5 files changed, 340 insertions, 5 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index 802b34399f..17efba0d08 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.40 2016/11/03 10:24:26 schwarze Exp $
+# $OpenBSD: Makefile,v 1.41 2016/11/03 12:21:50 schwarze Exp $
 .include <bsd.own.mk>           # for NOMAN
@@ -118,6 +118,10 @@ MAN=	\
        HMAC.3 \
        MD5.3 \
        OBJ_nid2obj.3 \
+        OPENSSL_VERSION_NUMBER.3 \
+        OPENSSL_config.3 \
+        OPENSSL_load_builtin_modules.3 \
+        OpenSSL_add_all_algorithms.3 \
        UI_new.3 \
        bn_dump.3 \
        crypto.3 \
@@ -128,10 +132,6 @@ MAN=	\
        lh_new.3 \
 GENMAN= \
-        OPENSSL_VERSION_NUMBER.3 \
-        OPENSSL_config.3 \
-        OPENSSL_load_builtin_modules.3 \
-        OpenSSL_add_all_algorithms.3 \
        PKCS5_PBKDF2_HMAC.3 \
        PEM_read_bio_PrivateKey.3 \
        PEM_write_bio_PKCS7_stream.3 \
diff --git a/src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 b/src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
new file mode 100644
index 0000000000..660a964427
--- /dev/null
+++ b/src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
@@ -0,0 +1,96 @@
+.Dd $Mdocdate: November 3 2016 $
+.Dt OPENSSL_VERSION_NUMBER 3
+.Os
+.Sh NAME
+.Nm OPENSSL_VERSION_NUMBER ,
+.Nm SSLeay ,
+.Nm SSLeay_version
+.Nd get OpenSSL version number
+.Sh SYNOPSIS
+.In openssl/opensslv.h
+.Fd #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
+.In openssl/crypto.h
+.Ft long
+.Fn SSLeay void
+.Ft const char *
+.Fo SSLeay_version
+.Fa "int t"
+.Fc
+.Sh DESCRIPTION
+.Dv OPENSSL_VERSION_NUMBER
+is a numeric release version identifier.
+The first two digits contain the major release number,
+the third and fourth digits the minor release number,
+the fifth and sixth digits the fix release number,
+the seventh and eight digits the patch release number.
+The final digit is 0 for development, 1 to e for betas 1 to 14, or f
+for release.
+.Pp
+For example:
+.Bd -literal -offset indent
+0x000906000 == 0.9.6 dev
+0x000906023 == 0.9.6b beta 3
+0x00090605f == 0.9.6e release
+.Ed
+.Pp
+Versions prior to 0.9.3 had identifiers < 0x0930.
+For versions between 0.9.3 and 0.9.5,
+the seventh digit was 1 for release and 0 otherwise,
+and the eighth and ninth digits were the patch release number.
+.Pp
+For example:
+.Bd -literal
+0x000904100 == 0.9.4 release
+0x000905000 == 0.9.5 dev
+.Ed
+.Pp
+Version 0.9.5a had an interim interpretation that is like the current
+one, except the patch level got the highest bit set, to keep continuity.
+The number was therefore 0x0090581f.
+.Pp
+For backward compatibility, SSLEAY_VERSION_NUMBER is also defined.
+.Pp
+.Fn SSLeay
+returns this number.
+The return value can be compared to the macro to make sure that the
+correct version of the library has been loaded, especially when using
+DLLs on Windows systems.
+.Pp
+.Fn SSLeay_version
+returns different strings depending on
+.Fa t :
+.Bl -tag -width Ds
+.It Dv SSLEAY_VERSION
+The text variant of the version number and the release date.
+For example, "OpenSSL 0.9.5a 1 Apr 2000".
+.It Dv SSLEAY_CFLAGS
+The compiler flags set for the compilation process in the form
+"compiler: ..." if available or "compiler: information not available"
+otherwise.
+.It Dv SSLEAY_BUILT_ON
+The date of the build process in the form "built on: ..." if available
+or "built on: date not available" otherwise.
+.It Dv SSLEAY_PLATFORM
+The "Configure" target of the library build in the form "platform: ..."
