summaryrefslogtreecommitdiff
path: root/src/lib/libssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl')
-rw-r--r--src/lib/libssl/LICENSE18
-rw-r--r--src/lib/libssl/bio_ssl.c6
-rw-r--r--src/lib/libssl/bs_ber.c4
-rw-r--r--src/lib/libssl/man/BIO_f_ssl.35
-rw-r--r--src/lib/libssl/man/DTLSv1_listen.35
-rw-r--r--src/lib/libssl/man/OPENSSL_init_ssl.35
-rw-r--r--src/lib/libssl/man/PEM_read_SSL_SESSION.35
-rw-r--r--src/lib/libssl/man/SSL_CIPHER_get_name.37
-rw-r--r--src/lib/libssl/man/SSL_COMP_add_compression_method.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_add1_chain_cert.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_add_extra_chain_cert.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_add_session.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_ctrl.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_flush_sessions.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_free.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_get0_certificate.36
-rw-r--r--src/lib/libssl/man/SSL_CTX_get_ex_new_index.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_get_verify_mode.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_load_verify_locations.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_new.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_sess_number.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_sess_set_cache_size.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_sess_set_get_cb.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_sessions.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set1_groups.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_cert_store.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_cert_verify_callback.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_cipher_list.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_client_CA_list.37
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_client_cert_cb.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_default_passwd_cb.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_generate_session_id.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_info_callback.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_keylog_callback.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_max_cert_list.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_min_proto_version.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_mode.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_msg_callback.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_num_tickets.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_options.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_quiet_shutdown.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_read_ahead.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_security_level.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_session_cache_mode.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_session_id_context.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_ssl_version.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_timeout.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.37
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_set_verify.35
-rw-r--r--src/lib/libssl/man/SSL_CTX_use_certificate.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_free.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_get0_cipher.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_get0_peer.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_get_compress_id.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_get_ex_new_index.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_get_id.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_get_protocol_version.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_get_time.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_has_ticket.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_is_resumable.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_new.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_print.35
-rw-r--r--src/lib/libssl/man/SSL_SESSION_set1_id_context.35
-rw-r--r--src/lib/libssl/man/SSL_accept.35
-rw-r--r--src/lib/libssl/man/SSL_alert_type_string.35
-rw-r--r--src/lib/libssl/man/SSL_clear.35
-rw-r--r--src/lib/libssl/man/SSL_connect.35
-rw-r--r--src/lib/libssl/man/SSL_copy_session_id.35
-rw-r--r--src/lib/libssl/man/SSL_do_handshake.35
-rw-r--r--src/lib/libssl/man/SSL_dup.35
-rw-r--r--src/lib/libssl/man/SSL_dup_CA_list.36
-rw-r--r--src/lib/libssl/man/SSL_export_keying_material.35
-rw-r--r--src/lib/libssl/man/SSL_free.35
-rw-r--r--src/lib/libssl/man/SSL_get_SSL_CTX.35
-rw-r--r--src/lib/libssl/man/SSL_get_certificate.35
-rw-r--r--src/lib/libssl/man/SSL_get_ciphers.35
-rw-r--r--src/lib/libssl/man/SSL_get_client_CA_list.35
-rw-r--r--src/lib/libssl/man/SSL_get_client_random.35
-rw-r--r--src/lib/libssl/man/SSL_get_current_cipher.37
-rw-r--r--src/lib/libssl/man/SSL_get_default_timeout.35
-rw-r--r--src/lib/libssl/man/SSL_get_error.35
-rw-r--r--src/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.35
-rw-r--r--src/lib/libssl/man/SSL_get_ex_new_index.35
-rw-r--r--src/lib/libssl/man/SSL_get_fd.35
-rw-r--r--src/lib/libssl/man/SSL_get_finished.35
-rw-r--r--src/lib/libssl/man/SSL_get_peer_cert_chain.35
-rw-r--r--src/lib/libssl/man/SSL_get_peer_certificate.35
-rw-r--r--src/lib/libssl/man/SSL_get_rbio.35
-rw-r--r--src/lib/libssl/man/SSL_get_server_tmp_key.35
-rw-r--r--src/lib/libssl/man/SSL_get_session.35
-rw-r--r--src/lib/libssl/man/SSL_get_shared_ciphers.35
-rw-r--r--src/lib/libssl/man/SSL_get_state.35
-rw-r--r--src/lib/libssl/man/SSL_get_verify_result.35
-rw-r--r--src/lib/libssl/man/SSL_get_version.311
-rw-r--r--src/lib/libssl/man/SSL_library_init.35
-rw-r--r--src/lib/libssl/man/SSL_load_client_CA_file.35
-rw-r--r--src/lib/libssl/man/SSL_new.35
-rw-r--r--src/lib/libssl/man/SSL_num_renegotiations.35
-rw-r--r--src/lib/libssl/man/SSL_pending.35
-rw-r--r--src/lib/libssl/man/SSL_read.35
-rw-r--r--src/lib/libssl/man/SSL_read_early_data.35
-rw-r--r--src/lib/libssl/man/SSL_renegotiate.35
-rw-r--r--src/lib/libssl/man/SSL_rstate_string.35
-rw-r--r--src/lib/libssl/man/SSL_session_reused.35
-rw-r--r--src/lib/libssl/man/SSL_set1_host.35
-rw-r--r--src/lib/libssl/man/SSL_set1_param.35
-rw-r--r--src/lib/libssl/man/SSL_set_SSL_CTX.35
-rw-r--r--src/lib/libssl/man/SSL_set_bio.35
-rw-r--r--src/lib/libssl/man/SSL_set_connect_state.35
-rw-r--r--src/lib/libssl/man/SSL_set_fd.35
-rw-r--r--src/lib/libssl/man/SSL_set_max_send_fragment.35
-rw-r--r--src/lib/libssl/man/SSL_set_psk_use_session_callback.35
-rw-r--r--src/lib/libssl/man/SSL_set_session.35
-rw-r--r--src/lib/libssl/man/SSL_set_shutdown.35
-rw-r--r--src/lib/libssl/man/SSL_set_tmp_ecdh.35
-rw-r--r--src/lib/libssl/man/SSL_set_verify_result.35
-rw-r--r--src/lib/libssl/man/SSL_shutdown.35
-rw-r--r--src/lib/libssl/man/SSL_state_string.35
-rw-r--r--src/lib/libssl/man/SSL_want.35
-rw-r--r--src/lib/libssl/man/SSL_write.35
-rw-r--r--src/lib/libssl/man/d2i_SSL_SESSION.35
-rw-r--r--src/lib/libssl/pqueue.c6
-rw-r--r--src/lib/libssl/pqueue.h10
-rw-r--r--src/lib/libssl/shlib_version4
-rw-r--r--src/lib/libssl/ssl.h28
-rw-r--r--src/lib/libssl/ssl3.h60
-rw-r--r--src/lib/libssl/ssl_err.c7
-rw-r--r--src/lib/libssl/ssl_lib.c9
-rw-r--r--src/lib/libssl/ssl_local.h25
-rw-r--r--src/lib/libssl/ssl_stat.c69
-rw-r--r--src/lib/libssl/ssl_tlsext.c33
-rw-r--r--src/lib/libssl/t1_lib.c147
-rw-r--r--src/lib/libssl/tls1.h6
-rw-r--r--src/lib/libssl/tls13_lib.c4
140 files changed, 572 insertions, 500 deletions
diff --git a/src/lib/libssl/LICENSE b/src/lib/libssl/LICENSE
index 892e14a450..c41ff4d1ca 100644
--- a/src/lib/libssl/LICENSE
+++ b/src/lib/libssl/LICENSE
@@ -1,7 +1,7 @@
1 1
2 LibReSSL files are retained under the copyright of the authors. New 2 LibreSSL files are retained under the copyright of the authors. New
3 additions are ISC licensed as per OpenBSD's normal licensing policy, 3 additions are ISC licensed as per OpenBSD's normal licensing policy,
4 or are placed in the public domain. 4 or are placed in the public domain.
5 5
6 The OpenSSL code is distributed under the terms of the original OpenSSL 6 The OpenSSL code is distributed under the terms of the original OpenSSL
7 licenses which follow: 7 licenses which follow:
@@ -25,7 +25,7 @@
25 * are met: 25 * are met:
26 * 26 *
27 * 1. Redistributions of source code must retain the above copyright 27 * 1. Redistributions of source code must retain the above copyright
28 * notice, this list of conditions and the following disclaimer. 28 * notice, this list of conditions and the following disclaimer.
29 * 29 *
30 * 2. Redistributions in binary form must reproduce the above copyright 30 * 2. Redistributions in binary form must reproduce the above copyright
31 * notice, this list of conditions and the following disclaimer in 31 * notice, this list of conditions and the following disclaimer in
@@ -80,21 +80,21 @@
80 * This package is an SSL implementation written 80 * This package is an SSL implementation written
81 * by Eric Young (eay@cryptsoft.com). 81 * by Eric Young (eay@cryptsoft.com).
82 * The implementation was written so as to conform with Netscapes SSL. 82 * The implementation was written so as to conform with Netscapes SSL.
83 * 83 *
84 * This library is free for commercial and non-commercial use as long as 84 * This library is free for commercial and non-commercial use as long as
85 * the following conditions are aheared to. The following conditions 85 * the following conditions are aheared to. The following conditions
86 * apply to all code found in this distribution, be it the RC4, RSA, 86 * apply to all code found in this distribution, be it the RC4, RSA,
87 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 87 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
88 * included with this distribution is covered by the same copyright terms 88 * included with this distribution is covered by the same copyright terms
89 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 89 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
90 * 90 *
91 * Copyright remains Eric Young's, and as such any Copyright notices in 91 * Copyright remains Eric Young's, and as such any Copyright notices in
92 * the code are not to be removed. 92 * the code are not to be removed.
93 * If this package is used in a product, Eric Young should be given attribution 93 * If this package is used in a product, Eric Young should be given attribution
94 * as the author of the parts of the library used. 94 * as the author of the parts of the library used.
95 * This can be in the form of a textual message at program startup or 95 * This can be in the form of a textual message at program startup or
96 * in documentation (online or textual) provided with the package. 96 * in documentation (online or textual) provided with the package.
97 * 97 *
98 * Redistribution and use in source and binary forms, with or without 98 * Redistribution and use in source and binary forms, with or without
99 * modification, are permitted provided that the following conditions 99 * modification, are permitted provided that the following conditions
100 * are met: 100 * are met:
@@ -109,10 +109,10 @@
109 * Eric Young (eay@cryptsoft.com)" 109 * Eric Young (eay@cryptsoft.com)"
110 * The word 'cryptographic' can be left out if the rouines from the library 110 * The word 'cryptographic' can be left out if the rouines from the library
111 * being used are not cryptographic related :-). 111 * being used are not cryptographic related :-).
