1 files changed, 0 insertions, 111 deletions
diff --git a/src/lib/libssl/doc/SSL_CTX_new.3 b/src/lib/libssl/doc/SSL_CTX_new.3
deleted file mode 100644
index d2c2b03452..0000000000
--- a/src/lib/libssl/doc/SSL_CTX_new.3
+++ /dev/null
@@ -1,111 +0,0 @@
-.\"
-.\"     $OpenBSD: SSL_CTX_new.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_NEW 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_new ,
-.Nm SSLv3_method ,
-.Nm SSLv3_server_method ,
-.Nm SSLv3_client_method ,
-.Nm TLSv1_method ,
-.Nm TLSv1_server_method ,
-.Nm TLSv1_client_method ,
-.Nm TLSv1_1_method ,
-.Nm TLSv1_1_server_method ,
-.Nm TLSv1_1_client_method ,
-.Nm SSLv23_method ,
-.Nm SSLv23_server_method ,
-.Nm SSLv23_client_method
-.Nd create a new SSL_CTX object as framework for TLS/SSL enabled functions
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft SSL_CTX *
-.Fn SSL_CTX_new "const SSL_METHOD *method"
-.Sh DESCRIPTION
-.Fn SSL_CTX_new
-creates a new
-.Vt SSL_CTX
-object as framework to establish TLS/SSL enabled connections.
-.Sh NOTES
-The
-.Vt SSL_CTX
-object uses
-.Fa method
-as its connection method.
-The methods exist in a generic type (for client and server use),
-a server only type, and a client only type.
-.Fa method
-can be of the following types:
-.Bl -tag -width Ds
-.It Fn SSLv3_method void , Fn SSLv3_server_method void , \
-Fn SSLv3_client_method void
-A TLS/SSL connection established with these methods will only understand the
-SSLv3 protocol.
-A client will send out SSLv3 client hello messages and will indicate that it
-only understands SSLv3.
-A server will only understand SSLv3 client hello messages.
-Importantly, this means that it will not understand SSLv2 client hello messages
-which are widely used for compatibility reasons; see
-.Fn SSLv23_*_method .
-.It Fn TLSv1_method void , Fn TLSv1_server_method void , \
-Fn TLSv1_client_method void
-A TLS/SSL connection established with these methods will only understand the
-TLSv1 protocol.
-A client will send out TLSv1 client hello messages and will indicate that it
-only understands TLSv1.
-A server will only understand TLSv1 client hello messages.
-Importantly, this means that it will not understand SSLv2 client hello messages
-which are widely used for compatibility reasons; see
-.Fn SSLv23_*_method .
-It will also not understand SSLv3 client hello messages.
-.It Fn SSLv23_method void , Fn SSLv23_server_method void , \
-Fn SSLv23_client_method void
-A TLS/SSL connection established with these methods may understand the SSLv3,
-TLSv1, TLSv1.1 and TLSv1.2 protocols.
-.Pp
-A client will send out TLSv1 client hello messages including extensions and
-will indicate that it also understands TLSv1.1, TLSv1.2 and permits a fallback
-to SSLv3.
-A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.
-This is the best choice when compatibility is a concern.
-.El
-.Pp
-The list of protocols available can later be limited using the
-.Dv SSL_OP_NO_SSLv3 ,
-.Dv SSL_OP_NO_TLSv1 ,
-.Dv SSL_OP_NO_TLSv1_1 ,
-and
-.Dv SSL_OP_NO_TLSv1_2
-options of the
-.Fn SSL_CTX_set_options
-or
-.Fn SSL_set_options
-functions.
-Using these options it is possible to choose, for example,
-.Fn SSLv23_server_method
-and be able to negotiate with all possible clients,
-but to only allow newer protocols like TLSv1, TLSv1.1 or TLS v1.2.
-.Pp
-.Fn SSL_CTX_new
-initializes the list of ciphers, the session cache setting, the callbacks,
-the keys and certificates, and the options to its default values.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It Dv NULL
-The creation of a new
-.Vt SSL_CTX
-object failed.
-Check the error stack to find out the reason.
