32 files changed, 137 insertions, 194 deletions
diff --git a/src/lib/libssl/src/doc/apps/CA.pl.pod b/src/lib/libssl/src/doc/apps/CA.pl.pod
index ed69952f37..d326101cde 100644
--- a/src/lib/libssl/src/doc/apps/CA.pl.pod
+++ b/src/lib/libssl/src/doc/apps/CA.pl.pod
@@ -39,13 +39,13 @@ prints a usage message.
 =item B<-newcert>
-creates a new self signed certificate. The private key and certificate are
+creates a new self signed certificate. The private key is written to the file
-written to the file "newreq.pem".
+"newkey.pem" and the request written to the file "newreq.pem".
 =item B<-newreq>
-creates a new certificate request. The private key and request are
+creates a new certificate request. The private key is written to the file
-written to the file "newreq.pem".
+"newkey.pem" and the request written to the file "newreq.pem".
 =item B<-newreq-nodes>
diff --git a/src/lib/libssl/src/doc/apps/config.pod b/src/lib/libssl/src/doc/apps/config.pod
index ace34b62bd..25c5381b9d 100644
--- a/src/lib/libssl/src/doc/apps/config.pod
+++ b/src/lib/libssl/src/doc/apps/config.pod
@@ -119,7 +119,7 @@ variable points to a section containing further ENGINE configuration
 information.
 The section pointed to by B<engines> is a table of engine names (though see
-B<engine_id> below) and further sections containing configuration informations
+B<engine_id> below) and further sections containing configuration information
 specific to each ENGINE.
 Each ENGINE specific section is used to set default algorithms, load
diff --git a/src/lib/libssl/src/doc/apps/crl.pod b/src/lib/libssl/src/doc/apps/crl.pod
index a40c873b95..1ad76a5f8c 100644
--- a/src/lib/libssl/src/doc/apps/crl.pod
+++ b/src/lib/libssl/src/doc/apps/crl.pod
@@ -62,6 +62,11 @@ don't output the encoded version of the CRL.
 output a hash of the issuer name. This can be use to lookup CRLs in
 a directory by issuer name.
+=item B<-hash_old>
+outputs the "hash" of the CRL issuer name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
 =item B<-issuer>
 output the issuer name.
diff --git a/src/lib/libssl/src/doc/apps/pkcs12.pod b/src/lib/libssl/src/doc/apps/pkcs12.pod
index f69a5c5a4c..8e0d91798a 100644
--- a/src/lib/libssl/src/doc/apps/pkcs12.pod
+++ b/src/lib/libssl/src/doc/apps/pkcs12.pod
@@ -67,7 +67,7 @@ by default.
 The filename to write certificates and private keys to, standard output by
 default.  They are all written in PEM format.
-=item B<-pass arg>, B<-passin arg>
+=item B<-passin arg>
 the PKCS#12 file (i.e. input file) password source. For more information about
 the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
@@ -75,10 +75,15 @@ L<openssl(1)|openssl(1)>.
 =item B<-passout arg>
-pass phrase source to encrypt any outputed private keys with. For more
+pass phrase source to encrypt any outputted private keys with. For more
 information about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section
 in L<openssl(1)|openssl(1)>.
+=item B<-password arg>
+With -export, -password is equivalent to -passout.
+Otherwise, -password is equivalent to -passin.
 =item B<-noout>
 this option inhibits output of the keys and certificates to the output file
diff --git a/src/lib/libssl/src/doc/apps/req.pod b/src/lib/libssl/src/doc/apps/req.pod
index ff48bbdf28..0730d117b3 100644
--- a/src/lib/libssl/src/doc/apps/req.pod
+++ b/src/lib/libssl/src/doc/apps/req.pod
@@ -303,7 +303,7 @@ Reverses effect of B<-asn1-kludge>
 =item B<-newhdr>
-Adds the word B<NEW> to the PEM file header and footer lines on the outputed
+Adds the word B<NEW> to the PEM file header and footer lines on the outputted
 request. Some software (Netscape certificate server) and some CAs need this.
