comment out the detailed description of SSL_get_servername(3),

leaving only the basic description in the RETURN VALUES section; tb@ pointed out LibreSSL does not currently provide all those guarantees, and he also OK'ed this diff
author: schwarze <> 2021-09-01 13:56:03 +0000
committer: schwarze <> 2021-09-01 13:56:03 +0000
commit: 62a814025d59b12d1b9b04c942d82a47df87c81c (patch)
tree: 87ac443aaeaeb48d8f67bdae7200196837708e81 /src/lib
parent: 8bad097309e1d94fa7fcf4124f2edaec6bc7c459 (diff)
download: openbsd-62a814025d59b12d1b9b04c942d82a47df87c81c.tar.gz
openbsd-62a814025d59b12d1b9b04c942d82a47df87c81c.tar.bz2
openbsd-62a814025d59b12d1b9b04c942d82a47df87c81c.zip
1 files changed, 9 insertions, 7 deletions
diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
index d3cb5bc723..2b54406de8 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: SSL_CTX_set_tlsext_servername_callback.3,v 1.5 2021/08/30 18:18:16 schwarze Exp $
+.\" $OpenBSD: SSL_CTX_set_tlsext_servername_callback.3,v 1.6 2021/09/01 13:56:03 schwarze Exp $
 .\" full merge up to: OpenSSL 190b9a03 Jun 28 15:46:13 2017 +0800
 .\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200
 .\"
@@ -51,7 +51,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 30 2021 $
+.Dd $Mdocdate: September 1 2021 $
 .Dt SSL_CTX_SET_TLSEXT_SERVERNAME_CALLBACK 3
 .Os
 .Sh NAME
@@ -93,6 +93,7 @@ sets the application callback
 .Fa cb
 used by a server to perform any actions or configuration required based
 on the servername extension received in the incoming connection.
+Like the ALPN callback, it is executed during Client Hello processing.
 When
 .Fa cb
 is
@@ -140,6 +141,11 @@ sets a context-specific argument to be passed into the callback via the
 .Fa arg
 parameter for
 .Fa ctx .
+.ig end_of_get_servername_details
+.\" I would suggest to comment out that second wall text of dubious
+.\" usefulness and see if we can meet all these documented API
+.\" requirements in the future or decide that it's not worth the
+.\" effort.  -- tb@ Aug 30, 2021
 .Pp
 The behaviour of
 .Fn SSL_get_servername
@@ -196,6 +202,7 @@ Note that the early callback occurs before a servername extension
 from the client is processed.
 The servername, certificate and ALPN callbacks occur
 after a servername extension from the client is processed.
+.end_of_get_servername_details
 .Pp
 .Fn SSL_set_tlsext_host_name
 sets the server name indication ClientHello extension
@@ -211,11 +218,6 @@ extension is set to
 as defined in RFC 3546.
 .Pp
 All three functions are implemented as macros.
-.Pp
-The ALPN and SNI callbacks are both executed during Client Hello
-processing.
-The servername callback is executed first, followed by the ALPN
-callback.
 .Sh RETURN VALUES
 .Fn SSL_CTX_set_tlsext_servername_callback
 and
author	schwarze <>	2021-09-01 13:56:03 +0000
committer	schwarze <>	2021-09-01 13:56:03 +0000
commit	62a814025d59b12d1b9b04c942d82a47df87c81c (patch)
tree	87ac443aaeaeb48d8f67bdae7200196837708e81 /src/lib
parent	8bad097309e1d94fa7fcf4124f2edaec6bc7c459 (diff)
download	openbsd-62a814025d59b12d1b9b04c942d82a47df87c81c.tar.gz openbsd-62a814025d59b12d1b9b04c942d82a47df87c81c.tar.bz2 openbsd-62a814025d59b12d1b9b04c942d82a47df87c81c.zip

diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3 index d3cb5bc723..2b54406de8 100644 --- a/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3 +++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_CTX_set_tlsext_servername_callback.3,v 1.5 2021/08/30 18:18:16 schwarze Exp $	1	.\" $OpenBSD: SSL_CTX_set_tlsext_servername_callback.3,v 1.6 2021/09/01 13:56:03 schwarze Exp $
2	.\" full merge up to: OpenSSL 190b9a03 Jun 28 15:46:13 2017 +0800	2	.\" full merge up to: OpenSSL 190b9a03 Jun 28 15:46:13 2017 +0800
3	.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200	3	.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200
4	.\"	4	.\"
@@ -51,7 +51,7 @@
51	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	51	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	52	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
53	.\"	53	.\"
54	.Dd $Mdocdate: August 30 2021 $	54	.Dd $Mdocdate: September 1 2021 $
55	.Dt SSL_CTX_SET_TLSEXT_SERVERNAME_CALLBACK 3	55	.Dt SSL_CTX_SET_TLSEXT_SERVERNAME_CALLBACK 3
56	.Os	56	.Os
57	.Sh NAME	57	.Sh NAME
@@ -93,6 +93,7 @@ sets the application callback
93	.Fa cb	93	.Fa cb
94	used by a server to perform any actions or configuration required based	94	used by a server to perform any actions or configuration required based
95	on the servername extension received in the incoming connection.	95	on the servername extension received in the incoming connection.
		96	Like the ALPN callback, it is executed during Client Hello processing.
96	When	97	When
97	.Fa cb	98	.Fa cb
98	is	99	is
@@ -140,6 +141,11 @@ sets a context-specific argument to be passed into the callback via the
140	.Fa arg	141	.Fa arg
141	parameter for	142	parameter for
142	.Fa ctx .	143	.Fa ctx .
		144	.ig end_of_get_servername_details
		145	.\" I would suggest to comment out that second wall text of dubious
		146	.\" usefulness and see if we can meet all these documented API
		147	.\" requirements in the future or decide that it's not worth the
		148	.\" effort. -- tb@ Aug 30, 2021
143	.Pp	149	.Pp
144	The behaviour of	150	The behaviour of
145	.Fn SSL_get_servername	151	.Fn SSL_get_servername
@@ -196,6 +202,7 @@ Note that the early callback occurs before a servername extension
196	from the client is processed.	202	from the client is processed.
197	The servername, certificate and ALPN callbacks occur	203	The servername, certificate and ALPN callbacks occur
198	after a servername extension from the client is processed.	204	after a servername extension from the client is processed.
		205	.end_of_get_servername_details
199	.Pp	206	.Pp
200	.Fn SSL_set_tlsext_host_name	207	.Fn SSL_set_tlsext_host_name
201	sets the server name indication ClientHello extension	208	sets the server name indication ClientHello extension
@@ -211,11 +218,6 @@ extension is set to
211	as defined in RFC 3546.	218	as defined in RFC 3546.
212	.Pp	219	.Pp
213	All three functions are implemented as macros.	220	All three functions are implemented as macros.
214	.Pp
215	The ALPN and SNI callbacks are both executed during Client Hello
216	processing.
217	The servername callback is executed first, followed by the ALPN
218	callback.
219	.Sh RETURN VALUES	221	.Sh RETURN VALUES
220	.Fn SSL_CTX_set_tlsext_servername_callback	222	.Fn SSL_CTX_set_tlsext_servername_callback
221	and	223	and