112 * 4. If you include any Windows specific code (or a derivative thereof) from 112 * 4. If you include any Windows specific code (or a derivative thereof) from
113 * the apps directory (application code) you must include an acknowledgement: 113 * the apps directory (application code) you must include an acknowledgement:
114 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 114 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
115 * 115 *
116 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 116 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
117 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 117 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
118 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 118 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -124,7 +124,7 @@
124 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 124 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
125 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 125 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
126 * SUCH DAMAGE. 126 * SUCH DAMAGE.
127 * 127 *
128 * The licence and distribution terms for any publically available version or 128 * The licence and distribution terms for any publically available version or
129 * derivative of this code cannot be changed. i.e. this code cannot simply be 129 * derivative of this code cannot be changed. i.e. this code cannot simply be
130 * copied and put under another distribution licence 130 * copied and put under another distribution licence
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c
index 6dd1699606..13e4f30539 100644
--- a/src/lib/libssl/bio_ssl.c
+++ b/src/lib/libssl/bio_ssl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bio_ssl.c,v 1.40 2023/07/19 13:34:33 tb Exp $ */ 1/* $OpenBSD: bio_ssl.c,v 1.41 2025/06/02 12:18:22 jsg Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -229,9 +229,7 @@ ssl_write(BIO *b, const char *out, int outl)
229 229
230 BIO_clear_retry_flags(b); 230 BIO_clear_retry_flags(b);
231 231
232/* ret=SSL_do_handshake(ssl); 232 ret = SSL_write(ssl, out, outl);
233 if (ret > 0) */
234 ret = SSL_write(ssl, out, outl);
235 233
236 switch (SSL_get_error(ssl, ret)) { 234 switch (SSL_get_error(ssl, ret)) {
237 case SSL_ERROR_NONE: 235 case SSL_ERROR_NONE:
diff --git a/src/lib/libssl/bs_ber.c b/src/lib/libssl/bs_ber.c
index ea9fb253be..923ec06f3d 100644
--- a/src/lib/libssl/bs_ber.c
+++ b/src/lib/libssl/bs_ber.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bs_ber.c,v 1.12 2024/05/25 15:14:26 tb Exp $ */ 1/* $OpenBSD: bs_ber.c,v 1.13 2025/03/28 12:13:03 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2014, Google Inc. 3 * Copyright (c) 2014, Google Inc.
4 * 4 *
@@ -161,7 +161,7 @@ cbs_convert_indefinite(CBS *in, CBB *out, char squash_header,
161 * This is a hack, but it sufficies to handle 161 * This is a hack, but it sufficies to handle
162 * NSS's output. If we find an indefinite 162 * NSS's output. If we find an indefinite
163 * length, context-specific tag with a definite, 163 * length, context-specific tag with a definite,
164 * primtive tag inside it, then we assume that 164 * primitive tag inside it, then we assume that
165 * the context-specific tag is implicit and the 165 * the context-specific tag is implicit and the
166 * tags within are fragments of a primitive type 166 * tags within are fragments of a primitive type
167 * that need to be concatenated. 167 * that need to be concatenated.
diff --git a/src/lib/libssl/man/BIO_f_ssl.3 b/src/lib/libssl/man/BIO_f_ssl.3
index 3b74a3d6a4..e23a15e121 100644
--- a/src/lib/libssl/man/BIO_f_ssl.3
+++ b/src/lib/libssl/man/BIO_f_ssl.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: BIO_f_ssl.3,v 1.16 2024/01/13 18:37:51 tb Exp $ 1.\" $OpenBSD: BIO_f_ssl.3,v 1.17 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL f672aee4 Feb 9 11:52:40 2016 -0500 2.\" full merge up to: OpenSSL f672aee4 Feb 9 11:52:40 2016 -0500
3.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 3.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
4.\" 4.\"
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: January 13 2024 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt BIO_F_SSL 3 54.Dt BIO_F_SSL 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -69,6 +69,7 @@
69.Nm BIO_do_handshake 69.Nm BIO_do_handshake
70.Nd SSL BIO 70.Nd SSL BIO
71.Sh SYNOPSIS 71.Sh SYNOPSIS
72.Lb libssl libcrypto
72.In openssl/bio.h 73.In openssl/bio.h
73.In openssl/ssl.h 74.In openssl/ssl.h
74.Ft const BIO_METHOD * 75.Ft const BIO_METHOD *
diff --git a/src/lib/libssl/man/DTLSv1_listen.3 b/src/lib/libssl/man/DTLSv1_listen.3
index 047ec0a7ff..bdba1c59b0 100644
--- a/src/lib/libssl/man/DTLSv1_listen.3
+++ b/src/lib/libssl/man/DTLSv1_listen.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: DTLSv1_listen.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: DTLSv1_listen.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 7795475f Dec 18 13:18:31 2015 -0500 2.\" OpenSSL 7795475f Dec 18 13:18:31 2015 -0500
3.\" 3.\"
4.\" This file was written by Matt Caswell <matt@openssl.org>. 4.\" This file was written by Matt Caswell <matt@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt DTLSV1_LISTEN 3 52.Dt DTLSV1_LISTEN 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm DTLSv1_listen 55.Nm DTLSv1_listen
56.Nd listen for incoming DTLS connections 56.Nd listen for incoming DTLS connections
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft int 60.Ft int
60.Fo DTLSv1_listen 61.Fo DTLSv1_listen
diff --git a/src/lib/libssl/man/OPENSSL_init_ssl.3 b/src/lib/libssl/man/OPENSSL_init_ssl.3
index f37dccfaac..ec840f5e1c 100644
--- a/src/lib/libssl/man/OPENSSL_init_ssl.3
+++ b/src/lib/libssl/man/OPENSSL_init_ssl.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: OPENSSL_init_ssl.3,v 1.4 2019/06/14 13:41:31 schwarze Exp $ 1.\" $OpenBSD: OPENSSL_init_ssl.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org> 2.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
3.\" 3.\"
4.\" Permission to use, copy, modify, and distribute this software for any 4.\" Permission to use, copy, modify, and distribute this software for any
@@ -13,13 +13,14 @@
13.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 13.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15.\" 15.\"
16.Dd $Mdocdate: June 14 2019 $ 16.Dd $Mdocdate: June 8 2025 $
17.Dt OPENSSL_INIT_SSL 3 17.Dt OPENSSL_INIT_SSL 3
18.Os 18.Os
19.Sh NAME 19.Sh NAME
20.Nm OPENSSL_init_ssl 20.Nm OPENSSL_init_ssl
21.Nd initialise the crypto and ssl libraries 21.Nd initialise the crypto and ssl libraries
22.Sh SYNOPSIS 22.Sh SYNOPSIS
23.Lb libssl libcrypto
23.In openssl/ssl.h 24.In openssl/ssl.h
24.Ft int 25.Ft int
25.Fo OPENSSL_init_ssl 26.Fo OPENSSL_init_ssl
diff --git a/src/lib/libssl/man/PEM_read_SSL_SESSION.3 b/src/lib/libssl/man/PEM_read_SSL_SESSION.3
index 3eb1414c62..93bd0b8ebd 100644
--- a/src/lib/libssl/man/PEM_read_SSL_SESSION.3
+++ b/src/lib/libssl/man/PEM_read_SSL_SESSION.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: PEM_read_SSL_SESSION.3,v 1.4 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: PEM_read_SSL_SESSION.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL doc/man3/PEM_read_CMS.pod b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL doc/man3/PEM_read_CMS.pod b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Rich Salz <rsalz@openssl.org>. 4.\" This file was written by Rich Salz <rsalz@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 12 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt PEM_READ_SSL_SESSION 3 52.Dt PEM_READ_SSL_SESSION 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm PEM_write_bio_SSL_SESSION 58.Nm PEM_write_bio_SSL_SESSION
59.Nd encode and decode SSL session objects in PEM format 59.Nd encode and decode SSL session objects in PEM format
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft SSL_SESSION * 63.Ft SSL_SESSION *
63.Fo PEM_read_SSL_SESSION 64.Fo PEM_read_SSL_SESSION
diff --git a/src/lib/libssl/man/SSL_CIPHER_get_name.3 b/src/lib/libssl/man/SSL_CIPHER_get_name.3
index 86c1d3c0ba..fc92eb9723 100644
--- a/src/lib/libssl/man/SSL_CIPHER_get_name.3
+++ b/src/lib/libssl/man/SSL_CIPHER_get_name.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CIPHER_get_name.3,v 1.17 2024/07/16 10:19:38 tb Exp $ 1.\" $OpenBSD: SSL_CIPHER_get_name.3,v 1.19 2025/06/13 18:34:00 schwarze Exp $
2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 3.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
4.\" 4.\"
@@ -52,7 +52,7 @@
52.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 52.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
53.\" OF THE POSSIBILITY OF SUCH DAMAGE. 53.\" OF THE POSSIBILITY OF SUCH DAMAGE.