 =item B<-batch>
diff --git a/src/lib/libssl/src/doc/apps/rsa.pod b/src/lib/libssl/src/doc/apps/rsa.pod
index 69b2bef82c..d7d784d52b 100644
--- a/src/lib/libssl/src/doc/apps/rsa.pod
+++ b/src/lib/libssl/src/doc/apps/rsa.pod
@@ -24,6 +24,8 @@ B<openssl> B<rsa>
 [B<-check>]
 [B<-pubin>]
 [B<-pubout>]
+[B<-RSAPublicKey_in>]
+[B<-RSAPublicKey_out>]
 [B<-engine id>]
 =head1 DESCRIPTION
@@ -118,6 +120,10 @@ by default a private key is output: with this option a public
 key will be output instead. This option is automatically set if
 the input is a public key.
+=item B<-RSAPublicKey_in>, B<-RSAPublicKey_out>
+like B<-pubin> and B<-pubout> except B<RSAPublicKey> format is used instead.
 =item B<-engine id>
 specifying an engine (by its unique B<id> string) will cause B<rsa>
@@ -139,6 +145,11 @@ The PEM public key format uses the header and footer lines:
 -----BEGIN PUBLIC KEY-----
 -----END PUBLIC KEY-----
+The PEM B<RSAPublicKey> format uses the header and footer lines:
+ -----BEGIN RSA PUBLIC KEY-----
+ -----END RSA PUBLIC KEY-----
 The B<NET> form is a format compatible with older Netscape servers
 and Microsoft IIS .key files, this uses unsalted RC4 for its encryption.
 It is not very secure and so should only be used when necessary.
@@ -173,6 +184,10 @@ To just output the public part of a private key:
 openssl rsa -in key.pem -pubout -out pubkey.pem
+Output the public part of a private key in B<RSAPublicKey> format:
+ openssl rsa -in key.pem -RSAPublicKey_out -out pubkey.pem
 =head1 BUGS
 The command line password arguments don't currently work with
diff --git a/src/lib/libssl/src/doc/apps/s_client.pod b/src/lib/libssl/src/doc/apps/s_client.pod
index 4ebf7b5854..3215b2e8c9 100644
--- a/src/lib/libssl/src/doc/apps/s_client.pod
+++ b/src/lib/libssl/src/doc/apps/s_client.pod
@@ -10,6 +10,7 @@ s_client - SSL/TLS client program
 B<openssl> B<s_client>
 [B<-connect host:port>]
 [B<-verify depth>]
+[B<-verify_return_error>]
 [B<-cert filename>]
 [B<-certform DER|PEM>]
 [B<-key filename>]
@@ -90,6 +91,11 @@ Currently the verify operation continues after errors so all the problems
 with a certificate chain can be seen. As a side effect the connection
 will never fail due to a server certificate verify failure.
+=item B<-verify_return_error>
+Return verification errors instead of continuing. This will typically
+abort the handshake with a fatal error.
 =item B<-CApath directory>
 The directory to use for server certificate verification. This directory
@@ -286,6 +292,13 @@ Since the SSLv23 client hello cannot include compression methods or extensions
 these will only be supported if its use is disabled, for example by using the
 B<-no_sslv2> option.
+The B<s_client> utility is a test tool and is designed to continue the
+handshake after any certificate verification errors. As a result it will
+accept any certificate chain (trusted or not) sent by the peer. None test
+applications should B<not> do this as it makes them vulnerable to a MITM
+attack. This behaviour can be changed by with the B<-verify_return_error>
+option: any verify errors are then returned aborting the handshake.
 =head1 BUGS
 Because this program has a lot of options and also because some of
@@ -293,9 +306,6 @@ the techniques used are rather old, the C source of s_client is rather
 hard to read and not a model of how things should be done. A typical
 SSL client program would be much simpler.
-The B<-verify> option should really exit if the server verification
-fails.
 The B<-prexit> option is a bit of a hack. We should really report
 information whenever a session is renegotiated.
diff --git a/src/lib/libssl/src/doc/apps/s_server.pod b/src/lib/libssl/src/doc/apps/s_server.pod
index 3e503e17e1..6758ba3080 100644
--- a/src/lib/libssl/src/doc/apps/s_server.pod
+++ b/src/lib/libssl/src/doc/apps/s_server.pod
@@ -111,7 +111,7 @@ by using an appropriate certificate.
