3137d5e..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO_f_base64.pod
+++ /dev/null
@@ -1,80 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_base64 - base64 BIO filter
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
- #include <openssl/evp.h>
-
- BIO_METHOD *   BIO_f_base64(void);
-
-=head1 DESCRIPTION
-
-BIO_f_base64() returns the base64 BIO method. This is a filter
-BIO that base64 encodes any data written through it and decodes
-any data read through it.
-
-Base64 BIOs do not support BIO_gets() or BIO_puts().
-
-BIO_flush() on a base64 BIO that is being written through is
-used to signal that no more data is to be encoded: this is used
-to flush the final block through the BIO.
-
-The flag BIO_FLAGS_BASE64_NO_NL can be set with BIO_set_flags()
-to encode the data all on one line or expect the data to be all
-on one line.
-
-=head1 NOTES
-
-Because of the format of base64 encoding the end of the encoded
-block cannot always be reliably determined.
-
-=head1 RETURN VALUES
-
-BIO_f_base64() returns the base64 BIO method.
-
-=head1 EXAMPLES
-
-Base64 encode the string "Hello World\n" and write the result
-to standard output:
-
- BIO *bio, *b64;
- char message[] = "Hello World \n";
-
- b64 = BIO_new(BIO_f_base64());
- bio = BIO_new_fp(stdout, BIO_NOCLOSE);
- BIO_push(b64, bio);
- BIO_write(b64, message, strlen(message));
- BIO_flush(b64);
-
- BIO_free_all(b64);
-
-Read Base64 encoded data from standard input and write the decoded
-data to standard output:
-
- BIO *bio, *b64, *bio_out;
- char inbuf[512];
- int inlen;
-
- b64 = BIO_new(BIO_f_base64());
- bio = BIO_new_fp(stdin, BIO_NOCLOSE);
- bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
- BIO_push(b64, bio);
- while((inlen = BIO_read(b64, inbuf, 512)) > 0)
-        BIO_write(bio_out, inbuf, inlen);
-
- BIO_flush(bio_out);
- BIO_free_all(b64);
-
-=head1 BUGS
-
-The ambiguity of EOF in base64 encoded data can cause additional
-data following the base64 encoded block to be misinterpreted.
-
-There should be some way of specifying a test that the BIO can perform
-to reliably determine EOF (for example a MIME boundary).
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO_f_buffer.pod b/src/lib/libssl/src/doc/crypto/BIO_f_buffer.pod
deleted file mode 100644
index f4ddd3a2cf..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO_f_buffer.pod
+++ /dev/null
@@ -1,77 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_buffer - buffering BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD * BIO_f_buffer(void);
-
- #define BIO_get_buffer_num_lines(b)    BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
- #define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
- #define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
- #define BIO_set_buffer_size(b,size)    BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
- #define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
-
-=head1 DESCRIPTION
-
-BIO_f_buffer() returns the buffering BIO method.
-
-Data written to a buffering BIO is buffered and periodically written
-to the next BIO in the chain. Data read from a buffering BIO comes from
-an internal buffer which is filled from the next BIO in the chain.
-Both BIO_gets() and BIO_puts() are supported.
-
-Calling BIO_reset() on a buffering BIO clears any buffered data.
-
-BIO_get_buffer_num_lines() returns the number of lines currently buffered.
-
-BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and
-BIO_set_buffer_size() set the read, write or both read and write buffer sizes
-to B<size>. The initial buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any
-attempt to reduce the buffer size below DEFAULT_BUFFER_SIZE is ignored. Any
-buffered data is cleared when the buffer is resized.
-
-BIO_set_buffer_read_data() clears the read buffer and fills it with B<num>
-bytes of B<buf>. If B<num> is larger than the current buffer size the buffer
-is expanded.
-
-=head1 NOTES
-
-Buffering BIOs implement BIO_gets() by using BIO_read() operations on the
-next BIO in the chain. By prepending a buffering BIO to a chain it is therefore
-possible to provide BIO_gets() functionality if the following BIOs do not
-support it (for example SSL BIOs).
-
-Data is only written to the next BIO in the chain when the write buffer fills
-or when BIO_flush() is called. It is therefore important to call BIO_flush()
-whenever any pending data should be written such as when removing a buffering
-BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate
-source/sink BIO is non blocking.
-
-=head1 RETURN VALUES
-
-BIO_f_buffer() returns the buffering BIO method.
-
-BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0).
-
-BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and
-BIO_set_buffer_size() return 1 if the buffer was successfully resized or 0 for
-failure.
