1 files changed, 164 insertions, 0 deletions
diff --git a/src/lib/libssl/doc/SSL_CTX_set_info_callback.3 b/src/lib/libssl/doc/SSL_CTX_set_info_callback.3
new file mode 100644
index 0000000000..dcf298addf
--- /dev/null
+++ b/src/lib/libssl/doc/SSL_CTX_set_info_callback.3
@@ -0,0 +1,164 @@
+.Dd $Mdocdate: October 12 2014 $
+.Dt SSL_CTX_SET_INFO_CALLBACK 3
+.Os
+.Sh NAME
+.Nm SSL_CTX_set_info_callback ,
+.Nm SSL_CTX_get_info_callback ,
+.Nm SSL_set_info_callback ,
+.Nm SSL_get_info_callback
+.Nd handle information callback for SSL connections
+.Sh SYNOPSIS
+.In openssl/ssl.h
+.Ft void
+.Fn SSL_CTX_set_info_callback "SSL_CTX *ctx" "void (*callback)()"
+.Ft void
+.Fn "(*SSL_CTX_get_info_callback(const SSL_CTX *ctx))"
+.Ft void
+.Fn SSL_set_info_callback "SSL *ssl" "void (*callback)()"
+.Ft void
+.Fn "(*SSL_get_info_callback(const SSL *ssl))"
+.Sh DESCRIPTION
+.Fn SSL_CTX_set_info_callback
+sets the
+.Fa callback
+function that can be used to obtain state information for SSL objects created
+from
+.Fa ctx
+during connection setup and use.
+The setting for
+.Fa ctx
+is overridden from the setting for a specific SSL object, if specified.
+When
+.Fa callback
+is
+.Dv NULL ,
+no callback function is used.
+.Pp
+.Fn SSL_set_info_callback
+sets the
+.Fa callback
+function that can be used to
+obtain state information for
+.Fa ssl
+during connection setup and use.
+When
+.Fa callback
+is
+.Dv NULL ,
+the callback setting currently valid for
+.Fa ctx
+is used.
+.Pp
+.Fn SSL_CTX_get_info_callback
+returns a pointer to the currently set information callback function for
+.Fa ctx .
+.Pp
+.Fn SSL_get_info_callback
+returns a pointer to the currently set information callback function for
+.Fa ssl .
+.Sh NOTES
+When setting up a connection and during use,
+it is possible to obtain state information from the SSL/TLS engine.
+When set, an information callback function is called whenever the state changes,
+an alert appears, or an error occurs.
+.Pp
+The callback function is called as
+.Fn callback "SSL *ssl" "int where" "int ret" .
+The
+.Fa where
+argument specifies information about where (in which context)
+the callback function was called.
+If
+.Fa ret
+is 0, an error condition occurred.
+If an alert is handled,
+.Dv SSL_CB_ALERT
+is set and
+.Fa ret
+specifies the alert information.
+.Pp
+.Fa where
+is a bitmask made up of the following bits:
+.Bl -tag -width Ds
+.It Dv SSL_CB_LOOP
+Callback has been called to indicate state change inside a loop.
+.It Dv SSL_CB_EXIT
+Callback has been called to indicate error exit of a handshake function.
+(May be soft error with retry option for non-blocking setups.)
+.It Dv SSL_CB_READ
+Callback has been called during read operation.
+.It Dv SSL_CB_WRITE
+Callback has been called during write operation.
+.It Dv SSL_CB_ALERT
+Callback has been called due to an alert being sent or received.
+.It Dv SSL_CB_READ_ALERT
+.It Dv SSL_CB_WRITE_ALERT
+.It Dv SSL_CB_ACCEPT_LOOP
+.It Dv SSL_CB_ACCEPT_EXIT
+.It Dv SSL_CB_CONNECT_LOOP
+.It Dv SSL_CB_CONNECT_EXIT
+.It Dv SSL_CB_HANDSHAKE_START
+Callback has been called because a new handshake is started.
+.It Dv SSL_CB_HANDSHAKE_DONE
+Callback has been called because a handshake is finished.
+.El
+.Pp
+The current state information can be obtained using the
+.Xr SSL_state_string 3
+family of functions.
+.Pp
+The
+.Fa ret
+information can be evaluated using the
+.Xr SSL_alert_type_string 3
+family of functions.
