Convert libssl manpages from pod to mdoc(7).

libcrypto has not been started yet. ok schwarze@ miod@
author: bentley <> 2014-10-12 09:33:04 +0000
committer: bentley <> 2014-10-12 09:33:04 +0000
commit: 82b7f378b6907ab315a6e50322d2a0a8794a0aa9 (patch)
tree: a5087bf8d016a6041c2b6822fbecfd8f6c5e70b1 /src/lib/libssl/doc/SSL_CTX_use_psk_identity_hint.3
parent: 0a63f0cf49369e1926567ab62e04e3355cedf0cd (diff)
download: openbsd-82b7f378b6907ab315a6e50322d2a0a8794a0aa9.tar.gz
openbsd-82b7f378b6907ab315a6e50322d2a0a8794a0aa9.tar.bz2
openbsd-82b7f378b6907ab315a6e50322d2a0a8794a0aa9.zip
1 files changed, 107 insertions, 0 deletions
diff --git a/src/lib/libssl/doc/SSL_CTX_use_psk_identity_hint.3 b/src/lib/libssl/doc/SSL_CTX_use_psk_identity_hint.3
new file mode 100644
index 0000000000..4d4e8a6173
--- /dev/null
+++ b/src/lib/libssl/doc/SSL_CTX_use_psk_identity_hint.3
@@ -0,0 +1,107 @@
+.Dd $Mdocdate: October 12 2014 $
+.Dt SSL_CTX_USE_PSK_IDENTITY_HINT 3
+.Os
+.Sh NAME
+.Nm SSL_CTX_use_psk_identity_hint ,
+.Nm SSL_use_psk_identity_hint ,
+.Nm  SSL_CTX_set_psk_server_callback ,
+.Nm SSL_set_psk_server_callback
+.Nd set PSK identity hint to use
+.Sh SYNOPSIS
+.In openssl/ssl.h
+.Ft int
+.Fn SSL_CTX_use_psk_identity_hint "SSL_CTX *ctx" "const char *hint"
+.Ft int
+.Fn SSL_use_psk_identity_hint "SSL *ssl" "const char *hint"
+.Ft void
+.Fo SSL_CTX_set_psk_server_callback
+.Fa "SSL_CTX *ctx"
+.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len)"
+.Fc
+.Ft void
+.Fo SSL_set_psk_server_callback
+.Fa "SSL *ssl"
+.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len)"
+.Fc
+.Sh DESCRIPTION
+.Fn SSL_CTX_use_psk_identity_hint
+sets the given
+.Dv NULL Ns
+-terminated PSK identity hint
+.Fa hint
+to SSL context object
+.Fa ctx .
+.Fn SSL_use_psk_identity_hint
+sets the given
+.Dv NULL Ns
+-terminated
+PSK identity hint
+.Fa hint
+to SSL connection object
+.Fa ssl .
+If
+.Fa hint
+is
+.Dv NULL
+the current hint from
+.Fa ctx
+or
+.Fa ssl
+is deleted.
+.Pp
+In the case where PSK identity hint is
+.Dv NULL ,
+the server does not send the
+.Em ServerKeyExchange
+message to the client.
+.Pp
+A server application must provide a callback function which is called when the
+server receives the
+.Em ClientKeyExchange
+message from the client.
+The purpose of the callback function is to validate the received PSK identity
+and to fetch the pre-shared key used during the connection setup phase.
+The callback is set using functions
+.Fn SSL_CTX_set_psk_server_callback
+or
+.Fn SSL_set_psk_server_callback .
+The callback function is given the connection in parameter
+.Fa ssl ,
+.Dv NULL Ns
+-terminated PSK identity sent by the client in parameter
+.Fa identity ,
+and a buffer
+.Fa psk
+of length
+.Fa max_psk_len
+bytes where the pre-shared key is to be stored.
+.Sh RETURN VALUES
+.Fn SSL_CTX_use_psk_identity_hint
+and
+.Fn SSL_use_psk_identity_hint
+return 1 on success, 0 otherwise.
+.Pp
+Return values from the server callback are interpreted as follows:
+.Bl -tag -width Ds
+.It >0
+PSK identity was found and the server callback has provided the PSK
+successfully in parameter
+.Fa psk .
+Return value is the length of
+.Fa psk
+in bytes.
+It is an error to return a value greater than
+.Fa max_psk_len .
+.Pp
+If the PSK identity was not found but the callback instructs the protocol to
+continue anyway, the callback must provide some random data to
+.Fa psk
+and return the length of the random data, so the connection will fail with
+.Dq decryption_error
+before it will be finished completely.
+.It 0
+PSK identity was not found.
+An
+.Dq unknown_psk_identity
+alert message will be sent and the connection setup fails.