+if available or "platform: information not available" otherwise.
+.It Dv SSLEAY_DIR
+The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR:
+"..."" if available or "OPENSSLDIR: N/A" otherwise.
+.El
+.Pp
+For an unknown
+.Fa t ,
+the text "not available" is returned.
+.Sh RETURN VALUE
+The version number.
+.Sh SEE ALSO
+.Xr crypto 3
+.Sh HISTORY
+.Fn SSLeay
+and
+.Dv SSLEAY_VERSION_NUMBER
+are available in all versions of SSLeay and OpenSSL.
+.Dv OPENSSL_VERSION_NUMBER
+is available in all versions of OpenSSL.
+.Dv SSLEAY_DIR
+was added in OpenSSL 0.9.7.
diff --git a/src/lib/libcrypto/man/OPENSSL_config.3 b/src/lib/libcrypto/man/OPENSSL_config.3
new file mode 100644
index 0000000000..a944ba7b4e
--- /dev/null
+++ b/src/lib/libcrypto/man/OPENSSL_config.3
@@ -0,0 +1,115 @@
+.Dd $Mdocdate: November 3 2016 $
+.Dt OPENSSL_CONFIG 3
+.Os
+.Sh NAME
+.Nm OPENSSL_config ,
+.Nm OPENSSL_no_config
+.Nd simple OpenSSL configuration functions
+.Sh SYNOPSIS
+.In openssl/conf.h
+.Ft void
+.Fo OPENSSL_config
+.Fa "const char *config_name"
+.Fc
+.Ft void
+.Fn OPENSSL_no_config void
+.Sh DESCRIPTION
+.Fn OPENSSL_config
+configures OpenSSL using the standard
+.Pa openssl.cnf
+configuration file name using
+.Fa config_name .
+If
+.Fa config_name
+is
+.Dv NULL
+then the default name
+.Sy openssl_conf
+will be used.
+Any errors are ignored.
+Further calls to
+.Fn OPENSSL_config
+will have no effect.
+.Pp
+.Fn OPENSSL_no_config
+disables configuration.
+If called before
+.Fn OPENSSL_config ,
+no configuration takes place.
+.Pp
+It is
+.Sy strongly
+recommended that
+.Sy all
+new applications call
+.Fn OPENSSL_config
+or the more sophisticated functions such as
+.Xr CONF_modules_load 3
+during initialization (that is before starting any threads).
+By doing this, an application does not need to keep track of all
+configuration options and some new functionality can be supported
+automatically.
+.Pp
+It is also possible to automatically call
+.Fn OPENSSL_config
+when an application calls
+.Xr OPENSSL_add_all_algorithms 3
+by compiling an application with the preprocessor symbol
+.Dv OPENSSL_LOAD_CONF
+#define'd.
+In this way configuration can be added without source changes.
+.Pp
+The environment variable
+.Ev OPENSSL_CONF
+can be set to specify the location of the configuration file.
+.Pp
+Currently ASN1 OBJECT and ENGINE configuration can be performed.
+.Pp
+There are several reasons why calling the OpenSSL configuration routines
+is advisable.
+For example new ENGINE functionality was added to OpenSSL 0.9.7.
+In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
+used (among other things) to load dynamic ENGINEs from shared libraries
+(DSOs).
+However very few applications currently support the control interface
+and so very few can load and use dynamic ENGINEs.
+Equally in future more sophisticated ENGINEs will require certain
+control operations to customize them.
+If an application calls
+.Fn OPENSSL_config
+it doesn't need to know or care about ENGINE control operations because
+they can be performed by editing a configuration file.
+.Pp
+Applications should free up configuration at application closedown by
+calling
+.Xr CONF_modules_free 3 .
+.Sh RETURN VALUES
+Neither
+.Fn OPENSSL_config
+nor
+.Fn OPENSSL_no_config
+return a value.
+.Sh SEE ALSO
+.Xr CONF_modules_free 3 ,
+.Xr CONF_modules_load 3
+.Sh HISTORY
+.Fn OPENSSL_config
+and
+.Fn OPENSSL_no_config
+first appeared in OpenSSL 0.9.7.