 =item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg>
-addtional certificate and private key format and passphrase respectively.
+additional certificate and private key format and passphrase respectively.
 =item B<-nocert>
diff --git a/src/lib/libssl/src/doc/apps/verify.pod b/src/lib/libssl/src/doc/apps/verify.pod
index 336098f1e3..da683004bd 100644
--- a/src/lib/libssl/src/doc/apps/verify.pod
+++ b/src/lib/libssl/src/doc/apps/verify.pod
@@ -54,35 +54,37 @@ in PEM format concatenated together.
 =item B<-untrusted file>
 A file of untrusted certificates. The file should contain multiple certificates
+in PEM format concatenated together.
 =item B<-purpose purpose>
-the intended use for the certificate. Without this option no chain verification
+The intended use for the certificate. If this option is not specified,
-will be done. Currently accepted uses are B<sslclient>, B<sslserver>,
+B<verify> will not consider certificate purpose during chain verification.
-B<nssslserver>, B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION>
+Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>,
-section for more information.
+B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more
+information.
 =item B<-help>
-prints out a usage message.
+Print out a usage message.
 =item B<-verbose>
-print extra information about the operations being performed.
+Print extra information about the operations being performed.
 =item B<-issuer_checks>
-print out diagnostics relating to searches for the issuer certificate
+Print out diagnostics relating to searches for the issuer certificate of the
-of the current certificate. This shows why each candidate issuer
+current certificate. This shows why each candidate issuer certificate was
-certificate was rejected. However the presence of rejection messages
+rejected. The presence of rejection messages does not itself imply that
-does not itself imply that anything is wrong: during the normal
+anything is wrong; during the normal verification process, several
-verify process several rejections may take place.
+rejections may take place.
 =item B<-policy arg>
-Enable policy processing and add B<arg> to the user-initial-policy-set
+Enable policy processing and add B<arg> to the user-initial-policy-set (see
-(see RFC3280 et al). The policy B<arg> can be an object name an OID in numeric
+RFC5280). The policy B<arg> can be an object name an OID in numeric form.
-form. This argument can appear more than once.
+This argument can appear more than once.
 =item B<-policy_check>
@@ -90,41 +92,40 @@ Enables certificate policy processing.
 =item B<-explicit_policy>
-Set policy variable require-explicit-policy (see RFC3280 et al).
+Set policy variable require-explicit-policy (see RFC5280).
 =item B<-inhibit_any>
-Set policy variable inhibit-any-policy (see RFC3280 et al).
+Set policy variable inhibit-any-policy (see RFC5280).
 =item B<-inhibit_map>
-Set policy variable inhibit-policy-mapping (see RFC3280 et al).
+Set policy variable inhibit-policy-mapping (see RFC5280).
 =item B<-policy_print>
-Print out diagnostics, related to policy checking
+Print out diagnostics related to policy processing.
 =item B<-crl_check>
-Checks end entity certificate validity by attempting to lookup a valid CRL.
+Checks end entity certificate validity by attempting to look up a valid CRL.
 If a valid CRL cannot be found an error occurs. 
 =item B<-crl_check_all>
 Checks the validity of B<all> certificates in the chain by attempting
-to lookup valid CRLs.
+to look up valid CRLs.
 =item B<-ignore_critical>
 Normally if an unhandled critical extension is present which is not
-supported by OpenSSL the certificate is rejected (as required by
+supported by OpenSSL the certificate is rejected (as required by RFC5280).
-RFC3280 et al). If this option is set critical extensions are
+If this option is set critical extensions are ignored.
-ignored.
 =item B<-x509_strict>
-Disable workarounds for broken certificates which have to be disabled
+For strict X.509 compliance, disable non-compliant workarounds for broken
-for strict X.509 compliance.
+certificates.
 =item B<-extended_crl>
@@ -142,16 +143,15 @@ because it doesn't add any security.
 =item B<->
-marks the last option. All arguments following this are assumed to be
+Indicates the last option. All arguments following this are assumed to be
 certificate files. This is useful if the first certificate filename begins
 with a B<->.
