1 files changed, 0 insertions, 105 deletions
diff --git a/src/lib/libssl/doc/SSL_CTX_set_session_id_context.3 b/src/lib/libssl/doc/SSL_CTX_set_session_id_context.3
deleted file mode 100644
index c8132a910c..0000000000
--- a/src/lib/libssl/doc/SSL_CTX_set_session_id_context.3
+++ /dev/null
@@ -1,105 +0,0 @@
-.\"
-.\"     $OpenBSD: SSL_CTX_set_session_id_context.3,v 1.3 2015/09/14 15:51:20 schwarze Exp $
-.\"
-.Dd $Mdocdate: September 14 2015 $
-.Dt SSL_CTX_SET_SESSION_ID_CONTEXT 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_session_id_context ,
-.Nm SSL_set_session_id_context
-.Nd set context within which session can be reused (server side only)
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fo SSL_CTX_set_session_id_context
-.Fa "SSL_CTX *ctx"
-.Fa "const unsigned char *sid_ctx"
-.Fa "unsigned int sid_ctx_len"
-.Fc
-.Ft int
-.Fo SSL_set_session_id_context
-.Fa "SSL *ssl"
-.Fa "const unsigned char *sid_ctx"
-.Fa "unsigned int sid_ctx_len"
-.Fc
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_session_id_context
-sets the context
-.Fa sid_ctx
-of length
-.Fa sid_ctx_len
-within which a session can be reused for the
-.Fa ctx
-object.
-.Pp
-.Fn SSL_set_session_id_context
-sets the context
-.Fa sid_ctx
-of length
-.Fa sid_ctx_len
-within which a session can be reused for the
-.Fa ssl
-object.
-.Sh NOTES
-Sessions are generated within a certain context.
-When exporting/importing sessions with
-.Xr i2d_SSL_SESSION 3
-and
-.Xr d2i_SSL_SESSION 3 ,
-it would be possible to re-import a session generated from another context
-(e.g., another application), which might lead to malfunctions.
-Therefore each application must set its own session id context
-.Fa sid_ctx
-which is used to distinguish the contexts and is stored in exported sessions.
-The
-.Fa sid_ctx
-can be any kind of binary data with a given length; it is therefore possible
-to use, for instance, the name of the application, the hostname, the service
-name...
-.Pp
-The session id context becomes part of the session.
-The session id context is set by the SSL/TLS server.
-The
-.Fn SSL_CTX_set_session_id_context
-and
-.Fn SSL_set_session_id_context
-functions are therefore only useful on the server side.
-.Pp
-OpenSSL clients will check the session id context returned by the server when
-reusing a session.
-.Pp
-The maximum length of the
-.Fa sid_ctx
-is limited to
-.Dv SSL_MAX_SSL_SESSION_ID_LENGTH .
-.Sh WARNINGS
-If the session id context is not set on an SSL/TLS server and client
-certificates are used, stored sessions will not be reused but a fatal error
-will be flagged and the handshake will fail.
-.Pp
-If a server returns a different session id context to an OpenSSL client
-when reusing a session, an error will be flagged and the handshake will
-fail.
-OpenSSL servers will always return the correct session id context,
-as an OpenSSL server checks the session id context itself before reusing
-a session as described above.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_session_id_context
-and
-.Fn SSL_set_session_id_context
-return the following values:
-.Bl -tag -width Ds
-.It 0
-The length
-.Fa sid_ctx_len
-of the session id context
-.Fa sid_ctx
-exceeded
-the maximum allowed length of
-.Dv SSL_MAX_SSL_SESSION_ID_LENGTH .
-The error is logged to the error stack.
-.It 1
-The operation succeeded.