-.It Pointer to an SSL_CTX object
-The return value points to an allocated
-.Vt SSL_CTX
-object.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_CTX_free 3 ,
-.Xr SSL_set_connect_state 3

diff --git a/src/lib/libssl/doc/SSL_CTX_new.3 b/src/lib/libssl/doc/SSL_CTX_new.3 deleted file mode 100644 index d2c2b03452..0000000000 --- a/src/lib/libssl/doc/SSL_CTX_new.3 +++ /dev/null
@@ -1,111 +0,0 @@
1	.\"
2	.\" $OpenBSD: SSL_CTX_new.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
3	.\"
4	.Dd $Mdocdate: December 2 2014 $
5	.Dt SSL_CTX_NEW 3
6	.Os
7	.Sh NAME
8	.Nm SSL_CTX_new ,
9	.Nm SSLv3_method ,
10	.Nm SSLv3_server_method ,
11	.Nm SSLv3_client_method ,
12	.Nm TLSv1_method ,
13	.Nm TLSv1_server_method ,
14	.Nm TLSv1_client_method ,
15	.Nm TLSv1_1_method ,
16	.Nm TLSv1_1_server_method ,
17	.Nm TLSv1_1_client_method ,
18	.Nm SSLv23_method ,
19	.Nm SSLv23_server_method ,
20	.Nm SSLv23_client_method
21	.Nd create a new SSL_CTX object as framework for TLS/SSL enabled functions
22	.Sh SYNOPSIS
23	.In openssl/ssl.h
24	.Ft SSL_CTX *
25	.Fn SSL_CTX_new "const SSL_METHOD *method"
26	.Sh DESCRIPTION
27	.Fn SSL_CTX_new
28	creates a new
29	.Vt SSL_CTX
30	object as framework to establish TLS/SSL enabled connections.
31	.Sh NOTES
32	The
33	.Vt SSL_CTX
34	object uses
35	.Fa method
36	as its connection method.
37	The methods exist in a generic type (for client and server use),
38	a server only type, and a client only type.
39	.Fa method
40	can be of the following types:
41	.Bl -tag -width Ds
42	.It Fn SSLv3_method void , Fn SSLv3_server_method void , \
43	Fn SSLv3_client_method void
44	A TLS/SSL connection established with these methods will only understand the
45	SSLv3 protocol.
46	A client will send out SSLv3 client hello messages and will indicate that it
47	only understands SSLv3.
48	A server will only understand SSLv3 client hello messages.
49	Importantly, this means that it will not understand SSLv2 client hello messages
50	which are widely used for compatibility reasons; see
51	.Fn SSLv23_*_method .
52	.It Fn TLSv1_method void , Fn TLSv1_server_method void , \
53	Fn TLSv1_client_method void
54	A TLS/SSL connection established with these methods will only understand the
55	TLSv1 protocol.
56	A client will send out TLSv1 client hello messages and will indicate that it
57	only understands TLSv1.
58	A server will only understand TLSv1 client hello messages.
59	Importantly, this means that it will not understand SSLv2 client hello messages
60	which are widely used for compatibility reasons; see
61	.Fn SSLv23_*_method .
62	It will also not understand SSLv3 client hello messages.
63	.It Fn SSLv23_method void , Fn SSLv23_server_method void , \
64	Fn SSLv23_client_method void
65	A TLS/SSL connection established with these methods may understand the SSLv3,
66	TLSv1, TLSv1.1 and TLSv1.2 protocols.
67	.Pp
68	A client will send out TLSv1 client hello messages including extensions and
69	will indicate that it also understands TLSv1.1, TLSv1.2 and permits a fallback
70	to SSLv3.
71	A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.
72	This is the best choice when compatibility is a concern.
73	.El
74	.Pp
75	The list of protocols available can later be limited using the
76	.Dv SSL_OP_NO_SSLv3 ,
77	.Dv SSL_OP_NO_TLSv1 ,
78	.Dv SSL_OP_NO_TLSv1_1 ,
79	and
80	.Dv SSL_OP_NO_TLSv1_2
81	options of the
82	.Fn SSL_CTX_set_options
83	or
84	.Fn SSL_set_options
85	functions.
86	Using these options it is possible to choose, for example,
87	.Fn SSLv23_server_method
88	and be able to negotiate with all possible clients,
89	but to only allow newer protocols like TLSv1, TLSv1.1 or TLS v1.2.
90	.Pp
91	.Fn SSL_CTX_new
92	initializes the list of ciphers, the session cache setting, the callbacks,
93	the keys and certificates, and the options to its default values.
94	.Sh RETURN VALUES
95	The following return values can occur:
96	.Bl -tag -width Ds
97	.It Dv NULL
98	The creation of a new
99	.Vt SSL_CTX
100	object failed.
101	Check the error stack to find out the reason.
102	.It Pointer to an SSL_CTX object
103	The return value points to an allocated
104	.Vt SSL_CTX
105	object.
106	.El
107	.Sh SEE ALSO
108	.Xr ssl 3 ,
109	.Xr SSL_accept 3 ,
110	.Xr SSL_CTX_free 3 ,
111	.Xr SSL_set_connect_state 3