1 files changed, 0 insertions, 207 deletions
diff --git a/src/lib/libcrypto/man/STACK_OF.3 b/src/lib/libcrypto/man/STACK_OF.3
deleted file mode 100644
index 4c627eed9b..0000000000
--- a/src/lib/libcrypto/man/STACK_OF.3
+++ /dev/null
@@ -1,207 +0,0 @@
-.\" $OpenBSD: STACK_OF.3,v 1.5 2021/10/24 13:10:46 schwarze Exp $
-.\"
-.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.Dd $Mdocdate: October 24 2021 $
-.Dt STACK_OF 3
-.Os
-.Sh NAME
-.Nm STACK_OF
-.Nd variable-sized arrays of pointers, called OpenSSL stacks
-.Sh SYNOPSIS
-.In openssl/safestack.h
-.Fn STACK_OF type
-.Sh DESCRIPTION
-The
-.In openssl/safestack.h
-header provides a fragile, unusually complicated system of
-macro-generated wrappers around the functions described in the
-.Xr OPENSSL_sk_new 3
-manual page.
-It is intended to implement superficially type-safe variable-sized
-arrays of pointers, somewhat misleadingly called
-.Dq stacks
-by OpenSSL.
-Due to the excessive number of API functions, it is impossible to
-properly document this system.
-In particular, calling
-.Xr man 1
-for any of the functions operating on stacks cannot yield any result.
-.Pp
-Unfortunately, application programs can hardly avoid using the concept
-because several important OpenSSL APIs rely on it; see the
-.Sx SEE ALSO
-section for examples.
-Even though both pages are more complicated than any manual page
-ought to be, using the concept safely requires a complete understanding
-of all the details in both this manual page and in
-.Xr OPENSSL_sk_new 3 .
-.Pp
-The
-.Fn STACK_OF
-macro takes a
-.Fa type
-name as its argument, typically the name of a type
-that has been defined as an alias for a specific
-.Vt struct
-type using a
-.Sy typedef
-declaration.
-It expands to an incomplete
-.Vt struct
-type which is intended to represent a
-.Dq stack
-of objects of the given
-.Fa type .
-That type does not actually exist, so it is not possible to define,
-for example, an automatic variable
-.Ql STACK_OF(X509) my_certificates ;
-it is only possible to define pointers to stacks, for example
-.Ql STACK_OF(X509) *my_certificates .
-The only way such pointers can ever be used is by wrapper functions
-casting them to the type
-.Vt _STACK *
-described in
-.Xr OPENSSL_sk_new 3 .
-.Pp
-For a considerable number of types, OpenSSL provides one wrapper
-function for each function described in
-.Xr OPENSSL_sk_new 3 .
-The names of these wrapper functions are usually constructed by
-inserting the name of the type and an underscore after the
-.Sq sk_
-prefix of the function name.
-Usually, where the real functions take
-.Vt void *
-arguments, the wrappers take pointers to the
-.Fa type
-in questions, and where the real functions take
-.Vt _STACK *
-arguments, the wrappers take pointers to
-.Fn STACK_OF type .
-The same applies to return values.
-Various exceptions to all this exist, but the above applies to
-all the types listed below.
-.Pp
-Using the above may make sense for the following types because
-public API functions exist that take stacks of these types as
-arguments or return them:
-.Vt ASN1_INTEGER ,
-.Vt ASN1_OBJECT ,
-.Vt ASN1_UTF8STRING ,
-.Vt CMS_RecipientInfo ,
-.Vt CMS_SignerInfo ,
-.Vt CONF_VALUE ,
-.Vt GENERAL_NAMES ,
-.Vt GENERAL_SUBTREE ,
-.Vt OPENSSL_STRING Pq which is just Vt char * ,
-.Vt PKCS12_SAFEBAG ,
-.Vt PKCS7 ,
-.Vt PKCS7_RECIP_INFO ,
-.Vt PKCS7_SIGNER_INFO ,
-.Vt POLICYQUALINFO ,
-.Vt SRTP_PROTECTION_PROFILE ,
-.Vt SSL_CIPHER ,
-.Vt SSL_COMP ,
-.Vt X509 ,
-.Vt X509_ALGOR ,
-.Vt X509_ATTRIBUTE ,
-.Vt X509_CRL ,
-.Vt X509_EXTENSION ,
-.Vt X509_INFO ,
-.Vt X509_NAME ,
-.Vt X509_OBJECT ,
-.Vt X509_POLICY_NODE ,
-.Vt X509_REVOKED .
