move manual pages from doc/ to man/ for consistency with other

libraries, in particular considering that there are unrelated
files in doc/; requested by jsing@ and beck@

1 files changed, 0 insertions, 1319 deletions

diff --git a/src/lib/libssl/doc/ssl.3 b/src/lib/libssl/doc/ssl.3
deleted file mode 100644
index 7a76403bdc..0000000000
--- a/src/lib/libssl/doc/ssl.3
+++ /dev/null
@@ -1,1319 +0,0 @@
-.\"
-.\"     $OpenBSD: ssl.3,v 1.4 2015/11/11 22:14:40 jmc Exp $
-.\"
-.Dd $Mdocdate: November 11 2015 $
-.Dt SSL 3
-.Os
-.Sh NAME
-.Nm ssl
-.Nd OpenSSL SSL/TLS library
-.Sh DESCRIPTION
-The OpenSSL
-.Nm ssl
-library implements the Secure Sockets Layer (SSL v2/v3) and
-Transport Layer Security (TLS v1) protocols.
-It provides a rich API which is documented here.
-.Pp
-At first the library must be initialized; see
-.Xr SSL_library_init 3 .
-.Pp
-Then an
-.Vt SSL_CTX
-object is created as a framework to establish TLS/SSL enabled connections (see
-.Xr SSL_CTX_new 3 ) .
-Various options regarding certificates, algorithms, etc., can be set in this
-object.
-.Pp
-When a network connection has been created, it can be assigned to an
-.Vt SSL
-object.
-After the
-.Vt SSL
-object has been created using
-.Xr SSL_new 3 ,
-.Xr SSL_set_fd 3
-or
-.Xr SSL_set_bio 3
-can be used to associate the network connection with the object.
-.Pp
-Then the TLS/SSL handshake is performed using
-.Xr SSL_accept 3
-or
-.Xr SSL_connect 3
-respectively.
-.Xr SSL_read 3
-and
-.Xr SSL_write 3
-are used to read and write data on the TLS/SSL connection.
-.Xr SSL_shutdown 3
-can be used to shut down the TLS/SSL connection.
-.Sh DATA STRUCTURES
-Currently the OpenSSL
-.Nm ssl
-library functions deals with the following data structures:
-.Bl -tag -width Ds
-.It Vt SSL_METHOD No (SSL Method)
-That's a dispatch structure describing the internal
-.Nm ssl
-library methods/functions which implement the various protocol versions
-(SSLv1, SSLv2 and TLSv1).
-It's needed to create an
-.Vt SSL_CTX .
-.It Vt SSL_CIPHER No (SSL Cipher)
-This structure holds the algorithm information for a particular cipher which
-is a core part of the SSL/TLS protocol.
-The available ciphers are configured on an
-.Vt SSL_CTX
-basis and the actually used ones are then part of the
-.Vt SSL_SESSION .
-.It Vt SSL_CTX No (SSL Context)
-That's the global context structure which is created by a server or client
-once per program lifetime and which holds mainly default values for the
-.Vt SSL
-structures which are later created for the connections.
-.It Vt SSL_SESSION No (SSL Session)
-This is a structure containing the current TLS/SSL session details for a
-connection:
-.Vt SSL_CIPHER Ns s, client and server certificates, keys, etc.
-.It Vt SSL No (SSL Connection)
-That's the main SSL/TLS structure which is created by a server or client per
-established connection.
-This actually is the core structure in the SSL API.
-Under run-time the application usually deals with this structure which has
-links to mostly all other structures.
-.El
-.Sh HEADER FILES
-Currently the OpenSSL
-.Nm ssl
-library provides the following C header files containing the prototypes for the
-data structures and functions:
-.Bl -tag -width Ds
-.It Pa ssl.h
-That's the common header file for the SSL/TLS API.
-Include it into your program to make the API of the
-.Nm ssl
-library available.
-It internally includes both more private SSL headers and headers from the
-.Em crypto
-library.
-Whenever you need hardcore details on the internals of the SSL API, look inside
-this header file.
