move manual pages from doc/ to man/ for consistency with other

libraries, in particular considering that there are unrelated files in doc/; requested by jsing@ and beck@
author: schwarze <> 2016-11-05 15:32:20 +0000
committer: schwarze <> 2016-11-05 15:32:20 +0000
commit: b3e8c428c609fc9c66690abb3d188c60b5d48bb1 (patch)
tree: 1672f1234352c29443fcacb44e22f1b20f174d99 /src/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
parent: 19bc742a20d4c505bc890d49e01c44192e9dbeff (diff)
download: openbsd-b3e8c428c609fc9c66690abb3d188c60b5d48bb1.tar.gz
openbsd-b3e8c428c609fc9c66690abb3d188c60b5d48bb1.tar.bz2
openbsd-b3e8c428c609fc9c66690abb3d188c60b5d48bb1.zip
1 files changed, 110 insertions, 0 deletions
diff --git a/src/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3 b/src/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
new file mode 100644
index 0000000000..7d5d6b1dfd
--- /dev/null
+++ b/src/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
@@ -0,0 +1,110 @@
+.\"
+.\"     $OpenBSD: SSL_CTX_use_psk_identity_hint.3,v 1.1 2016/11/05 15:32:20 schwarze Exp $
+.\"
+.Dd $Mdocdate: November 5 2016 $
+.Dt SSL_CTX_USE_PSK_IDENTITY_HINT 3
+.Os
+.Sh NAME
+.Nm SSL_CTX_use_psk_identity_hint ,
+.Nm SSL_use_psk_identity_hint ,
+.Nm  SSL_CTX_set_psk_server_callback ,
+.Nm SSL_set_psk_server_callback
+.Nd set PSK identity hint to use
+.Sh SYNOPSIS
+.In openssl/ssl.h
+.Ft int
+.Fn SSL_CTX_use_psk_identity_hint "SSL_CTX *ctx" "const char *hint"
+.Ft int
+.Fn SSL_use_psk_identity_hint "SSL *ssl" "const char *hint"
+.Ft void
+.Fo SSL_CTX_set_psk_server_callback
+.Fa "SSL_CTX *ctx"
+.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len)"
+.Fc
+.Ft void
+.Fo SSL_set_psk_server_callback
+.Fa "SSL *ssl"
+.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len)"
+.Fc
+.Sh DESCRIPTION
+.Fn SSL_CTX_use_psk_identity_hint
+sets the given
+.Dv NULL Ns
+-terminated PSK identity hint
+.Fa hint
+to SSL context object
+.Fa ctx .
+.Fn SSL_use_psk_identity_hint
+sets the given
+.Dv NULL Ns
+-terminated
+PSK identity hint
+.Fa hint
+to SSL connection object
+.Fa ssl .
+If
+.Fa hint
+is
+.Dv NULL
+the current hint from
+.Fa ctx
+or
+.Fa ssl
+is deleted.
+.Pp
+In the case where PSK identity hint is
+.Dv NULL ,
+the server does not send the
+.Em ServerKeyExchange
+message to the client.
+.Pp
+A server application must provide a callback function which is called when the
+server receives the
+.Em ClientKeyExchange
+message from the client.
+The purpose of the callback function is to validate the received PSK identity
+and to fetch the pre-shared key used during the connection setup phase.
+The callback is set using functions
+.Fn SSL_CTX_set_psk_server_callback
+or
+.Fn SSL_set_psk_server_callback .
+The callback function is given the connection in parameter
+.Fa ssl ,
+.Dv NULL Ns
+-terminated PSK identity sent by the client in parameter
+.Fa identity ,
+and a buffer
+.Fa psk
+of length
+.Fa max_psk_len
+bytes where the pre-shared key is to be stored.
+.Sh RETURN VALUES
+.Fn SSL_CTX_use_psk_identity_hint
+and
+.Fn SSL_use_psk_identity_hint
+return 1 on success, 0 otherwise.
+.Pp
+Return values from the server callback are interpreted as follows:
+.Bl -tag -width Ds
+.It >0
+PSK identity was found and the server callback has provided the PSK
+successfully in parameter
+.Fa psk .
+Return value is the length of
+.Fa psk
+in bytes.
+It is an error to return a value greater than
+.Fa max_psk_len .
+.Pp
+If the PSK identity was not found but the callback instructs the protocol to
+continue anyway, the callback must provide some random data to
+.Fa psk
+and return the length of the random data, so the connection will fail with
+.Dq decryption_error
+before it will be finished completely.
+.It 0
+PSK identity was not found.
+An
+.Dq unknown_psk_identity
+alert message will be sent and the connection setup fails.