+.Sh CAVEATS
+The
+.Fn OPENSSL_config
+function is designed to be a very simple "call it and forget it"
+function.
+As a result its behaviour is somewhat limited.
+It ignores all errors silently and it can only load from the standard
+configuration file location for example.
+.Pp
+It is however
+.Sy much
+better than nothing.
+Applications which need finer control over their configuration
+functionality should use the configuration functions such as
+.Xr CONF_load_modules 3
+directly.
diff --git a/src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 b/src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
new file mode 100644
index 0000000000..2a107ab7c4
--- /dev/null
+++ b/src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
@@ -0,0 +1,53 @@
+.Dd $Mdocdate: November 3 2016 $
+.Dt OPENSSL_LOAD_BUILTIN_MODULES 3
+.Os
+.Sh NAME
+.Nm OPENSSL_load_builtin_modules ,
+.Nm ASN1_add_oid_module ,
+.Nm ENGINE_add_conf_module
+.Nd add standard configuration modules
+.Sh SYNOPSIS
+.In openssl/conf.h
+.Ft void
+.Fn OPENSSL_load_builtin_modules void
+.Ft void
+.Fn ASN1_add_oid_module void
+.Ft void
+.Fn ENGINE_add_conf_module void
+.Sh DESCRIPTION
+The function
+.Fn OPENSSL_load_builtin_modules
+adds all the standard OpenSSL configuration modules to the internal
+list.
+They can then be used by the OpenSSL configuration code.
+.Pp
+.Fn ASN1_add_oid_module
+adds just the ASN1 OBJECT module.
+.Pp
+.Fn ENGINE_add_conf_module
+adds just the ENGINE configuration module.
+.Pp
+If the simple configuration function
+.Xr OPENSSL_config 3
+is called then
+.Fn OPENSSL_load_builtin_modules
+is called automatically.
+.Pp
+Applications which use the configuration functions directly will need to
+call
+.Fn OPENSSL_load_builtin_modules
+themselves
+.Em before
+any other configuration code.
+.Pp
+Applications should call
+.Fn OPENSSL_load_builtin_modules
+to load all configuration modules instead of adding modules selectively:
+otherwise functionality may be missing from the application when
+new modules are added.
+.Sh RETURN VALUE
+None of the functions return a value.
+.Sh SEE ALSO
+.Xr OPENSSL_config 3
+.Sh HISTORY
+These functions first appeared in OpenSSL 0.9.7.
diff --git a/src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 b/src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
new file mode 100644
index 0000000000..b6e93a939e
--- /dev/null
+++ b/src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
@@ -0,0 +1,71 @@
+.Dd $Mdocdate: November 3 2016 $
+.Dt OPENSSL_ADD_ALL_ALGORITHMS 3
+.Os
+.Sh NAME
+.Nm OpenSSL_add_all_algorithms ,
+.Nm OpenSSL_add_all_ciphers ,
+.Nm OpenSSL_add_all_digests ,
+.Nm EVP_cleanup
+.Nd add algorithms to internal table
+.Sh SYNOPSIS
+.In openssl/evp.h
+.Ft void
+.Fn OpenSSL_add_all_algorithms void
+.Ft void
+.Fn OpenSSL_add_all_ciphers void
+.Ft void
+.Fn OpenSSL_add_all_digests void
+.Ft void
+.Fn EVP_cleanup void
+.Sh DESCRIPTION
+OpenSSL keeps an internal table of digest algorithms and ciphers.
+It uses this table to lookup ciphers via functions such as
+.Xr EVP_get_cipherbyname 3 .
+.Pp
+.Fn OpenSSL_add_all_algorithms
+adds all algorithms to the table (digests and ciphers).
+.Pp
+.Fn OpenSSL_add_all_digests
+adds all digest algorithms to the table.
+.Pp
+.Fn OpenSSL_add_all_ciphers
+adds all encryption algorithms to the table including password based
+encryption algorithms.
+.Pp
+.Fn EVP_cleanup
+removes all ciphers and digests from the table.
+.Pp
+A typical application will call
+.Fn OpenSSL_add_all_algorithms
+initially and
+.Fn EVP_cleanup
+before exiting.
