Add Copyright and license.

Stop talking about export ciphers. Remove two irrelevant cross references.
author: schwarze <> 2016-11-30 17:25:20 +0000
committer: schwarze <> 2016-11-30 17:25:20 +0000
commit: 0c6c2d33d1f566a300b0c4e1fc959d7cb666c9f0 (patch)
tree: 8c841b5f6f08bfcc9837ab30e1253d81178a87ef /src/lib
parent: f863ed1b542198d36b7bd42580e1e1bafb7f100e (diff)
download: openbsd-0c6c2d33d1f566a300b0c4e1fc959d7cb666c9f0.tar.gz
openbsd-0c6c2d33d1f566a300b0c4e1fc959d7cb666c9f0.tar.bz2
openbsd-0c6c2d33d1f566a300b0c4e1fc959d7cb666c9f0.zip
1 files changed, 51 insertions, 10 deletions
diff --git a/src/lib/libssl/man/SSL_CTX_set_cipher_list.3 b/src/lib/libssl/man/SSL_CTX_set_cipher_list.3
index 7fb094a3b1..1f12fa3296 100644
--- a/src/lib/libssl/man/SSL_CTX_set_cipher_list.3
+++ b/src/lib/libssl/man/SSL_CTX_set_cipher_list.3
@@ -1,7 +1,54 @@
+.\"     $OpenBSD: SSL_CTX_set_cipher_list.3,v 1.2 2016/11/30 17:25:20 schwarze Exp $
+.\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
-.\"     $OpenBSD: SSL_CTX_set_cipher_list.3,v 1.1 2016/11/05 15:32:19 schwarze Exp $
+.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
+.\" Copyright (c) 2000, 2001, 2013 The OpenSSL Project.  All rights reserved.
 .\"
-.Dd $Mdocdate: November 5 2016 $
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: November 30 2016 $
 .Dt SSL_CTX_SET_CIPHER_LIST 3
 .Os
 .Sh NAME
@@ -31,7 +78,7 @@ objects created from
 .Fn SSL_set_cipher_list
 sets the list of ciphers only for
 .Fa ssl .
-.Sh NOTES
+.Pp
 The control string
 .Fa str
 should be universally usable and not depend on details of the library
@@ -50,11 +97,7 @@ ADH ciphers don't need a certificate, but DH-parameters must have been set.
 All other ciphers need a corresponding certificate and key.
 .Pp
 A RSA cipher can only be chosen when a RSA certificate is available.
-RSA export ciphers with a keylength of 512 bits for the RSA key require a
+RSA ciphers using DHE need a certificate and key and additional DH-parameters
-temporary 512 bit RSA key, as typically the supplied key has a length of 1024
-bits (see
-.Xr SSL_CTX_set_tmp_rsa_callback 3 ) .
-RSA ciphers using EDH need a certificate and key and additional DH-parameters
 (see
 .Xr SSL_CTX_set_tmp_dh_callback 3 ) .
 .Pp
@@ -74,9 +117,7 @@ and
 .Fn SSL_set_cipher_list
 return 1 if any cipher could be selected and 0 on complete failure.
 .Sh SEE ALSO
-.Xr ciphers 1 ,
 .Xr ssl 3 ,
 .Xr SSL_CTX_set_tmp_dh_callback 3 ,
-.Xr SSL_CTX_set_tmp_rsa_callback 3 ,
 .Xr SSL_CTX_use_certificate 3 ,
 .Xr SSL_get_ciphers 3
author	schwarze <>	2016-11-30 17:25:20 +0000
committer	schwarze <>	2016-11-30 17:25:20 +0000
commit	0c6c2d33d1f566a300b0c4e1fc959d7cb666c9f0 (patch)
tree	8c841b5f6f08bfcc9837ab30e1253d81178a87ef /src/lib
parent	f863ed1b542198d36b7bd42580e1e1bafb7f100e (diff)
download	openbsd-0c6c2d33d1f566a300b0c4e1fc959d7cb666c9f0.tar.gz openbsd-0c6c2d33d1f566a300b0c4e1fc959d7cb666c9f0.tar.bz2 openbsd-0c6c2d33d1f566a300b0c4e1fc959d7cb666c9f0.zip

diff --git a/src/lib/libssl/man/SSL_CTX_set_cipher_list.3 b/src/lib/libssl/man/SSL_CTX_set_cipher_list.3 index 7fb094a3b1..1f12fa3296 100644 --- a/src/lib/libssl/man/SSL_CTX_set_cipher_list.3 +++ b/src/lib/libssl/man/SSL_CTX_set_cipher_list.3
@@ -1,7 +1,54 @@
		1	.\" $OpenBSD: SSL_CTX_set_cipher_list.3,v 1.2 2016/11/30 17:25:20 schwarze Exp $
		2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
1	.\"	3	.\"
2	.\" $OpenBSD: SSL_CTX_set_cipher_list.3,v 1.1 2016/11/05 15:32:19 schwarze Exp $	4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
		5	.\" Copyright (c) 2000, 2001, 2013 The OpenSSL Project. All rights reserved.
