space between RFC and number;

author: jmc <> 2021-06-11 19:45:21 +0000
committer: jmc <> 2021-06-11 19:45:21 +0000
commit: dfcae0917001a88404ae397c35b20caa458f932e (patch)
tree: 463902f98da06dd3a3f213415dbf11980558b59e
parent: c29106da26ba83d9f0dec29e9b66d329ad964c38 (diff)
download: openbsd-dfcae0917001a88404ae397c35b20caa458f932e.tar.gz
openbsd-dfcae0917001a88404ae397c35b20caa458f932e.tar.bz2
openbsd-dfcae0917001a88404ae397c35b20caa458f932e.zip
7 files changed, 29 insertions, 29 deletions
diff --git a/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 b/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
index 33cca3b4b3..7fc559f7fd 100644
--- a/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
+++ b/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_VERIFY_PARAM_set_flags.3,v 1.15 2020/09/17 08:04:22 schwarze Exp $
+.\" $OpenBSD: X509_VERIFY_PARAM_set_flags.3,v 1.16 2021/06/11 19:45:21 jmc Exp $
 .\" full merge up to: OpenSSL d33def66 Feb 9 14:17:13 2016 -0500
 .\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200
 .\"
@@ -68,7 +68,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 17 2020 $
+.Dd $Mdocdate: June 11 2021 $
 .Dt X509_VERIFY_PARAM_SET_FLAGS 3
 .Os
 .Sh NAME
@@ -404,7 +404,7 @@ peer name may be a wildcard name or a sub-domain of the reference
 identifier respectively.
 .Pp
 .Fn X509_VERIFY_PARAM_set1_email
-sets the expected RFC822 email address to
+sets the expected RFC 822 email address to
 .Fa email .
 .Fa emaillen
 should be set to the length of
diff --git a/src/lib/libssl/man/SSL_CTX_set_options.3 b/src/lib/libssl/man/SSL_CTX_set_options.3
index ed797da2d6..a0ec880a80 100644
--- a/src/lib/libssl/man/SSL_CTX_set_options.3
+++ b/src/lib/libssl/man/SSL_CTX_set_options.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: SSL_CTX_set_options.3,v 1.13 2021/04/15 16:35:54 tb Exp $
+.\" $OpenBSD: SSL_CTX_set_options.3,v 1.14 2021/06/11 19:41:39 jmc Exp $
 .\" full merge up to: OpenSSL 7946ab33 Dec 6 17:56:41 2015 +0100
 .\" selective merge up to: OpenSSL edb79c3a Mar 29 10:07:14 2017 +1000
 .\"
@@ -52,7 +52,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: April 15 2021 $
+.Dd $Mdocdate: June 11 2021 $
 .Dt SSL_CTX_SET_OPTIONS 3
 .Os
 .Sh NAME
@@ -175,7 +175,7 @@ preferences.
 When not set, the server will always follow the client's preferences.
 When set, the server will choose following its own preferences.
 .It Dv SSL_OP_COOKIE_EXCHANGE
-Turn on Cookie Exchange as described in RFC4347 Section 4.2.1.
+Turn on Cookie Exchange as described in RFC 4347 Section 4.2.1.
 Only affects DTLS connections.
 .It Dv SSL_OP_LEGACY_SERVER_CONNECT
 Allow legacy insecure renegotiation between OpenSSL and unpatched servers
@@ -250,7 +250,7 @@ and no longer have any effect:
 .Dv SSL_OP_TLSEXT_PADDING .
 .Sh SECURE RENEGOTIATION
 OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
-described in RFC5746.
+described in RFC 5746.
 This counters the prefix attack described in CVE-2009-3555 and elsewhere.
 .Pp
 This attack has far-reaching consequences which application writers should be
diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
index 86a2cbb131..e4756fe7c7 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: SSL_CTX_set_tlsext_ticket_key_cb.3,v 1.5 2019/06/12 09:36:30 schwarze Exp $
+.\"     $OpenBSD: SSL_CTX_set_tlsext_ticket_key_cb.3,v 1.6 2021/06/11 19:41:39 jmc Exp $
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Rich Salz <rsalz@akamai.com>
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 12 2019 $
+.Dd $Mdocdate: June 11 2021 $
 .Dt SSL_CTX_SET_TLSEXT_TICKET_KEY_CB 3
 .Os
 .Sh NAME
@@ -69,7 +69,7 @@ sets a callback function
 .Fa cb
 for handling session tickets for the ssl context
 .Fa sslctx .