+.El
author	bentley <>	2014-10-12 09:33:04 +0000
committer	bentley <>	2014-10-12 09:33:04 +0000
commit	82b7f378b6907ab315a6e50322d2a0a8794a0aa9 (patch)
tree	a5087bf8d016a6041c2b6822fbecfd8f6c5e70b1 /src/lib/libssl/doc/SSL_CTX_use_psk_identity_hint.3
parent	0a63f0cf49369e1926567ab62e04e3355cedf0cd (diff)
download	openbsd-82b7f378b6907ab315a6e50322d2a0a8794a0aa9.tar.gz openbsd-82b7f378b6907ab315a6e50322d2a0a8794a0aa9.tar.bz2 openbsd-82b7f378b6907ab315a6e50322d2a0a8794a0aa9.zip

diff --git a/src/lib/libssl/doc/SSL_CTX_use_psk_identity_hint.3 b/src/lib/libssl/doc/SSL_CTX_use_psk_identity_hint.3 new file mode 100644 index 0000000000..4d4e8a6173 --- /dev/null +++ b/src/lib/libssl/doc/SSL_CTX_use_psk_identity_hint.3
@@ -0,0 +1,107 @@
	1	.Dd $Mdocdate: October 12 2014 $
	2	.Dt SSL_CTX_USE_PSK_IDENTITY_HINT 3
	3	.Os
	4	.Sh NAME
	5	.Nm SSL_CTX_use_psk_identity_hint ,
	6	.Nm SSL_use_psk_identity_hint ,
	7	.Nm SSL_CTX_set_psk_server_callback ,
	8	.Nm SSL_set_psk_server_callback
	9	.Nd set PSK identity hint to use
	10	.Sh SYNOPSIS
	11	.In openssl/ssl.h
	12	.Ft int
	13	.Fn SSL_CTX_use_psk_identity_hint "SSL_CTX ctx" "const char hint"
	14	.Ft int
	15	.Fn SSL_use_psk_identity_hint "SSL ssl" "const char hint"
	16	.Ft void
	17	.Fo SSL_CTX_set_psk_server_callback
	18	.Fa "SSL_CTX *ctx"
	19	.Fa "unsigned int (callback)(SSL ssl, const char identity, unsigned char psk, int max_psk_len)"
	20	.Fc
	21	.Ft void
	22	.Fo SSL_set_psk_server_callback
	23	.Fa "SSL *ssl"
	24	.Fa "unsigned int (callback)(SSL ssl, const char identity, unsigned char psk, int max_psk_len)"
	25	.Fc
	26	.Sh DESCRIPTION
	27	.Fn SSL_CTX_use_psk_identity_hint
	28	sets the given
	29	.Dv NULL Ns
	30	-terminated PSK identity hint
	31	.Fa hint
	32	to SSL context object
	33	.Fa ctx .
	34	.Fn SSL_use_psk_identity_hint
	35	sets the given
	36	.Dv NULL Ns
	37	-terminated
	38	PSK identity hint
	39	.Fa hint
	40	to SSL connection object
	41	.Fa ssl .
	42	If
	43	.Fa hint
	44	is
	45	.Dv NULL
	46	the current hint from
	47	.Fa ctx
	48	or
	49	.Fa ssl
	50	is deleted.
	51	.Pp
	52	In the case where PSK identity hint is
	53	.Dv NULL ,
	54	the server does not send the
	55	.Em ServerKeyExchange
	56	message to the client.
	57	.Pp
	58	A server application must provide a callback function which is called when the
	59	server receives the
	60	.Em ClientKeyExchange
	61	message from the client.
	62	The purpose of the callback function is to validate the received PSK identity
	63	and to fetch the pre-shared key used during the connection setup phase.
	64	The callback is set using functions
	65	.Fn SSL_CTX_set_psk_server_callback
	66	or
	67	.Fn SSL_set_psk_server_callback .
	68	The callback function is given the connection in parameter
	69	.Fa ssl ,
	70	.Dv NULL Ns
	71	-terminated PSK identity sent by the client in parameter
	72	.Fa identity ,
	73	and a buffer
	74	.Fa psk
	75	of length
	76	.Fa max_psk_len
	77	bytes where the pre-shared key is to be stored.
	78	.Sh RETURN VALUES
	79	.Fn SSL_CTX_use_psk_identity_hint
	80	and
	81	.Fn SSL_use_psk_identity_hint
	82	return 1 on success, 0 otherwise.
	83	.Pp
	84	Return values from the server callback are interpreted as follows:
	85	.Bl -tag -width Ds
	86	.It >0
	87	PSK identity was found and the server callback has provided the PSK
	88	successfully in parameter
	89	.Fa psk .
	90	Return value is the length of
	91	.Fa psk
	92	in bytes.
	93	It is an error to return a value greater than
	94	.Fa max_psk_len .
	95	.Pp
	96	If the PSK identity was not found but the callback instructs the protocol to
	97	continue anyway, the callback must provide some random data to
	98	.Fa psk
	99	and return the length of the random data, so the connection will fail with
	100	.Dq decryption_error
	101	before it will be finished completely.
	102	.It 0
	103	PSK identity was not found.
	104	An
	105	.Dq unknown_psk_identity
	106	alert message will be sent and the connection setup fails.
	107	.El