-
-BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if
-there was an error.
-
-=head1 SEE ALSO
-
-L<BIO(3)|BIO(3)>,
-L<BIO_reset(3)|BIO_reset(3)>,
-L<BIO_flush(3)|BIO_flush(3)>,
-L<BIO_pop(3)|BIO_pop(3)>,
-L<BIO_ctrl(3)|BIO_ctrl(3)>,
-L<BIO_int_ctrl(3)|BIO_ctrl(3)>
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO_f_cipher.pod b/src/lib/libssl/src/doc/crypto/BIO_f_cipher.pod
deleted file mode 100644
index 0afd30fb2a..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO_f_cipher.pod
+++ /dev/null
@@ -1,71 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx -
-cipher BIO filter
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
- #include <openssl/evp.h>
-
- BIO_METHOD *   BIO_f_cipher(void);
- void BIO_set_cipher(BIO *b,const EVP_CIPHER *cipher,
-                unsigned char *key, unsigned char *iv, int enc);
- int BIO_get_cipher_status(BIO *b)
- int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx)
-
-=head1 DESCRIPTION
-
-BIO_f_cipher() returns the cipher BIO method. This is a filter
-BIO that encrypts any data written through it, and decrypts any data
-read from it. It is a BIO wrapper for the cipher routines
-EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().
-
-Cipher BIOs do not support BIO_gets() or BIO_puts().
-
-BIO_flush() on an encryption BIO that is being written through is
-used to signal that no more data is to be encrypted: this is used
-to flush and possibly pad the final block through the BIO.
-
-BIO_set_cipher() sets the cipher of BIO B<b> to B<cipher> using key B<key>
-and IV B<iv>. B<enc> should be set to 1 for encryption and zero for
-decryption.
-
-When reading from an encryption BIO the final block is automatically
-decrypted and checked when EOF is detected. BIO_get_cipher_status()
-is a BIO_ctrl() macro which can be called to determine whether the
-decryption operation was successful.
-
-BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal
-BIO cipher context. The retrieved context can be used in conjunction
-with the standard cipher routines to set it up. This is useful when
-BIO_set_cipher() is not flexible enough for the applications needs.
-
-=head1 NOTES
-
-When encrypting BIO_flush() B<must> be called to flush the final block
-through the BIO. If it is not then the final block will fail a subsequent
-decrypt.
-
-When decrypting an error on the final block is signalled by a zero
-return value from the read operation. A successful decrypt followed
-by EOF will also return zero for the final read. BIO_get_cipher_status()
-should be called to determine if the decrypt was successful.
-
-As always, if BIO_gets() or BIO_puts() support is needed then it can
-be achieved by preceding the cipher BIO with a buffering BIO.
-
-=head1 RETURN VALUES
-
-BIO_f_cipher() returns the cipher BIO method.
-
-BIO_set_cipher() does not return a value.
-
-BIO_get_cipher_status() returns 1 for a successful decrypt and 0
-for failure.
-
-BIO_get_cipher_ctx() currently always returns 1.
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO_f_md.pod b/src/lib/libssl/src/doc/crypto/BIO_f_md.pod
deleted file mode 100644
index 37041d9206..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO_f_md.pod
+++ /dev/null
@@ -1,146 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx - message digest BIO filter
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
- #include <openssl/evp.h>
-
- BIO_METHOD *   BIO_f_md(void);
- int BIO_set_md(BIO *b,EVP_MD *md);
- int BIO_get_md(BIO *b,EVP_MD **mdp);
- int BIO_get_md_ctx(BIO *b,EVP_MD_CTX **mdcp);
-
-=head1 DESCRIPTION
-
-BIO_f_md() returns the message digest BIO method. This is a filter
-BIO that digests any data passed through it, it is a BIO wrapper
-for the digest routines EVP_DigestInit(), EVP_DigestUpdate()
-and EVP_DigestFinal().
-
-Any data written or read through a digest BIO using BIO_read() and
-BIO_write() is digested.
-
-BIO_gets(), if its B<size> parameter is large enough finishes the
-digest calculation and returns the digest value. BIO_puts() is
-not supported.
-
-BIO_reset() reinitialises a digest BIO.
-
-BIO_set_md() sets the message digest of BIO B<b> to B<md>: this
-must be called to initialize a digest BIO before any data is
-passed through it. It is a BIO_ctrl() macro.
-
-BIO_get_md() places the a pointer to the digest BIOs digest method
-in B<mdp>, it is a BIO_ctrl() macro.