-.El
-.Sh SEE ALSO
-.Xr ssl 3

diff --git a/src/lib/libssl/doc/SSL_CTX_set_session_id_context.3 b/src/lib/libssl/doc/SSL_CTX_set_session_id_context.3 deleted file mode 100644 index c8132a910c..0000000000 --- a/src/lib/libssl/doc/SSL_CTX_set_session_id_context.3 +++ /dev/null
@@ -1,105 +0,0 @@
1	.\"
2	.\" $OpenBSD: SSL_CTX_set_session_id_context.3,v 1.3 2015/09/14 15:51:20 schwarze Exp $
3	.\"
4	.Dd $Mdocdate: September 14 2015 $
5	.Dt SSL_CTX_SET_SESSION_ID_CONTEXT 3
6	.Os
7	.Sh NAME
8	.Nm SSL_CTX_set_session_id_context ,
9	.Nm SSL_set_session_id_context
10	.Nd set context within which session can be reused (server side only)
11	.Sh SYNOPSIS
12	.In openssl/ssl.h
13	.Ft int
14	.Fo SSL_CTX_set_session_id_context
15	.Fa "SSL_CTX *ctx"
16	.Fa "const unsigned char *sid_ctx"
17	.Fa "unsigned int sid_ctx_len"
18	.Fc
19	.Ft int
20	.Fo SSL_set_session_id_context
21	.Fa "SSL *ssl"
22	.Fa "const unsigned char *sid_ctx"
23	.Fa "unsigned int sid_ctx_len"
24	.Fc
25	.Sh DESCRIPTION
26	.Fn SSL_CTX_set_session_id_context
27	sets the context
28	.Fa sid_ctx
29	of length
30	.Fa sid_ctx_len
31	within which a session can be reused for the
32	.Fa ctx
33	object.
34	.Pp
35	.Fn SSL_set_session_id_context
36	sets the context
37	.Fa sid_ctx
38	of length
39	.Fa sid_ctx_len
40	within which a session can be reused for the
41	.Fa ssl
42	object.
43	.Sh NOTES
44	Sessions are generated within a certain context.
45	When exporting/importing sessions with
46	.Xr i2d_SSL_SESSION 3
47	and
48	.Xr d2i_SSL_SESSION 3 ,
49	it would be possible to re-import a session generated from another context
50	(e.g., another application), which might lead to malfunctions.
51	Therefore each application must set its own session id context
52	.Fa sid_ctx
53	which is used to distinguish the contexts and is stored in exported sessions.
54	The
55	.Fa sid_ctx
56	can be any kind of binary data with a given length; it is therefore possible
57	to use, for instance, the name of the application, the hostname, the service
58	name...
59	.Pp
60	The session id context becomes part of the session.
61	The session id context is set by the SSL/TLS server.
62	The
63	.Fn SSL_CTX_set_session_id_context
64	and
65	.Fn SSL_set_session_id_context
66	functions are therefore only useful on the server side.
67	.Pp
68	OpenSSL clients will check the session id context returned by the server when
69	reusing a session.
70	.Pp
71	The maximum length of the
72	.Fa sid_ctx
73	is limited to
74	.Dv SSL_MAX_SSL_SESSION_ID_LENGTH .
75	.Sh WARNINGS
76	If the session id context is not set on an SSL/TLS server and client
77	certificates are used, stored sessions will not be reused but a fatal error
78	will be flagged and the handshake will fail.
79	.Pp
80	If a server returns a different session id context to an OpenSSL client
81	when reusing a session, an error will be flagged and the handshake will
82	fail.
83	OpenSSL servers will always return the correct session id context,
84	as an OpenSSL server checks the session id context itself before reusing
85	a session as described above.
86	.Sh RETURN VALUES
87	.Fn SSL_CTX_set_session_id_context
88	and
89	.Fn SSL_set_session_id_context
90	return the following values:
91	.Bl -tag -width Ds
92	.It 0
93	The length
94	.Fa sid_ctx_len
95	of the session id context
96	.Fa sid_ctx
97	exceeded
98	the maximum allowed length of
99	.Dv SSL_MAX_SSL_SESSION_ID_LENGTH .
100	The error is logged to the error stack.
101	.It 1
102	The operation succeeded.
103	.El
104	.Sh SEE ALSO
105	.Xr ssl 3