1 files changed, 0 insertions, 193 deletions
diff --git a/src/lib/libssl/doc/SSL_read.3 b/src/lib/libssl/doc/SSL_read.3
deleted file mode 100644
index d6e5960958..0000000000
--- a/src/lib/libssl/doc/SSL_read.3
+++ /dev/null
@@ -1,193 +0,0 @@
-.\"
-.\"     $OpenBSD: SSL_read.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_READ 3
-.Os
-.Sh NAME
-.Nm SSL_read
-.Nd read bytes from a TLS/SSL connection
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_read "SSL *ssl" "void *buf" "int num"
-.Sh DESCRIPTION
-.Fn SSL_read
-tries to read
-.Fa num
-bytes from the specified
-.Fa ssl
-into the buffer
-.Fa buf .
-.Sh NOTES
-If necessary,
-.Fn SSL_read
-will negotiate a TLS/SSL session, if not already explicitly performed by
-.Xr SSL_connect 3
-or
-.Xr SSL_accept 3 .
-If the peer requests a re-negotiation,
-it will be performed transparently during the
-.Fn SSL_read
-operation.
-The behaviour of
-.Fn SSL_read
-depends on the underlying
-.Vt BIO .
-.Pp
-For the transparent negotiation to succeed, the
-.Fa ssl
-must have been initialized to client or server mode.
-This is being done by calling
-.Xr SSL_set_connect_state 3
-or
-.Xr SSL_set_accept_state 3
-before the first call to
-.Fn SSL_read
-or
-.Xr SSL_write 3 .
-.Pp
-.Fn SSL_read
-works based on the SSL/TLS records.
-The data are received in records (with a maximum record size of 16kB for
-SSLv3/TLSv1).
-Only after a record has been completely received can it be processed
-(decrypted and checked for integrity).
-Therefore data not retrieved at the last call of
-.Fn SSL_read
-can still be buffered inside the SSL layer and will be retrieved on the next
-call to
-.Fn SSL_read .
-If
-.Fa num
-is higher than the number of bytes buffered,
-.Fn SSL_read
-will return with the bytes buffered.
-If no more bytes are in the buffer,
-.Fn SSL_read
-will trigger the processing of the next record.
-Only when the record has been received and processed completely will
-.Fn SSL_read
-return reporting success.
-At most the contents of the record will be returned.
-As the size of an SSL/TLS record may exceed the maximum packet size of the
-underlying transport (e.g., TCP), it may be necessary to read several packets
-from the transport layer before the record is complete and
-.Fn SSL_read
-can succeed.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em blocking ,
-.Fn SSL_read
-will only return once the read operation has been finished or an error
-has occurred, except when a renegotiation take place, in which case a
-.Dv SSL_ERROR_WANT_READ
-may occur.
-This behavior can be controlled with the
-.Dv SSL_MODE_AUTO_RETRY
-flag of the
-.Xr SSL_CTX_set_mode 3
-call.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em non-blocking ,
-.Fn SSL_read
-will also return when the underlying
-.Vt BIO
-could not satisfy the needs of
-.Fn SSL_read
-to continue the operation.
-In this case a call to
-.Xr SSL_get_error 3
-with the return value of
-.Fn SSL_read
-will yield
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE .
-As at any time a re-negotiation is possible, a call to
-.Fn SSL_read
-can also cause write operations!
-The calling process then must repeat the call after taking appropriate action
-to satisfy the needs of
-.Fn SSL_read .
-The action depends on the underlying
-.Vt BIO .
-When using a non-blocking socket, nothing is to be done, but
-.Xr select 2
-can be used to check for the required condition.
-When using a buffering
-.Vt BIO ,
-like a
-.Vt BIO
-pair, data must be written into or retrieved out of the
-.Vt BIO
-before being able to continue.
-.Pp
-.Xr SSL_pending 3
-can be used to find out whether there are buffered bytes available for
-immediate retrieval.
-In this case
-.Fn SSL_read
-can be called without blocking or actually receiving new data from the
-underlying socket.
-.Sh WARNING
-When an
-.Fn SSL_read
-operation has to be repeated because of
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE ,
-it must be repeated with the same arguments.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It >0
-The read operation was successful; the return value is the number of bytes
-actually read from the TLS/SSL connection.