-.Pp
-Additionally, some public API functions use the following types
-which are declared with
-.Sy typedef :
-.Bl -column STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS
-.It Vt STACK_OF(ACCESS_DESCRIPTION) Ta Vt AUTHORITY_INFO_ACCESS
-.It Vt STACK_OF(ASN1_OBJECT)        Ta Vt EXTENDED_KEY_USAGE
-.It Vt STACK_OF(ASN1_TYPE)          Ta Vt ASN1_SEQUENCE_ANY
-.It Vt STACK_OF(DIST_POINT)         Ta Vt CRL_DIST_POINTS
-.It Vt STACK_OF(GENERAL_NAME)       Ta Vt GENERAL_NAMES
-.It Vt STACK_OF(IPAddressFamily)    Ta Vt IPAddrBlocks
-.It Vt STACK_OF(POLICY_MAPPING)     Ta Vt POLICY_MAPPINGS
-.It Vt STACK_OF(POLICYINFO)         Ta Vt CERTIFICATEPOLICIES
-.It Vt STACK_OF(X509_ALGOR)         Ta Vt X509_ALGORS
-.It Vt STACK_OF(X509_EXTENSION)     Ta Vt X509_EXTENSIONS
-.El
-.Pp
-Even though the OpenSSL headers declare wrapper functions for many
-more types and even though the OpenSSL documentation says that users
-can declare their own stack types, using
-.Fn STACK_OF
-with any type not listed here is strongly discouraged.
-For other types, there may be subtle, undocumented differences
-in syntax and semantics, and attempting to declare custom stack
-types is very error prone; using plain C arrays of pointers to
-the desired type is much simpler and less dangerous.
-.Sh EXAMPLES
-The following program creates a certificate object, puts two
-pointers to it on a stack, and uses
-.Xr X509_free 3
-to clean up properly:
-.Bd -literal
-#include <err.h>
-#include <stdio.h>
-#include <openssl/x509.h>
-int
-main(void)
-{
-        STACK_OF(X509)  *stack;
-        X509            *x;
-        if ((stack = sk_X509_new_null()) == NULL)
-                err(1, NULL);
-        if ((x = X509_new()) == NULL)
-                err(1, NULL);
-        if (sk_X509_push(stack, x) == 0)
-                err(1, NULL);
-        if (X509_up_ref(x) == 0)
-                errx(1, "X509_up_ref failed");
-        if (sk_X509_push(stack, x) == 0)
-                err(1, NULL);
-        printf("%d pointers: %p, %p\en", sk_X509_num(stack),
-            sk_X509_value(stack, 0), sk_X509_value(stack, 1));
-        sk_X509_pop_free(stack, X509_free);
-        return 0;
-}
-.Ed
-.Pp
-The output looks similar to:
-.Pp
-.Dl 2 pointers: 0x4693ff24c00, 0x4693ff24c00
-.Sh SEE ALSO
-.Xr crypto 3 ,
-.Xr OCSP_request_sign 3 ,
-.Xr OPENSSL_sk_new 3 ,
-.Xr PKCS12_parse 3 ,
-.Xr PKCS7_encrypt 3 ,
-.Xr SSL_CTX_set_client_CA_list 3 ,
-.Xr SSL_get_ciphers 3 ,
-.Xr SSL_get_peer_cert_chain 3 ,
-.Xr SSL_load_client_CA_file 3 ,
-.Xr X509_CRL_get_REVOKED 3 ,
-.Xr X509_STORE_CTX_get0_chain 3
-.Sh HISTORY
-The
-.Fn STACK_OF
-macro first appeared in OpenSSL 0.9.3 and has been available since
-.Ox 2.6 .