 =item B<certificates>
-one or more certificates to verify. If no certificate filenames are included
+One or more certificates to verify. If no certificates are given, B<verify>
-then an attempt is made to read a certificate from standard input. They should
+will attempt to read a certificate from standard input. Certificates must be
-all be in PEM format.
+in PEM format.
 =back
diff --git a/src/lib/libssl/src/doc/apps/x509.pod b/src/lib/libssl/src/doc/apps/x509.pod
index 3002b08123..d2d9eb812a 100644
--- a/src/lib/libssl/src/doc/apps/x509.pod
+++ b/src/lib/libssl/src/doc/apps/x509.pod
@@ -29,6 +29,7 @@ B<openssl> B<x509>
 [B<-purpose>]
 [B<-dates>]
 [B<-modulus>]
+[B<-pubkey>]
 [B<-fingerprint>]
 [B<-alias>]
 [B<-noout>]
@@ -135,6 +136,10 @@ section for more information.
 this option prevents output of the encoded version of the request.
+=item B<-pubkey>
+outputs the the certificate's SubjectPublicKeyInfo block in PEM format.
 =item B<-modulus>
 this option prints out the value of the modulus of the public key
diff --git a/src/lib/libssl/src/doc/crypto/ERR_get_error.pod b/src/lib/libssl/src/doc/crypto/ERR_get_error.pod
index 34443045fc..828ecf529b 100644
--- a/src/lib/libssl/src/doc/crypto/ERR_get_error.pod
+++ b/src/lib/libssl/src/doc/crypto/ERR_get_error.pod
@@ -52,8 +52,11 @@ ERR_get_error_line_data(), ERR_peek_error_line_data() and
 ERR_get_last_error_line_data() store additional data and flags
 associated with the error code in *B<data>
 and *B<flags>, unless these are B<NULL>. *B<data> contains a string
-if *B<flags>&B<ERR_TXT_STRING>. If it has been allocated by OPENSSL_malloc(),
+if *B<flags>&B<ERR_TXT_STRING> is true. 
-*B<flags>&B<ERR_TXT_MALLOCED> is true.
+An application B<MUST NOT> free the *B<data> pointer (or any other pointers
+returned by these functions) with OPENSSL_free() as freeing is handled
+automatically by the error library.
 =head1 RETURN VALUES
diff --git a/src/lib/libssl/src/doc/crypto/EVP_BytesToKey.pod b/src/lib/libssl/src/doc/crypto/EVP_BytesToKey.pod
index d375c46e03..0ea7d55c0f 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_BytesToKey.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_BytesToKey.pod
@@ -17,7 +17,7 @@ EVP_BytesToKey - password based encryption routine
 EVP_BytesToKey() derives a key and IV from various parameters. B<type> is
 the cipher to derive the key and IV for. B<md> is the message digest to use.
-The B<salt> paramter is used as a salt in the derivation: it should point to
+The B<salt> parameter is used as a salt in the derivation: it should point to
 an 8 byte buffer or NULL if no salt is used. B<data> is a buffer containing
 B<datal> bytes which is used to derive the keying data. B<count> is the
 iteration count to use. The derived key and IV will be written to B<key>
diff --git a/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod b/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
index 1aa15acb61..367691cc7a 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
@@ -252,9 +252,9 @@ digest name passed on the command line.
 =head1 SEE ALSO
-L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD160(3)|RIPEMD160(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<SHA1(3)|SHA1(3)>
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
 =head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
index 8271d3dfc4..1c4bf184a1 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
@@ -152,7 +152,7 @@ does not remain in memory.
 EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a
 similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex and
-EVP_CipherInit_ex() except the B<ctx> paramter does not need to be
+EVP_CipherInit_ex() except the B<ctx> parameter does not need to be
 initialized and they always use the default cipher implementation.
 EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() behave in a
diff --git a/src/lib/libssl/src/doc/crypto/EVP_PKEY_verifyrecover.pod b/src/lib/libssl/src/doc/crypto/EVP_PKEY_verifyrecover.pod
deleted file mode 100644
index f3605eb826..0000000000
--- a/src/lib/libssl/src/doc/crypto/EVP_PKEY_verifyrecover.pod
+++ /dev/null
@@ -1,103 +0,0 @@
-=pod
-=head1 NAME
-EVP_PKEY_verifyrecover_init, EVP_PKEY_verifyrecover - recover signature using a public key algorithm
-=head1 SYNOPSIS
- #include <openssl/evp.h>
- int EVP_PKEY_verifyrecover_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_verifyrecover(EVP_PKEY_CTX *ctx,
-                        unsigned char *rout, size_t *routlen,
-                        const unsigned char *sig, size_t siglen);
-=head1 DESCRIPTION
-The EVP_PKEY_verifyrecover_init() function initializes a public key algorithm
-context using key B<pkey> for a verify recover operation.
-The EVP_PKEY_verifyrecover() function recovers signed data
-using B<ctx>. The signature is specified using the B<sig> and
-B<siglen> parameters. If B<rout> is B<NULL> then the maximum size of the output
-buffer is written to the B<routlen> parameter. If B<rout> is not B<NULL> then
-before the call the B<routlen> parameter should contain the length of the
-B<rout> buffer, if the call is successful recovered data is written to
-B<rout> and the amount of data written to B<routlen>.
-=head1 NOTES
-Normally an application is only interested in whether a signature verification
-operation is successful in those cases the EVP_verify() function should be 
-used.
-Sometimes however it is useful to obtain the data originally signed using a
-signing operation. Only certain public key algorithms can recover a signature
-in this way (for example RSA in PKCS padding mode).
-After the call to EVP_PKEY_verifyrecover_init() algorithm specific control
-operations can be performed to set any appropriate parameters for the
-operation.
-The function EVP_PKEY_verifyrecover() can be called more than once on the same
-context if several operations are performed using the same parameters.
-=head1 RETURN VALUES
-EVP_PKEY_verifyrecover_init() and EVP_PKEY_verifyrecover() return 1 for success
-and 0 or a negative value for failure. In particular a return value of -2
-indicates the operation is not supported by the public key algorithm.
-=head1 EXAMPLE
-Recover digest originally signed using PKCS#1 and SHA256 digest:
- #include <openssl/evp.h>
- #include <openssl/rsa.h>
- EVP_PKEY_CTX *ctx;
- unsigned char *rout, *sig;
- size_t routlen, siglen; 
- EVP_PKEY *verify_key;
- /* NB: assumes verify_key, sig and siglen are already set up
-  * and that verify_key is an RSA public key
-  */
- ctx = EVP_PKEY_CTX_new(verify_key);
- if (!ctx)
-        /* Error occurred */
- if (EVP_PKEY_verifyrecover_init(ctx) <= 0)
-        /* Error */
- if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
-        /* Error */
- if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
-        /* Error */
- /* Determine buffer length */
- if (EVP_PKEY_verifyrecover(ctx, NULL, &routlen, sig, siglen) <= 0)
-        /* Error */
- rout = OPENSSL_malloc(routlen);
- if (!rout)
-        /* malloc failure */
- 
- if (EVP_PKEY_verifyrecover(ctx, rout, &routlen, sig, siglen) <= 0)
-        /* Error */
- /* Recovered data is routlen bytes written to buffer rout */
-=head1 SEE ALSO
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
-=head1 HISTORY
-These functions were first added to OpenSSL 1.0.0.
-=cut
diff --git a/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod b/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
index 781d43e401..620a623ab6 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
@@ -89,10 +89,10 @@ The previous two bugs are fixed in the newer EVP_SignDigest*() function.