+.Sh RETURN VALUES
+.Fn SSL_set_info_callback
+does not provide diagnostic information.
+.Pp
+.Fn SSL_get_info_callback
+returns the current setting.
+.Sh EXAMPLES
+The following example callback function prints state strings,
+information about alerts being handled and error messages to the
+.Va bio_err
+.Vt BIO .
+.Bd -literal
+void
+apps_ssl_info_callback(SSL *s, int where, int ret)
+{
+        const char *str;
+        int w;
+        w = where & ~SSL_ST_MASK;
+        if (w & SSL_ST_CONNECT)
+                str = "SSL_connect";
+        else if (w & SSL_ST_ACCEPT)
+                str = "SSL_accept";
+        else
+                str = "undefined";
+        if (where & SSL_CB_LOOP) {
+                BIO_printf(bio_err, "%s:%s\en", str,
+                    SSL_state_string_long(s));
+        } else if (where & SSL_CB_ALERT) {
+                str = (where & SSL_CB_READ) ? "read" : "write";
+                BIO_printf(bio_err, "SSL3 alert %s:%s:%s\en", str,
+                        SSL_alert_type_string_long(ret),
+                        SSL_alert_desc_string_long(ret));
+        } else if (where & SSL_CB_EXIT) {
+                if (ret == 0)
+                        BIO_printf(bio_err, "%s:failed in %s\en",
+                                str, SSL_state_string_long(s));
+                else if (ret < 0) {
+                        BIO_printf(bio_err, "%s:error in %s\en",
+                                str, SSL_state_string_long(s));
+                }
+        }
+}
+.Ed
+.Sh SEE ALSO
+.Xr ssl 3 ,
+.Xr SSL_alert_type_string 3 ,
+.Xr SSL_state_string 3

diff --git a/src/lib/libssl/doc/SSL_CTX_set_info_callback.3 b/src/lib/libssl/doc/SSL_CTX_set_info_callback.3 new file mode 100644 index 0000000000..dcf298addf --- /dev/null +++ b/src/lib/libssl/doc/SSL_CTX_set_info_callback.3
@@ -0,0 +1,164 @@
	1	.Dd $Mdocdate: October 12 2014 $
	2	.Dt SSL_CTX_SET_INFO_CALLBACK 3
	3	.Os
	4	.Sh NAME
	5	.Nm SSL_CTX_set_info_callback ,
	6	.Nm SSL_CTX_get_info_callback ,
	7	.Nm SSL_set_info_callback ,
	8	.Nm SSL_get_info_callback
	9	.Nd handle information callback for SSL connections
	10	.Sh SYNOPSIS
	11	.In openssl/ssl.h
	12	.Ft void
	13	.Fn SSL_CTX_set_info_callback "SSL_CTX ctx" "void (callback)()"
	14	.Ft void
	15	.Fn "(SSL_CTX_get_info_callback(const SSL_CTX ctx))"
	16	.Ft void
	17	.Fn SSL_set_info_callback "SSL ssl" "void (callback)()"
	18	.Ft void
	19	.Fn "(SSL_get_info_callback(const SSL ssl))"
	20	.Sh DESCRIPTION
	21	.Fn SSL_CTX_set_info_callback
	22	sets the
	23	.Fa callback
	24	function that can be used to obtain state information for SSL objects created
	25	from
	26	.Fa ctx
	27	during connection setup and use.
	28	The setting for
	29	.Fa ctx
	30	is overridden from the setting for a specific SSL object, if specified.
	31	When
	32	.Fa callback
	33	is
	34	.Dv NULL ,
	35	no callback function is used.
	36	.Pp
	37	.Fn SSL_set_info_callback
	38	sets the
	39	.Fa callback
	40	function that can be used to
	41	obtain state information for
	42	.Fa ssl
	43	during connection setup and use.
	44	When
	45	.Fa callback
	46	is
	47	.Dv NULL ,
	48	the callback setting currently valid for
	49	.Fa ctx
	50	is used.
	51	.Pp
	52	.Fn SSL_CTX_get_info_callback
	53	returns a pointer to the currently set information callback function for
	54	.Fa ctx .
	55	.Pp
	56	.Fn SSL_get_info_callback
	57	returns a pointer to the currently set information callback function for
	58	.Fa ssl .