diff --git a/src/lib/libcrypto/man/STACK_OF.3 b/src/lib/libcrypto/man/STACK_OF.3 deleted file mode 100644 index 4c627eed9b..0000000000 --- a/src/lib/libcrypto/man/STACK_OF.3 +++ /dev/null
@@ -1,207 +0,0 @@
1	.\" $OpenBSD: STACK_OF.3,v 1.5 2021/10/24 13:10:46 schwarze Exp $
2	.\"
3	.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
4	.\"
5	.\" Permission to use, copy, modify, and distribute this software for any
6	.\" purpose with or without fee is hereby granted, provided that the above
7	.\" copyright notice and this permission notice appear in all copies.
8	.\"
9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16	.\"
17	.Dd $Mdocdate: October 24 2021 $
18	.Dt STACK_OF 3
19	.Os
20	.Sh NAME
21	.Nm STACK_OF
22	.Nd variable-sized arrays of pointers, called OpenSSL stacks
23	.Sh SYNOPSIS
24	.In openssl/safestack.h
25	.Fn STACK_OF type
26	.Sh DESCRIPTION
27	The
28	.In openssl/safestack.h
29	header provides a fragile, unusually complicated system of
30	macro-generated wrappers around the functions described in the
31	.Xr OPENSSL_sk_new 3
32	manual page.
33	It is intended to implement superficially type-safe variable-sized
34	arrays of pointers, somewhat misleadingly called
35	.Dq stacks
36	by OpenSSL.
37	Due to the excessive number of API functions, it is impossible to
38	properly document this system.
39	In particular, calling
40	.Xr man 1
41	for any of the functions operating on stacks cannot yield any result.
42	.Pp
43	Unfortunately, application programs can hardly avoid using the concept
44	because several important OpenSSL APIs rely on it; see the
45	.Sx SEE ALSO
46	section for examples.
47	Even though both pages are more complicated than any manual page
48	ought to be, using the concept safely requires a complete understanding
49	of all the details in both this manual page and in
50	.Xr OPENSSL_sk_new 3 .
51	.Pp
52	The
53	.Fn STACK_OF
54	macro takes a
55	.Fa type
56	name as its argument, typically the name of a type
57	that has been defined as an alias for a specific
58	.Vt struct
59	type using a
60	.Sy typedef
61	declaration.
62	It expands to an incomplete
63	.Vt struct
64	type which is intended to represent a
65	.Dq stack
66	of objects of the given
67	.Fa type .
68	That type does not actually exist, so it is not possible to define,
69	for example, an automatic variable
70	.Ql STACK_OF(X509) my_certificates ;
71	it is only possible to define pointers to stacks, for example
72	.Ql STACK_OF(X509) *my_certificates .
73	The only way such pointers can ever be used is by wrapper functions
74	casting them to the type
75	.Vt _STACK *
76	described in
77	.Xr OPENSSL_sk_new 3 .
78	.Pp
79	For a considerable number of types, OpenSSL provides one wrapper
80	function for each function described in
81	.Xr OPENSSL_sk_new 3 .
82	The names of these wrapper functions are usually constructed by
83	inserting the name of the type and an underscore after the
84	.Sq sk_
85	prefix of the function name.
86	Usually, where the real functions take
87	.Vt void *
88	arguments, the wrappers take pointers to the
89	.Fa type
90	in questions, and where the real functions take
91	.Vt _STACK *
92	arguments, the wrappers take pointers to
93	.Fn STACK_OF type .
94	The same applies to return values.
95	Various exceptions to all this exist, but the above applies to
96	all the types listed below.
97	.Pp
98	Using the above may make sense for the following types because
99	public API functions exist that take stacks of these types as
100	arguments or return them:
101	.Vt ASN1_INTEGER ,
102	.Vt ASN1_OBJECT ,
103	.Vt ASN1_UTF8STRING ,
104	.Vt CMS_RecipientInfo ,
105	.Vt CMS_SignerInfo ,
106	.Vt CONF_VALUE ,
107	.Vt GENERAL_NAMES ,
108	.Vt GENERAL_SUBTREE ,
109	.Vt OPENSSL_STRING Pq which is just Vt char * ,
110	.Vt PKCS12_SAFEBAG ,
111	.Vt PKCS7 ,
112	.Vt PKCS7_RECIP_INFO ,
113	.Vt PKCS7_SIGNER_INFO ,
114	.Vt POLICYQUALINFO ,
115	.Vt SRTP_PROTECTION_PROFILE ,
116	.Vt SSL_CIPHER ,
117	.Vt SSL_COMP ,
118	.Vt X509 ,
119	.Vt X509_ALGOR ,
120	.Vt X509_ATTRIBUTE ,
121	.Vt X509_CRL ,
122	.Vt X509_EXTENSION ,
123	.Vt X509_INFO ,
124	.Vt X509_NAME ,
125	.Vt X509_OBJECT ,
126	.Vt X509_POLICY_NODE ,
127	.Vt X509_REVOKED .