-Session tickets, defined in RFC5077, provide an enhanced session
+Session tickets, defined in RFC 5077, provide an enhanced session
 resumption capability where the server implementation is not required to
 maintain per session state.
 .Pp
@@ -81,7 +81,7 @@ It is the responsibility of this function to create or retrieve the
 cryptographic parameters and to maintain their state.
 .Pp
 The OpenSSL library uses the callback function to help implement a
-common TLS ticket construction state according to RFC5077 Section 4 such
+common TLS ticket construction state according to RFC 5077 Section 4 such
 that per session state is unnecessary and a small set of cryptographic
 variables needs to be maintained by the callback function
 implementation.
@@ -192,7 +192,7 @@ The OpenSSL library will call
 .Fa cb
 again with an
 .Fa enc
-argument of 1 to set the new ticket (see RFC5077 3.3 paragraph 2).
+argument of 1 to set the new ticket (see RFC 5077 3.3 paragraph 2).
 .It 1
 This indicates that the
 .Fa ctx
diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3
index f936f01d7b..04c4833c6a 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: SSL_CTX_set_tlsext_use_srtp.3,v 1.5 2021/06/11 15:28:14 landry Exp $
+.\" $OpenBSD: SSL_CTX_set_tlsext_use_srtp.3,v 1.6 2021/06/11 19:41:39 jmc Exp $
 .\" full merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000
 .\"
 .\" This file was written by Matt Caswell <matt@openssl.org>.
@@ -80,12 +80,12 @@
 .Sh DESCRIPTION
 SRTP is the Secure Real-Time Transport Protocol.
 OpenSSL implements support for the "use_srtp" DTLS extension
-defined in RFC5764.
+defined in RFC 5764.
 This provides a mechanism for establishing SRTP keying material,
 algorithms and parameters using DTLS.
 This capability may be used as part of an implementation that
-conforms to RFC5763.
+conforms to RFC 5763.
-OpenSSL does not implement SRTP itself or RFC5763.
+OpenSSL does not implement SRTP itself or RFC 5763.
 Note that OpenSSL does not support the use of SRTP Master Key
 Identifiers (MKIs).
 Also note that this extension is only supported in DTLS.
@@ -110,13 +110,13 @@ SRTP protection profile names.
 The currently supported protection profile names are:
 .Bl -tag -width Ds
 .It Dv SRTP_AES128_CM_SHA1_80
-This corresponds to SRTP_AES128_CM_HMAC_SHA1_80 defined in RFC5764.
+This corresponds to SRTP_AES128_CM_HMAC_SHA1_80 defined in RFC 5764.
 .It Dv SRTP_AES128_CM_SHA1_32
-This corresponds to SRTP_AES128_CM_HMAC_SHA1_32 defined in RFC5764.
+This corresponds to SRTP_AES128_CM_HMAC_SHA1_32 defined in RFC 5764.
 .It Dv SRTP_AEAD_AES_128_GCM
-This corresponds to SRTP_AEAD_AES_128_GCM defined in RFC7714.
+This corresponds to SRTP_AEAD_AES_128_GCM defined in RFC 7714.
 .It Dv SRTP_AEAD_AES_256_GCM
-This corresponds to SRTP_AEAD_AES_256_GCM defined in RFC7714.
+This corresponds to SRTP_AEAD_AES_256_GCM defined in RFC 7714.
 .El
 .Pp
 Supplying an unrecognised protection profile name results in an error.
diff --git a/src/lib/libssl/man/SSL_clear.3 b/src/lib/libssl/man/SSL_clear.3
index 1f2f0a5e52..809c3b20f4 100644
--- a/src/lib/libssl/man/SSL_clear.3
+++ b/src/lib/libssl/man/SSL_clear.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: SSL_clear.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $
+.\"     $OpenBSD: SSL_clear.3,v 1.5 2021/06/11 19:41:39 jmc Exp $
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 27 2018 $
+.Dd $Mdocdate: June 11 2021 $
 .Dt SSL_CLEAR 3
 .Os
 .Sh NAME
@@ -74,7 +74,7 @@ a side effect is the handling of the current SSL session.
 If a session is still
 .Em open ,
 it is considered bad and will be removed from the session cache,
-as required by RFC2246.
+as required by RFC 2246.