-.It 0
-The read operation was not successful.
-The reason may either be a clean shutdown due to a
-.Dq close notify
-alert sent by the peer (in which case the
-.Dv SSL_RECEIVED_SHUTDOWN
-flag in the ssl shutdown state is set (see
-.Xr SSL_shutdown 3
-and
-.Xr SSL_set_shutdown 3 ) .
-It is also possible that the peer simply shut down the underlying transport and
-the shutdown is incomplete.
-Call
-.Fn SSL_get_error
-with the return value to find out whether an error occurred or the connection
-was shut down cleanly
-.Pq Dv SSL_ERROR_ZERO_RETURN .
-.Pp
-SSLv2 (deprecated) does not support a shutdown alert protocol, so it can only
-be detected whether the underlying connection was closed.
-It cannot be checked whether the closure was initiated by the peer or by
-something else.
-.It <0
-The read operation was not successful, because either an error occurred or
-action must be taken by the calling process.
-Call
-.Fn SSL_get_error
-with the return value to find out the reason.
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_CTX_set_mode 3 ,
-.Xr SSL_get_error 3 ,
-.Xr SSL_pending 3 ,
-.Xr SSL_set_connect_state 3 ,
-.Xr SSL_set_shutdown 3 ,
-.Xr SSL_shutdown 3 ,
-.Xr SSL_write 3

diff --git a/src/lib/libssl/doc/SSL_read.3 b/src/lib/libssl/doc/SSL_read.3 deleted file mode 100644 index d6e5960958..0000000000 --- a/src/lib/libssl/doc/SSL_read.3 +++ /dev/null
@@ -1,193 +0,0 @@
1	.\"
2	.\" $OpenBSD: SSL_read.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
3	.\"
4	.Dd $Mdocdate: December 2 2014 $
5	.Dt SSL_READ 3
6	.Os
7	.Sh NAME
8	.Nm SSL_read
9	.Nd read bytes from a TLS/SSL connection
10	.Sh SYNOPSIS
11	.In openssl/ssl.h
12	.Ft int
13	.Fn SSL_read "SSL ssl" "void buf" "int num"
14	.Sh DESCRIPTION
15	.Fn SSL_read
16	tries to read
17	.Fa num
18	bytes from the specified
19	.Fa ssl
20	into the buffer
21	.Fa buf .
22	.Sh NOTES
23	If necessary,
24	.Fn SSL_read
25	will negotiate a TLS/SSL session, if not already explicitly performed by
26	.Xr SSL_connect 3
27	or
28	.Xr SSL_accept 3 .
29	If the peer requests a re-negotiation,
30	it will be performed transparently during the
31	.Fn SSL_read
32	operation.
33	The behaviour of
34	.Fn SSL_read
35	depends on the underlying
36	.Vt BIO .
37	.Pp
38	For the transparent negotiation to succeed, the
39	.Fa ssl
40	must have been initialized to client or server mode.
41	This is being done by calling
42	.Xr SSL_set_connect_state 3
43	or
44	.Xr SSL_set_accept_state 3
45	before the first call to
46	.Fn SSL_read
47	or
48	.Xr SSL_write 3 .
49	.Pp
50	.Fn SSL_read
51	works based on the SSL/TLS records.
52	The data are received in records (with a maximum record size of 16kB for
53	SSLv3/TLSv1).
54	Only after a record has been completely received can it be processed
55	(decrypted and checked for integrity).
56	Therefore data not retrieved at the last call of
57	.Fn SSL_read
58	can still be buffered inside the SSL layer and will be retrieved on the next
59	call to
60	.Fn SSL_read .
61	If
62	.Fa num
63	is higher than the number of bytes buffered,
64	.Fn SSL_read
65	will return with the bytes buffered.
66	If no more bytes are in the buffer,
67	.Fn SSL_read
68	will trigger the processing of the next record.
69	Only when the record has been received and processed completely will
70	.Fn SSL_read
71	return reporting success.
72	At most the contents of the record will be returned.
73	As the size of an SSL/TLS record may exceed the maximum packet size of the
74	underlying transport (e.g., TCP), it may be necessary to read several packets
75	from the transport layer before the record is complete and
76	.Fn SSL_read
77	can succeed.