54.\" 54.\"
55.Dd $Mdocdate: July 16 2024 $ 55.Dd $Mdocdate: June 13 2025 $
56.Dt SSL_CIPHER_GET_NAME 3 56.Dt SSL_CIPHER_GET_NAME 3
57.Os 57.Os
58.Sh NAME 58.Sh NAME
@@ -70,6 +70,7 @@
70.Nm SSL_CIPHER_description 70.Nm SSL_CIPHER_description
71.Nd get SSL_CIPHER properties 71.Nd get SSL_CIPHER properties
72.Sh SYNOPSIS 72.Sh SYNOPSIS
73.Lb libssl libcrypto
73.In openssl/ssl.h 74.In openssl/ssl.h
74.Ft const char * 75.Ft const char *
75.Fn SSL_CIPHER_get_name "const SSL_CIPHER *cipher" 76.Fn SSL_CIPHER_get_name "const SSL_CIPHER *cipher"
@@ -81,7 +82,7 @@
81.Fn SSL_CIPHER_get_cipher_nid "const SSL_CIPHER *cipher" 82.Fn SSL_CIPHER_get_cipher_nid "const SSL_CIPHER *cipher"
82.Ft int 83.Ft int
83.Fn SSL_CIPHER_get_digest_nid "const SSL_CIPHER *cipher" 84.Fn SSL_CIPHER_get_digest_nid "const SSL_CIPHER *cipher"
84.Ft "const EVP_MD *" 85.Ft const EVP_MD *
85.Fn SSL_CIPHER_get_handshake_digest "const SSL_CIPHER *cipher" 86.Fn SSL_CIPHER_get_handshake_digest "const SSL_CIPHER *cipher"
86.Ft int 87.Ft int
87.Fn SSL_CIPHER_get_kx_nid "const SSL_CIPHER *cipher" 88.Fn SSL_CIPHER_get_kx_nid "const SSL_CIPHER *cipher"
diff --git a/src/lib/libssl/man/SSL_COMP_add_compression_method.3 b/src/lib/libssl/man/SSL_COMP_add_compression_method.3
index f9e25358d7..0b990ca88e 100644
--- a/src/lib/libssl/man/SSL_COMP_add_compression_method.3
+++ b/src/lib/libssl/man/SSL_COMP_add_compression_method.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_COMP_add_compression_method.3,v 1.7 2024/08/31 10:51:48 tb Exp $ 1.\" $OpenBSD: SSL_COMP_add_compression_method.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,13 +14,14 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: August 31 2024 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_COMP_ADD_COMPRESSION_METHOD 3 18.Dt SSL_COMP_ADD_COMPRESSION_METHOD 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
21.Nm SSL_COMP_get_compression_methods 21.Nm SSL_COMP_get_compression_methods
22.Nd handle SSL/TLS integrated compression methods 22.Nd handle SSL/TLS integrated compression methods
23.Sh SYNOPSIS 23.Sh SYNOPSIS
24.Lb libssl libcrypto
24.In openssl/ssl.h 25.In openssl/ssl.h
25.Ft STACK_OF(SSL_COMP) * 26.Ft STACK_OF(SSL_COMP) *
26.Fn SSL_COMP_get_compression_methods void 27.Fn SSL_COMP_get_compression_methods void
diff --git a/src/lib/libssl/man/SSL_CTX_add1_chain_cert.3 b/src/lib/libssl/man/SSL_CTX_add1_chain_cert.3
index 86eb27a523..91c4c80758 100644
--- a/src/lib/libssl/man/SSL_CTX_add1_chain_cert.3
+++ b/src/lib/libssl/man/SSL_CTX_add1_chain_cert.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_add1_chain_cert.3,v 1.2 2025/01/18 10:45:12 tb Exp $ 1.\" $OpenBSD: SSL_CTX_add1_chain_cert.3,v 1.3 2025/06/08 22:52:00 schwarze Exp $
2.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 2.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
3.\" 3.\"
4.\" This file was written by Dr. Stephen Henson <steve@openssl.org> 4.\" This file was written by Dr. Stephen Henson <steve@openssl.org>
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: January 18 2025 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CTX_ADD1_CHAIN_CERT 3 53.Dt SSL_CTX_ADD1_CHAIN_CERT 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -67,6 +67,7 @@
67.Nm SSL_clear_chain_certs 67.Nm SSL_clear_chain_certs
68.Nd extra chain certificate processing 68.Nd extra chain certificate processing
69.Sh SYNOPSIS 69.Sh SYNOPSIS
70.Lb libssl libcrypto
70.In openssl/ssl.h 71.In openssl/ssl.h
71.Ft int 72.Ft int
72.Fo SSL_CTX_set0_chain 73.Fo SSL_CTX_set0_chain
diff --git a/src/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 b/src/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
index b9694b0cbc..891c22a40a 100644
--- a/src/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
+++ b/src/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_add_extra_chain_cert.3,v 1.8 2025/01/18 10:45:12 tb Exp $ 1.\" $OpenBSD: SSL_CTX_add_extra_chain_cert.3,v 1.9 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org> and 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org> and
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: January 18 2025 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_CTX_ADD_EXTRA_CHAIN_CERT 3 54.Dt SSL_CTX_ADD_EXTRA_CHAIN_CERT 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -60,6 +60,7 @@
60.Nm SSL_CTX_clear_extra_chain_certs 60.Nm SSL_CTX_clear_extra_chain_certs
61.Nd add, retrieve, and clear extra chain certificates 61.Nd add, retrieve, and clear extra chain certificates
62.Sh SYNOPSIS 62.Sh SYNOPSIS
63.Lb libssl libcrypto
63.In openssl/ssl.h 64.In openssl/ssl.h
64.Ft long 65.Ft long
65.Fn SSL_CTX_add_extra_chain_cert "SSL_CTX *ctx" "X509 *x509" 66.Fn SSL_CTX_add_extra_chain_cert "SSL_CTX *ctx" "X509 *x509"
diff --git a/src/lib/libssl/man/SSL_CTX_add_session.3 b/src/lib/libssl/man/SSL_CTX_add_session.3
index 443bdb542a..df634bcdda 100644
--- a/src/lib/libssl/man/SSL_CTX_add_session.3
+++ b/src/lib/libssl/man/SSL_CTX_add_session.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_add_session.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_add_session.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_CTX_add_session.pod 1722496f Jun 8 15:18:38 2017 -0400 2.\" OpenSSL SSL_CTX_add_session.pod 1722496f Jun 8 15:18:38 2017 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org> and 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org> and
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: March 27 2018 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CTX_ADD_SESSION 3 53.Dt SSL_CTX_ADD_SESSION 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_CTX_remove_session 57.Nm SSL_CTX_remove_session
58.Nd manipulate session cache 58.Nd manipulate session cache
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fn SSL_CTX_add_session "SSL_CTX *ctx" "SSL_SESSION *c" 63.Fn SSL_CTX_add_session "SSL_CTX *ctx" "SSL_SESSION *c"
diff --git a/src/lib/libssl/man/SSL_CTX_ctrl.3 b/src/lib/libssl/man/SSL_CTX_ctrl.3
index c91ddff374..4d254d8f48 100644
--- a/src/lib/libssl/man/SSL_CTX_ctrl.3
+++ b/src/lib/libssl/man/SSL_CTX_ctrl.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_ctrl.3,v 1.7 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_ctrl.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_CTRL 3 52.Dt SSL_CTX_CTRL 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_callback_ctrl 58.Nm SSL_callback_ctrl
59.Nd internal handling functions for SSL_CTX and SSL objects 59.Nd internal handling functions for SSL_CTX and SSL objects
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft long 63.Ft long
63.Fn SSL_CTX_ctrl "SSL_CTX *ctx" "int cmd" "long larg" "void *parg" 64.Fn SSL_CTX_ctrl "SSL_CTX *ctx" "int cmd" "long larg" "void *parg"
diff --git a/src/lib/libssl/man/SSL_CTX_flush_sessions.3 b/src/lib/libssl/man/SSL_CTX_flush_sessions.3
index 2ef781cb4a..deabf5200a 100644
--- a/src/lib/libssl/man/SSL_CTX_flush_sessions.3
+++ b/src/lib/libssl/man/SSL_CTX_flush_sessions.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_flush_sessions.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_flush_sessions.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_CTX_flush_sessions.pod 1722496f Jun 8 15:18:38 2017 -0400 2.\" OpenSSL SSL_CTX_flush_sessions.pod 1722496f Jun 8 15:18:38 2017 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_FLUSH_SESSIONS 3 52.Dt SSL_CTX_FLUSH_SESSIONS 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_CTX_flush_sessions 55.Nm SSL_CTX_flush_sessions
56.Nd remove expired sessions 56.Nd remove expired sessions
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft void 60.Ft void
60.Fn SSL_CTX_flush_sessions "SSL_CTX *ctx" "long tm" 61.Fn SSL_CTX_flush_sessions "SSL_CTX *ctx" "long tm"
diff --git a/src/lib/libssl/man/SSL_CTX_free.3 b/src/lib/libssl/man/SSL_CTX_free.3
index 47f247631b..0afef7cd0e 100644
--- a/src/lib/libssl/man/SSL_CTX_free.3
+++ b/src/lib/libssl/man/SSL_CTX_free.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_free.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_free.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_FREE 3 52.Dt SSL_CTX_FREE 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_CTX_free 55.Nm SSL_CTX_free
56.Nd free an allocated SSL_CTX object 56.Nd free an allocated SSL_CTX object
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft void 60.Ft void
60.Fn SSL_CTX_free "SSL_CTX *ctx" 61.Fn SSL_CTX_free "SSL_CTX *ctx"
diff --git a/src/lib/libssl/man/SSL_CTX_get0_certificate.3 b/src/lib/libssl/man/SSL_CTX_get0_certificate.3
index 63c86bd5e0..226e6cd87a 100644
--- a/src/lib/libssl/man/SSL_CTX_get0_certificate.3
+++ b/src/lib/libssl/man/SSL_CTX_get0_certificate.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_get0_certificate.3,v 1.3 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_get0_certificate.3,v 1.4 2025/06/08 22:47:20 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,13 +14,15 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: June 12 2019 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_CTX_GET0_CERTIFICATE 3 18.Dt SSL_CTX_GET0_CERTIFICATE 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
21.Nm SSL_CTX_get0_certificate 21.Nm SSL_CTX_get0_certificate
22.Nd get the active certificate from an SSL context 22.Nd get the active certificate from an SSL context
23.Sh SYNOPSIS 23.Sh SYNOPSIS
24.Lb libssl libcrypto
25.In openssl/ssl.h
24.Ft X509 * 26.Ft X509 *
25.Fo SSL_CTX_get0_certificate 27.Fo SSL_CTX_get0_certificate
26.Fa "const SSL_CTX *ctx" 28.Fa "const SSL_CTX *ctx"
diff --git a/src/lib/libssl/man/SSL_CTX_get_ex_new_index.3 b/src/lib/libssl/man/SSL_CTX_get_ex_new_index.3
index 3dbaf2e981..30a02cc317 100644
--- a/src/lib/libssl/man/SSL_CTX_get_ex_new_index.3
+++ b/src/lib/libssl/man/SSL_CTX_get_ex_new_index.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_get_ex_new_index.3,v 1.3 2018/03/21 08:06:34 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_get_ex_new_index.3,v 1.4 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 21 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_GET_EX_NEW_INDEX 3 52.Dt SSL_CTX_GET_EX_NEW_INDEX 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_CTX_get_ex_data 57.Nm SSL_CTX_get_ex_data
58.Nd internal application specific data functions 58.Nd internal application specific data functions
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fo SSL_CTX_get_ex_new_index 63.Fo SSL_CTX_get_ex_new_index
diff --git a/src/lib/libssl/man/SSL_CTX_get_verify_mode.3 b/src/lib/libssl/man/SSL_CTX_get_verify_mode.3
index 7c87775069..88187f7f3c 100644
--- a/src/lib/libssl/man/SSL_CTX_get_verify_mode.3
+++ b/src/lib/libssl/man/SSL_CTX_get_verify_mode.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_get_verify_mode.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_get_verify_mode.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_GET_VERIFY_MODE 3 52.Dt SSL_CTX_GET_VERIFY_MODE 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -60,6 +60,7 @@
60.Nm SSL_CTX_get_verify_callback 60.Nm SSL_CTX_get_verify_callback
61.Nd get currently set verification parameters 61.Nd get currently set verification parameters
62.Sh SYNOPSIS 62.Sh SYNOPSIS
63.Lb libssl libcrypto
63.In openssl/ssl.h 64.In openssl/ssl.h