+.Pp
+An application does not need to add algorithms to use them explicitly,
+for example by
+.Xr EVP_sha1 3 .
+It just needs to add them if it (or any of the functions it calls) needs
+to lookup algorithms.
+.Pp
+The cipher and digest lookup functions are used in many parts of the
+library.
+If the table is not initialized, several functions will misbehave and
+complain they cannot find algorithms.
+This includes the PEM, PKCS#12, SSL and S/MIME libraries.
+This is a common query in the OpenSSL mailing lists.
+.Pp
+Calling
+.Fn OpenSSL_add_all_algorithms
+links in all algorithms: as a result a statically linked executable can
+be quite large.
+If this is important, it is possible to just add the required ciphers and
+digests.
+.Sh SEE ALSO
+.Xr evp 3 ,
+.Xr EVP_DigestInit 3 ,
+.Xr EVP_EncryptInit 3
+.Sh BUGS
+Although the functions do not return error codes, it is possible for them
+to fail.
+This will only happen as a result of a memory allocation failure so this
+is not too much of a problem in practice.

diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index 802b34399f..17efba0d08 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.40 2016/11/03 10:24:26 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.41 2016/11/03 12:21:50 schwarze Exp $
2		2
3	.include <bsd.own.mk> # for NOMAN	3	.include <bsd.own.mk> # for NOMAN
4		4
@@ -118,6 +118,10 @@ MAN= \
118	HMAC.3 \	118	HMAC.3 \
119	MD5.3 \	119	MD5.3 \
120	OBJ_nid2obj.3 \	120	OBJ_nid2obj.3 \
		121	OPENSSL_VERSION_NUMBER.3 \
		122	OPENSSL_config.3 \
		123	OPENSSL_load_builtin_modules.3 \
		124	OpenSSL_add_all_algorithms.3 \
121	UI_new.3 \	125	UI_new.3 \
122	bn_dump.3 \	126	bn_dump.3 \
123	crypto.3 \	127	crypto.3 \
@@ -128,10 +132,6 @@ MAN= \
128	lh_new.3 \	132	lh_new.3 \
129		133
130	GENMAN= \	134	GENMAN= \
131	OPENSSL_VERSION_NUMBER.3 \
132	OPENSSL_config.3 \
133	OPENSSL_load_builtin_modules.3 \
134	OpenSSL_add_all_algorithms.3 \
135	PKCS5_PBKDF2_HMAC.3 \	135	PKCS5_PBKDF2_HMAC.3 \
136	PEM_read_bio_PrivateKey.3 \	136	PEM_read_bio_PrivateKey.3 \
137	PEM_write_bio_PKCS7_stream.3 \	137	PEM_write_bio_PKCS7_stream.3 \


diff --git a/src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 b/src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 new file mode 100644 index 0000000000..660a964427 --- /dev/null +++ b/src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
@@ -0,0 +1,96 @@
		1	.Dd $Mdocdate: November 3 2016 $
		2	.Dt OPENSSL_VERSION_NUMBER 3
		3	.Os
		4	.Sh NAME
		5	.Nm OPENSSL_VERSION_NUMBER ,
		6	.Nm SSLeay ,
		7	.Nm SSLeay_version
		8	.Nd get OpenSSL version number
		9	.Sh SYNOPSIS
		10	.In openssl/opensslv.h
		11	.Fd #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
		12	.In openssl/crypto.h
		13	.Ft long
		14	.Fn SSLeay void
		15	.Ft const char *
		16	.Fo SSLeay_version
		17	.Fa "int t"
		18	.Fc
		19	.Sh DESCRIPTION
		20	.Dv OPENSSL_VERSION_NUMBER
		21	is a numeric release version identifier.
		22	The first two digits contain the major release number,
		23	the third and fourth digits the minor release number,
		24	the fifth and sixth digits the fix release number,
		25	the seventh and eight digits the patch release number.
		26	The final digit is 0 for development, 1 to e for betas 1 to 14, or f
		27	for release.
