Replace all of the text by a deprecation notice:

LibreSSL was decompressed long ago. Mention SSL_COMP_get_compression_methods(3) which is both available in our public interface and documented by OpenSSL.
author: schwarze <> 2016-11-29 19:52:17 +0000
committer: schwarze <> 2016-11-29 19:52:17 +0000
commit: 9af7f1423667b1317a78965fbc306c42677c2345 (patch)
tree: da166adcc57506205b662c95986a1a36f2a28496 /src/lib
parent: 60290a186f3d3268aa2f60c3c42b3793db09edad (diff)
download: openbsd-9af7f1423667b1317a78965fbc306c42677c2345.tar.gz
openbsd-9af7f1423667b1317a78965fbc306c42677c2345.tar.bz2
openbsd-9af7f1423667b1317a78965fbc306c42677c2345.zip
1 files changed, 29 insertions, 49 deletions
diff --git a/src/lib/libssl/man/SSL_COMP_add_compression_method.3 b/src/lib/libssl/man/SSL_COMP_add_compression_method.3
index 957b2e8bed..dc47f4e1e9 100644
--- a/src/lib/libssl/man/SSL_COMP_add_compression_method.3
+++ b/src/lib/libssl/man/SSL_COMP_add_compression_method.3
@@ -1,68 +1,48 @@
+.\"     $OpenBSD: SSL_COMP_add_compression_method.3,v 1.2 2016/11/29 19:52:17 schwarze Exp $
 .\"
-.\"     $OpenBSD: SSL_COMP_add_compression_method.3,v 1.1 2016/11/05 15:32:19 schwarze Exp $
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
 .\"
-.Dd $Mdocdate: November 5 2016 $
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: November 29 2016 $
 .Dt SSL_COMP_ADD_COMPRESSION_METHOD 3
 .Os
 .Sh NAME
-.Nm SSL_COMP_add_compression_method
+.Nm SSL_COMP_add_compression_method ,
+.Nm SSL_COMP_get_compression_methods
 .Nd handle SSL/TLS integrated compression methods
 .Sh SYNOPSIS
 .In openssl/ssl.h
 .Ft int
 .Fn SSL_COMP_add_compression_method "int id" "COMP_METHOD *cm"
+.Ft STACK_OF(SSL_COMP) *
+.Fn SSL_COMP_get_compression_methods void
 .Sh DESCRIPTION
+These functions are deprecated and have no effect.
+They are provided purely for compatibility with legacy application code.
+.Pp
 .Fn SSL_COMP_add_compression_method
-adds the compression method
+used to add the compression method
 .Fa cm
 with the identifier
 .Fa id
 to the list of available compression methods.
-This list is globally maintained for all SSL operations within this application.
-It cannot be set for specific SSL_CTX or SSL objects.
-.Sh NOTES
-The TLS standard (or SSLv3) allows the integration of compression methods
-into the communication.
-The TLS RFC does however not specify compression methods or their corresponding
-identifiers, so there is currently no compatible way to integrate compression
-with unknown peers.
-It is therefore currently not recommended to integrate compression into
-applications.
-Applications for non-public use may agree on certain compression methods.
-Using different compression methods with the same identifier will lead to
-connection failure.
-.Pp
-An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1)
-will unconditionally send the list of all compression methods enabled with
-.Fn SSL_COMP_add_compression_method
-to the server during the handshake.
-Unlike the mechanisms to set a cipher list, there is no method available to
-restrict the list of compression method on a per connection basis.
-.Pp
-An OpenSSL server will match the identifiers listed by a client against
-its own compression methods and will unconditionally activate compression
-when a matching identifier is found.
-There is no way to restrict the list of compression methods supported on a per
-connection basis.
 .Pp
-The OpenSSL library has the compression methods
+.Fn SSL_COMP_get_compression_methods
-.Fn COMP_rle
+used to return a stack of available compression methods.
-and (when especially enabled during compilation)
-.Fn COMP_zlib
-available.
-.Sh WARNINGS
-Once the identities of the compression methods for the TLS protocol have
-been standardized, the compression API will most likely be changed.
-Using it in the current state is not recommended.
 .Sh RETURN VALUES
 .Fn SSL_COMP_add_compression_method
-may return the following values:
+always returns 1.
-.Bl -tag -width Ds
+.Fn SSL_COMP_get_compression_methods
-.It 0
+always returns
-The operation succeeded.
+.Dv NULL .
-.It 1
-The operation failed.
-Check the error queue to find out the reason.