-.It Pa ssl2.h
-That's the sub header file dealing with the SSLv2 protocol only.
-.Bf Em
- Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
-.It Pa ssl3.h
-That's the sub header file dealing with the SSLv3 protocol only.
-.Bf Em
-Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
-.It Pa ssl23.h
-That's the sub header file dealing with the combined use of the SSLv2 and SSLv3
-protocols.
-.Bf Em
-Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
-.It Pa tls1.h
-That's the sub header file dealing with the TLSv1 protocol only.
-.Bf Em
-Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
-.El
-.Sh API FUNCTIONS
-The functions that the OpenSSL
-.Nm ssl
-library exports are documented below:
-.Ss DEALING WITH PROTOCOL METHODS
-Here we document the various API functions which deal with the SSL/TLS protocol
-methods defined in
-.Vt SSL_METHOD
-structures.
-.Bl -tag -width Ds
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv2_client_method void
-.Xc
-Constructor for the SSLv2
-.Vt SSL_METHOD
-structure for a dedicated client.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv2_server_method void
-.Xc
-Constructor for the SSLv2
-.Vt SSL_METHOD
-structure for a dedicated server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv2_method void
-.Xc
-Constructor for the SSLv2
-.Vt SSL_METHOD
-structure for combined client and server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv3_client_method void
-.Xc
-Constructor for the SSLv3
-.Vt SSL_METHOD
-structure for a dedicated client.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv3_server_method void
-.Xc
-Constructor for the SSLv3
-.Vt SSL_METHOD
-structure for a dedicated server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv3_method void
-.Xc
-Constructor for the SSLv3
-.Vt SSL_METHOD
-structure for combined client and server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn TLSv1_client_method void
-.Xc
-Constructor for the TLSv1
-.Vt SSL_METHOD
-structure for a dedicated client.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn TLSv1_server_method void
-.Xc
-Constructor for the TLSv1
-.Vt SSL_METHOD
-structure for a dedicated server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn TLSv1_method void
-.Xc
-Constructor for the TLSv1
-.Vt SSL_METHOD
-structure for combined client and server.
-.El
-.Ss DEALING WITH CIPHERS
-Here we document the various API functions which deal with the SSL/TLS ciphers
-defined in
-.Vt SSL_CIPHER
-structures.
-.Bl -tag -width Ds
-.It Xo
-.Ft char *
-.Fn SSL_CIPHER_description "SSL_CIPHER *cipher" "char *buf" "int len"
-.Xc
-Write a string to
-.Fa buf
-(with a maximum size of
-.Fa len )
-containing a human readable description of
-.Fa cipher .
-Returns
-.Fa buf .
-.It Xo
-.Ft int
-.Fn SSL_CIPHER_get_bits "SSL_CIPHER *cipher" "int *alg_bits"
-.Xc
-Determine the number of bits in
-.Fa cipher .
-Because of export crippled ciphers there are two bits:
-the bits the algorithm supports in general (stored to
-.Fa alg_bits )
-and the bits which are actually used (the return value).
-.It Xo
-.Ft const char *
-.Fn SSL_CIPHER_get_name "SSL_CIPHER *cipher"
-.Xc
-Return the internal name of
-.Fa cipher
-as a string.
-These are the various strings defined by the
-.Dv SSL2_TXT_xxx ,
-.Dv SSL3_TXT_xxx
-and
-.Dv TLS1_TXT_xxx
-definitions in the header files.
-.It Xo
-.Ft char *
-.Fn SSL_CIPHER_get_version "SSL_CIPHER *cipher"
-.Xc
-Returns a string like
-Qq TLSv1/SSLv3
-or
-Qq SSLv2
-which indicates the SSL/TLS protocol version to which
-.Fa cipher
-belongs (i.e., where it was defined in the specification the first time).
-.El
-.Ss DEALING WITH PROTOCOL CONTEXTS
-Here we document the various API functions which deal with the SSL/TLS
-protocol context defined in the
-.Vt SSL_CTX
-structure.