 =head1 SEE ALSO
 L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD(3)|RIPEMD(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<SHA1(3)|SHA1(3)>, L<digest(1)|digest(1)>
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
 =head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/des_modes.pod b/src/lib/libssl/src/doc/crypto/des_modes.pod
index 0ad01eafe2..e883ca8fde 100644
--- a/src/lib/libssl/src/doc/crypto/des_modes.pod
+++ b/src/lib/libssl/src/doc/crypto/des_modes.pod
@@ -248,7 +248,8 @@ it to:
 =head1 SEE ALSO
-L<blowfish(3)|blowfish(3)>
+L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<idea(3)|idea(3)>,
+L<rc2(3)|rc2(3)>
 =cut
diff --git a/src/lib/libssl/src/doc/crypto/dsa.pod b/src/lib/libssl/src/doc/crypto/dsa.pod
index ae2e5d81f9..da07d2b930 100644
--- a/src/lib/libssl/src/doc/crypto/dsa.pod
+++ b/src/lib/libssl/src/doc/crypto/dsa.pod
@@ -101,7 +101,8 @@ Standard, DSS), ANSI X9.30
 =head1 SEE ALSO
 L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-L<rsa(3)|rsa(3)>, L<SHA1(3)|SHA1(3)>, L<DSA_new(3)|DSA_new(3)>,
+L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
+L<DSA_new(3)|DSA_new(3)>,
 L<DSA_size(3)|DSA_size(3)>,
 L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
 L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
diff --git a/src/lib/libssl/src/doc/crypto/hmac.pod b/src/lib/libssl/src/doc/crypto/hmac.pod
index 5e3921a0d8..d92138d273 100644
--- a/src/lib/libssl/src/doc/crypto/hmac.pod
+++ b/src/lib/libssl/src/doc/crypto/hmac.pod
@@ -90,7 +90,7 @@ RFC 2104
 =head1 SEE ALSO
-L<SHA1(3)|SHA1(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<sha(3)|sha(3)>, L<evp(3)|evp(3)>
 =head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/mdc2.pod b/src/lib/libssl/src/doc/crypto/mdc2.pod
index 2fab9a9871..41f648af36 100644
--- a/src/lib/libssl/src/doc/crypto/mdc2.pod
+++ b/src/lib/libssl/src/doc/crypto/mdc2.pod
@@ -54,7 +54,7 @@ ISO/IEC 10118-2, with DES
 =head1 SEE ALSO
-L<SHA1(3)|SHA1(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<sha(3)|sha(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 =head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/pem.pod b/src/lib/libssl/src/doc/crypto/pem.pod
index d5b1896119..54414a3f6f 100644
--- a/src/lib/libssl/src/doc/crypto/pem.pod
+++ b/src/lib/libssl/src/doc/crypto/pem.pod
@@ -201,7 +201,7 @@ handle PKCS#8 format encrypted and unencrypted keys too.
 PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey()
 write a private key in an EVP_PKEY structure in PKCS#8
 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption
-algorithms. The B<cipher> argument specifies the encryption algoritm to
+algorithms. The B<cipher> argument specifies the encryption algorithm to
 use: unlike all other PEM routines the encryption is applied at the
 PKCS#8 level and not in the PEM headers. If B<cipher> is NULL then no
 encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.
diff --git a/src/lib/libssl/src/doc/crypto/ripemd.pod b/src/lib/libssl/src/doc/crypto/ripemd.pod
index 348ef7c961..264bb99ae7 100644
--- a/src/lib/libssl/src/doc/crypto/ripemd.pod
+++ b/src/lib/libssl/src/doc/crypto/ripemd.pod
@@ -56,7 +56,7 @@ ISO/IEC 10118-3 (draft) (??)
 =head1 SEE ALSO
-L<SHA1(3)|SHA1(3)>, L<HMAC(3)|HMAC(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<sha(3)|sha(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 =head1 HISTORY
diff --git a/src/lib/libssl/src/doc/crypto/sha.pod b/src/lib/libssl/src/doc/crypto/sha.pod
index d7a56accd3..94ab7bc724 100644
--- a/src/lib/libssl/src/doc/crypto/sha.pod
+++ b/src/lib/libssl/src/doc/crypto/sha.pod
@@ -60,7 +60,7 @@ ANSI X9.30
 =head1 SEE ALSO
-L<RIPEMD160(3)|RIPEMD160(3)>, L<HMAC(3)|HMAC(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<ripemd(3)|ripemd(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 =head1 HISTORY
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod
index 04d0a3c9a8..bcf35dc85b 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod
@@ -66,16 +66,16 @@ values:
 =over 4
-=item C<1>
-The operation succeeded.
 =item C<0>
 A failure while manipulating the STACK_OF(X509_NAME) object occurred or
 the X509_NAME could not be extracted from B<cacert>. Check the error stack
 to find out the reason.