78	.Pp
79	If the underlying
80	.Vt BIO
81	is
82	.Em blocking ,
83	.Fn SSL_read
84	will only return once the read operation has been finished or an error
85	has occurred, except when a renegotiation take place, in which case a
86	.Dv SSL_ERROR_WANT_READ
87	may occur.
88	This behavior can be controlled with the
89	.Dv SSL_MODE_AUTO_RETRY
90	flag of the
91	.Xr SSL_CTX_set_mode 3
92	call.
93	.Pp
94	If the underlying
95	.Vt BIO
96	is
97	.Em non-blocking ,
98	.Fn SSL_read
99	will also return when the underlying
100	.Vt BIO
101	could not satisfy the needs of
102	.Fn SSL_read
103	to continue the operation.
104	In this case a call to
105	.Xr SSL_get_error 3
106	with the return value of
107	.Fn SSL_read
108	will yield
109	.Dv SSL_ERROR_WANT_READ
110	or
111	.Dv SSL_ERROR_WANT_WRITE .
112	As at any time a re-negotiation is possible, a call to
113	.Fn SSL_read
114	can also cause write operations!
115	The calling process then must repeat the call after taking appropriate action
116	to satisfy the needs of
117	.Fn SSL_read .
118	The action depends on the underlying
119	.Vt BIO .
120	When using a non-blocking socket, nothing is to be done, but
121	.Xr select 2
122	can be used to check for the required condition.
123	When using a buffering
124	.Vt BIO ,
125	like a
126	.Vt BIO
127	pair, data must be written into or retrieved out of the
128	.Vt BIO
129	before being able to continue.
130	.Pp
131	.Xr SSL_pending 3
132	can be used to find out whether there are buffered bytes available for
133	immediate retrieval.
134	In this case
135	.Fn SSL_read
136	can be called without blocking or actually receiving new data from the
137	underlying socket.
138	.Sh WARNING
139	When an
140	.Fn SSL_read
141	operation has to be repeated because of
142	.Dv SSL_ERROR_WANT_READ
143	or
144	.Dv SSL_ERROR_WANT_WRITE ,
145	it must be repeated with the same arguments.
146	.Sh RETURN VALUES
147	The following return values can occur:
148	.Bl -tag -width Ds
149	.It >0
150	The read operation was successful; the return value is the number of bytes
151	actually read from the TLS/SSL connection.
152	.It 0
153	The read operation was not successful.
154	The reason may either be a clean shutdown due to a
155	.Dq close notify
156	alert sent by the peer (in which case the
157	.Dv SSL_RECEIVED_SHUTDOWN
158	flag in the ssl shutdown state is set (see
159	.Xr SSL_shutdown 3
160	and
161	.Xr SSL_set_shutdown 3 ) .
162	It is also possible that the peer simply shut down the underlying transport and
163	the shutdown is incomplete.
164	Call
165	.Fn SSL_get_error
166	with the return value to find out whether an error occurred or the connection
167	was shut down cleanly
168	.Pq Dv SSL_ERROR_ZERO_RETURN .
169	.Pp
170	SSLv2 (deprecated) does not support a shutdown alert protocol, so it can only
171	be detected whether the underlying connection was closed.
172	It cannot be checked whether the closure was initiated by the peer or by
173	something else.
174	.It <0
175	The read operation was not successful, because either an error occurred or
176	action must be taken by the calling process.
177	Call
178	.Fn SSL_get_error
179	with the return value to find out the reason.
180	.El
181	.Sh SEE ALSO
182	.Xr bio 3 ,
183	.Xr ssl 3 ,
184	.Xr SSL_accept 3 ,
185	.Xr SSL_connect 3 ,
186	.Xr SSL_CTX_new 3 ,
187	.Xr SSL_CTX_set_mode 3 ,
188	.Xr SSL_get_error 3 ,
189	.Xr SSL_pending 3 ,
190	.Xr SSL_set_connect_state 3 ,
191	.Xr SSL_set_shutdown 3 ,
192	.Xr SSL_shutdown 3 ,
193	.Xr SSL_write 3