Convert libssl manpages from pod to mdoc(7).

libcrypto has not been started yet.

ok schwarze@ miod@

1 files changed, 65 insertions, 0 deletions

diff --git a/src/lib/libssl/doc/SSL_COMP_add_compression_method.3 b/src/lib/libssl/doc/SSL_COMP_add_compression_method.3
new file mode 100644
index 0000000000..c23d676930
--- /dev/null
+++ b/src/lib/libssl/doc/SSL_COMP_add_compression_method.3
@@ -0,0 +1,65 @@
+.Dd $Mdocdate: October 12 2014 $
+.Dt SSL_COMP_ADD_COMPRESSION_METHOD 3
+.Os
+.Sh NAME
+.Nm SSL_COMP_add_compression_method
+.Nd handle SSL/TLS integrated compression methods
+.Sh SYNOPSIS
+.In openssl/ssl.h
+.Ft int
+.Fn SSL_COMP_add_compression_method "int id" "COMP_METHOD *cm"
+.Sh DESCRIPTION
+.Fn SSL_COMP_add_compression_method
+adds the compression method
+.Fa cm
+with the identifier
+.Fa id
+to the list of available compression methods.
+This list is globally maintained for all SSL operations within this application.
+It cannot be set for specific SSL_CTX or SSL objects.
+.Sh NOTES
+The TLS standard (or SSLv3) allows the integration of compression methods
+into the communication.
+The TLS RFC does however not specify compression methods or their corresponding
+identifiers, so there is currently no compatible way to integrate compression
+with unknown peers.
+It is therefore currently not recommended to integrate compression into
+applications.
+Applications for non-public use may agree on certain compression methods.
+Using different compression methods with the same identifier will lead to
+connection failure.
+.Pp
+An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1)
+will unconditionally send the list of all compression methods enabled with
+.Fn SSL_COMP_add_compression_method
+to the server during the handshake.
+Unlike the mechanisms to set a cipher list, there is no method available to
+restrict the list of compression method on a per connection basis.
+.Pp
+An OpenSSL server will match the identifiers listed by a client against
+its own compression methods and will unconditionally activate compression
+when a matching identifier is found.
+There is no way to restrict the list of compression methods supported on a per
+connection basis.
+.Pp
+The OpenSSL library has the compression methods
+.Fn COMP_rle
+and (when especially enabled during compilation)
+.Fn COMP_zlib
+available.
+.Sh WARNINGS
+Once the identities of the compression methods for the TLS protocol have
+been standardized, the compression API will most likely be changed.
+Using it in the current state is not recommended.
+.Sh RETURN VALUES
+.Fn SSL_COMP_add_compression_method
+may return the following values:
+.Bl -tag -width Ds
+.It 0
+The operation succeeded.
+.It 1
+The operation failed.
+Check the error queue to find out the reason.
+.El
+.Sh SEE ALSO
+.Xr ssl 3