diff options
| author | tb <> | 2024-06-28 14:48:43 +0000 |
|---|---|---|
| committer | tb <> | 2024-06-28 14:48:43 +0000 |
| commit | 8c0ad147db50e98dd6a31a0108ff71cd5e6ec0e5 (patch) | |
| tree | 7a6467499489d699b8bfcd328e2617d909f61709 /src | |
| parent | e20d7daba569b993a10276f67b13602015592757 (diff) | |
| download | openbsd-8c0ad147db50e98dd6a31a0108ff71cd5e6ec0e5.tar.gz openbsd-8c0ad147db50e98dd6a31a0108ff71cd5e6ec0e5.tar.bz2 openbsd-8c0ad147db50e98dd6a31a0108ff71cd5e6ec0e5.zip | |
The ALPN callback should really ignore the out parameter if there's
no overlap. Document that explicitly. Also make it more explicit that
that the caller must work with a copy of out.
ok jsing
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 index 683b6696e3..5f8da325bb 100644 --- a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 +++ b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.8 2021/09/10 09:25:29 tb Exp $ | 1 | .\" $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.9 2024/06/28 14:48:43 tb Exp $ |
| 2 | .\" OpenSSL 87b81496 Apr 19 12:38:27 2017 -0400 | 2 | .\" OpenSSL 87b81496 Apr 19 12:38:27 2017 -0400 |
| 3 | .\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 | 3 | .\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 |
| 4 | .\" | 4 | .\" |
| @@ -49,7 +49,7 @@ | |||
| 49 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 49 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 50 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 50 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
| 51 | .\" | 51 | .\" |
| 52 | .Dd $Mdocdate: September 10 2021 $ | 52 | .Dd $Mdocdate: June 28 2024 $ |
| 53 | .Dt SSL_CTX_SET_ALPN_SELECT_CB 3 | 53 | .Dt SSL_CTX_SET_ALPN_SELECT_CB 3 |
| 54 | .Os | 54 | .Os |
| 55 | .Sh NAME | 55 | .Sh NAME |
| @@ -153,6 +153,15 @@ It implements the standard protocol selection. | |||
| 153 | It is expected that this function is called from the application | 153 | It is expected that this function is called from the application |
| 154 | callback | 154 | callback |
| 155 | .Fa cb . | 155 | .Fa cb . |
| 156 | If | ||
| 157 | .Fn SSL_select_next_proto | ||
| 158 | returns | ||
| 159 | .Dv OPENSSL_NPN_NO_OVERLAP , | ||
| 160 | .Fa cb | ||
| 161 | should ignore | ||
| 162 | .Fa out | ||
| 163 | and fail by returning | ||
| 164 | .Dv SSL_TLSEXT_ERR_ALERT_FATAL . | ||
| 156 | The protocol data in | 165 | The protocol data in |
| 157 | .Fa server , | 166 | .Fa server , |
| 158 | .Fa server_len | 167 | .Fa server_len |
| @@ -175,7 +184,8 @@ value will point into either | |||
| 175 | .Fa server | 184 | .Fa server |
| 176 | or | 185 | or |
| 177 | .Fa client , | 186 | .Fa client , |
| 178 | so it should be copied immediately. | 187 | so it must not be modified and |
| 188 | should be copied immediately. | ||
| 179 | If no match is found, the first item in | 189 | If no match is found, the first item in |
| 180 | .Fa client , | 190 | .Fa client , |
| 181 | .Fa client_len | 191 | .Fa client_len |