+.El
author	schwarze <>	2016-11-05 15:32:20 +0000
committer	schwarze <>	2016-11-05 15:32:20 +0000
commit	b3e8c428c609fc9c66690abb3d188c60b5d48bb1 (patch)
tree	1672f1234352c29443fcacb44e22f1b20f174d99 /src/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
parent	19bc742a20d4c505bc890d49e01c44192e9dbeff (diff)
download	openbsd-b3e8c428c609fc9c66690abb3d188c60b5d48bb1.tar.gz openbsd-b3e8c428c609fc9c66690abb3d188c60b5d48bb1.tar.bz2 openbsd-b3e8c428c609fc9c66690abb3d188c60b5d48bb1.zip

diff --git a/src/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3 b/src/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3 new file mode 100644 index 0000000000..7d5d6b1dfd --- /dev/null +++ b/src/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
@@ -0,0 +1,110 @@
	1	.\"
	2	.\" $OpenBSD: SSL_CTX_use_psk_identity_hint.3,v 1.1 2016/11/05 15:32:20 schwarze Exp $
	3	.\"
	4	.Dd $Mdocdate: November 5 2016 $
	5	.Dt SSL_CTX_USE_PSK_IDENTITY_HINT 3
	6	.Os
	7	.Sh NAME
	8	.Nm SSL_CTX_use_psk_identity_hint ,
	9	.Nm SSL_use_psk_identity_hint ,
	10	.Nm SSL_CTX_set_psk_server_callback ,
	11	.Nm SSL_set_psk_server_callback
	12	.Nd set PSK identity hint to use
	13	.Sh SYNOPSIS
	14	.In openssl/ssl.h
	15	.Ft int
	16	.Fn SSL_CTX_use_psk_identity_hint "SSL_CTX ctx" "const char hint"
	17	.Ft int
	18	.Fn SSL_use_psk_identity_hint "SSL ssl" "const char hint"
	19	.Ft void
	20	.Fo SSL_CTX_set_psk_server_callback
	21	.Fa "SSL_CTX *ctx"
	22	.Fa "unsigned int (callback)(SSL ssl, const char identity, unsigned char psk, int max_psk_len)"
	23	.Fc
	24	.Ft void
	25	.Fo SSL_set_psk_server_callback
	26	.Fa "SSL *ssl"
	27	.Fa "unsigned int (callback)(SSL ssl, const char identity, unsigned char psk, int max_psk_len)"
	28	.Fc
	29	.Sh DESCRIPTION
	30	.Fn SSL_CTX_use_psk_identity_hint
	31	sets the given
	32	.Dv NULL Ns
	33	-terminated PSK identity hint
	34	.Fa hint
	35	to SSL context object
	36	.Fa ctx .
	37	.Fn SSL_use_psk_identity_hint
	38	sets the given
	39	.Dv NULL Ns
	40	-terminated
	41	PSK identity hint
	42	.Fa hint
	43	to SSL connection object
	44	.Fa ssl .
	45	If
	46	.Fa hint
	47	is
	48	.Dv NULL
	49	the current hint from
	50	.Fa ctx
	51	or
	52	.Fa ssl
	53	is deleted.
	54	.Pp
	55	In the case where PSK identity hint is
	56	.Dv NULL ,
	57	the server does not send the
	58	.Em ServerKeyExchange
	59	message to the client.
	60	.Pp
	61	A server application must provide a callback function which is called when the
	62	server receives the
	63	.Em ClientKeyExchange
	64	message from the client.
	65	The purpose of the callback function is to validate the received PSK identity
	66	and to fetch the pre-shared key used during the connection setup phase.
	67	The callback is set using functions
	68	.Fn SSL_CTX_set_psk_server_callback
	69	or
	70	.Fn SSL_set_psk_server_callback .
	71	The callback function is given the connection in parameter
	72	.Fa ssl ,
	73	.Dv NULL Ns
	74	-terminated PSK identity sent by the client in parameter
	75	.Fa identity ,
	76	and a buffer
	77	.Fa psk
	78	of length
	79	.Fa max_psk_len
	80	bytes where the pre-shared key is to be stored.
	81	.Sh RETURN VALUES
	82	.Fn SSL_CTX_use_psk_identity_hint
	83	and
	84	.Fn SSL_use_psk_identity_hint
	85	return 1 on success, 0 otherwise.
	86	.Pp
	87	Return values from the server callback are interpreted as follows:
	88	.Bl -tag -width Ds
	89	.It >0
	90	PSK identity was found and the server callback has provided the PSK
	91	successfully in parameter
	92	.Fa psk .
	93	Return value is the length of
	94	.Fa psk
	95	in bytes.
	96	It is an error to return a value greater than
	97	.Fa max_psk_len .
	98	.Pp
	99	If the PSK identity was not found but the callback instructs the protocol to
	100	continue anyway, the callback must provide some random data to
	101	.Fa psk
	102	and return the length of the random data, so the connection will fail with
	103	.Dq decryption_error
	104	before it will be finished completely.
	105	.It 0
	106	PSK identity was not found.
	107	An
	108	.Dq unknown_psk_identity
	109	alert message will be sent and the connection setup fails.
	110	.El