-.Bl -tag -width Ds
-.It Xo
-.Ft int
-.Fn SSL_CTX_add_client_CA "SSL_CTX *ctx" "X509 *x"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_add_extra_chain_cert "SSL_CTX *ctx" "X509 *x509"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_add_session "SSL_CTX *ctx" "SSL_SESSION *c"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_check_private_key "const SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_ctrl "SSL_CTX *ctx" "int cmd" "long larg" "char *parg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_flush_sessions "SSL_CTX *s" "long t"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_free "SSL_CTX *a"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_CTX_get_app_data "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft X509_STORE *
-.Fn SSL_CTX_get_cert_store "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_CTX_get_client_CA_list "const SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn "(*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))"
-.Fa "SSL *ssl" "X509 **x509" "EVP_PKEY **pkey"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_CTX_get_ex_data "const SSL_CTX *s" "int idx"
-.Xc
-.It Xo
-.Ft int
-.Fo SSL_CTX_get_ex_new_index
-.Fa "long argl"
-.Fa "void *argp"
-.Fa "CRYPTO_EX_new *new_func"
-.Fa "CRYPTO_EX_dup *dup_func"
-.Fa "CRYPTO_EX_free *free_func"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fo "(*SSL_CTX_get_info_callback(const SSL_CTX *ctx))"
-.Fa "SSL *ssl"
-.Fa "int cb"
-.Fa "int ret"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_get_quiet_shutdown "const SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_get_session_cache_mode "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_get_timeout "const SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fo "(*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))"
-.Fa "int ok"
-.Fa "X509_STORE_CTX *ctx"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_get_verify_mode "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_load_verify_locations "SSL_CTX *ctx" "char *CAfile" "char *CApath"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_need_tmp_RSA "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft SSL_CTX *
-.Fn SSL_CTX_new "const SSL_METHOD *meth"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_remove_session "SSL_CTX *ctx" "SSL_SESSION *c"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_accept "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_accept_good "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_accept_renegotiate "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_cache_full "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_cb_hits "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_connect "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_connect_good "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_connect_renegotiate "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_get_cache_size "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft SSL_SESSION *
-.Fo "(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))"
-.Fa "SSL *ssl"
-.Fa "unsigned char *data"
-.Fa "int len"
-.Fa "int *copy"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn "(*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))" "SSL *ssl" "SSL_SESSION *sess"
-.Xc
-.It Xo
-.Ft void
-.Fo "(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))"
-.Fa "SSL_CTX *ctx"
-.Fa "SSL_SESSION *sess"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_hits "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_misses "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_number "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_sess_set_cache_size "SSL_CTX *ctx" "long t"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_sess_set_get_cb
-.Fa "SSL_CTX *ctx"
-.Fa "SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_sess_set_new_cb
-.Fa "SSL_CTX *ctx"
-.Fa "int (*cb)(SSL *ssl, SSL_SESSION *sess)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_sess_set_remove_cb
-.Fa "SSL_CTX *ctx"
-.Fa "void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess)"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_timeouts "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft LHASH *