-
-BIO_get_md_ctx() returns the digest BIOs context into B<mdcp>.
-
-=head1 NOTES
-
-The context returned by BIO_get_md_ctx() can be used in calls
-to EVP_DigestFinal() and also the signature routines EVP_SignFinal()
-and EVP_VerifyFinal().
-
-The context returned by BIO_get_md_ctx() is an internal context
-structure. Changes made to this context will affect the digest
-BIO itself and the context pointer will become invalid when the digest
-BIO is freed.
-
-After the digest has been retrieved from a digest BIO it must be
-reinitialized by calling BIO_reset(), or BIO_set_md() before any more
-data is passed through it.
-
-If an application needs to call BIO_gets() or BIO_puts() through
-a chain containing digest BIOs then this can be done by prepending
-a buffering BIO.
-
-Before OpenSSL 1.0.0 the call to BIO_get_md_ctx() would only work if the BIO
-had been initialized for example by calling BIO_set_md() ). In OpenSSL
-1.0.0 and later the context is always returned and the BIO is state is set
-to initialized. This allows applications to initialize the context externally
-if the standard calls such as BIO_set_md() are not sufficiently flexible.
-
-=head1 RETURN VALUES
-
-BIO_f_md() returns the digest BIO method.
-
-BIO_set_md(), BIO_get_md() and BIO_md_ctx() return 1 for success and
-0 for failure.
-
-=head1 EXAMPLES
-
-The following example creates a BIO chain containing an SHA1 and MD5
-digest BIO and passes the string "Hello World" through it. Error
-checking has been omitted for clarity.
-
- BIO *bio, *mdtmp;
- const char message[] = "Hello World";
- bio = BIO_new(BIO_s_null());
- mdtmp = BIO_new(BIO_f_md());
- BIO_set_md(mdtmp, EVP_sha1());
- /*
-  * For BIO_push() we want to append the sink BIO and keep a note of
-  * the start of the chain.
-  */
- bio = BIO_push(mdtmp, bio);
- mdtmp = BIO_new(BIO_f_md());
- BIO_set_md(mdtmp, EVP_md5());
- bio = BIO_push(mdtmp, bio);
- /* Note: mdtmp can now be discarded */
- BIO_write(bio, message, strlen(message));
-
-The next example digests data by reading through a chain instead:
-
- BIO *bio, *mdtmp;
- char buf[1024];
- int rdlen;
-
- bio = BIO_new_file(file, "rb");
- mdtmp = BIO_new(BIO_f_md());
- BIO_set_md(mdtmp, EVP_sha1());
- bio = BIO_push(mdtmp, bio);
- mdtmp = BIO_new(BIO_f_md());
- BIO_set_md(mdtmp, EVP_md5());
- bio = BIO_push(mdtmp, bio);
- do {
-        rdlen = BIO_read(bio, buf, sizeof(buf));
-        /* Might want to do something with the data here */
- } while (rdlen > 0);
-
-This next example retrieves the message digests from a BIO chain and
-outputs them. This could be used with the examples above.
-
- BIO *mdtmp;
- unsigned char mdbuf[EVP_MAX_MD_SIZE];
- int mdlen;
- int i;
-
- mdtmp = bio;   /* Assume bio has previously been set up */
- do {
-        EVP_MD *md;
-        mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
-        if (!mdtmp)
-                break;
-        BIO_get_md(mdtmp, &md);
-        printf("%s digest", OBJ_nid2sn(EVP_MD_type(md)));
-        mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
-        for(i = 0; i < mdlen; i++)
-                printf(":%02X", mdbuf[i]);
-        printf("\n");
-        mdtmp = BIO_next(mdtmp);
- } while(mdtmp);
- BIO_free_all(bio);
-
-=head1 BUGS
-
-The lack of support for BIO_puts() and the non standard behaviour of
-BIO_gets() could be regarded as anomalous. It could be argued that BIO_gets()
-and BIO_puts() should be passed to the next BIO in the chain and digest
-the data passed through and that digests should be retrieved using a
-separate BIO_ctrl() call.
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO_f_null.pod b/src/lib/libssl/src/doc/crypto/BIO_f_null.pod
deleted file mode 100644
index 5ef19968f6..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO_f_null.pod
+++ /dev/null
@@ -1,30 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_f_null - null filter
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO_METHOD *   BIO_f_null(void);
-
-=head1 DESCRIPTION
-
-BIO_f_null() returns the null filter BIO method. This is a filter BIO
-that does nothing.
