diff options
| author | tb <> | 2021-04-15 16:30:14 +0000 |
|---|---|---|
| committer | tb <> | 2021-04-15 16:30:14 +0000 |
| commit | 8cd40b926a8c4b7fdc8ace5243e2bb1418af7448 (patch) | |
| tree | 6a43b0c724fb5dcbe408d1677ea8cd0d4697bf7e | |
| parent | b2be6cbf1a3943747b1a702732eba2d909d56c23 (diff) | |
| download | openbsd-8cd40b926a8c4b7fdc8ace5243e2bb1418af7448.tar.gz openbsd-8cd40b926a8c4b7fdc8ace5243e2bb1418af7448.tar.bz2 openbsd-8cd40b926a8c4b7fdc8ace5243e2bb1418af7448.zip | |
Document DTLSv1_2_{,client_,server_}method(3)
| -rw-r--r-- | src/lib/libssl/man/SSL_CTX_new.3 | 40 |
1 files changed, 36 insertions, 4 deletions
diff --git a/src/lib/libssl/man/SSL_CTX_new.3 b/src/lib/libssl/man/SSL_CTX_new.3 index 61c27d48e0..c1c7635dba 100644 --- a/src/lib/libssl/man/SSL_CTX_new.3 +++ b/src/lib/libssl/man/SSL_CTX_new.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: SSL_CTX_new.3,v 1.15 2020/10/12 09:26:57 schwarze Exp $ | 1 | .\" $OpenBSD: SSL_CTX_new.3,v 1.16 2021/04/15 16:30:14 tb Exp $ |
| 2 | .\" full merge up to: OpenSSL 21cd6e00 Oct 21 14:40:15 2015 +0100 | 2 | .\" full merge up to: OpenSSL 21cd6e00 Oct 21 14:40:15 2015 +0100 |
| 3 | .\" selective merge up to: OpenSSL 8f75443f May 24 14:04:26 2019 +0200 | 3 | .\" selective merge up to: OpenSSL 8f75443f May 24 14:04:26 2019 +0200 |
| 4 | .\" | 4 | .\" |
| @@ -50,7 +50,7 @@ | |||
| 50 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 50 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 51 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 51 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
| 52 | .\" | 52 | .\" |
| 53 | .Dd $Mdocdate: October 12 2020 $ | 53 | .Dd $Mdocdate: April 15 2021 $ |
| 54 | .Dt SSL_CTX_NEW 3 | 54 | .Dt SSL_CTX_NEW 3 |
| 55 | .Os | 55 | .Os |
| 56 | .Sh NAME | 56 | .Sh NAME |
| @@ -76,7 +76,10 @@ | |||
| 76 | .Nm DTLS_client_method , | 76 | .Nm DTLS_client_method , |
| 77 | .Nm DTLSv1_method , | 77 | .Nm DTLSv1_method , |
| 78 | .Nm DTLSv1_server_method , | 78 | .Nm DTLSv1_server_method , |
| 79 | .Nm DTLSv1_client_method | 79 | .Nm DTLSv1_client_method , |
| 80 | .Nm DTLSv1_2_method , | ||
| 81 | .Nm DTLSv1_2_server_method , | ||
| 82 | .Nm DTLSv1_2_client_method | ||
| 80 | .Nd create a new SSL_CTX object as a framework for TLS enabled functions | 83 | .Nd create a new SSL_CTX object as a framework for TLS enabled functions |
| 81 | .Sh SYNOPSIS | 84 | .Sh SYNOPSIS |
| 82 | .In openssl/ssl.h | 85 | .In openssl/ssl.h |
| @@ -126,6 +129,12 @@ | |||
| 126 | .Fn DTLSv1_server_method void | 129 | .Fn DTLSv1_server_method void |
| 127 | .Ft const SSL_METHOD * | 130 | .Ft const SSL_METHOD * |
| 128 | .Fn DTLSv1_client_method void | 131 | .Fn DTLSv1_client_method void |
| 132 | .Ft const SSL_METHOD * | ||
| 133 | .Fn DTLSv1_2_method void | ||
| 134 | .Ft const SSL_METHOD * | ||
| 135 | .Fn DTLSv1_2_server_method void | ||
| 136 | .Ft const SSL_METHOD * | ||
| 137 | .Fn DTLSv1_2_client_method void | ||