64.Ft int 65.Ft int
65.Fn SSL_CTX_get_verify_mode "const SSL_CTX *ctx" 66.Fn SSL_CTX_get_verify_mode "const SSL_CTX *ctx"
diff --git a/src/lib/libssl/man/SSL_CTX_load_verify_locations.3 b/src/lib/libssl/man/SSL_CTX_load_verify_locations.3
index 373df2402e..0cc22f433d 100644
--- a/src/lib/libssl/man/SSL_CTX_load_verify_locations.3
+++ b/src/lib/libssl/man/SSL_CTX_load_verify_locations.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_load_verify_locations.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_load_verify_locations.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: March 27 2018 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CTX_LOAD_VERIFY_LOCATIONS 3 53.Dt SSL_CTX_LOAD_VERIFY_LOCATIONS 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_CTX_set_default_verify_paths 57.Nm SSL_CTX_set_default_verify_paths
58.Nd set default locations for trusted CA certificates 58.Nd set default locations for trusted CA certificates
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fo SSL_CTX_load_verify_locations 63.Fo SSL_CTX_load_verify_locations
diff --git a/src/lib/libssl/man/SSL_CTX_new.3 b/src/lib/libssl/man/SSL_CTX_new.3
index 4b50a03de4..2afad5378c 100644
--- a/src/lib/libssl/man/SSL_CTX_new.3
+++ b/src/lib/libssl/man/SSL_CTX_new.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_new.3,v 1.17 2022/07/13 22:05:53 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_new.3,v 1.18 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 21cd6e00 Oct 21 14:40:15 2015 +0100 2.\" full merge up to: OpenSSL 21cd6e00 Oct 21 14:40:15 2015 +0100
3.\" selective merge up to: OpenSSL 8f75443f May 24 14:04:26 2019 +0200 3.\" selective merge up to: OpenSSL 8f75443f May 24 14:04:26 2019 +0200
4.\" 4.\"
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: July 13 2022 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_CTX_NEW 3 54.Dt SSL_CTX_NEW 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -82,6 +82,7 @@
82.Nm DTLSv1_2_client_method 82.Nm DTLSv1_2_client_method
83.Nd create a new SSL_CTX object as a framework for TLS enabled functions 83.Nd create a new SSL_CTX object as a framework for TLS enabled functions
84.Sh SYNOPSIS 84.Sh SYNOPSIS
85.Lb libssl libcrypto
85.In openssl/ssl.h 86.In openssl/ssl.h
86.Ft SSL_CTX * 87.Ft SSL_CTX *
87.Fn SSL_CTX_new "const SSL_METHOD *method" 88.Fn SSL_CTX_new "const SSL_METHOD *method"
diff --git a/src/lib/libssl/man/SSL_CTX_sess_number.3 b/src/lib/libssl/man/SSL_CTX_sess_number.3
index 76d436cd17..854f6256eb 100644
--- a/src/lib/libssl/man/SSL_CTX_sess_number.3
+++ b/src/lib/libssl/man/SSL_CTX_sess_number.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_sess_number.3,v 1.9 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_sess_number.3,v 1.10 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_CTX_sess_number.pod 7bd27895 Mar 29 11:45:29 2017 +1000 2.\" OpenSSL SSL_CTX_sess_number.pod 7bd27895 Mar 29 11:45:29 2017 +1000
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 12 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SESS_NUMBER 3 52.Dt SSL_CTX_SESS_NUMBER 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -66,6 +66,7 @@
66.Nm SSL_CTX_sess_cache_full 66.Nm SSL_CTX_sess_cache_full
67.Nd obtain session cache statistics 67.Nd obtain session cache statistics
68.Sh SYNOPSIS 68.Sh SYNOPSIS
69.Lb libssl libcrypto
69.In openssl/ssl.h 70.In openssl/ssl.h
70.Ft long 71.Ft long
71.Fn SSL_CTX_sess_number "SSL_CTX *ctx" 72.Fn SSL_CTX_sess_number "SSL_CTX *ctx"
diff --git a/src/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 b/src/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
index 6d5fede0b6..e8bfe50a3c 100644
--- a/src/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
+++ b/src/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_sess_set_cache_size.3,v 1.5 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_sess_set_cache_size.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 12 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SESS_SET_CACHE_SIZE 3 52.Dt SSL_CTX_SESS_SET_CACHE_SIZE 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -56,6 +56,7 @@
56.Nm SSL_CTX_sess_get_cache_size 56.Nm SSL_CTX_sess_get_cache_size
57.Nd manipulate session cache size 57.Nd manipulate session cache size
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft long 61.Ft long
61.Fn SSL_CTX_sess_set_cache_size "SSL_CTX *ctx" "long t" 62.Fn SSL_CTX_sess_set_cache_size "SSL_CTX *ctx" "long t"
diff --git a/src/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 b/src/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
index e99f2be671..62a6698399 100644
--- a/src/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
+++ b/src/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_sess_set_get_cb.3,v 1.7 2022/03/29 18:15:52 naddy Exp $ 1.\" $OpenBSD: SSL_CTX_sess_set_get_cb.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: March 29 2022 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CTX_SESS_SET_GET_CB 3 53.Dt SSL_CTX_SESS_SET_GET_CB 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -61,6 +61,7 @@
61.Nm SSL_CTX_sess_get_get_cb 61.Nm SSL_CTX_sess_get_get_cb
62.Nd provide callback functions for server side external session caching 62.Nd provide callback functions for server side external session caching
63.Sh SYNOPSIS 63.Sh SYNOPSIS
64.Lb libssl libcrypto
64.In openssl/ssl.h 65.In openssl/ssl.h
65.Ft void 66.Ft void
66.Fo SSL_CTX_sess_set_new_cb 67.Fo SSL_CTX_sess_set_new_cb
diff --git a/src/lib/libssl/man/SSL_CTX_sessions.3 b/src/lib/libssl/man/SSL_CTX_sessions.3
index 964d1a7346..627c694cd8 100644
--- a/src/lib/libssl/man/SSL_CTX_sessions.3
+++ b/src/lib/libssl/man/SSL_CTX_sessions.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_sessions.3,v 1.5 2018/04/25 14:19:39 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_sessions.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: April 25 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SESSIONS 3 52.Dt SSL_CTX_SESSIONS 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_CTX_sessions 55.Nm SSL_CTX_sessions
56.Nd access internal session cache 56.Nd access internal session cache
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft LHASH_OF(SSL_SESSION) * 60.Ft LHASH_OF(SSL_SESSION) *
60.Fn SSL_CTX_sessions "SSL_CTX *ctx" 61.Fn SSL_CTX_sessions "SSL_CTX *ctx"
diff --git a/src/lib/libssl/man/SSL_CTX_set1_groups.3 b/src/lib/libssl/man/SSL_CTX_set1_groups.3
index 0d1eb36ea7..8cd620d3b4 100644
--- a/src/lib/libssl/man/SSL_CTX_set1_groups.3
+++ b/src/lib/libssl/man/SSL_CTX_set1_groups.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set1_groups.3,v 1.2 2017/08/19 19:36:39 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set1_groups.3,v 1.3 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_CTX_set1_curves.pod de4d764e Nov 9 14:51:06 2016 +0000 2.\" OpenSSL SSL_CTX_set1_curves.pod de4d764e Nov 9 14:51:06 2016 +0000
3.\" 3.\"
4.\" This file was written by Dr. Stephen Henson <steve@openssl.org>. 4.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: August 19 2017 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET1_GROUPS 3 52.Dt SSL_CTX_SET1_GROUPS 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -62,6 +62,7 @@
62.Nm SSL_set1_curves_list 62.Nm SSL_set1_curves_list
63.Nd choose supported EC groups 63.Nd choose supported EC groups
64.Sh SYNOPSIS 64.Sh SYNOPSIS
65.Lb libssl libcrypto
65.In openssl/ssl.h 66.In openssl/ssl.h
66.Ft int 67.Ft int
67.Fo SSL_CTX_set1_groups 68.Fo SSL_CTX_set1_groups
diff --git a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
index 2317c57af4..ff69408247 100644
--- a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
+++ b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.11 2025/02/04 14:00:05 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.12 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 87b81496 Apr 19 12:38:27 2017 -0400 2.\" OpenSSL 87b81496 Apr 19 12:38:27 2017 -0400
3.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 3.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
4.\" 4.\"
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: February 4 2025 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CTX_SET_ALPN_SELECT_CB 3 53.Dt SSL_CTX_SET_ALPN_SELECT_CB 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -60,6 +60,7 @@
60.Nm SSL_get0_alpn_selected 60.Nm SSL_get0_alpn_selected
61.Nd handle application layer protocol negotiation (ALPN) 61.Nd handle application layer protocol negotiation (ALPN)
62.Sh SYNOPSIS 62.Sh SYNOPSIS
63.Lb libssl libcrypto
63.In openssl/ssl.h 64.In openssl/ssl.h
64.Ft int 65.Ft int
65.Fo SSL_CTX_set_alpn_protos 66.Fo SSL_CTX_set_alpn_protos
diff --git a/src/lib/libssl/man/SSL_CTX_set_cert_store.3 b/src/lib/libssl/man/SSL_CTX_set_cert_store.3
index 1be1ba2f68..75c145fd78 100644
--- a/src/lib/libssl/man/SSL_CTX_set_cert_store.3
+++ b/src/lib/libssl/man/SSL_CTX_set_cert_store.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_cert_store.3,v 1.8 2024/08/03 04:53:01 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_cert_store.3,v 1.9 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 2.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: August 3 2024 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_CERT_STORE 3 52.Dt SSL_CTX_SET_CERT_STORE 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_CTX_get_cert_store 57.Nm SSL_CTX_get_cert_store
58.Nd manipulate X509 certificate verification storage 58.Nd manipulate X509 certificate verification storage
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft void 62.Ft void
62.Fn SSL_CTX_set_cert_store "SSL_CTX *ctx" "X509_STORE *store" 63.Fn SSL_CTX_set_cert_store "SSL_CTX *ctx" "X509_STORE *store"
diff --git a/src/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 b/src/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
index 0e12b48c78..2e2beac850 100644
--- a/src/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
+++ b/src/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_cert_verify_callback.3,v 1.5 2019/06/08 15:25:43 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_cert_verify_callback.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 8 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_CERT_VERIFY_CALLBACK 3 52.Dt SSL_CTX_SET_CERT_VERIFY_CALLBACK 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_CTX_set_cert_verify_callback 55.Nm SSL_CTX_set_cert_verify_callback
56.Nd set peer certificate verification procedure 56.Nd set peer certificate verification procedure
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft void 60.Ft void
60.Fo SSL_CTX_set_cert_verify_callback 61.Fo SSL_CTX_set_cert_verify_callback
diff --git a/src/lib/libssl/man/SSL_CTX_set_cipher_list.3 b/src/lib/libssl/man/SSL_CTX_set_cipher_list.3
index b3f0dc3541..6201dc9f55 100644
--- a/src/lib/libssl/man/SSL_CTX_set_cipher_list.3
+++ b/src/lib/libssl/man/SSL_CTX_set_cipher_list.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_cipher_list.3,v 1.18 2025/01/18 12:20:02 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_cipher_list.3,v 1.19 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file is a derived work. 4.\" This file is a derived work.