 A session is considered open if
 .Xr SSL_shutdown 3
 was not called for the connection or at least
diff --git a/src/lib/libssl/man/SSL_free.3 b/src/lib/libssl/man/SSL_free.3
index d31f3e40ea..c713ded121 100644
--- a/src/lib/libssl/man/SSL_free.3
+++ b/src/lib/libssl/man/SSL_free.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: SSL_free.3,v 1.5 2020/03/30 10:28:59 schwarze Exp $
+.\"     $OpenBSD: SSL_free.3,v 1.6 2021/06/11 19:41:39 jmc Exp $
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 30 2020 $
+.Dd $Mdocdate: June 11 2021 $
 .Dt SSL_FREE 3
 .Os
 .Sh NAME
@@ -102,7 +102,7 @@ was not called for the connection and
 was not used to set the
 .Vt SSL_SENT_SHUTDOWN
 state, the session will also be removed from the session cache as required by
-RFC2246.
+RFC 2246.
 .Sh SEE ALSO
 .Xr ssl 3 ,
 .Xr SSL_clear 3 ,
diff --git a/src/lib/libssl/man/SSL_set_shutdown.3 b/src/lib/libssl/man/SSL_set_shutdown.3
index 6882d29c24..678086f88f 100644
--- a/src/lib/libssl/man/SSL_set_shutdown.3
+++ b/src/lib/libssl/man/SSL_set_shutdown.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: SSL_set_shutdown.3,v 1.5 2020/03/30 10:28:59 schwarze Exp $
+.\"     $OpenBSD: SSL_set_shutdown.3,v 1.6 2021/06/11 19:41:39 jmc Exp $
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 30 2020 $
+.Dd $Mdocdate: June 11 2021 $
 .Dt SSL_SET_SHUTDOWN 3
 .Os
 .Sh NAME
@@ -99,7 +99,7 @@ If the session is still open when
 .Xr SSL_clear 3
 or
 .Xr SSL_free 3
-is called, it is considered bad and removed according to RFC2246.
+is called, it is considered bad and removed according to RFC 2246.
 The actual condition for a correctly closed session is
 .Dv SSL_SENT_SHUTDOWN
 (according to the TLS RFC, it is acceptable to only send the
author	jmc <>	2021-06-11 19:45:21 +0000
committer	jmc <>	2021-06-11 19:45:21 +0000
commit	dfcae0917001a88404ae397c35b20caa458f932e (patch)
tree	463902f98da06dd3a3f213415dbf11980558b59e
parent	c29106da26ba83d9f0dec29e9b66d329ad964c38 (diff)
download	openbsd-dfcae0917001a88404ae397c35b20caa458f932e.tar.gz openbsd-dfcae0917001a88404ae397c35b20caa458f932e.tar.bz2 openbsd-dfcae0917001a88404ae397c35b20caa458f932e.zip

diff --git a/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 b/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 index 33cca3b4b3..7fc559f7fd 100644 --- a/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 +++ b/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: X509_VERIFY_PARAM_set_flags.3,v 1.15 2020/09/17 08:04:22 schwarze Exp $	1	.\" $OpenBSD: X509_VERIFY_PARAM_set_flags.3,v 1.16 2021/06/11 19:45:21 jmc Exp $
2	.\" full merge up to: OpenSSL d33def66 Feb 9 14:17:13 2016 -0500	2	.\" full merge up to: OpenSSL d33def66 Feb 9 14:17:13 2016 -0500
3	.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200	3	.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200
4	.\"	4	.\"
@@ -68,7 +68,7 @@
68	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	68	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
69	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	69	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
70	.\"	70	.\"
71	.Dd $Mdocdate: September 17 2020 $	71	.Dd $Mdocdate: June 11 2021 $
72	.Dt X509_VERIFY_PARAM_SET_FLAGS 3	72	.Dt X509_VERIFY_PARAM_SET_FLAGS 3
73	.Os	73	.Os
74	.Sh NAME	74	.Sh NAME
@@ -404,7 +404,7 @@ peer name may be a wildcard name or a sub-domain of the reference
404	identifier respectively.	404	identifier respectively.
405	.Pp	405	.Pp
406	.Fn X509_VERIFY_PARAM_set1_email	406	.Fn X509_VERIFY_PARAM_set1_email
407	sets the expected RFC822 email address to	407	sets the expected RFC 822 email address to
408	.Fa email .	408	.Fa email .
