1 files changed, 0 insertions, 112 deletions
diff --git a/src/lib/libssl/doc/SSL_CTX_set_cert_verify_callback.3 b/src/lib/libssl/doc/SSL_CTX_set_cert_verify_callback.3
deleted file mode 100644
index bb242d6929..0000000000
--- a/src/lib/libssl/doc/SSL_CTX_set_cert_verify_callback.3
+++ /dev/null
@@ -1,112 +0,0 @@
-.\"
-.\"     $OpenBSD: SSL_CTX_set_cert_verify_callback.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_CERT_VERIFY_CALLBACK 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_cert_verify_callback
-.Nd set peer certificate verification procedure
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fo SSL_CTX_set_cert_verify_callback
-.Fa "SSL_CTX *ctx"
-.Fa "int (*callback)(X509_STORE_CTX *, void *)"
-.Fa "void *arg"
-.Fc
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_cert_verify_callback
-sets the verification callback function for
-.Fa ctx .
-.Vt SSL
-objects that are created from
-.Fa ctx
-inherit the setting valid at the time when
-.Xr SSL_new 3
-is called.
-.Sh NOTES
-Whenever a certificate is verified during a SSL/TLS handshake,
-a verification function is called.
-If the application does not explicitly specify a verification callback
-function, the built-in verification function is used.
-If a verification callback
-.Fa callback
-is specified via
-.Fn SSL_CTX_set_cert_verify_callback ,
-the supplied callback function is called instead.
-By setting
-.Fa callback
-to
-.Dv NULL ,
-the default behaviour is restored.
-.Pp
-When the verification must be performed,
-.Fa callback
-will be called with the arguments
-.Fn callback "X509_STORE_CTX *x509_store_ctx" "void *arg" .
-The argument
-.Fa arg
-is specified by the application when setting
-.Fa callback .
-.Pp
-.Fa callback
-should return 1 to indicate verification success and 0 to indicate verification
-failure.
-If
-.Dv SSL_VERIFY_PEER
-is set and
-.Fa callback
-returns 0, the handshake will fail.
-As the verification procedure may allow the connection to continue in case of
-failure (by always returning 1) the verification result must be set in any case
-using the
-.Fa error
-member of
-.Fa x509_store_ctx
-so that the calling application will be informed about the detailed result of
-the verification procedure!
-.Pp
-Within
-.Fa x509_store_ctx ,
-.Fa callback
-has access to the
-.Fa verify_callback
-function set using
-.Xr SSL_CTX_set_verify 3 .
-.Sh WARNINGS
-Do not mix the verification callback described in this function with the
-.Fa verify_callback
-function called during the verification process.
-The latter is set using the
-.Xr SSL_CTX_set_verify 3
-family of functions.
-.Pp
-Providing a complete verification procedure including certificate purpose
-settings, etc., is a complex task.
-The built-in procedure is quite powerful and in most cases it should be
-sufficient to modify its behaviour using the
-.Fa verify_callback
-function.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_cert_verify_callback
-does not provide diagnostic information.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_load_verify_locations 3 ,
-.Xr SSL_CTX_set_verify 3 ,
-.Xr SSL_get_verify_result 3
-.Sh HISTORY
-Previous to OpenSSL 0.9.7, the
-.Fa arg
-argument to
-.Fn SSL_CTX_set_cert_verify_callback
-was ignored, and
-.Fa callback
-was called
-simply as
-.Ft int
-.Fn (*callback) "X509_STORE_CTX *" .
-To compile software written for previous versions of OpenSSL,
-a dummy argument will have to be added to
-.Fa callback .