-.Fn SSL_CTX_sessions "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_app_data "SSL_CTX *ctx" "void *arg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_cert_store "SSL_CTX *ctx" "X509_STORE *cs"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_cert_verify_cb "SSL_CTX *ctx" "int (*cb)()" "char *arg"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_set_cipher_list "SSL_CTX *ctx" "char *str"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_client_CA_list "SSL_CTX *ctx" "STACK *list"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_client_cert_cb
-.Fa "SSL_CTX *ctx"
-.Fa "int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_default_passwd_cb "SSL_CTX *ctx" "pem_password_cb *cb"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_default_read_ahead "SSL_CTX *ctx" "int m"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_set_default_verify_paths "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_set_ex_data "SSL_CTX *s" "int idx" "char *arg"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_info_callback
-.Fa "SSL_CTX *ctx"
-.Fa "void (*cb)(SSL *ssl, int cb, int ret)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_msg_callback
-.Fa "SSL_CTX *ctx"
-.Fa "void (*cb)(int write_p, int version, int content_type, const void *buf, \
-size_t len, SSL *ssl, void *arg)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_msg_callback_arg "SSL_CTX *ctx" "void *arg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_options "SSL_CTX *ctx" "unsigned long op"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_quiet_shutdown "SSL_CTX *ctx" "int mode"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_session_cache_mode "SSL_CTX *ctx" "int mode"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_set_ssl_version "SSL_CTX *ctx" "const SSL_METHOD *meth"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_timeout "SSL_CTX *ctx" "long t"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_set_tmp_dh "SSL_CTX* ctx" "DH *dh"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_set_tmp_dh_callback "SSL_CTX *ctx" "DH *(*cb)(void)"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_set_tmp_rsa "SSL_CTX *ctx" "RSA *rsa"
-.Xc
-.It Xo
-.Fn SSL_CTX_set_tmp_rsa_callback
-.Xc
-.Ft long
-.Fo SSL_CTX_set_tmp_rsa_callback
-.Fa "SSL_CTX *ctx"
-.Fa "RSA *(*cb)(SSL *ssl, int export, int keylength)"
-.Fc
-.Pp
-Sets the callback which will be called when a temporary private key is
-required.
-The
-.Fa export
-flag will be set if the reason for needing a temp key is that an export
-ciphersuite is in use, in which case,
-.Fa keylength
-will contain the required keylength in bits.
-.\" XXX using what?
-Generate a key of appropriate size (using ???) and return it.
-.It Xo
-.Fn SSL_set_tmp_rsa_callback
-.Xc
-.Ft long
-.Fo SSL_set_tmp_rsa_callback
-.Fa "SSL *ssl"
-.Fa "RSA *(*cb)(SSL *ssl, int export, int keylength)"
-.Fc
-.Pp
-The same as
-.Fn SSL_CTX_set_tmp_rsa_callback ,
-except it operates on an
-.Vt SSL
-session instead of a context.
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_verify "SSL_CTX *ctx" "int mode" "int (*cb)(void)"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_PrivateKey "SSL_CTX *ctx" "EVP_PKEY *pkey"
-.Xc
-.It Xo
-.Ft int
-.Fo SSL_CTX_use_PrivateKey_ASN1
-.Fa "int type"
-.Fa "SSL_CTX *ctx"
-.Fa "unsigned char *d"
-.Fa "long len"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_PrivateKey_file "SSL_CTX *ctx" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_RSAPrivateKey "SSL_CTX *ctx" "RSA *rsa"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_RSAPrivateKey_ASN1 "SSL_CTX *ctx" "unsigned char *d" "long len"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_RSAPrivateKey_file "SSL_CTX *ctx" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_certificate "SSL_CTX *ctx" "X509 *x"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_certificate_ASN1 "SSL_CTX *ctx" "int len" "unsigned char *d"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_certificate_file "SSL_CTX *ctx" "char *file" "int type"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_psk_client_callback
-.Fa "SSL_CTX *ctx"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, \
-unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len)"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_psk_identity_hint "SSL_CTX *ctx" "const char *hint"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_psk_server_callback
-.Fa "SSL_CTX *ctx"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, \
-unsigned char *psk, int max_psk_len)"
-.Fc
-.Xc
-.El
-.Ss DEALING WITH SESSIONS
-Here we document the various API functions which deal with the SSL/TLS sessions
-defined in the
-.Vt SSL_SESSION
-structures.