@@ -65,7 +65,7 @@
65.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 65.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
66.\" OF THE POSSIBILITY OF SUCH DAMAGE. 66.\" OF THE POSSIBILITY OF SUCH DAMAGE.
67.\" 67.\"
68.Dd $Mdocdate: January 18 2025 $ 68.Dd $Mdocdate: June 8 2025 $
69.Dt SSL_CTX_SET_CIPHER_LIST 3 69.Dt SSL_CTX_SET_CIPHER_LIST 3
70.Os 70.Os
71.Sh NAME 71.Sh NAME
@@ -73,6 +73,7 @@
73.Nm SSL_set_cipher_list 73.Nm SSL_set_cipher_list
74.Nd choose list of available SSL_CIPHERs 74.Nd choose list of available SSL_CIPHERs
75.Sh SYNOPSIS 75.Sh SYNOPSIS
76.Lb libssl libcrypto
76.In openssl/ssl.h 77.In openssl/ssl.h
77.Ft int 78.Ft int
78.Fn SSL_CTX_set_cipher_list "SSL_CTX *ctx" "const char *control" 79.Fn SSL_CTX_set_cipher_list "SSL_CTX *ctx" "const char *control"
diff --git a/src/lib/libssl/man/SSL_CTX_set_client_CA_list.3 b/src/lib/libssl/man/SSL_CTX_set_client_CA_list.3
index d19fb93ed0..520be04318 100644
--- a/src/lib/libssl/man/SSL_CTX_set_client_CA_list.3
+++ b/src/lib/libssl/man/SSL_CTX_set_client_CA_list.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_client_CA_list.3,v 1.6 2020/03/30 10:28:59 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_client_CA_list.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,16 +48,17 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 30 2020 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_CLIENT_CA_LIST 3 52.Dt SSL_CTX_SET_CLIENT_CA_LIST 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_CTX_set_client_CA_list , 55.Nm SSL_CTX_set_client_CA_list ,
56.Nm SSL_set_client_CA_list , 56.Nm SSL_set_client_CA_list ,
57.Nm SSL_CTX_add_client_CA , 57.Nm SSL_CTX_add_client_CA ,
58.Nm SSL_add_client_CA 58.Nm SSL_add_client_CA
59.Nd set list of CAs sent to the client when requesting a client certificate 59.Nd set list of CAs sent to the client when requesting a client certificate
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft void 63.Ft void
63.Fn SSL_CTX_set_client_CA_list "SSL_CTX *ctx" "STACK_OF(X509_NAME) *list" 64.Fn SSL_CTX_set_client_CA_list "SSL_CTX *ctx" "STACK_OF(X509_NAME) *list"
diff --git a/src/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 b/src/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
index a2433b5e92..2cf8275602 100644
--- a/src/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
+++ b/src/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_client_cert_cb.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_client_cert_cb.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_CLIENT_CERT_CB 3 52.Dt SSL_CTX_SET_CLIENT_CERT_CB 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -56,6 +56,7 @@
56.Nm SSL_CTX_get_client_cert_cb 56.Nm SSL_CTX_get_client_cert_cb
57.Nd handle client certificate callback function 57.Nd handle client certificate callback function
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft void 61.Ft void
61.Fo SSL_CTX_set_client_cert_cb 62.Fo SSL_CTX_set_client_cert_cb
diff --git a/src/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 b/src/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
index 94b4ea543d..e3da1bec66 100644
--- a/src/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
+++ b/src/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_default_passwd_cb.3,v 1.9 2023/09/19 09:40:35 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_default_passwd_cb.3,v 1.10 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 2.\" full merge up to: OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
3.\" selective merge up to: OpenSSL 18bad535 Apr 9 15:13:55 2019 +0100 3.\" selective merge up to: OpenSSL 18bad535 Apr 9 15:13:55 2019 +0100
4.\" 4.\"
@@ -67,7 +67,7 @@
67.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 67.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
68.\" OF THE POSSIBILITY OF SUCH DAMAGE. 68.\" OF THE POSSIBILITY OF SUCH DAMAGE.
69.\" 69.\"
70.Dd $Mdocdate: September 19 2023 $ 70.Dd $Mdocdate: June 8 2025 $
71.Dt SSL_CTX_SET_DEFAULT_PASSWD_CB 3 71.Dt SSL_CTX_SET_DEFAULT_PASSWD_CB 3
72.Os 72.Os
73.Sh NAME 73.Sh NAME
@@ -77,6 +77,7 @@
77.Nm SSL_CTX_get_default_passwd_cb_userdata 77.Nm SSL_CTX_get_default_passwd_cb_userdata
78.Nd set or get passwd callback for encrypted PEM file handling 78.Nd set or get passwd callback for encrypted PEM file handling
79.Sh SYNOPSIS 79.Sh SYNOPSIS
80.Lb libssl libcrypto
80.In openssl/ssl.h 81.In openssl/ssl.h
81.Ft void 82.Ft void
82.Fn SSL_CTX_set_default_passwd_cb "SSL_CTX *ctx" "pem_password_cb *cb" 83.Fn SSL_CTX_set_default_passwd_cb "SSL_CTX *ctx" "pem_password_cb *cb"
diff --git a/src/lib/libssl/man/SSL_CTX_set_generate_session_id.3 b/src/lib/libssl/man/SSL_CTX_set_generate_session_id.3
index d85383d776..29c102ac50 100644
--- a/src/lib/libssl/man/SSL_CTX_set_generate_session_id.3
+++ b/src/lib/libssl/man/SSL_CTX_set_generate_session_id.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_generate_session_id.3,v 1.5 2018/03/22 21:09:18 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_generate_session_id.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 22 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_GENERATE_SESSION_ID 3 52.Dt SSL_CTX_SET_GENERATE_SESSION_ID 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm GEN_SESSION_CB 58.Nm GEN_SESSION_CB
59.Nd manipulate generation of SSL session IDs (server only) 59.Nd manipulate generation of SSL session IDs (server only)
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft typedef int 63.Ft typedef int
63.Fo (*GEN_SESSION_CB) 64.Fo (*GEN_SESSION_CB)
diff --git a/src/lib/libssl/man/SSL_CTX_set_info_callback.3 b/src/lib/libssl/man/SSL_CTX_set_info_callback.3
index 76eb8bee61..ec251b5b69 100644
--- a/src/lib/libssl/man/SSL_CTX_set_info_callback.3
+++ b/src/lib/libssl/man/SSL_CTX_set_info_callback.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_info_callback.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_info_callback.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_INFO_CALLBACK 3 52.Dt SSL_CTX_SET_INFO_CALLBACK 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_get_info_callback 58.Nm SSL_get_info_callback
59.Nd handle information callback for SSL connections 59.Nd handle information callback for SSL connections
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft void 63.Ft void
63.Fo SSL_CTX_set_info_callback 64.Fo SSL_CTX_set_info_callback
diff --git a/src/lib/libssl/man/SSL_CTX_set_keylog_callback.3 b/src/lib/libssl/man/SSL_CTX_set_keylog_callback.3
index 24b8f9992f..0cb36b07c6 100644
--- a/src/lib/libssl/man/SSL_CTX_set_keylog_callback.3
+++ b/src/lib/libssl/man/SSL_CTX_set_keylog_callback.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_keylog_callback.3,v 1.3 2024/05/16 08:39:30 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_keylog_callback.3,v 1.4 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL pod checked up to: 61f805c1 Jan 16 01:01:46 2018 +0800 2.\" OpenSSL pod checked up to: 61f805c1 Jan 16 01:01:46 2018 +0800
3.\" 3.\"
4.\" Copyright (c) 2021 Bob Beck <beck@openbsd.org> 4.\" Copyright (c) 2021 Bob Beck <beck@openbsd.org>
@@ -15,7 +15,7 @@
15.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17.\" 17.\"
18.Dd $Mdocdate: May 16 2024 $ 18.Dd $Mdocdate: June 8 2025 $
19.Dt SSL_CTX_SET_KEYLOG_CALLBACK 3 19.Dt SSL_CTX_SET_KEYLOG_CALLBACK 3
20.Os 20.Os
21.Sh NAME 21.Sh NAME
@@ -23,6 +23,7 @@
23.Nm SSL_CTX_get_keylog_callback 23.Nm SSL_CTX_get_keylog_callback
24.Nd set and get the unused key logging callback 24.Nd set and get the unused key logging callback
25.Sh SYNOPSIS 25.Sh SYNOPSIS
26.Lb libssl libcrypto
26.In openssl/ssl.h 27.In openssl/ssl.h
27.Ft typedef void 28.Ft typedef void
28.Fo (*SSL_CTX_keylog_cb_func) 29.Fo (*SSL_CTX_keylog_cb_func)
diff --git a/src/lib/libssl/man/SSL_CTX_set_max_cert_list.3 b/src/lib/libssl/man/SSL_CTX_set_max_cert_list.3
index 89513b1006..700f534f54 100644
--- a/src/lib/libssl/man/SSL_CTX_set_max_cert_list.3
+++ b/src/lib/libssl/man/SSL_CTX_set_max_cert_list.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_max_cert_list.3,v 1.6 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_max_cert_list.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 12 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_MAX_CERT_LIST 3 52.Dt SSL_CTX_SET_MAX_CERT_LIST 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_get_max_cert_list 58.Nm SSL_get_max_cert_list
59.Nd manipulate allowed size for the peer's certificate chain 59.Nd manipulate allowed size for the peer's certificate chain
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft long 63.Ft long
63.Fn SSL_CTX_set_max_cert_list "SSL_CTX *ctx" "long size" 64.Fn SSL_CTX_set_max_cert_list "SSL_CTX *ctx" "long size"
diff --git a/src/lib/libssl/man/SSL_CTX_set_min_proto_version.3 b/src/lib/libssl/man/SSL_CTX_set_min_proto_version.3
index a2597cda83..50a5fc448d 100644
--- a/src/lib/libssl/man/SSL_CTX_set_min_proto_version.3
+++ b/src/lib/libssl/man/SSL_CTX_set_min_proto_version.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_min_proto_version.3,v 1.5 2021/04/15 16:40:32 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_min_proto_version.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 3edabd3c Sep 14 09:28:39 2017 +0200 2.\" full merge up to: OpenSSL 3edabd3c Sep 14 09:28:39 2017 +0200
3.\" 3.\"
4.\" This file was written by Kurt Roeckx <kurt@roeckx.be> and 4.\" This file was written by Kurt Roeckx <kurt@roeckx.be> and
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: April 15 2021 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CTX_SET_MIN_PROTO_VERSION 3 53.Dt SSL_CTX_SET_MIN_PROTO_VERSION 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -63,6 +63,7 @@
63.Nm SSL_get_max_proto_version 63.Nm SSL_get_max_proto_version