3	.\"	6	.\"
4	.Dd $Mdocdate: November 5 2016 $	7	.\" Redistribution and use in source and binary forms, with or without
		8	.\" modification, are permitted provided that the following conditions
		9	.\" are met:
		10	.\"
		11	.\" 1. Redistributions of source code must retain the above copyright
		12	.\" notice, this list of conditions and the following disclaimer.
		13	.\"
		14	.\" 2. Redistributions in binary form must reproduce the above copyright
		15	.\" notice, this list of conditions and the following disclaimer in
		16	.\" the documentation and/or other materials provided with the
		17	.\" distribution.
		18	.\"
		19	.\" 3. All advertising materials mentioning features or use of this
		20	.\" software must display the following acknowledgment:
		21	.\" "This product includes software developed by the OpenSSL Project
		22	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
		23	.\"
		24	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
		25	.\" endorse or promote products derived from this software without
		26	.\" prior written permission. For written permission, please contact
		27	.\" openssl-core@openssl.org.
		28	.\"
		29	.\" 5. Products derived from this software may not be called "OpenSSL"
		30	.\" nor may "OpenSSL" appear in their names without prior written
		31	.\" permission of the OpenSSL Project.
		32	.\"
		33	.\" 6. Redistributions of any form whatsoever must retain the following
		34	.\" acknowledgment:
		35	.\" "This product includes software developed by the OpenSSL Project
		36	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
		37	.\"
		38	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
		39	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
		40	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
		41	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
		42	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
		43	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
		44	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
		45	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
		46	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
		47	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
		48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
		49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
		50	.\"
		51	.Dd $Mdocdate: November 30 2016 $
5	.Dt SSL_CTX_SET_CIPHER_LIST 3	52	.Dt SSL_CTX_SET_CIPHER_LIST 3
6	.Os	53	.Os
7	.Sh NAME	54	.Sh NAME
@@ -31,7 +78,7 @@ objects created from
31	.Fn SSL_set_cipher_list	78	.Fn SSL_set_cipher_list
32	sets the list of ciphers only for	79	sets the list of ciphers only for
33	.Fa ssl .	80	.Fa ssl .
34	.Sh NOTES	81	.Pp
35	The control string	82	The control string
36	.Fa str	83	.Fa str
37	should be universally usable and not depend on details of the library	84	should be universally usable and not depend on details of the library
@@ -50,11 +97,7 @@ ADH ciphers don't need a certificate, but DH-parameters must have been set.
50	All other ciphers need a corresponding certificate and key.	97	All other ciphers need a corresponding certificate and key.
51	.Pp	98	.Pp
52	A RSA cipher can only be chosen when a RSA certificate is available.	99	A RSA cipher can only be chosen when a RSA certificate is available.
53	RSA export ciphers with a keylength of 512 bits for the RSA key require a	100	RSA ciphers using DHE need a certificate and key and additional DH-parameters
54	temporary 512 bit RSA key, as typically the supplied key has a length of 1024
55	bits (see
56	.Xr SSL_CTX_set_tmp_rsa_callback 3 ) .
57	RSA ciphers using EDH need a certificate and key and additional DH-parameters
58	(see	101	(see
59	.Xr SSL_CTX_set_tmp_dh_callback 3 ) .	102	.Xr SSL_CTX_set_tmp_dh_callback 3 ) .
60	.Pp	103	.Pp
@@ -74,9 +117,7 @@ and
74	.Fn SSL_set_cipher_list	117	.Fn SSL_set_cipher_list
75	return 1 if any cipher could be selected and 0 on complete failure.	118	return 1 if any cipher could be selected and 0 on complete failure.
76	.Sh SEE ALSO	119	.Sh SEE ALSO
77	.Xr ciphers 1 ,
78	.Xr ssl 3 ,	120	.Xr ssl 3 ,
79	.Xr SSL_CTX_set_tmp_dh_callback 3 ,	121	.Xr SSL_CTX_set_tmp_dh_callback 3 ,
80	.Xr SSL_CTX_set_tmp_rsa_callback 3 ,
81	.Xr SSL_CTX_use_certificate 3 ,	122	.Xr SSL_CTX_use_certificate 3 ,
82	.Xr SSL_get_ciphers 3	123	.Xr SSL_get_ciphers 3