diff options
Diffstat (limited to 'src/lib/libssl/src/doc')
| -rw-r--r-- | src/lib/libssl/src/doc/apps/ca.pod | 8 | ||||
| -rw-r--r-- | src/lib/libssl/src/doc/apps/s_client.pod | 2 | ||||
| -rw-r--r-- | src/lib/libssl/src/doc/crypto/BIO_f_base64.pod | 5 | ||||
| -rw-r--r-- | src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod | 6 | ||||
| -rw-r--r-- | src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod | 4 | ||||
| -rw-r--r-- | src/lib/libssl/src/doc/ssl/SSL_accept.pod | 3 | ||||
| -rw-r--r-- | src/lib/libssl/src/doc/ssl/SSL_connect.pod | 3 |
7 files changed, 17 insertions, 14 deletions
diff --git a/src/lib/libssl/src/doc/apps/ca.pod b/src/lib/libssl/src/doc/apps/ca.pod index de66c534b5..74f45ca2f9 100644 --- a/src/lib/libssl/src/doc/apps/ca.pod +++ b/src/lib/libssl/src/doc/apps/ca.pod | |||
| @@ -359,7 +359,7 @@ the same as the B<-md> option. The message digest to use. Mandatory. | |||
| 359 | the text database file to use. Mandatory. This file must be present | 359 | the text database file to use. Mandatory. This file must be present |
| 360 | though initially it will be empty. | 360 | though initially it will be empty. |
| 361 | 361 | ||
| 362 | =item B<serialfile> | 362 | =item B<serial> |
| 363 | 363 | ||
| 364 | a text file containing the next serial number to use in hex. Mandatory. | 364 | a text file containing the next serial number to use in hex. Mandatory. |
| 365 | This file must be present and contain a valid serial number. | 365 | This file must be present and contain a valid serial number. |
| @@ -400,7 +400,7 @@ here, except the B<no_signame> and B<no_sigdump> are permanently set | |||
| 400 | and cannot be disabled (this is because the certificate signature cannot | 400 | and cannot be disabled (this is because the certificate signature cannot |
| 401 | be displayed because the certificate has not been signed at this point). | 401 | be displayed because the certificate has not been signed at this point). |
| 402 | 402 | ||
| 403 | For convenience the values B<default_ca> are accepted by both to produce | 403 | For convenience the values B<ca_default> are accepted by both to produce |
| 404 | a reasonable output. | 404 | a reasonable output. |
| 405 | 405 | ||
| 406 | If neither option is present the format used in earlier versions of | 406 | If neither option is present the format used in earlier versions of |
| @@ -513,8 +513,8 @@ A sample configuration file with the relevant sections for B<ca>: | |||
| 513 | policy = policy_any # default policy | 513 | policy = policy_any # default policy |
| 514 | email_in_dn = no # Don't add the email into cert DN | 514 | email_in_dn = no # Don't add the email into cert DN |
| 515 | 515 | ||
| 516 | nameopt = default_ca # Subject name display option | 516 | nameopt = ca_default # Subject name display option |
| 517 | certopt = default_ca # Certificate display option | 517 | certopt = ca_default # Certificate display option |
| 518 | copy_extensions = none # Don't copy extensions from request | 518 | copy_extensions = none # Don't copy extensions from request |
| 519 | 519 | ||
| 520 | [ policy_any ] | 520 | [ policy_any ] |
diff --git a/src/lib/libssl/src/doc/apps/s_client.pod b/src/lib/libssl/src/doc/apps/s_client.pod index 47dc93cb3f..d061326c1f 100644 --- a/src/lib/libssl/src/doc/apps/s_client.pod +++ b/src/lib/libssl/src/doc/apps/s_client.pod | |||
| @@ -168,7 +168,7 @@ command for more information. | |||
| 168 | 168 | ||
| 169 | send the protocol-specific message(s) to switch to TLS for communication. | 169 | send the protocol-specific message(s) to switch to TLS for communication. |
| 170 | B<protocol> is a keyword for the intended protocol. Currently, the only | 170 | B<protocol> is a keyword for the intended protocol. Currently, the only |
| 171 | supported keyword is "smtp". | 171 | supported keywords are "smtp" and "pop3". |
| 172 | 172 | ||
| 173 | =item B<-engine id> | 173 | =item B<-engine id> |
| 174 | 174 | ||
diff --git a/src/lib/libssl/src/doc/crypto/BIO_f_base64.pod b/src/lib/libssl/src/doc/crypto/BIO_f_base64.pod index fdb603b38e..929557d22f 100644 --- a/src/lib/libssl/src/doc/crypto/BIO_f_base64.pod +++ b/src/lib/libssl/src/doc/crypto/BIO_f_base64.pod | |||
| @@ -55,16 +55,15 @@ to standard output: | |||
| 55 | Read Base64 encoded data from standard input and write the decoded | 55 | Read Base64 encoded data from standard input and write the decoded |
| 56 | data to standard output: | 56 | data to standard output: |
| 57 | 57 | ||
| 58 | BIO *bio, *b64, bio_out; | 58 | BIO *bio, *b64, *bio_out; |
| 59 | char inbuf[512]; | 59 | char inbuf[512]; |
| 60 | int inlen; | 60 | int inlen; |
| 61 | char message[] = "Hello World \n"; | ||
| 62 | 61 | ||
| 63 | b64 = BIO_new(BIO_f_base64()); | 62 | b64 = BIO_new(BIO_f_base64()); |
| 64 | bio = BIO_new_fp(stdin, BIO_NOCLOSE); | 63 | bio = BIO_new_fp(stdin, BIO_NOCLOSE); |
| 65 | bio_out = BIO_new_fp(stdout, BIO_NOCLOSE); | 64 | bio_out = BIO_new_fp(stdout, BIO_NOCLOSE); |
| 66 | bio = BIO_push(b64, bio); | 65 | bio = BIO_push(b64, bio); |
| 67 | while((inlen = BIO_read(bio, inbuf, strlen(message))) > 0) | 66 | while((inlen = BIO_read(bio, inbuf, 512) > 0) |
| 68 | BIO_write(bio_out, inbuf, inlen); | 67 | BIO_write(bio_out, inbuf, inlen); |
| 69 | 68 | ||