64.Nd get and set minimum and maximum supported protocol version 64.Nd get and set minimum and maximum supported protocol version
65.Sh SYNOPSIS 65.Sh SYNOPSIS
66.Lb libssl libcrypto
66.In openssl/ssl.h 67.In openssl/ssl.h
67.Ft int 68.Ft int
68.Fo SSL_CTX_set_min_proto_version 69.Fo SSL_CTX_set_min_proto_version
diff --git a/src/lib/libssl/man/SSL_CTX_set_mode.3 b/src/lib/libssl/man/SSL_CTX_set_mode.3
index fca1a977d0..62a7a6deda 100644
--- a/src/lib/libssl/man/SSL_CTX_set_mode.3
+++ b/src/lib/libssl/man/SSL_CTX_set_mode.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_mode.3,v 1.7 2020/10/08 16:02:38 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_mode.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 8671b898 Jun 3 02:48:34 2008 +0000 2.\" full merge up to: OpenSSL 8671b898 Jun 3 02:48:34 2008 +0000
3.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 3.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
4.\" 4.\"
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: October 8 2020 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_CTX_SET_MODE 3 54.Dt SSL_CTX_SET_MODE 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -62,6 +62,7 @@
62.Nm SSL_get_mode 62.Nm SSL_get_mode
63.Nd manipulate SSL engine mode 63.Nd manipulate SSL engine mode
64.Sh SYNOPSIS 64.Sh SYNOPSIS
65.Lb libssl libcrypto
65.In openssl/ssl.h 66.In openssl/ssl.h
66.Ft long 67.Ft long
67.Fn SSL_CTX_set_mode "SSL_CTX *ctx" "long mode" 68.Fn SSL_CTX_set_mode "SSL_CTX *ctx" "long mode"
diff --git a/src/lib/libssl/man/SSL_CTX_set_msg_callback.3 b/src/lib/libssl/man/SSL_CTX_set_msg_callback.3
index a27333e6d9..65df06016a 100644
--- a/src/lib/libssl/man/SSL_CTX_set_msg_callback.3
+++ b/src/lib/libssl/man/SSL_CTX_set_msg_callback.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_msg_callback.3,v 1.5 2021/04/15 16:43:27 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_msg_callback.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_CTX_set_msg_callback.pod e9b77246 Jan 20 19:58:49 2017 +0100 2.\" OpenSSL SSL_CTX_set_msg_callback.pod e9b77246 Jan 20 19:58:49 2017 +0100
3.\" OpenSSL SSL_CTX_set_msg_callback.pod b97fdb57 Nov 11 09:33:09 2016 +0100 3.\" OpenSSL SSL_CTX_set_msg_callback.pod b97fdb57 Nov 11 09:33:09 2016 +0100
4.\" 4.\"
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: April 15 2021 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CTX_SET_MSG_CALLBACK 3 53.Dt SSL_CTX_SET_MSG_CALLBACK 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -59,6 +59,7 @@
59.Nm SSL_set_msg_callback_arg 59.Nm SSL_set_msg_callback_arg
60.Nd install callback for observing protocol messages 60.Nd install callback for observing protocol messages
61.Sh SYNOPSIS 61.Sh SYNOPSIS
62.Lb libssl libcrypto
62.In openssl/ssl.h 63.In openssl/ssl.h
63.Ft void 64.Ft void
64.Fo SSL_CTX_set_msg_callback 65.Fo SSL_CTX_set_msg_callback
diff --git a/src/lib/libssl/man/SSL_CTX_set_num_tickets.3 b/src/lib/libssl/man/SSL_CTX_set_num_tickets.3
index cb6d7e000a..093387725a 100644
--- a/src/lib/libssl/man/SSL_CTX_set_num_tickets.3
+++ b/src/lib/libssl/man/SSL_CTX_set_num_tickets.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_num_tickets.3,v 1.2 2021/10/23 17:20:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_num_tickets.3,v 1.3 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL pod checked up to: 5402f96a Sep 11 09:58:52 2021 +0100 2.\" OpenSSL pod checked up to: 5402f96a Sep 11 09:58:52 2021 +0100
3.\" 3.\"
4.\" Copyright (c) 2021 Bob Beck <beck@openbsd.org> 4.\" Copyright (c) 2021 Bob Beck <beck@openbsd.org>
@@ -15,7 +15,7 @@
15.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17.\" 17.\"
18.Dd $Mdocdate: October 23 2021 $ 18.Dd $Mdocdate: June 8 2025 $
19.Dt SSL_CTX_SET_NUM_TICKETS 3 19.Dt SSL_CTX_SET_NUM_TICKETS 3
20.Os 20.Os
21.Sh NAME 21.Sh NAME
@@ -25,6 +25,7 @@
25.Nm SSL_get_num_tickets 25.Nm SSL_get_num_tickets
26.Nd set and get the number of TLS 1.3 session tickets to be sent 26.Nd set and get the number of TLS 1.3 session tickets to be sent
27.Sh SYNOPSIS 27.Sh SYNOPSIS
28.Lb libssl libcrypto
28.In openssl/ssl.h 29.In openssl/ssl.h
29.Ft int 30.Ft int
30.Fn SSL_CTX_set_num_tickets "SSL_CTX *ctx" "size_t num_tickets" 31.Fn SSL_CTX_set_num_tickets "SSL_CTX *ctx" "size_t num_tickets"
diff --git a/src/lib/libssl/man/SSL_CTX_set_options.3 b/src/lib/libssl/man/SSL_CTX_set_options.3
index 5df0b07785..5e81c978bd 100644
--- a/src/lib/libssl/man/SSL_CTX_set_options.3
+++ b/src/lib/libssl/man/SSL_CTX_set_options.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_options.3,v 1.16 2022/03/31 17:27:18 naddy Exp $ 1.\" $OpenBSD: SSL_CTX_set_options.3,v 1.17 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 7946ab33 Dec 6 17:56:41 2015 +0100 2.\" full merge up to: OpenSSL 7946ab33 Dec 6 17:56:41 2015 +0100
3.\" selective merge up to: OpenSSL edb79c3a Mar 29 10:07:14 2017 +1000 3.\" selective merge up to: OpenSSL edb79c3a Mar 29 10:07:14 2017 +1000
4.\" 4.\"
@@ -52,7 +52,7 @@
52.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 52.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
53.\" OF THE POSSIBILITY OF SUCH DAMAGE. 53.\" OF THE POSSIBILITY OF SUCH DAMAGE.
54.\" 54.\"
55.Dd $Mdocdate: March 31 2022 $ 55.Dd $Mdocdate: June 8 2025 $
56.Dt SSL_CTX_SET_OPTIONS 3 56.Dt SSL_CTX_SET_OPTIONS 3
57.Os 57.Os
58.Sh NAME 58.Sh NAME
@@ -65,6 +65,7 @@
65.Nm SSL_get_secure_renegotiation_support 65.Nm SSL_get_secure_renegotiation_support
66.Nd manipulate SSL options 66.Nd manipulate SSL options
67.Sh SYNOPSIS 67.Sh SYNOPSIS
68.Lb libssl libcrypto
68.In openssl/ssl.h 69.In openssl/ssl.h
69.Ft long 70.Ft long
70.Fn SSL_CTX_set_options "SSL_CTX *ctx" "long options" 71.Fn SSL_CTX_set_options "SSL_CTX *ctx" "long options"
diff --git a/src/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 b/src/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
index 71463f1eca..20b882167b 100644
--- a/src/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
+++ b/src/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_quiet_shutdown.3,v 1.6 2020/03/30 10:28:59 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_quiet_shutdown.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 30 2020 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_QUIET_SHUTDOWN 3 52.Dt SSL_CTX_SET_QUIET_SHUTDOWN 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_get_quiet_shutdown 58.Nm SSL_get_quiet_shutdown
59.Nd manipulate shutdown behaviour 59.Nd manipulate shutdown behaviour
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft void 63.Ft void
63.Fn SSL_CTX_set_quiet_shutdown "SSL_CTX *ctx" "int mode" 64.Fn SSL_CTX_set_quiet_shutdown "SSL_CTX *ctx" "int mode"
diff --git a/src/lib/libssl/man/SSL_CTX_set_read_ahead.3 b/src/lib/libssl/man/SSL_CTX_set_read_ahead.3
index eae76eb472..208ecfbf1a 100644
--- a/src/lib/libssl/man/SSL_CTX_set_read_ahead.3
+++ b/src/lib/libssl/man/SSL_CTX_set_read_ahead.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_read_ahead.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_read_ahead.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Matt Caswell <matt@openssl.org>. 4.\" This file was written by Matt Caswell <matt@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_READ_AHEAD 3 52.Dt SSL_CTX_SET_READ_AHEAD 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -59,6 +59,7 @@
59.Nm SSL_CTX_get_default_read_ahead 59.Nm SSL_CTX_get_default_read_ahead
60.Nd manage whether to read as many input bytes as possible 60.Nd manage whether to read as many input bytes as possible
61.Sh SYNOPSIS 61.Sh SYNOPSIS
62.Lb libssl libcrypto
62.In openssl/ssl.h 63.In openssl/ssl.h
63.Ft void 64.Ft void
64.Fo SSL_CTX_set_read_ahead 65.Fo SSL_CTX_set_read_ahead
diff --git a/src/lib/libssl/man/SSL_CTX_set_security_level.3 b/src/lib/libssl/man/SSL_CTX_set_security_level.3
index 89adb3d65d..2d3afa5785 100644
--- a/src/lib/libssl/man/SSL_CTX_set_security_level.3
+++ b/src/lib/libssl/man/SSL_CTX_set_security_level.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_security_level.3,v 1.2 2025/01/18 10:45:12 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_security_level.3,v 1.3 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2022 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2022 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,7 +14,7 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: January 18 2025 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_CTX_SET_SECURITY_LEVEL 3 18.Dt SSL_CTX_SET_SECURITY_LEVEL 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
@@ -24,6 +24,7 @@
24.Nm SSL_get_security_level 24.Nm SSL_get_security_level
25.Nd change security level for TLS 25.Nd change security level for TLS
26.Sh SYNOPSIS 26.Sh SYNOPSIS
27.Lb libssl libcrypto
27.In openssl/ssl.h 28.In openssl/ssl.h
28.Ft void 29.Ft void
29.Fo SSL_CTX_set_security_level 30.Fo SSL_CTX_set_security_level
diff --git a/src/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 b/src/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
index 1fe67b2a7e..d19ff79545 100644
--- a/src/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
+++ b/src/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_session_cache_mode.3,v 1.7 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_session_cache_mode.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 67adf0a7 Dec 25 19:58:38 2016 +0100 2.\" OpenSSL 67adf0a7 Dec 25 19:58:38 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org> and 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org> and
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: June 12 2019 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CTX_SET_SESSION_CACHE_MODE 3 53.Dt SSL_CTX_SET_SESSION_CACHE_MODE 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_CTX_get_session_cache_mode 57.Nm SSL_CTX_get_session_cache_mode