		28	.Pp
		29	For example:
		30	.Bd -literal -offset indent
		31	0x000906000 == 0.9.6 dev
		32	0x000906023 == 0.9.6b beta 3
		33	0x00090605f == 0.9.6e release
		34	.Ed
		35	.Pp
		36	Versions prior to 0.9.3 had identifiers < 0x0930.
		37	For versions between 0.9.3 and 0.9.5,
		38	the seventh digit was 1 for release and 0 otherwise,
		39	and the eighth and ninth digits were the patch release number.
		40	.Pp
		41	For example:
		42	.Bd -literal
		43	0x000904100 == 0.9.4 release
		44	0x000905000 == 0.9.5 dev
		45	.Ed
		46	.Pp
		47	Version 0.9.5a had an interim interpretation that is like the current
		48	one, except the patch level got the highest bit set, to keep continuity.
		49	The number was therefore 0x0090581f.
		50	.Pp
		51	For backward compatibility, SSLEAY_VERSION_NUMBER is also defined.
		52	.Pp
		53	.Fn SSLeay
		54	returns this number.
		55	The return value can be compared to the macro to make sure that the
		56	correct version of the library has been loaded, especially when using
		57	DLLs on Windows systems.
		58	.Pp
		59	.Fn SSLeay_version
		60	returns different strings depending on
		61	.Fa t :
		62	.Bl -tag -width Ds
		63	.It Dv SSLEAY_VERSION
		64	The text variant of the version number and the release date.
		65	For example, "OpenSSL 0.9.5a 1 Apr 2000".
		66	.It Dv SSLEAY_CFLAGS
		67	The compiler flags set for the compilation process in the form
		68	"compiler: ..." if available or "compiler: information not available"
		69	otherwise.
		70	.It Dv SSLEAY_BUILT_ON
		71	The date of the build process in the form "built on: ..." if available
		72	or "built on: date not available" otherwise.
		73	.It Dv SSLEAY_PLATFORM
		74	The "Configure" target of the library build in the form "platform: ..."
		75	if available or "platform: information not available" otherwise.
		76	.It Dv SSLEAY_DIR
		77	The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR:
		78	"..."" if available or "OPENSSLDIR: N/A" otherwise.
		79	.El
		80	.Pp
		81	For an unknown
		82	.Fa t ,
		83	the text "not available" is returned.
		84	.Sh RETURN VALUE
		85	The version number.
		86	.Sh SEE ALSO
		87	.Xr crypto 3
		88	.Sh HISTORY
		89	.Fn SSLeay
		90	and
		91	.Dv SSLEAY_VERSION_NUMBER
		92	are available in all versions of SSLeay and OpenSSL.
		93	.Dv OPENSSL_VERSION_NUMBER
		94	is available in all versions of OpenSSL.
		95	.Dv SSLEAY_DIR
		96	was added in OpenSSL 0.9.7.


diff --git a/src/lib/libcrypto/man/OPENSSL_config.3 b/src/lib/libcrypto/man/OPENSSL_config.3 new file mode 100644 index 0000000000..a944ba7b4e --- /dev/null +++ b/src/lib/libcrypto/man/OPENSSL_config.3
@@ -0,0 +1,115 @@
		1	.Dd $Mdocdate: November 3 2016 $
		2	.Dt OPENSSL_CONFIG 3
		3	.Os
		4	.Sh NAME
		5	.Nm OPENSSL_config ,
		6	.Nm OPENSSL_no_config
		7	.Nd simple OpenSSL configuration functions
		8	.Sh SYNOPSIS
		9	.In openssl/conf.h
		10	.Ft void
		11	.Fo OPENSSL_config
		12	.Fa "const char *config_name"
		13	.Fc
		14	.Ft void
		15	.Fn OPENSSL_no_config void
		16	.Sh DESCRIPTION
		17	.Fn OPENSSL_config
		18	configures OpenSSL using the standard
		19	.Pa openssl.cnf
		20	configuration file name using
		21	.Fa config_name .
		22	If
		23	.Fa config_name
		24	is
		25	.Dv NULL
		26	then the default name
		27	.Sy openssl_conf
		28	will be used.
		29	Any errors are ignored.
		30	Further calls to
		31	.Fn OPENSSL_config
		32	will have no effect.
		33	.Pp
		34	.Fn OPENSSL_no_config
		35	disables configuration.