| 70 | BIO_free_all(bio); | 69 | BIO_free_all(bio); |
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod index 74f05301ec..81566839d3 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod | |||
| @@ -135,9 +135,9 @@ process is immediately stopped with "verification failed" state. If | |||
| 135 | SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and | 135 | SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and |
| 136 | the TLS/SSL handshake is terminated. If B<verify_callback> returns 1, | 136 | the TLS/SSL handshake is terminated. If B<verify_callback> returns 1, |
| 137 | the verification process is continued. If B<verify_callback> always returns | 137 | the verification process is continued. If B<verify_callback> always returns |
| 138 | 1, the TLS/SSL handshake will never be terminated because of this application | 138 | 1, the TLS/SSL handshake will not be terminated with respect to verification |
| 139 | experiencing a verification failure. The calling process can however | 139 | failures and the connection will be established. The calling process can |
| 140 | retrieve the error code of the last verification error using | 140 | however retrieve the error code of the last verification error using |
| 141 | L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> or by maintaining its | 141 | L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> or by maintaining its |
| 142 | own error storage managed by B<verify_callback>. | 142 | own error storage managed by B<verify_callback>. |
| 143 | 143 | ||
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod index b8868f18bf..ea2faba3ec 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod | |||
| @@ -68,7 +68,9 @@ should be preferred. | |||
| 68 | 68 | ||
| 69 | SSL_CTX_use_certificate_chain_file() loads a certificate chain from | 69 | SSL_CTX_use_certificate_chain_file() loads a certificate chain from |
| 70 | B<file> into B<ctx>. The certificates must be in PEM format and must | 70 | B<file> into B<ctx>. The certificates must be in PEM format and must |
| 71 | be sorted starting with the certificate to the highest level (root CA). | 71 | be sorted starting with the subject's certificate (actual client or server |
| 72 | certificate), followed by intermediate CA certificates if applicable, and | ||
| 73 | ending at the highest level (root) CA. | ||
| 72 | There is no corresponding function working on a single SSL object. | 74 | There is no corresponding function working on a single SSL object. |
| 73 | 75 | ||
| 74 | SSL_CTX_use_PrivateKey() adds B<pkey> as private key to B<ctx>. | 76 | SSL_CTX_use_PrivateKey() adds B<pkey> as private key to B<ctx>. |
diff --git a/src/lib/libssl/src/doc/ssl/SSL_accept.pod b/src/lib/libssl/src/doc/ssl/SSL_accept.pod index a673edba85..cc724c0d56 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_accept.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_accept.pod | |||
| @@ -28,7 +28,8 @@ should be called again. | |||
| 28 | 28 | ||
| 29 | If the underlying BIO is B<non-blocking>, SSL_accept() will also return | 29 | If the underlying BIO is B<non-blocking>, SSL_accept() will also return |
| 30 | when the underlying BIO could not satisfy the needs of SSL_accept() | 30 | when the underlying BIO could not satisfy the needs of SSL_accept() |
| 31 | to continue the handshake. In this case a call to SSL_get_error() with the | 31 | to continue the handshake, indicating the problem by the return value -1. |
| 32 | In this case a call to SSL_get_error() with the | ||
| 32 | return value of SSL_accept() will yield B<SSL_ERROR_WANT_READ> or | 33 | return value of SSL_accept() will yield B<SSL_ERROR_WANT_READ> or |
| 33 | B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after | 34 | B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after |
| 34 | taking appropriate action to satisfy the needs of SSL_accept(). | 35 | taking appropriate action to satisfy the needs of SSL_accept(). |
diff --git a/src/lib/libssl/src/doc/ssl/SSL_connect.pod b/src/lib/libssl/src/doc/ssl/SSL_connect.pod index 8426310c0d..cc56ebb75f 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_connect.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_connect.pod | |||
| @@ -25,7 +25,8 @@ handshake has been finished or an error occurred. | |||
| 25 | 25 | ||
| 26 | If the underlying BIO is B<non-blocking>, SSL_connect() will also return | 26 | If the underlying BIO is B<non-blocking>, SSL_connect() will also return |
| 27 | when the underlying BIO could not satisfy the needs of SSL_connect() | 27 | when the underlying BIO could not satisfy the needs of SSL_connect() |
| 28 | to continue the handshake. In this case a call to SSL_get_error() with the | 28 | to continue the handshake, indicating the problem by the return value -1. |
| 29 | In this case a call to SSL_get_error() with the | ||
| 29 | return value of SSL_connect() will yield B<SSL_ERROR_WANT_READ> or | 30 | return value of SSL_connect() will yield B<SSL_ERROR_WANT_READ> or |
| 30 | B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after | 31 | B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after |
| 31 | taking appropriate action to satisfy the needs of SSL_connect(). | 32 | taking appropriate action to satisfy the needs of SSL_connect(). |