58.Nd enable/disable session caching 58.Nd enable/disable session caching
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft long 62.Ft long
62.Fn SSL_CTX_set_session_cache_mode "SSL_CTX ctx" "long mode" 63.Fn SSL_CTX_set_session_cache_mode "SSL_CTX ctx" "long mode"
diff --git a/src/lib/libssl/man/SSL_CTX_set_session_id_context.3 b/src/lib/libssl/man/SSL_CTX_set_session_id_context.3
index 06fd9348ae..53923888db 100644
--- a/src/lib/libssl/man/SSL_CTX_set_session_id_context.3
+++ b/src/lib/libssl/man/SSL_CTX_set_session_id_context.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_session_id_context.3,v 1.6 2019/06/08 15:25:43 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_session_id_context.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 8 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_SESSION_ID_CONTEXT 3 52.Dt SSL_CTX_SET_SESSION_ID_CONTEXT 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -56,6 +56,7 @@
56.Nm SSL_set_session_id_context 56.Nm SSL_set_session_id_context
57.Nd set context within which session can be reused (server side only) 57.Nd set context within which session can be reused (server side only)
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft int 61.Ft int
61.Fo SSL_CTX_set_session_id_context 62.Fo SSL_CTX_set_session_id_context
diff --git a/src/lib/libssl/man/SSL_CTX_set_ssl_version.3 b/src/lib/libssl/man/SSL_CTX_set_ssl_version.3
index b1bdb92bb0..fe9febe431 100644
--- a/src/lib/libssl/man/SSL_CTX_set_ssl_version.3
+++ b/src/lib/libssl/man/SSL_CTX_set_ssl_version.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_ssl_version.3,v 1.5 2021/05/11 19:48:56 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_ssl_version.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: May 11 2021 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_SSL_VERSION 3 52.Dt SSL_CTX_SET_SSL_VERSION 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_get_ssl_method 58.Nm SSL_get_ssl_method
59.Nd choose a new TLS/SSL method 59.Nd choose a new TLS/SSL method
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft int 63.Ft int
63.Fn SSL_CTX_set_ssl_version "SSL_CTX *ctx" "const SSL_METHOD *method" 64.Fn SSL_CTX_set_ssl_version "SSL_CTX *ctx" "const SSL_METHOD *method"
diff --git a/src/lib/libssl/man/SSL_CTX_set_timeout.3 b/src/lib/libssl/man/SSL_CTX_set_timeout.3
index ab99e2016e..da2f811528 100644
--- a/src/lib/libssl/man/SSL_CTX_set_timeout.3
+++ b/src/lib/libssl/man/SSL_CTX_set_timeout.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_timeout.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_timeout.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_TIMEOUT 3 52.Dt SSL_CTX_SET_TIMEOUT 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -56,6 +56,7 @@
56.Nm SSL_CTX_get_timeout 56.Nm SSL_CTX_get_timeout
57.Nd manipulate timeout values for session caching 57.Nd manipulate timeout values for session caching
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft long 61.Ft long
61.Fn SSL_CTX_set_timeout "SSL_CTX *ctx" "long t" 62.Fn SSL_CTX_set_timeout "SSL_CTX *ctx" "long t"
diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
index 2b54406de8..b6cece259c 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_tlsext_servername_callback.3,v 1.6 2021/09/01 13:56:03 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_tlsext_servername_callback.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 190b9a03 Jun 28 15:46:13 2017 +0800 2.\" full merge up to: OpenSSL 190b9a03 Jun 28 15:46:13 2017 +0800
3.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200 3.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200
4.\" 4.\"
@@ -51,7 +51,7 @@
51.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52.\" OF THE POSSIBILITY OF SUCH DAMAGE. 52.\" OF THE POSSIBILITY OF SUCH DAMAGE.
53.\" 53.\"
54.Dd $Mdocdate: September 1 2021 $ 54.Dd $Mdocdate: June 8 2025 $
55.Dt SSL_CTX_SET_TLSEXT_SERVERNAME_CALLBACK 3 55.Dt SSL_CTX_SET_TLSEXT_SERVERNAME_CALLBACK 3
56.Os 56.Os
57.Sh NAME 57.Sh NAME
@@ -62,6 +62,7 @@
62.Nm SSL_set_tlsext_host_name 62.Nm SSL_set_tlsext_host_name
63.Nd handle server name indication (SNI) 63.Nd handle server name indication (SNI)
64.Sh SYNOPSIS 64.Sh SYNOPSIS
65.Lb libssl libcrypto
65.In openssl/ssl.h 66.In openssl/ssl.h
66.Ft long 67.Ft long
67.Fo SSL_CTX_set_tlsext_servername_callback 68.Fo SSL_CTX_set_tlsext_servername_callback
@@ -84,7 +85,7 @@
84.Fc 85.Fc
85.Ft int 86.Ft int
86.Fo SSL_set_tlsext_host_name 87.Fo SSL_set_tlsext_host_name
87.Fa "const SSL *ssl" 88.Fa "SSL *ssl"
88.Fa "const char *name" 89.Fa "const char *name"
89.Fc 90.Fc
90.Sh DESCRIPTION 91.Sh DESCRIPTION
diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
index d5979af1e8..c9763f9d2f 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_tlsext_status_cb.3,v 1.8 2021/09/11 18:58:41 schwarze Exp $ 1.\" $OpenBSD: SSL_CTX_set_tlsext_status_cb.3,v 1.9 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 43c34894 Nov 30 16:04:51 2015 +0000 2.\" full merge up to: OpenSSL 43c34894 Nov 30 16:04:51 2015 +0000
3.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 3.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
4.\" 4.\"
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: September 11 2021 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CTX_SET_TLSEXT_STATUS_CB 3 53.Dt SSL_CTX_SET_TLSEXT_STATUS_CB 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -63,6 +63,7 @@
63.Nm SSL_set_tlsext_status_ocsp_resp 63.Nm SSL_set_tlsext_status_ocsp_resp
64.Nd OCSP Certificate Status Request functions 64.Nd OCSP Certificate Status Request functions
65.Sh SYNOPSIS 65.Sh SYNOPSIS
66.Lb libssl libcrypto
66.In openssl/tls1.h 67.In openssl/tls1.h
67.Ft long 68.Ft long
68.Fo SSL_CTX_set_tlsext_status_cb 69.Fo SSL_CTX_set_tlsext_status_cb
diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
index b6ccabaeca..0427f7dcf5 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_tlsext_ticket_key_cb.3,v 1.8 2022/01/25 18:01:20 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_tlsext_ticket_key_cb.3,v 1.9 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Rich Salz <rsalz@akamai.com> 4.\" This file was written by Rich Salz <rsalz@akamai.com>
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: January 25 2022 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_TLSEXT_TICKET_KEY_CB 3 52.Dt SSL_CTX_SET_TLSEXT_TICKET_KEY_CB 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_CTX_set_tlsext_ticket_key_cb 55.Nm SSL_CTX_set_tlsext_ticket_key_cb
56.Nd set a callback for session ticket processing 56.Nd set a callback for session ticket processing
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/tls1.h 59.In openssl/tls1.h
59.Ft long 60.Ft long
60.Fo SSL_CTX_set_tlsext_ticket_key_cb 61.Fo SSL_CTX_set_tlsext_ticket_key_cb
diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3
index 04c4833c6a..4acd452ad5 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_use_srtp.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_tlsext_use_srtp.3,v 1.6 2021/06/11 19:41:39 jmc Exp $ 1.\" $OpenBSD: SSL_CTX_set_tlsext_use_srtp.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000 2.\" full merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000
3.\" 3.\"
4.\" This file was written by Matt Caswell <matt@openssl.org>. 4.\" This file was written by Matt Caswell <matt@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 11 2021 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_TLSEXT_USE_SRTP 3 52.Dt SSL_CTX_SET_TLSEXT_USE_SRTP 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_get_selected_srtp_profile 58.Nm SSL_get_selected_srtp_profile
59.Nd Configure and query SRTP support 59.Nd Configure and query SRTP support
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/srtp.h 62.In openssl/srtp.h
62.Ft int 63.Ft int
63.Fo SSL_CTX_set_tlsext_use_srtp 64.Fo SSL_CTX_set_tlsext_use_srtp
diff --git a/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 b/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
index c6f5253431..9fa830656a 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_tmp_dh_callback.3,v 1.11 2025/01/18 10:45:12 tb Exp $ 1.\" $OpenBSD: SSL_CTX_set_tmp_dh_callback.3,v 1.12 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: January 18 2025 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_TMP_DH_CALLBACK 3 52.Dt SSL_CTX_SET_TMP_DH_CALLBACK 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_set_tmp_dh 58.Nm SSL_set_tmp_dh
59.Nd handle DH keys for ephemeral key exchange 59.Nd handle DH keys for ephemeral key exchange
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft void 63.Ft void
63.Fo SSL_CTX_set_tmp_dh_callback 64.Fo SSL_CTX_set_tmp_dh_callback
diff --git a/src/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 b/src/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
index b4c3a3c647..7009ac6ab5 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_tmp_rsa_callback.3,v 1.9 2022/03/29 14:27:59 naddy Exp $ 1.\" $OpenBSD: SSL_CTX_set_tmp_rsa_callback.3,v 1.10 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 0b30fc90 Dec 19 15:23:05 2013 -0500 2.\" OpenSSL 0b30fc90 Dec 19 15:23:05 2013 -0500
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 29 2022 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_CTX_SET_TMP_RSA_CALLBACK 3 52.Dt SSL_CTX_SET_TMP_RSA_CALLBACK 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -60,6 +60,7 @@
60.Nm SSL_need_tmp_RSA 60.Nm SSL_need_tmp_RSA
61.Nd handle RSA keys for ephemeral key exchange 61.Nd handle RSA keys for ephemeral key exchange
62.Sh SYNOPSIS 62.Sh SYNOPSIS
63.Lb libssl libcrypto
63.In openssl/ssl.h 64.In openssl/ssl.h