	59	.Sh NOTES
	60	When setting up a connection and during use,
	61	it is possible to obtain state information from the SSL/TLS engine.
	62	When set, an information callback function is called whenever the state changes,
	63	an alert appears, or an error occurs.
	64	.Pp
	65	The callback function is called as
	66	.Fn callback "SSL *ssl" "int where" "int ret" .
	67	The
	68	.Fa where
	69	argument specifies information about where (in which context)
	70	the callback function was called.
	71	If
	72	.Fa ret
	73	is 0, an error condition occurred.
	74	If an alert is handled,
	75	.Dv SSL_CB_ALERT
	76	is set and
	77	.Fa ret
	78	specifies the alert information.
	79	.Pp
	80	.Fa where
	81	is a bitmask made up of the following bits:
	82	.Bl -tag -width Ds
	83	.It Dv SSL_CB_LOOP
	84	Callback has been called to indicate state change inside a loop.
	85	.It Dv SSL_CB_EXIT
	86	Callback has been called to indicate error exit of a handshake function.
	87	(May be soft error with retry option for non-blocking setups.)
	88	.It Dv SSL_CB_READ
	89	Callback has been called during read operation.
	90	.It Dv SSL_CB_WRITE
	91	Callback has been called during write operation.
	92	.It Dv SSL_CB_ALERT
	93	Callback has been called due to an alert being sent or received.
	94	.It Dv SSL_CB_READ_ALERT
	95	.It Dv SSL_CB_WRITE_ALERT
	96	.It Dv SSL_CB_ACCEPT_LOOP
	97	.It Dv SSL_CB_ACCEPT_EXIT
	98	.It Dv SSL_CB_CONNECT_LOOP
	99	.It Dv SSL_CB_CONNECT_EXIT
	100	.It Dv SSL_CB_HANDSHAKE_START
	101	Callback has been called because a new handshake is started.
	102	.It Dv SSL_CB_HANDSHAKE_DONE
	103	Callback has been called because a handshake is finished.
	104	.El
	105	.Pp
	106	The current state information can be obtained using the
	107	.Xr SSL_state_string 3
	108	family of functions.
	109	.Pp
	110	The
	111	.Fa ret
	112	information can be evaluated using the
	113	.Xr SSL_alert_type_string 3
	114	family of functions.
	115	.Sh RETURN VALUES
	116	.Fn SSL_set_info_callback
	117	does not provide diagnostic information.
	118	.Pp
	119	.Fn SSL_get_info_callback
	120	returns the current setting.
	121	.Sh EXAMPLES
	122	The following example callback function prints state strings,
	123	information about alerts being handled and error messages to the
	124	.Va bio_err
	125	.Vt BIO .
	126	.Bd -literal
	127	void
	128	apps_ssl_info_callback(SSL *s, int where, int ret)
	129	{
	130	const char *str;
	131	int w;
	132
	133	w = where & ~SSL_ST_MASK;
	134
	135	if (w & SSL_ST_CONNECT)
	136	str = "SSL_connect";
	137	else if (w & SSL_ST_ACCEPT)
	138	str = "SSL_accept";
	139	else
	140	str = "undefined";
	141
	142	if (where & SSL_CB_LOOP) {
	143	BIO_printf(bio_err, "%s:%s\en", str,
	144	SSL_state_string_long(s));
	145	} else if (where & SSL_CB_ALERT) {
	146	str = (where & SSL_CB_READ) ? "read" : "write";
	147	BIO_printf(bio_err, "SSL3 alert %s:%s:%s\en", str,
	148	SSL_alert_type_string_long(ret),
	149	SSL_alert_desc_string_long(ret));
	150	} else if (where & SSL_CB_EXIT) {
	151	if (ret == 0)
	152	BIO_printf(bio_err, "%s:failed in %s\en",
	153	str, SSL_state_string_long(s));
	154	else if (ret < 0) {
	155	BIO_printf(bio_err, "%s:error in %s\en",
	156	str, SSL_state_string_long(s));
	157	}
	158	}
	159	}
	160	.Ed
	161	.Sh SEE ALSO
	162	.Xr ssl 3 ,
	163	.Xr SSL_alert_type_string 3 ,
	164	.Xr SSL_state_string 3