128	.Pp
129	Additionally, some public API functions use the following types
130	which are declared with
131	.Sy typedef :
132	.Bl -column STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS
133	.It Vt STACK_OF(ACCESS_DESCRIPTION) Ta Vt AUTHORITY_INFO_ACCESS
134	.It Vt STACK_OF(ASN1_OBJECT) Ta Vt EXTENDED_KEY_USAGE
135	.It Vt STACK_OF(ASN1_TYPE) Ta Vt ASN1_SEQUENCE_ANY
136	.It Vt STACK_OF(DIST_POINT) Ta Vt CRL_DIST_POINTS
137	.It Vt STACK_OF(GENERAL_NAME) Ta Vt GENERAL_NAMES
138	.It Vt STACK_OF(IPAddressFamily) Ta Vt IPAddrBlocks
139	.It Vt STACK_OF(POLICY_MAPPING) Ta Vt POLICY_MAPPINGS
140	.It Vt STACK_OF(POLICYINFO) Ta Vt CERTIFICATEPOLICIES
141	.It Vt STACK_OF(X509_ALGOR) Ta Vt X509_ALGORS
142	.It Vt STACK_OF(X509_EXTENSION) Ta Vt X509_EXTENSIONS
143	.El
144	.Pp
145	Even though the OpenSSL headers declare wrapper functions for many
146	more types and even though the OpenSSL documentation says that users
147	can declare their own stack types, using
148	.Fn STACK_OF
149	with any type not listed here is strongly discouraged.
150	For other types, there may be subtle, undocumented differences
151	in syntax and semantics, and attempting to declare custom stack
152	types is very error prone; using plain C arrays of pointers to
153	the desired type is much simpler and less dangerous.
154	.Sh EXAMPLES
155	The following program creates a certificate object, puts two
156	pointers to it on a stack, and uses
157	.Xr X509_free 3
158	to clean up properly:
159	.Bd -literal
160	#include <err.h>
161	#include <stdio.h>
162	#include <openssl/x509.h>
163
164	int
165	main(void)
166	{
167	STACK_OF(X509) *stack;
168	X509 *x;
169
170	if ((stack = sk_X509_new_null()) == NULL)
171	err(1, NULL);
172	if ((x = X509_new()) == NULL)
173	err(1, NULL);
174	if (sk_X509_push(stack, x) == 0)
175	err(1, NULL);
176	if (X509_up_ref(x) == 0)
177	errx(1, "X509_up_ref failed");
178	if (sk_X509_push(stack, x) == 0)
179	err(1, NULL);
180	printf("%d pointers: %p, %p\en", sk_X509_num(stack),
181	sk_X509_value(stack, 0), sk_X509_value(stack, 1));
182	sk_X509_pop_free(stack, X509_free);
183
184	return 0;
185	}
186	.Ed
187	.Pp
188	The output looks similar to:
189	.Pp
190	.Dl 2 pointers: 0x4693ff24c00, 0x4693ff24c00
191	.Sh SEE ALSO
192	.Xr crypto 3 ,
193	.Xr OCSP_request_sign 3 ,
194	.Xr OPENSSL_sk_new 3 ,
195	.Xr PKCS12_parse 3 ,
196	.Xr PKCS7_encrypt 3 ,
197	.Xr SSL_CTX_set_client_CA_list 3 ,
198	.Xr SSL_get_ciphers 3 ,
199	.Xr SSL_get_peer_cert_chain 3 ,
200	.Xr SSL_load_client_CA_file 3 ,
201	.Xr X509_CRL_get_REVOKED 3 ,
202	.Xr X509_STORE_CTX_get0_chain 3
203	.Sh HISTORY
204	The
205	.Fn STACK_OF
206	macro first appeared in OpenSSL 0.9.3 and has been available since
207	.Ox 2.6 .