-.El
-.Sh SEE ALSO
-.Xr ssl 3
author	schwarze <>	2016-11-29 19:52:17 +0000
committer	schwarze <>	2016-11-29 19:52:17 +0000
commit	9af7f1423667b1317a78965fbc306c42677c2345 (patch)
tree	da166adcc57506205b662c95986a1a36f2a28496 /src/lib
parent	60290a186f3d3268aa2f60c3c42b3793db09edad (diff)
download	openbsd-9af7f1423667b1317a78965fbc306c42677c2345.tar.gz openbsd-9af7f1423667b1317a78965fbc306c42677c2345.tar.bz2 openbsd-9af7f1423667b1317a78965fbc306c42677c2345.zip

diff --git a/src/lib/libssl/man/SSL_COMP_add_compression_method.3 b/src/lib/libssl/man/SSL_COMP_add_compression_method.3 index 957b2e8bed..dc47f4e1e9 100644 --- a/src/lib/libssl/man/SSL_COMP_add_compression_method.3 +++ b/src/lib/libssl/man/SSL_COMP_add_compression_method.3
@@ -1,68 +1,48 @@
		1	.\" $OpenBSD: SSL_COMP_add_compression_method.3,v 1.2 2016/11/29 19:52:17 schwarze Exp $
1	.\"	2	.\"
2	.\" $OpenBSD: SSL_COMP_add_compression_method.3,v 1.1 2016/11/05 15:32:19 schwarze Exp $	3	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
3	.\"	4	.\"
4	.Dd $Mdocdate: November 5 2016 $	5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: November 29 2016 $
5	.Dt SSL_COMP_ADD_COMPRESSION_METHOD 3	18	.Dt SSL_COMP_ADD_COMPRESSION_METHOD 3
6	.Os	19	.Os
7	.Sh NAME	20	.Sh NAME
8	.Nm SSL_COMP_add_compression_method	21	.Nm SSL_COMP_add_compression_method ,
		22	.Nm SSL_COMP_get_compression_methods
9	.Nd handle SSL/TLS integrated compression methods	23	.Nd handle SSL/TLS integrated compression methods
10	.Sh SYNOPSIS	24	.Sh SYNOPSIS
11	.In openssl/ssl.h	25	.In openssl/ssl.h
12	.Ft int	26	.Ft int
13	.Fn SSL_COMP_add_compression_method "int id" "COMP_METHOD *cm"	27	.Fn SSL_COMP_add_compression_method "int id" "COMP_METHOD *cm"
		28	.Ft STACK_OF(SSL_COMP) *
		29	.Fn SSL_COMP_get_compression_methods void
14	.Sh DESCRIPTION	30	.Sh DESCRIPTION
		31	These functions are deprecated and have no effect.
		32	They are provided purely for compatibility with legacy application code.
		33	.Pp
15	.Fn SSL_COMP_add_compression_method	34	.Fn SSL_COMP_add_compression_method
16	adds the compression method	35	used to add the compression method
17	.Fa cm	36	.Fa cm
18	with the identifier	37	with the identifier
19	.Fa id	38	.Fa id
20	to the list of available compression methods.	39	to the list of available compression methods.
21	This list is globally maintained for all SSL operations within this application.
22	It cannot be set for specific SSL_CTX or SSL objects.
23	.Sh NOTES
24	The TLS standard (or SSLv3) allows the integration of compression methods
25	into the communication.
26	The TLS RFC does however not specify compression methods or their corresponding
27	identifiers, so there is currently no compatible way to integrate compression
28	with unknown peers.
29	It is therefore currently not recommended to integrate compression into
30	applications.
31	Applications for non-public use may agree on certain compression methods.
32	Using different compression methods with the same identifier will lead to
33	connection failure.
34	.Pp
35	An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1)
36	will unconditionally send the list of all compression methods enabled with
37	.Fn SSL_COMP_add_compression_method
38	to the server during the handshake.
39	Unlike the mechanisms to set a cipher list, there is no method available to
40	restrict the list of compression method on a per connection basis.
41	.Pp
42	An OpenSSL server will match the identifiers listed by a client against
43	its own compression methods and will unconditionally activate compression
44	when a matching identifier is found.
45	There is no way to restrict the list of compression methods supported on a per
46	connection basis.
47	.Pp	40	.Pp
48	The OpenSSL library has the compression methods	41	.Fn SSL_COMP_get_compression_methods
49	.Fn COMP_rle	42	used to return a stack of available compression methods.
50	and (when especially enabled during compilation)
51	.Fn COMP_zlib
52	available.
53	.Sh WARNINGS
54	Once the identities of the compression methods for the TLS protocol have
55	been standardized, the compression API will most likely be changed.
56	Using it in the current state is not recommended.
57	.Sh RETURN VALUES	43	.Sh RETURN VALUES
58	.Fn SSL_COMP_add_compression_method	44	.Fn SSL_COMP_add_compression_method
59	may return the following values:	45	always returns 1.
60	.Bl -tag -width Ds	46	.Fn SSL_COMP_get_compression_methods
61	.It 0	47	always returns
62	The operation succeeded.	48	.Dv NULL .
63	.It 1
64	The operation failed.
65	Check the error queue to find out the reason.
66	.El
67	.Sh SEE ALSO
68	.Xr ssl 3