| 129 | .Sh DESCRIPTION | 138 | .Sh DESCRIPTION |
| 130 | .Fn SSL_CTX_new | 139 | .Fn SSL_CTX_new |
| 131 | creates a new | 140 | creates a new |
| @@ -165,7 +174,7 @@ version mutually supported by the client and the server. | |||
| 165 | The supported protocols are TLSv1, TLSv1.1, TLSv1.2, and TLSv1.3. | 174 | The supported protocols are TLSv1, TLSv1.1, TLSv1.2, and TLSv1.3. |
| 166 | .It Fn DTLS_method | 175 | .It Fn DTLS_method |
| 167 | The version-flexible DTLS method. | 176 | The version-flexible DTLS method. |
| 168 | The currently supported protocol is DTLS 1.0. | 177 | The currently supported protocols are DTLSv1 and DTLSv1.2. |
| 169 | .El | 178 | .El |
| 170 | .Pp | 179 | .Pp |
| 171 | The following | 180 | The following |
| @@ -214,6 +223,12 @@ understand the TLSv1.2 protocol. | |||
| 214 | .Fn DTLSv1_client_method | 223 | .Fn DTLSv1_client_method |
| 215 | .Xc | 224 | .Xc |
| 216 | These are the version-specific methods for DTLSv1. | 225 | These are the version-specific methods for DTLSv1. |
| 226 | .It Xo | ||
| 227 | .Fn DTLSv1_2_method , | ||
| 228 | .Fn DTLSv1_2_server_method , | ||
| 229 | .Fn DTLSv1_2_client_method | ||
| 230 | These are the version-specific methods for DTLSv1.2. | ||
| 231 | .Xc | ||
| 217 | .El | 232 | .El |
| 218 | .Pp | 233 | .Pp |
| 219 | In LibreSSL, the methods containing the substrings | 234 | In LibreSSL, the methods containing the substrings |
| @@ -239,6 +254,16 @@ all previous or all subsequent protocol versions. | |||
| 239 | In clients, when a protocol version is disabled without disabling | 254 | In clients, when a protocol version is disabled without disabling |
| 240 | all previous protocol versions, the effect is to also disable all | 255 | all previous protocol versions, the effect is to also disable all |
| 241 | subsequent protocol versions. | 256 | subsequent protocol versions. |
| 257 | .Pp | ||
| 258 | DTLSv1 and DTLSv1.2 can be disabled with | ||
| 259 | .Xr SSL_CTX_set_options 3 | ||
| 260 | or | ||
| 261 | .Xr SSL_set_options 3 | ||
| 262 | using the | ||
| 263 | .Dv SSL_OP_NO_DTLSv1 | ||
| 264 | and | ||
| 265 | .Dv SSL_OP_NO_DTLSv1_2 | ||
| 266 | options, respectively. | ||
| 242 | .Sh RETURN VALUES | 267 | .Sh RETURN VALUES |
| 243 | .Fn SSL_CTX_new | 268 | .Fn SSL_CTX_new |
| 244 | returns a pointer to the newly allocated object or | 269 | returns a pointer to the newly allocated object or |
| @@ -310,3 +335,10 @@ first appeared in OpenSSL 1.1.0 and have been available since | |||
| 310 | .Fn SSL_CTX_up_ref | 335 | .Fn SSL_CTX_up_ref |
| 311 | first appeared in OpenSSL 1.1.0 and has been available since | 336 | first appeared in OpenSSL 1.1.0 and has been available since |
| 312 | .Ox 6.3 . | 337 | .Ox 6.3 . |
| 338 | .Pp | ||
| 339 | .Fn DTLSv1_2_method , | ||
| 340 | .Fn DTLSv1_2_server_method , | ||
| 341 | and | ||
| 342 | .Fn DTLSv1_2_client_method | ||
| 343 | first appeared in OpenSSL 1.1.0 and have been available since | ||
| 344 | .Ox 6.9 . | ||