diff --git a/src/lib/libssl/doc/SSL_CTX_set_cert_verify_callback.3 b/src/lib/libssl/doc/SSL_CTX_set_cert_verify_callback.3 deleted file mode 100644 index bb242d6929..0000000000 --- a/src/lib/libssl/doc/SSL_CTX_set_cert_verify_callback.3 +++ /dev/null
@@ -1,112 +0,0 @@
1	.\"
2	.\" $OpenBSD: SSL_CTX_set_cert_verify_callback.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
3	.\"
4	.Dd $Mdocdate: December 2 2014 $
5	.Dt SSL_CTX_SET_CERT_VERIFY_CALLBACK 3
6	.Os
7	.Sh NAME
8	.Nm SSL_CTX_set_cert_verify_callback
9	.Nd set peer certificate verification procedure
10	.Sh SYNOPSIS
11	.In openssl/ssl.h
12	.Ft void
13	.Fo SSL_CTX_set_cert_verify_callback
14	.Fa "SSL_CTX *ctx"
15	.Fa "int (callback)(X509_STORE_CTX , void *)"
16	.Fa "void *arg"
17	.Fc
18	.Sh DESCRIPTION
19	.Fn SSL_CTX_set_cert_verify_callback
20	sets the verification callback function for
21	.Fa ctx .
22	.Vt SSL
23	objects that are created from
24	.Fa ctx
25	inherit the setting valid at the time when
26	.Xr SSL_new 3
27	is called.
28	.Sh NOTES
29	Whenever a certificate is verified during a SSL/TLS handshake,
30	a verification function is called.
31	If the application does not explicitly specify a verification callback
32	function, the built-in verification function is used.
33	If a verification callback
34	.Fa callback
35	is specified via
36	.Fn SSL_CTX_set_cert_verify_callback ,
37	the supplied callback function is called instead.
38	By setting
39	.Fa callback
40	to
41	.Dv NULL ,
42	the default behaviour is restored.
43	.Pp
44	When the verification must be performed,
45	.Fa callback
46	will be called with the arguments
47	.Fn callback "X509_STORE_CTX x509_store_ctx" "void arg" .
48	The argument
49	.Fa arg
50	is specified by the application when setting
51	.Fa callback .
52	.Pp
53	.Fa callback
54	should return 1 to indicate verification success and 0 to indicate verification
55	failure.
56	If
57	.Dv SSL_VERIFY_PEER
58	is set and
59	.Fa callback
60	returns 0, the handshake will fail.
61	As the verification procedure may allow the connection to continue in case of
62	failure (by always returning 1) the verification result must be set in any case
63	using the
64	.Fa error
65	member of
66	.Fa x509_store_ctx
67	so that the calling application will be informed about the detailed result of
68	the verification procedure!
69	.Pp
70	Within
71	.Fa x509_store_ctx ,
72	.Fa callback
73	has access to the
74	.Fa verify_callback
75	function set using
76	.Xr SSL_CTX_set_verify 3 .
77	.Sh WARNINGS
78	Do not mix the verification callback described in this function with the
79	.Fa verify_callback
80	function called during the verification process.
81	The latter is set using the
82	.Xr SSL_CTX_set_verify 3
83	family of functions.
84	.Pp
85	Providing a complete verification procedure including certificate purpose
86	settings, etc., is a complex task.
87	The built-in procedure is quite powerful and in most cases it should be
88	sufficient to modify its behaviour using the
89	.Fa verify_callback
90	function.
91	.Sh RETURN VALUES
92	.Fn SSL_CTX_set_cert_verify_callback
93	does not provide diagnostic information.
94	.Sh SEE ALSO
95	.Xr ssl 3 ,
96	.Xr SSL_CTX_load_verify_locations 3 ,
97	.Xr SSL_CTX_set_verify 3 ,
98	.Xr SSL_get_verify_result 3
99	.Sh HISTORY
100	Previous to OpenSSL 0.9.7, the
101	.Fa arg
102	argument to
103	.Fn SSL_CTX_set_cert_verify_callback
104	was ignored, and
105	.Fa callback
106	was called
107	simply as
108	.Ft int
109	.Fn (callback) "X509_STORE_CTX " .
110	To compile software written for previous versions of OpenSSL,
111	a dummy argument will have to be added to
112	.Fa callback .