+=item C<1>
+The operation succeeded.
 =back
 =head1 EXAMPLES
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
index cc588f3a78..fded0601b5 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
@@ -88,9 +88,10 @@ As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
 ...
-=item SSL_OP_MSIE_SSLV2_RSA_PADDING
+=item SSL_OP_SAFARI_ECDHE_ECDSA_BUG
-As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect.
+Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
+OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
 =item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod
index 81566839d3..6fd6c03215 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod
@@ -169,8 +169,8 @@ that will always continue the TLS/SSL handshake regardless of verification
 failure, if wished. The callback realizes a verification depth limit with
 more informational output.
-All verification errors are printed, informations about the certificate chain
+All verification errors are printed; information about the certificate chain
-are printed on request.
+is printed on request.
 The example is realized for a server that does allow but not require client
 certificates.
diff --git a/src/lib/libssl/src/doc/ssl/SSL_accept.pod b/src/lib/libssl/src/doc/ssl/SSL_accept.pod
index 17f504b89b..288203f8af 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_accept.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_accept.pod
@@ -44,18 +44,18 @@ The following return values can occur:
 =over 4
-=item C<1>
-The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
-established.
 =item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
-=item C<E<lt>0>
+=item C<1>
+The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
+established.
+=item E<lt>0
 The TLS/SSL handshake was not successful because a fatal error occurred either
 at the protocol level or a connection failure occurred. The shutdown was
diff --git a/src/lib/libssl/src/doc/ssl/SSL_connect.pod b/src/lib/libssl/src/doc/ssl/SSL_connect.pod
index 413af361e1..0087f6b3e1 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_connect.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_connect.pod
@@ -41,17 +41,17 @@ The following return values can occur:
 =over 4
-=item C<1>
-The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
-established.
 =item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
+=item C<1>
+The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
+established.
 =item C<E<lt>0>
 The TLS/SSL handshake was not successful, because a fatal error occurred either
diff --git a/src/lib/libssl/src/doc/ssl/SSL_do_handshake.pod b/src/lib/libssl/src/doc/ssl/SSL_do_handshake.pod
index e9d4119c72..1ca18d4723 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_do_handshake.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_do_handshake.pod
@@ -45,17 +45,17 @@ The following return values can occur:
 =over 4
-=item C<1>
-The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
-established.
 =item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
+=item C<1>
+The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
+established.
 =item C<E<lt>0>
 The TLS/SSL handshake was not successful because a fatal error occurred either
diff --git a/src/lib/libssl/src/doc/ssl/SSL_set_shutdown.pod b/src/lib/libssl/src/doc/ssl/SSL_set_shutdown.pod
index 011a022a12..fe013085d3 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_set_shutdown.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_set_shutdown.pod
@@ -24,7 +24,7 @@ The shutdown state of an ssl connection is a bitmask of:
 =over 4
-=item 0
+=item Z<>0
 No shutdown setting, yet.
diff --git a/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod b/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod
index 69ad31e80b..d86ac7cb13 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod
@@ -92,11 +92,6 @@ The following return values can occur:
 =over 4
-=item C<1>
-The shutdown was successfully completed. The "close notify" alert was sent
-and the peer's "close notify" alert was received.
 =item C<0>
 The shutdown is not yet finished. Call SSL_shutdown() for a second time,
@@ -104,6 +99,11 @@ if a bidirectional shutdown shall be performed.
 The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
 erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
+=item C<1>
+The shutdown was successfully completed. The "close notify" alert was sent
+and the peer's "close notify" alert was received.
 =item C<-1>
 The shutdown was not successful because a fatal error occurred either
diff --git a/src/lib/libssl/src/doc/ssl/ssl.pod b/src/lib/libssl/src/doc/ssl/ssl.pod
index 88aaebf3f6..6d3ee24e4e 100644
--- a/src/lib/libssl/src/doc/ssl/ssl.pod
+++ b/src/lib/libssl/src/doc/ssl/ssl.pod
@@ -3,7 +3,7 @@
 =head1 NAME
-ssl - OpenSSL SSL/TLS library
+SSL - OpenSSL SSL/TLS library
 =head1 SYNOPSIS