409	.Fa emaillen	409	.Fa emaillen
410	should be set to the length of	410	should be set to the length of


diff --git a/src/lib/libssl/man/SSL_CTX_set_options.3 b/src/lib/libssl/man/SSL_CTX_set_options.3 index ed797da2d6..a0ec880a80 100644 --- a/src/lib/libssl/man/SSL_CTX_set_options.3 +++ b/src/lib/libssl/man/SSL_CTX_set_options.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_CTX_set_options.3,v 1.13 2021/04/15 16:35:54 tb Exp $	1	.\" $OpenBSD: SSL_CTX_set_options.3,v 1.14 2021/06/11 19:41:39 jmc Exp $
2	.\" full merge up to: OpenSSL 7946ab33 Dec 6 17:56:41 2015 +0100	2	.\" full merge up to: OpenSSL 7946ab33 Dec 6 17:56:41 2015 +0100
3	.\" selective merge up to: OpenSSL edb79c3a Mar 29 10:07:14 2017 +1000	3	.\" selective merge up to: OpenSSL edb79c3a Mar 29 10:07:14 2017 +1000
4	.\"	4	.\"
@@ -52,7 +52,7 @@
52	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	52	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
53	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	53	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
54	.\"	54	.\"
55	.Dd $Mdocdate: April 15 2021 $	55	.Dd $Mdocdate: June 11 2021 $
56	.Dt SSL_CTX_SET_OPTIONS 3	56	.Dt SSL_CTX_SET_OPTIONS 3
57	.Os	57	.Os
58	.Sh NAME	58	.Sh NAME
@@ -175,7 +175,7 @@ preferences.
175	When not set, the server will always follow the client's preferences.	175	When not set, the server will always follow the client's preferences.
176	When set, the server will choose following its own preferences.	176	When set, the server will choose following its own preferences.
177	.It Dv SSL_OP_COOKIE_EXCHANGE	177	.It Dv SSL_OP_COOKIE_EXCHANGE
178	Turn on Cookie Exchange as described in RFC4347 Section 4.2.1.	178	Turn on Cookie Exchange as described in RFC 4347 Section 4.2.1.
179	Only affects DTLS connections.	179	Only affects DTLS connections.
180	.It Dv SSL_OP_LEGACY_SERVER_CONNECT	180	.It Dv SSL_OP_LEGACY_SERVER_CONNECT
181	Allow legacy insecure renegotiation between OpenSSL and unpatched servers	181	Allow legacy insecure renegotiation between OpenSSL and unpatched servers
@@ -250,7 +250,7 @@ and no longer have any effect:
250	.Dv SSL_OP_TLSEXT_PADDING .	250	.Dv SSL_OP_TLSEXT_PADDING .
251	.Sh SECURE RENEGOTIATION	251	.Sh SECURE RENEGOTIATION
252	OpenSSL 0.9.8m and later always attempts to use secure renegotiation as	252	OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
253	described in RFC5746.	253	described in RFC 5746.
254	This counters the prefix attack described in CVE-2009-3555 and elsewhere.	254	This counters the prefix attack described in CVE-2009-3555 and elsewhere.
255	.Pp	255	.Pp
256	This attack has far-reaching consequences which application writers should be	256	This attack has far-reaching consequences which application writers should be


diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 index 86a2cbb131..e4756fe7c7 100644 --- a/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 +++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_CTX_set_tlsext_ticket_key_cb.3,v 1.5 2019/06/12 09:36:30 schwarze Exp $	1	.\" $OpenBSD: SSL_CTX_set_tlsext_ticket_key_cb.3,v 1.6 2021/06/11 19:41:39 jmc Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Rich Salz <rsalz@akamai.com>	4	.\" This file was written by Rich Salz <rsalz@akamai.com>
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: June 12 2019 $	51	.Dd $Mdocdate: June 11 2021 $
52	.Dt SSL_CTX_SET_TLSEXT_TICKET_KEY_CB 3	52	.Dt SSL_CTX_SET_TLSEXT_TICKET_KEY_CB 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -69,7 +69,7 @@ sets a callback function
69	.Fa cb	69	.Fa cb
70	for handling session tickets for the ssl context	70	for handling session tickets for the ssl context
71	.Fa sslctx .	71	.Fa sslctx .