-.Bl -tag -width Ds
-.It Xo
-.Ft int
-.Fn SSL_SESSION_cmp "const SSL_SESSION *a" "const SSL_SESSION *b"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_SESSION_free "SSL_SESSION *ss"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_SESSION_get_app_data "SSL_SESSION *s"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_SESSION_get_ex_data "const SSL_SESSION *s" "int idx"
-.Xc
-.It Xo
-.Ft int
-.Fo SSL_SESSION_get_ex_new_index
-.Fa "long argl"
-.Fa "char *argp"
-.Fa "int (*new_func)(void)"
-.Fa "int (*dup_func)(void), void (*free_func)(void)"
-.Fc
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_SESSION_get_time "const SSL_SESSION *s"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_SESSION_get_timeout "const SSL_SESSION *s"
-.Xc
-.It Xo
-.Ft unsigned long
-.Fn SSL_SESSION_hash "const SSL_SESSION *a"
-.Xc
-.It Xo
-.Ft SSL_SESSION *
-.Fn SSL_SESSION_new void
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_SESSION_print "BIO *bp" "const SSL_SESSION *x"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_SESSION_print_fp "FILE *fp" "const SSL_SESSION *x"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_SESSION_set_app_data "SSL_SESSION *s" "char *a"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_SESSION_set_ex_data "SSL_SESSION *s" "int idx" "char *arg"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_SESSION_set_time "SSL_SESSION *s" "long t"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_SESSION_set_timeout "SSL_SESSION *s" "long t"
-.Xc
-.El
-.Ss DEALING WITH CONNECTIONS
-Here we document the various API functions which deal with the SSL/TLS
-connection defined in the
-.Vt SSL
-structure.
-.Bl -tag -width Ds
-.It Xo
-.Ft int
-.Fn SSL_accept "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_add_dir_cert_subjects_to_stack "STACK *stack" "const char *dir"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_add_file_cert_subjects_to_stack "STACK *stack" "const char *file"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_add_client_CA "SSL *ssl" "X509 *x"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_alert_desc_string "int value"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_alert_desc_string_long "int value"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_alert_type_string "int value"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_alert_type_string_long "int value"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_check_private_key "const SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_clear "SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_clear_num_renegotiations "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_connect "SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_copy_session_id "SSL *t" "const SSL *f"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_ctrl "SSL *ssl" "int cmd" "long larg" "char *parg"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_do_handshake "SSL *ssl"
-.Xc
-.It Xo
-.Ft SSL *
-.Fn SSL_dup "SSL *ssl"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_dup_CA_list "STACK *sk"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_free "SSL *ssl"
-.Xc
-.It Xo
-.Ft SSL_CTX *
-.Fn SSL_get_SSL_CTX "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_app_data "SSL *ssl"
-.Xc
-.It Xo
-.Ft X509 *
-.Fn SSL_get_certificate "const SSL *ssl"
-.Xc
-.It Xo
-.Ft const char *
-.Fn SSL_get_cipher "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_cipher_bits "const SSL *ssl" "int *alg_bits"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_cipher_list "const SSL *ssl" "int n"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_cipher_name "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_cipher_version "const SSL *ssl"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_get_ciphers "const SSL *ssl"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_get_client_CA_list "const SSL *ssl"
-.Xc
-.It Xo
-.Ft SSL_CIPHER *
-.Fn SSL_get_current_cipher "SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_get_default_timeout "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_error "const SSL *ssl" "int i"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_ex_data "const SSL *ssl" "int idx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_ex_data_X509_STORE_CTX_idx void
-.Xc
-.It Xo
-.Ft int
-.Fo SSL_get_ex_new_index
-.Fa "long argl"
-.Fa "char *argp"
-.Fa "int (*new_func)(void)"
-.Fa "int (*dup_func)(void)"
-.Fa "void (*free_func)(void)"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_fd "const SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn "(*SSL_get_info_callback(const SSL *ssl))"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_get_peer_cert_chain "const SSL *ssl"