		36	If called before
		37	.Fn OPENSSL_config ,
		38	no configuration takes place.
		39	.Pp
		40	It is
		41	.Sy strongly
		42	recommended that
		43	.Sy all
		44	new applications call
		45	.Fn OPENSSL_config
		46	or the more sophisticated functions such as
		47	.Xr CONF_modules_load 3
		48	during initialization (that is before starting any threads).
		49	By doing this, an application does not need to keep track of all
		50	configuration options and some new functionality can be supported
		51	automatically.
		52	.Pp
		53	It is also possible to automatically call
		54	.Fn OPENSSL_config
		55	when an application calls
		56	.Xr OPENSSL_add_all_algorithms 3
		57	by compiling an application with the preprocessor symbol
		58	.Dv OPENSSL_LOAD_CONF
		59	#define'd.
		60	In this way configuration can be added without source changes.
		61	.Pp
		62	The environment variable
		63	.Ev OPENSSL_CONF
		64	can be set to specify the location of the configuration file.
		65	.Pp
		66	Currently ASN1 OBJECT and ENGINE configuration can be performed.
		67	.Pp
		68	There are several reasons why calling the OpenSSL configuration routines
		69	is advisable.
		70	For example new ENGINE functionality was added to OpenSSL 0.9.7.
		71	In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
		72	used (among other things) to load dynamic ENGINEs from shared libraries
		73	(DSOs).
		74	However very few applications currently support the control interface
		75	and so very few can load and use dynamic ENGINEs.
		76	Equally in future more sophisticated ENGINEs will require certain
		77	control operations to customize them.
		78	If an application calls
		79	.Fn OPENSSL_config
		80	it doesn't need to know or care about ENGINE control operations because
		81	they can be performed by editing a configuration file.
		82	.Pp
		83	Applications should free up configuration at application closedown by
		84	calling
		85	.Xr CONF_modules_free 3 .
		86	.Sh RETURN VALUES
		87	Neither
		88	.Fn OPENSSL_config
		89	nor
		90	.Fn OPENSSL_no_config
		91	return a value.
		92	.Sh SEE ALSO
		93	.Xr CONF_modules_free 3 ,
		94	.Xr CONF_modules_load 3
		95	.Sh HISTORY
		96	.Fn OPENSSL_config
		97	and
		98	.Fn OPENSSL_no_config
		99	first appeared in OpenSSL 0.9.7.
		100	.Sh CAVEATS
		101	The
		102	.Fn OPENSSL_config
		103	function is designed to be a very simple "call it and forget it"
		104	function.
		105	As a result its behaviour is somewhat limited.
		106	It ignores all errors silently and it can only load from the standard
		107	configuration file location for example.
		108	.Pp
		109	It is however
		110	.Sy much
		111	better than nothing.
		112	Applications which need finer control over their configuration
		113	functionality should use the configuration functions such as
		114	.Xr CONF_load_modules 3
		115	directly.


diff --git a/src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 b/src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 new file mode 100644 index 0000000000..2a107ab7c4 --- /dev/null +++ b/src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
@@ -0,0 +1,53 @@
		1	.Dd $Mdocdate: November 3 2016 $
		2	.Dt OPENSSL_LOAD_BUILTIN_MODULES 3
		3	.Os
		4	.Sh NAME
		5	.Nm OPENSSL_load_builtin_modules ,
		6	.Nm ASN1_add_oid_module ,
		7	.Nm ENGINE_add_conf_module
		8	.Nd add standard configuration modules
		9	.Sh SYNOPSIS
		10	.In openssl/conf.h
		11	.Ft void
		12	.Fn OPENSSL_load_builtin_modules void
		13	.Ft void
		14	.Fn ASN1_add_oid_module void
		15	.Ft void
		16	.Fn ENGINE_add_conf_module void
		17	.Sh DESCRIPTION
		18	The function
		19	.Fn OPENSSL_load_builtin_modules
		20	adds all the standard OpenSSL configuration modules to the internal
		21	list.
		22	They can then be used by the OpenSSL configuration code.
		23	.Pp
		24	.Fn ASN1_add_oid_module
		25	adds just the ASN1 OBJECT module.