72	Session tickets, defined in RFC5077, provide an enhanced session	72	Session tickets, defined in RFC 5077, provide an enhanced session
73	resumption capability where the server implementation is not required to	73	resumption capability where the server implementation is not required to
74	maintain per session state.	74	maintain per session state.
75	.Pp	75	.Pp
@@ -81,7 +81,7 @@ It is the responsibility of this function to create or retrieve the
81	cryptographic parameters and to maintain their state.	81	cryptographic parameters and to maintain their state.
82	.Pp	82	.Pp
83	The OpenSSL library uses the callback function to help implement a	83	The OpenSSL library uses the callback function to help implement a
84	common TLS ticket construction state according to RFC5077 Section 4 such	84	common TLS ticket construction state according to RFC 5077 Section 4 such
85	that per session state is unnecessary and a small set of cryptographic	85	that per session state is unnecessary and a small set of cryptographic
86	variables needs to be maintained by the callback function	86	variables needs to be maintained by the callback function
87	implementation.	87	implementation.
@@ -192,7 +192,7 @@ The OpenSSL library will call
192	.Fa cb	192	.Fa cb
193	again with an	193	again with an
194	.Fa enc	194	.Fa enc
195	argument of 1 to set the new ticket (see RFC5077 3.3 paragraph 2).	195	argument of 1 to set the new ticket (see RFC 5077 3.3 paragraph 2).
196	.It 1	196	.It 1
197	This indicates that the	197	This indicates that the
198	.Fa ctx	198	.Fa ctx


diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3 index f936f01d7b..04c4833c6a 100644 --- a/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3 +++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_CTX_set_tlsext_use_srtp.3,v 1.5 2021/06/11 15:28:14 landry Exp $	1	.\" $OpenBSD: SSL_CTX_set_tlsext_use_srtp.3,v 1.6 2021/06/11 19:41:39 jmc Exp $
2	.\" full merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000	2	.\" full merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000
3	.\"	3	.\"
4	.\" This file was written by Matt Caswell <matt@openssl.org>.	4	.\" This file was written by Matt Caswell <matt@openssl.org>.
@@ -80,12 +80,12 @@
80	.Sh DESCRIPTION	80	.Sh DESCRIPTION
81	SRTP is the Secure Real-Time Transport Protocol.	81	SRTP is the Secure Real-Time Transport Protocol.
82	OpenSSL implements support for the "use_srtp" DTLS extension	82	OpenSSL implements support for the "use_srtp" DTLS extension
83	defined in RFC5764.	83	defined in RFC 5764.
84	This provides a mechanism for establishing SRTP keying material,	84	This provides a mechanism for establishing SRTP keying material,
85	algorithms and parameters using DTLS.	85	algorithms and parameters using DTLS.
86	This capability may be used as part of an implementation that	86	This capability may be used as part of an implementation that
87	conforms to RFC5763.	87	conforms to RFC 5763.
88	OpenSSL does not implement SRTP itself or RFC5763.	88	OpenSSL does not implement SRTP itself or RFC 5763.
89	Note that OpenSSL does not support the use of SRTP Master Key	89	Note that OpenSSL does not support the use of SRTP Master Key
90	Identifiers (MKIs).	90	Identifiers (MKIs).
91	Also note that this extension is only supported in DTLS.	91	Also note that this extension is only supported in DTLS.
@@ -110,13 +110,13 @@ SRTP protection profile names.
110	The currently supported protection profile names are:	110	The currently supported protection profile names are:
111	.Bl -tag -width Ds	111	.Bl -tag -width Ds
112	.It Dv SRTP_AES128_CM_SHA1_80	112	.It Dv SRTP_AES128_CM_SHA1_80
113	This corresponds to SRTP_AES128_CM_HMAC_SHA1_80 defined in RFC5764.	113	This corresponds to SRTP_AES128_CM_HMAC_SHA1_80 defined in RFC 5764.
114	.It Dv SRTP_AES128_CM_SHA1_32	114	.It Dv SRTP_AES128_CM_SHA1_32
115	This corresponds to SRTP_AES128_CM_HMAC_SHA1_32 defined in RFC5764.	115	This corresponds to SRTP_AES128_CM_HMAC_SHA1_32 defined in RFC 5764.
116	.It Dv SRTP_AEAD_AES_128_GCM	116	.It Dv SRTP_AEAD_AES_128_GCM
117	This corresponds to SRTP_AEAD_AES_128_GCM defined in RFC7714.	117	This corresponds to SRTP_AEAD_AES_128_GCM defined in RFC 7714.
