1 files changed, 2 insertions, 106 deletions
diff --git a/src/lib/libcrypto/man/openssl.cnf.5 b/src/lib/libcrypto/man/openssl.cnf.5
index eda4829ab6..05295cbbaf 100644
--- a/src/lib/libcrypto/man/openssl.cnf.5
+++ b/src/lib/libcrypto/man/openssl.cnf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: openssl.cnf.5,v 1.9 2023/10/21 14:05:49 tb Exp $
+.\" $OpenBSD: openssl.cnf.5,v 1.10 2023/11/19 10:23:53 tb Exp $
 .\" full merge up to: OpenSSL man5/config b53338cb Feb 28 12:30:28 2017 +0100
 .\" selective merge up to: OpenSSL a8c5ed81 Jul 18 13:57:25 2017 -0400
 .\"
@@ -50,7 +50,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: October 21 2023 $
+.Dd $Mdocdate: November 19 2023 $
 .Dt OPENSSL.CNF 5
 .Os
 .Sh NAME
@@ -192,13 +192,9 @@ openssl_conf = openssl_init
 [openssl_init]
 oid_section = new_oids
-engines = engine_section
 [new_oids]
 \&... new oids here ...
-[engine_section]
-\&... engine stuff here ...
 .Ed
 .Pp
 The features of each configuration module are described below.
@@ -228,106 +224,6 @@ comma and the numerical OID form.
 For example:
 .Pp
 .Dl shortName = some object long name, 1.2.3.4
-.Ss Engine Configuration Module
-This ENGINE configuration module has the name
-.Ic engines .
-The value of this variable points to a section containing further ENGINE
-configuration information.
-.Pp
-The section pointed to by
-.Ic engines
-is a table of engine names (though see
-.Ic engine_id
-below) and further sections containing configuration information
-specific to each ENGINE.
-.Pp
-Each ENGINE specific section is used to set default algorithms, load
-dynamic ENGINEs, perform initialization and send ctrls.
-The actual operation performed depends on the command
-name which is the name of the name value pair.
-The currently supported commands are listed below.
-.Pp
-For example:
-.Bd -literal -offset indent
-[engine_section]
-# Configure ENGINE named "foo"
-foo = foo_section
-# Configure ENGINE named "bar"
-bar = bar_section
-[foo_section]
-\&... foo ENGINE specific commands ...
-[bar_section]
-\&... "bar" ENGINE specific commands ...
-.Ed
-.Pp
-The command
-.Ic engine_id
-is used to give the ENGINE name.
-If used, this command must be first.
-For example:
-.Bd -literal -offset indent
-[engine_section]
-# This would normally handle an ENGINE named "foo"
-foo = foo_section
-[foo_section]
-# Override default name and use "myfoo" instead.
-engine_id = myfoo
-.Ed
-.Pp
-The command
-.Ic dynamic_path
-loads and adds an ENGINE from the given path.
-It is equivalent to sending the ctrls
-.Sy SO_PATH
-with the path argument followed by
-.Sy LIST_ADD
-with value 2 and
-.Sy LOAD
-to the dynamic ENGINE.
-If this is not the required behaviour then alternative ctrls can be sent
-directly to the dynamic ENGINE using ctrl commands.
-.Pp
-The command
-.Ic init
-determines whether to initialize the ENGINE.
-If the value is 0, the ENGINE will not be initialized.
-If it is 1, an attempt is made to initialized the ENGINE immediately.
-If the
-.Ic init
-command is not present, then an attempt will be made to initialize
-the ENGINE after all commands in its section have been processed.
-.Pp
-The command
-.Ic default_algorithms
-sets the default algorithms an ENGINE will supply using the functions
-.Xr ENGINE_set_default_string 3 .
-.Pp
-If the name matches none of the above command names, it is assumed
-to be a ctrl command which is sent to the ENGINE.
-The value of the command is the argument to the ctrl command.
-If the value is the string
-.Cm EMPTY ,
-then no value is sent to the command.
-.Pp
-For example:
-.Bd -literal -offset indent
-[engine_section]
-# Configure ENGINE named "foo"
-foo = foo_section
-[foo_section]
-# Load engine from DSO
-dynamic_path = /some/path/fooengine.so
-# A foo specific ctrl.
-some_ctrl = some_value
-# Another ctrl that doesn't take a value.