-
-All requests to a null filter BIO are passed through to the next BIO in
-the chain: this means that a BIO chain containing a null filter BIO
-behaves just as though the BIO was not there.
-
-=head1 NOTES
-
-As may be apparent a null filter BIO is not particularly useful.
-
-=head1 RETURN VALUES
-
-BIO_f_null() returns the null filter BIO method.
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO_find_type.pod b/src/lib/libssl/src/doc/crypto/BIO_find_type.pod
deleted file mode 100644
index a57d42f526..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO_find_type.pod
+++ /dev/null
@@ -1,97 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_find_type, BIO_next, BIO_method_type - BIO chain traversal
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO *  BIO_find_type(BIO *b,int bio_type);
- BIO *  BIO_next(BIO *b);
-
- #define BIO_method_type(b)             ((b)->method->type)
-
- #define BIO_TYPE_NONE          0
- #define BIO_TYPE_MEM           (1|0x0400)
- #define BIO_TYPE_FILE          (2|0x0400)
-
- #define BIO_TYPE_FD            (4|0x0400|0x0100)
- #define BIO_TYPE_SOCKET                (5|0x0400|0x0100)
- #define BIO_TYPE_NULL          (6|0x0400)
- #define BIO_TYPE_SSL           (7|0x0200)
- #define BIO_TYPE_MD            (8|0x0200)
- #define BIO_TYPE_BUFFER                (9|0x0200)
- #define BIO_TYPE_CIPHER                (10|0x0200)
- #define BIO_TYPE_BASE64                (11|0x0200)
- #define BIO_TYPE_CONNECT       (12|0x0400|0x0100)
- #define BIO_TYPE_ACCEPT                (13|0x0400|0x0100)
- #define BIO_TYPE_PROXY_CLIENT  (14|0x0200)
- #define BIO_TYPE_PROXY_SERVER  (15|0x0200)
- #define BIO_TYPE_NBIO_TEST     (16|0x0200)
- #define BIO_TYPE_NULL_FILTER   (17|0x0200)
- #define BIO_TYPE_BER           (18|0x0200)
- #define BIO_TYPE_BIO           (19|0x0400)
-
- #define BIO_TYPE_DESCRIPTOR    0x0100
- #define BIO_TYPE_FILTER                0x0200
- #define BIO_TYPE_SOURCE_SINK   0x0400
-
-=head1 DESCRIPTION
-
-The BIO_find_type() searches for a BIO of a given type in a chain, starting
-at BIO B<b>. If B<type> is a specific type (such as BIO_TYPE_MEM) then a search
-is made for a BIO of that type. If B<type> is a general type (such as
-B<BIO_TYPE_SOURCE_SINK>) then the next matching BIO of the given general type is
-searched for. BIO_find_type() returns the next matching BIO or NULL if none is
-found.
-
-Note: not all the B<BIO_TYPE_*> types above have corresponding BIO
-implementations.
-
-BIO_next() returns the next BIO in a chain. It can be used to traverse all BIOs
-in a chain or used in conjunction with BIO_find_type() to find all BIOs of a
-certain type.
-
-BIO_method_type() returns the type of a BIO.
-
-=head1 RETURN VALUES
-
-BIO_find_type() returns a matching BIO or NULL for no match.
-
-BIO_next() returns the next BIO in a chain.
-
-BIO_method_type() returns the type of the BIO B<b>.
-
-=head1 NOTES
-
-BIO_next() was added to OpenSSL 0.9.6 to provide a 'clean' way to traverse a BIO
-chain or find multiple matches using BIO_find_type(). Previous versions had to
-use:
-
- next = bio->next_bio;
-
-=head1 BUGS
-
-BIO_find_type() in OpenSSL 0.9.5a and earlier could not be safely passed a
-NULL pointer for the B<b> argument.
-
-=head1 EXAMPLE
-
-Traverse a chain looking for digest BIOs:
-
- BIO *btmp;
- btmp = in_bio; /* in_bio is chain to search through */
-
- do {
-        btmp = BIO_find_type(btmp, BIO_TYPE_MD);
-        if (btmp == NULL)
-                break;  /* Not found */
-        /* btmp is a digest BIO, do something with it ...*/
-        ...