-.Xc
-.It Xo
-.Ft X509 *
-.Fn SSL_get_peer_certificate "const SSL *ssl"
-.Xc
-.It Xo
-.Ft EVP_PKEY *
-.Fn SSL_get_privatekey "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_quiet_shutdown "const SSL *ssl"
-.Xc
-.It Xo
-.Ft BIO *
-.Fn SSL_get_rbio "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_read_ahead "const SSL *ssl"
-.Xc
-.It Xo
-.Ft SSL_SESSION *
-.Fn SSL_get_session "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_shared_ciphers "const SSL *ssl" "char *buf" "int len"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_shutdown "const SSL *ssl"
-.Xc
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSL_get_ssl_method "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_state "const SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_get_time "const SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_get_timeout "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn "(*SSL_get_verify_callback(const SSL *ssl))" int "X509_STORE_CTX *"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_verify_mode "const SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_get_verify_result "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_version "const SSL *ssl"
-.Xc
-.It Xo
-.Ft BIO *
-.Fn SSL_get_wbio "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_in_accept_init "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_in_before "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_in_connect_init "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_in_init "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_is_init_finished "SSL *ssl"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_load_client_CA_file "char *file"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_load_error_strings "void"
-.Xc
-.It Xo
-.Ft SSL *
-.Fn SSL_new "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_num_renegotiations "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_peek "SSL *ssl" "void *buf" "int num"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_pending "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_read "SSL *ssl" "void *buf" "int num"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_renegotiate "SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_rstate_string "SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_rstate_string_long "SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_session_reused "SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_accept_state "SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_app_data "SSL *ssl" "char *arg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_bio "SSL *ssl" "BIO *rbio" "BIO *wbio"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_cipher_list "SSL *ssl" "char *str"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_client_CA_list "SSL *ssl" "STACK *list"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_connect_state "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_ex_data "SSL *ssl" "int idx" "char *arg"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_fd "SSL *ssl" "int fd"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_info_callback "SSL *ssl" "void (*cb)(void)"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_set_msg_callback
-.Fa "SSL *ctx"
-.Fa "void (*cb)(int write_p, int version, int content_type, const void *buf, \
-size_t len, SSL *ssl, void *arg)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_msg_callback_arg "SSL *ctx" "void *arg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_options "SSL *ssl" "unsigned long op"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_quiet_shutdown "SSL *ssl" "int mode"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_read_ahead "SSL *ssl" "int yes"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_rfd "SSL *ssl" "int fd"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_session "SSL *ssl" "SSL_SESSION *session"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_shutdown "SSL *ssl" "int mode"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_ssl_method "SSL *ssl" "const SSL_METHOD *meth"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_time "SSL *ssl" "long t"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_timeout "SSL *ssl" "long t"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_verify "SSL *ssl" "int mode" "int (*callback)(void)"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_verify_result "SSL *ssl" "long arg"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_wfd "SSL *ssl" "int fd"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_shutdown "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_state "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_state_string "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_state_string_long "const SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_total_renegotiations "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_PrivateKey "SSL *ssl" "EVP_PKEY *pkey"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_PrivateKey_ASN1 "int type" "SSL *ssl" "unsigned char *d" "long len"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_PrivateKey_file "SSL *ssl" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_RSAPrivateKey "SSL *ssl" "RSA *rsa"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_RSAPrivateKey_ASN1 "SSL *ssl" "unsigned char *d" "long len"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_RSAPrivateKey_file "SSL *ssl" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_certificate "SSL *ssl" "X509 *x"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_certificate_ASN1 "SSL *ssl" "int len" "unsigned char *d"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_certificate_file "SSL *ssl" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_version "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want_nothing "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want_read "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want_write "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want_x509_lookup "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_write "SSL *ssl" "const void *buf" "int num"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_set_psk_client_callback
-.Fa "SSL *ssl"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, \
-unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len)"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_psk_identity_hint "SSL *ssl" "const char *hint"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_set_psk_server_callback
-.Fa "SSL *ssl"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, \
-unsigned char *psk, int max_psk_len)"
-.Fc
-.Xc
-.It Xo
-.Ft const char *
-.Fn SSL_get_psk_identity_hint "SSL *ssl"
-.Xc
-.It Xo
-.Ft const char *
-.Fn SSL_get_psk_identity "SSL *ssl"
-.Xc
-.El
-.Sh SEE ALSO
-.Xr openssl 1 ,
-.Xr crypto 3 ,
-.Xr d2i_SSL_SESSION 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_alert_type_string 3 ,
-.Xr SSL_CIPHER_get_name 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_COMP_add_compression_method 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_CTX_add_extra_chain_cert 3 ,
-.Xr SSL_CTX_add_session 3 ,
-.Xr SSL_CTX_ctrl 3 ,
-.Xr SSL_CTX_flush_sessions 3 ,
-.Xr SSL_CTX_get_ex_new_index 3 ,
-.Xr SSL_CTX_get_verify_mode 3 ,
-.Xr SSL_CTX_load_verify_locations 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_CTX_sess_number 3 ,
-.Xr SSL_CTX_sess_set_cache_size 3 ,
-.Xr SSL_CTX_sess_set_get_cb 3 ,
-.Xr SSL_CTX_sessions 3 ,
-.Xr SSL_CTX_set_cert_store 3 ,
-.Xr SSL_CTX_set_cert_verify_callback 3 ,
-.Xr SSL_CTX_set_cipher_list 3 ,
-.Xr SSL_CTX_set_client_CA_list 3 ,
-.Xr SSL_CTX_set_client_cert_cb 3 ,
-.Xr SSL_CTX_set_default_passwd_cb 3 ,
-.Xr SSL_CTX_set_generate_session_id 3 ,
-.Xr SSL_CTX_set_info_callback 3 ,
-.Xr SSL_CTX_set_max_cert_list 3 ,
-.Xr SSL_CTX_set_mode 3 ,
-.Xr SSL_CTX_set_msg_callback 3 ,
-.Xr SSL_CTX_set_options 3 ,
-.Xr SSL_CTX_set_psk_client_callback 3 ,
-.Xr SSL_CTX_set_quiet_shutdown 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_CTX_set_session_id_context 3 ,
-.Xr SSL_CTX_set_ssl_version 3 ,
-.Xr SSL_CTX_set_timeout 3 ,
-.Xr SSL_CTX_set_tmp_dh_callback 3 ,
-.Xr SSL_CTX_set_tmp_rsa_callback 3 ,
-.Xr SSL_CTX_set_verify 3 ,
-.Xr SSL_CTX_use_certificate 3 ,
-.Xr SSL_CTX_use_psk_identity_hint 3 ,
-.Xr SSL_do_handshake 3 ,
-.Xr SSL_get_ciphers 3 ,
-.Xr SSL_get_client_CA_list 3 ,
-.Xr SSL_get_default_timeout 3 ,
-.Xr SSL_get_error 3 ,
-.Xr SSL_get_ex_data_X509_STORE_CTX_idx 3 ,
-.Xr SSL_get_ex_new_index 3 ,
-.Xr SSL_get_fd 3 ,
-.Xr SSL_get_peer_cert_chain 3 ,
-.Xr SSL_get_psk_identity 3 ,
-.Xr SSL_get_rbio 3 ,
-.Xr SSL_get_session 3 ,
-.Xr SSL_get_SSL_CTX 3 ,
-.Xr SSL_get_verify_result 3 ,
-.Xr SSL_get_version 3 ,
-.Xr SSL_library_init 3 ,
-.Xr SSL_load_client_CA_file 3 ,
-.Xr SSL_new 3 ,
-.Xr SSL_pending 3 ,
-.Xr SSL_read 3 ,
-.Xr SSL_rstate_string 3 ,
-.Xr SSL_SESSION_free 3 ,
-.Xr SSL_SESSION_get_ex_new_index 3 ,
-.Xr SSL_SESSION_get_time 3 ,
-.Xr SSL_session_reused 3 ,
-.Xr SSL_set_bio 3 ,
-.Xr SSL_set_connect_state 3 ,
-.Xr SSL_set_fd 3 ,
-.Xr SSL_set_session 3 ,
-.Xr SSL_set_shutdown 3 ,
-.Xr SSL_shutdown 3 ,
-.Xr SSL_state_string 3 ,
-.Xr SSL_want 3 ,
-.Xr SSL_write 3
-.Sh HISTORY
-The
-.Nm
-document appeared in OpenSSL 0.9.2.