-other_ctrl = EMPTY
-# Supply all default algorithms
-default_algorithms = ALL
-.Ed
 .Sh FILES
 .Bl -tag -width /etc/ssl/openssl.cnf -compact
 .It Pa /etc/ssl/openssl.cnf

diff --git a/src/lib/libcrypto/man/openssl.cnf.5 b/src/lib/libcrypto/man/openssl.cnf.5 index eda4829ab6..05295cbbaf 100644 --- a/src/lib/libcrypto/man/openssl.cnf.5 +++ b/src/lib/libcrypto/man/openssl.cnf.5
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: openssl.cnf.5,v 1.9 2023/10/21 14:05:49 tb Exp $	1	.\" $OpenBSD: openssl.cnf.5,v 1.10 2023/11/19 10:23:53 tb Exp $
2	.\" full merge up to: OpenSSL man5/config b53338cb Feb 28 12:30:28 2017 +0100	2	.\" full merge up to: OpenSSL man5/config b53338cb Feb 28 12:30:28 2017 +0100
3	.\" selective merge up to: OpenSSL a8c5ed81 Jul 18 13:57:25 2017 -0400	3	.\" selective merge up to: OpenSSL a8c5ed81 Jul 18 13:57:25 2017 -0400
4	.\"	4	.\"
@@ -50,7 +50,7 @@
50	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	50	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	51	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52	.\"	52	.\"
53	.Dd $Mdocdate: October 21 2023 $	53	.Dd $Mdocdate: November 19 2023 $
54	.Dt OPENSSL.CNF 5	54	.Dt OPENSSL.CNF 5
55	.Os	55	.Os
56	.Sh NAME	56	.Sh NAME
@@ -192,13 +192,9 @@ openssl_conf = openssl_init
192		192
193	[openssl_init]	193	[openssl_init]
194	oid_section = new_oids	194	oid_section = new_oids
195	engines = engine_section
196		195
197	[new_oids]	196	[new_oids]
198	\&... new oids here ...	197	\&... new oids here ...
199
200	[engine_section]
201	\&... engine stuff here ...
202	.Ed	198	.Ed
203	.Pp	199	.Pp
204	The features of each configuration module are described below.	200	The features of each configuration module are described below.
@@ -228,106 +224,6 @@ comma and the numerical OID form.
228	For example:	224	For example:
229	.Pp	225	.Pp
230	.Dl shortName = some object long name, 1.2.3.4	226	.Dl shortName = some object long name, 1.2.3.4
231	.Ss Engine Configuration Module
232	This ENGINE configuration module has the name
233	.Ic engines .
234	The value of this variable points to a section containing further ENGINE
235	configuration information.
236	.Pp
237	The section pointed to by
238	.Ic engines
239	is a table of engine names (though see
240	.Ic engine_id
241	below) and further sections containing configuration information
242	specific to each ENGINE.
243	.Pp
244	Each ENGINE specific section is used to set default algorithms, load
245	dynamic ENGINEs, perform initialization and send ctrls.
246	The actual operation performed depends on the command
247	name which is the name of the name value pair.
248	The currently supported commands are listed below.
249	.Pp
250	For example:
251	.Bd -literal -offset indent
252	[engine_section]
253	# Configure ENGINE named "foo"
254	foo = foo_section
255	# Configure ENGINE named "bar"
256	bar = bar_section
257
258	[foo_section]
259	\&... foo ENGINE specific commands ...
260
261	[bar_section]
262	\&... "bar" ENGINE specific commands ...
263	.Ed
264	.Pp
265	The command
266	.Ic engine_id
267	is used to give the ENGINE name.
268	If used, this command must be first.
269	For example:
270	.Bd -literal -offset indent
271	[engine_section]
272	# This would normally handle an ENGINE named "foo"
273	foo = foo_section
274
275	[foo_section]
276	# Override default name and use "myfoo" instead.
277	engine_id = myfoo
278	.Ed
279	.Pp
280	The command
281	.Ic dynamic_path
282	loads and adds an ENGINE from the given path.
283	It is equivalent to sending the ctrls
284	.Sy SO_PATH
285	with the path argument followed by
286	.Sy LIST_ADD
287	with value 2 and
288	.Sy LOAD
289	to the dynamic ENGINE.
290	If this is not the required behaviour then alternative ctrls can be sent
291	directly to the dynamic ENGINE using ctrl commands.
292	.Pp
293	The command
294	.Ic init
295	determines whether to initialize the ENGINE.
296	If the value is 0, the ENGINE will not be initialized.
297	If it is 1, an attempt is made to initialized the ENGINE immediately.
298	If the
299	.Ic init
300	command is not present, then an attempt will be made to initialize
301	the ENGINE after all commands in its section have been processed.
302	.Pp
303	The command
304	.Ic default_algorithms
305	sets the default algorithms an ENGINE will supply using the functions
306	.Xr ENGINE_set_default_string 3 .
307	.Pp
308	If the name matches none of the above command names, it is assumed
309	to be a ctrl command which is sent to the ENGINE.
310	The value of the command is the argument to the ctrl command.
311	If the value is the string
312	.Cm EMPTY ,
313	then no value is sent to the command.
314	.Pp
315	For example:
316	.Bd -literal -offset indent
317	[engine_section]
318	# Configure ENGINE named "foo"
319	foo = foo_section
320
321	[foo_section]
322	# Load engine from DSO
323	dynamic_path = /some/path/fooengine.so
324	# A foo specific ctrl.
325	some_ctrl = some_value
326	# Another ctrl that doesn't take a value.
327	other_ctrl = EMPTY
328	# Supply all default algorithms
329	default_algorithms = ALL
330	.Ed
331	.Sh FILES	227	.Sh FILES
332	.Bl -tag -width /etc/ssl/openssl.cnf -compact	228	.Bl -tag -width /etc/ssl/openssl.cnf -compact
333	.It Pa /etc/ssl/openssl.cnf	229	.It Pa /etc/ssl/openssl.cnf