		26	.Pp
		27	.Fn ENGINE_add_conf_module
		28	adds just the ENGINE configuration module.
		29	.Pp
		30	If the simple configuration function
		31	.Xr OPENSSL_config 3
		32	is called then
		33	.Fn OPENSSL_load_builtin_modules
		34	is called automatically.
		35	.Pp
		36	Applications which use the configuration functions directly will need to
		37	call
		38	.Fn OPENSSL_load_builtin_modules
		39	themselves
		40	.Em before
		41	any other configuration code.
		42	.Pp
		43	Applications should call
		44	.Fn OPENSSL_load_builtin_modules
		45	to load all configuration modules instead of adding modules selectively:
		46	otherwise functionality may be missing from the application when
		47	new modules are added.
		48	.Sh RETURN VALUE
		49	None of the functions return a value.
		50	.Sh SEE ALSO
		51	.Xr OPENSSL_config 3
		52	.Sh HISTORY
		53	These functions first appeared in OpenSSL 0.9.7.


diff --git a/src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 b/src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 new file mode 100644 index 0000000000..b6e93a939e --- /dev/null +++ b/src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
@@ -0,0 +1,71 @@
		1	.Dd $Mdocdate: November 3 2016 $
		2	.Dt OPENSSL_ADD_ALL_ALGORITHMS 3
		3	.Os
		4	.Sh NAME
		5	.Nm OpenSSL_add_all_algorithms ,
		6	.Nm OpenSSL_add_all_ciphers ,
		7	.Nm OpenSSL_add_all_digests ,
		8	.Nm EVP_cleanup
		9	.Nd add algorithms to internal table
		10	.Sh SYNOPSIS
		11	.In openssl/evp.h
		12	.Ft void
		13	.Fn OpenSSL_add_all_algorithms void
		14	.Ft void
		15	.Fn OpenSSL_add_all_ciphers void
		16	.Ft void
		17	.Fn OpenSSL_add_all_digests void
		18	.Ft void
		19	.Fn EVP_cleanup void
		20	.Sh DESCRIPTION
		21	OpenSSL keeps an internal table of digest algorithms and ciphers.
		22	It uses this table to lookup ciphers via functions such as
		23	.Xr EVP_get_cipherbyname 3 .
		24	.Pp
		25	.Fn OpenSSL_add_all_algorithms
		26	adds all algorithms to the table (digests and ciphers).
		27	.Pp
		28	.Fn OpenSSL_add_all_digests
		29	adds all digest algorithms to the table.
		30	.Pp
		31	.Fn OpenSSL_add_all_ciphers
		32	adds all encryption algorithms to the table including password based
		33	encryption algorithms.
		34	.Pp
		35	.Fn EVP_cleanup
		36	removes all ciphers and digests from the table.
		37	.Pp
		38	A typical application will call
		39	.Fn OpenSSL_add_all_algorithms
		40	initially and
		41	.Fn EVP_cleanup
		42	before exiting.
		43	.Pp
		44	An application does not need to add algorithms to use them explicitly,
		45	for example by
		46	.Xr EVP_sha1 3 .
		47	It just needs to add them if it (or any of the functions it calls) needs
		48	to lookup algorithms.
		49	.Pp
		50	The cipher and digest lookup functions are used in many parts of the
		51	library.
		52	If the table is not initialized, several functions will misbehave and
		53	complain they cannot find algorithms.
		54	This includes the PEM, PKCS#12, SSL and S/MIME libraries.
		55	This is a common query in the OpenSSL mailing lists.
		56	.Pp
		57	Calling
		58	.Fn OpenSSL_add_all_algorithms
		59	links in all algorithms: as a result a statically linked executable can
		60	be quite large.
		61	If this is important, it is possible to just add the required ciphers and
		62	digests.
		63	.Sh SEE ALSO
		64	.Xr evp 3 ,
		65	.Xr EVP_DigestInit 3 ,
		66	.Xr EVP_EncryptInit 3
		67	.Sh BUGS
		68	Although the functions do not return error codes, it is possible for them
		69	to fail.
		70	This will only happen as a result of a memory allocation failure so this
		71	is not too much of a problem in practice.