118	.It Dv SRTP_AEAD_AES_256_GCM	118	.It Dv SRTP_AEAD_AES_256_GCM
119	This corresponds to SRTP_AEAD_AES_256_GCM defined in RFC7714.	119	This corresponds to SRTP_AEAD_AES_256_GCM defined in RFC 7714.
120	.El	120	.El
121	.Pp	121	.Pp
122	Supplying an unrecognised protection profile name results in an error.	122	Supplying an unrecognised protection profile name results in an error.


diff --git a/src/lib/libssl/man/SSL_clear.3 b/src/lib/libssl/man/SSL_clear.3 index 1f2f0a5e52..809c3b20f4 100644 --- a/src/lib/libssl/man/SSL_clear.3 +++ b/src/lib/libssl/man/SSL_clear.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_clear.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $	1	.\" $OpenBSD: SSL_clear.3,v 1.5 2021/06/11 19:41:39 jmc Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.	4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: March 27 2018 $	52	.Dd $Mdocdate: June 11 2021 $
53	.Dt SSL_CLEAR 3	53	.Dt SSL_CLEAR 3
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -74,7 +74,7 @@ a side effect is the handling of the current SSL session.
74	If a session is still	74	If a session is still
75	.Em open ,	75	.Em open ,
76	it is considered bad and will be removed from the session cache,	76	it is considered bad and will be removed from the session cache,
77	as required by RFC2246.	77	as required by RFC 2246.
78	A session is considered open if	78	A session is considered open if
79	.Xr SSL_shutdown 3	79	.Xr SSL_shutdown 3
80	was not called for the connection or at least	80	was not called for the connection or at least


diff --git a/src/lib/libssl/man/SSL_free.3 b/src/lib/libssl/man/SSL_free.3 index d31f3e40ea..c713ded121 100644 --- a/src/lib/libssl/man/SSL_free.3 +++ b/src/lib/libssl/man/SSL_free.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_free.3,v 1.5 2020/03/30 10:28:59 schwarze Exp $	1	.\" $OpenBSD: SSL_free.3,v 1.6 2021/06/11 19:41:39 jmc Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.	4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: March 30 2020 $	51	.Dd $Mdocdate: June 11 2021 $
52	.Dt SSL_FREE 3	52	.Dt SSL_FREE 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -102,7 +102,7 @@ was not called for the connection and
102	was not used to set the	102	was not used to set the
103	.Vt SSL_SENT_SHUTDOWN	103	.Vt SSL_SENT_SHUTDOWN
104	state, the session will also be removed from the session cache as required by	104	state, the session will also be removed from the session cache as required by
105	RFC2246.	105	RFC 2246.
106	.Sh SEE ALSO	106	.Sh SEE ALSO
107	.Xr ssl 3 ,	107	.Xr ssl 3 ,
108	.Xr SSL_clear 3 ,	108	.Xr SSL_clear 3 ,


diff --git a/src/lib/libssl/man/SSL_set_shutdown.3 b/src/lib/libssl/man/SSL_set_shutdown.3 index 6882d29c24..678086f88f 100644 --- a/src/lib/libssl/man/SSL_set_shutdown.3 +++ b/src/lib/libssl/man/SSL_set_shutdown.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_set_shutdown.3,v 1.5 2020/03/30 10:28:59 schwarze Exp $	1	.\" $OpenBSD: SSL_set_shutdown.3,v 1.6 2021/06/11 19:41:39 jmc Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.	4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: March 30 2020 $	51	.Dd $Mdocdate: June 11 2021 $
52	.Dt SSL_SET_SHUTDOWN 3	52	.Dt SSL_SET_SHUTDOWN 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -99,7 +99,7 @@ If the session is still open when
99	.Xr SSL_clear 3	99	.Xr SSL_clear 3
100	or	100	or
101	.Xr SSL_free 3	101	.Xr SSL_free 3
102	is called, it is considered bad and removed according to RFC2246.	102	is called, it is considered bad and removed according to RFC 2246.
103	The actual condition for a correctly closed session is	103	The actual condition for a correctly closed session is
104	.Dv SSL_SENT_SHUTDOWN	104	.Dv SSL_SENT_SHUTDOWN
105	(according to the TLS RFC, it is acceptable to only send the	105	(according to the TLS RFC, it is acceptable to only send the