-
-        btmp = BIO_next(btmp);
- } while(btmp);
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO_new.pod b/src/lib/libssl/src/doc/crypto/BIO_new.pod
deleted file mode 100644
index bd7b7381f3..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO_new.pod
+++ /dev/null
@@ -1,64 +0,0 @@
-=pod
-
-=head1 NAME
-
-BIO_new, BIO_set, BIO_free, BIO_vfree, BIO_free_all - BIO allocation and
-freeing functions
-
-=head1 SYNOPSIS
-
- #include <openssl/bio.h>
-
- BIO *  BIO_new(BIO_METHOD *type);
- int    BIO_set(BIO *a,BIO_METHOD *type);
- int    BIO_free(BIO *a);
- void   BIO_vfree(BIO *a);
- void   BIO_free_all(BIO *a);
-
-=head1 DESCRIPTION
-
-The BIO_new() function returns a new BIO using method B<type>.
-
-BIO_set() sets the method of an already existing BIO.
-
-BIO_free() frees up a single BIO, BIO_vfree() also frees up a single BIO
-but it does not return a value. Calling BIO_free() may also have some effect
-on the underlying I/O structure, for example it may close the file being
-referred to under certain circumstances. For more details see the individual
-BIO_METHOD descriptions.
-
-BIO_free_all() frees up an entire BIO chain, it does not halt if an error
-occurs freeing up an individual BIO in the chain.
-
-=head1 RETURN VALUES
-
-BIO_new() returns a newly created BIO or NULL if the call fails.
-
-BIO_set(), BIO_free() return 1 for success and 0 for failure.
-
-BIO_free_all() and BIO_vfree() do not return values.
-
-=head1 NOTES
-
-Some BIOs (such as memory BIOs) can be used immediately after calling
-BIO_new(). Others (such as file BIOs) need some additional initialization,
-and frequently a utility function exists to create and initialize such BIOs.
-
-If BIO_free() is called on a BIO chain it will only free one BIO resulting
-in a memory leak.
-
-Calling BIO_free_all() a single BIO has the same effect as calling BIO_free()
-on it other than the discarded return value.
-
-Normally the B<type> argument is supplied by a function which returns a
-pointer to a BIO_METHOD. There is a naming convention for such functions:
-a source/sink BIO is normally called BIO_s_*() and a filter BIO
-BIO_f_*();
-
-=head1 EXAMPLE
-
-Create a memory BIO:
-
- BIO *mem = BIO_new(BIO_s_mem());
-
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/BIO_new_CMS.pod b/src/lib/libssl/src/doc/crypto/BIO_new_CMS.pod
deleted file mode 100644
index 9e3a4b7f89..0000000000
--- a/src/lib/libssl/src/doc/crypto/BIO_new_CMS.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
- BIO_new_CMS - CMS streaming filter BIO
-
-=head1 SYNOPSIS
-
- #include <openssl/cms.h>
-
- BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
-
-=head1 DESCRIPTION
-
-BIO_new_CMS() returns a streaming filter BIO chain based on B<cms>. The output
-of the filter is written to B<out>. Any data written to the chain is
-automatically translated to a BER format CMS structure of the appropriate type.
-
-=head1 NOTES
-
-The chain returned by this function behaves like a standard filter BIO. It
-supports non blocking I/O. Content is processed and streamed on the fly and not
-all held in memory at once: so it is possible to encode very large structures.
-After all content has been written through the chain BIO_flush() must be called
-to finalise the structure.
-
-The B<CMS_STREAM> flag must be included in the corresponding B<flags>
-parameter of the B<cms> creation function.
-
-If an application wishes to write additional data to B<out> BIOs should be
-removed from the chain using BIO_pop() and freed with BIO_free() until B<out>
-is reached. If no additional data needs to be written BIO_free_all() can be
-called to free up the whole chain.
-
-Any content written through the filter is used verbatim: no canonical
-translation is performed.
-
-It is possible to chain multiple BIOs to, for example, create a triple wrapped
-signed, enveloped, signed structure. In this case it is the applications
-responsibility to set the inner content type of any outer CMS_ContentInfo
-structures.
-
-Large numbers of small writes through the chain should be avoided as this will
-produce an output consisting of lots of OCTET STRING structures. Prepending
-a BIO_f_buffer() buffering BIO will prevent this.
-
-=head1 BUGS
-
-There is currently no corresponding inverse BIO: i.e. one which can decode
-a CMS structure on the fly.
-
-=head1 RETURN VALUES
-
-BIO_new_CMS() returns a BIO chain when successful or NULL if an error
-occurred. The error can be obtained from ERR_get_error(3).
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_encrypt(3)|CMS_encrypt(3)>
-
-=head1 HISTORY
-
-BIO_new_CMS() was added to OpenSSL 1.0.0
-
-=cut