64.Ft void 65.Ft void
65.Fo SSL_CTX_set_tmp_rsa_callback 66.Fo SSL_CTX_set_tmp_rsa_callback
diff --git a/src/lib/libssl/man/SSL_CTX_set_verify.3 b/src/lib/libssl/man/SSL_CTX_set_verify.3
index 1ed86407e9..656c85afd4 100644
--- a/src/lib/libssl/man/SSL_CTX_set_verify.3
+++ b/src/lib/libssl/man/SSL_CTX_set_verify.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_set_verify.3,v 1.9 2021/06/12 16:59:53 jmc Exp $ 1.\" $OpenBSD: SSL_CTX_set_verify.3,v 1.10 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 2.\" full merge up to: OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
3.\" selective merge up to: OpenSSL 1cb7eff4 Sep 10 13:56:40 2019 +0100 3.\" selective merge up to: OpenSSL 1cb7eff4 Sep 10 13:56:40 2019 +0100
4.\" 4.\"
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: June 12 2021 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_CTX_SET_VERIFY 3 54.Dt SSL_CTX_SET_VERIFY 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -60,6 +60,7 @@
60.Nm SSL_set_verify_depth 60.Nm SSL_set_verify_depth
61.Nd set peer certificate verification parameters 61.Nd set peer certificate verification parameters
62.Sh SYNOPSIS 62.Sh SYNOPSIS
63.Lb libssl libcrypto
63.In openssl/ssl.h 64.In openssl/ssl.h
64.Ft void 65.Ft void
65.Fo SSL_CTX_set_verify 66.Fo SSL_CTX_set_verify
diff --git a/src/lib/libssl/man/SSL_CTX_use_certificate.3 b/src/lib/libssl/man/SSL_CTX_use_certificate.3
index c88a6971b2..27ec834d16 100644
--- a/src/lib/libssl/man/SSL_CTX_use_certificate.3
+++ b/src/lib/libssl/man/SSL_CTX_use_certificate.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_CTX_use_certificate.3,v 1.17 2025/01/18 10:45:12 tb Exp $ 1.\" $OpenBSD: SSL_CTX_use_certificate.3,v 1.18 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 3aaa1bd0 Mar 28 16:35:25 2017 +1000 2.\" full merge up to: OpenSSL 3aaa1bd0 Mar 28 16:35:25 2017 +1000
3.\" selective merge up to: OpenSSL d1f7a1e6 Apr 26 14:05:40 2018 +0100 3.\" selective merge up to: OpenSSL d1f7a1e6 Apr 26 14:05:40 2018 +0100
4.\" 4.\"
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: January 18 2025 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_CTX_USE_CERTIFICATE 3 54.Dt SSL_CTX_USE_CERTIFICATE 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -79,6 +79,7 @@
79.Nm SSL_check_private_key 79.Nm SSL_check_private_key
80.Nd load certificate and key data 80.Nd load certificate and key data
81.Sh SYNOPSIS 81.Sh SYNOPSIS
82.Lb libssl libcrypto
82.In openssl/ssl.h 83.In openssl/ssl.h
83.Ft int 84.Ft int
84.Fn SSL_CTX_use_certificate "SSL_CTX *ctx" "X509 *x" 85.Fn SSL_CTX_use_certificate "SSL_CTX *ctx" "X509 *x"
diff --git a/src/lib/libssl/man/SSL_SESSION_free.3 b/src/lib/libssl/man/SSL_SESSION_free.3
index 3f785e95e5..af02a273a0 100644
--- a/src/lib/libssl/man/SSL_SESSION_free.3
+++ b/src/lib/libssl/man/SSL_SESSION_free.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_free.3,v 1.7 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_free.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL b31db505 Mar 24 16:01:50 2017 +0000 2.\" full merge up to: OpenSSL b31db505 Mar 24 16:01:50 2017 +0000
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org> 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: June 12 2019 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_SESSION_FREE 3 54.Dt SSL_SESSION_FREE 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_SESSION_free 58.Nm SSL_SESSION_free
59.Nd SSL_SESSION reference counting 59.Nd SSL_SESSION reference counting
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft int 63.Ft int
63.Fn SSL_SESSION_up_ref "SSL_SESSION *session" 64.Fn SSL_SESSION_up_ref "SSL_SESSION *session"
diff --git a/src/lib/libssl/man/SSL_SESSION_get0_cipher.3 b/src/lib/libssl/man/SSL_SESSION_get0_cipher.3
index 239a426dbd..4e5b0bb057 100644
--- a/src/lib/libssl/man/SSL_SESSION_get0_cipher.3
+++ b/src/lib/libssl/man/SSL_SESSION_get0_cipher.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_get0_cipher.3,v 1.1 2021/05/12 14:16:25 tb Exp $ 1.\" $OpenBSD: SSL_SESSION_get0_cipher.3,v 1.2 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL d42e7759f Mar 30 19:40:04 2017 +0200 2.\" full merge up to: OpenSSL d42e7759f Mar 30 19:40:04 2017 +0200
3.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 3.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
4.\" 4.\"
@@ -49,13 +49,14 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: May 12 2021 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_SESSION_GET0_CIPHER 3 53.Dt SSL_SESSION_GET0_CIPHER 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
56.Nm SSL_SESSION_get0_cipher 56.Nm SSL_SESSION_get0_cipher
57.Nd retrieve the SSL cipher associated with a session 57.Nd retrieve the SSL cipher associated with a session
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft const SSL_CIPHER * 61.Ft const SSL_CIPHER *
61.Fo SSL_SESSION_get0_cipher 62.Fo SSL_SESSION_get0_cipher
diff --git a/src/lib/libssl/man/SSL_SESSION_get0_peer.3 b/src/lib/libssl/man/SSL_SESSION_get0_peer.3
index 6b1ef6680e..98ae1bab9d 100644
--- a/src/lib/libssl/man/SSL_SESSION_get0_peer.3
+++ b/src/lib/libssl/man/SSL_SESSION_get0_peer.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_get0_peer.3,v 1.2 2018/03/23 05:50:30 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_get0_peer.3,v 1.3 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_SESSION_get0_peer.pod b31db505 Mar 24 16:01:50 2017 +0000 2.\" OpenSSL SSL_SESSION_get0_peer.pod b31db505 Mar 24 16:01:50 2017 +0000
3.\" 3.\"
4.\" This file was written by Matt Caswell <matt@openssl.org> 4.\" This file was written by Matt Caswell <matt@openssl.org>
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 23 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SESSION_GET0_PEER 3 52.Dt SSL_SESSION_GET0_PEER 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_SESSION_get0_peer 55.Nm SSL_SESSION_get0_peer
56.Nd get details about peer's certificate for a session 56.Nd get details about peer's certificate for a session
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft X509 * 60.Ft X509 *
60.Fo SSL_SESSION_get0_peer 61.Fo SSL_SESSION_get0_peer
diff --git a/src/lib/libssl/man/SSL_SESSION_get_compress_id.3 b/src/lib/libssl/man/SSL_SESSION_get_compress_id.3
index aedc216a15..da0d48ff6c 100644
--- a/src/lib/libssl/man/SSL_SESSION_get_compress_id.3
+++ b/src/lib/libssl/man/SSL_SESSION_get_compress_id.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_get_compress_id.3,v 1.3 2018/03/23 05:50:30 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_get_compress_id.3,v 1.4 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_SESSION_get_compress_id.pod b31db505 Mar 24 16:01:50 2017 2.\" OpenSSL SSL_SESSION_get_compress_id.pod b31db505 Mar 24 16:01:50 2017
3.\" 3.\"
4.\" This file was written by Matt Caswell <matt@openssl.org> 4.\" This file was written by Matt Caswell <matt@openssl.org>
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 23 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SESSION_GET_COMPRESS_ID 3 52.Dt SSL_SESSION_GET_COMPRESS_ID 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_SESSION_get_compress_id 55.Nm SSL_SESSION_get_compress_id
56.Nd get details about the compression associated with a session 56.Nd get details about the compression associated with a session
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft unsigned int 60.Ft unsigned int
60.Fo SSL_SESSION_get_compress_id 61.Fo SSL_SESSION_get_compress_id
diff --git a/src/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 b/src/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
index 9fd6949b6a..55cde1c66b 100644
--- a/src/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
+++ b/src/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_get_ex_new_index.3,v 1.3 2018/03/21 08:06:34 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_get_ex_new_index.3,v 1.4 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 21 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SESSION_GET_EX_NEW_INDEX 3 52.Dt SSL_SESSION_GET_EX_NEW_INDEX 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_SESSION_get_ex_data 57.Nm SSL_SESSION_get_ex_data
58.Nd internal application specific data functions 58.Nd internal application specific data functions
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fo SSL_SESSION_get_ex_new_index 63.Fo SSL_SESSION_get_ex_new_index
diff --git a/src/lib/libssl/man/SSL_SESSION_get_id.3 b/src/lib/libssl/man/SSL_SESSION_get_id.3
index 6d0de1e52e..eb14d24111 100644
--- a/src/lib/libssl/man/SSL_SESSION_get_id.3
+++ b/src/lib/libssl/man/SSL_SESSION_get_id.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_get_id.3,v 1.6 2018/03/24 00:55:37 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_get_id.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: 2.\" full merge up to:
3.\" OpenSSL SSL_SESSION_set1_id 17b60280 Dec 21 09:08:25 2017 +0100 3.\" OpenSSL SSL_SESSION_set1_id 17b60280 Dec 21 09:08:25 2017 +0100
4.\" 4.\"
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: March 24 2018 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_SESSION_GET_ID 3 54.Dt SSL_SESSION_GET_ID 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_SESSION_set1_id 58.Nm SSL_SESSION_set1_id
59.Nd get and set the SSL session ID 59.Nd get and set the SSL session ID
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft const unsigned char * 63.Ft const unsigned char *
63.Fo SSL_SESSION_get_id 64.Fo SSL_SESSION_get_id
diff --git a/src/lib/libssl/man/SSL_SESSION_get_protocol_version.3 b/src/lib/libssl/man/SSL_SESSION_get_protocol_version.3
index f14c0490e9..dad9eab7ef 100644
--- a/src/lib/libssl/man/SSL_SESSION_get_protocol_version.3
+++ b/src/lib/libssl/man/SSL_SESSION_get_protocol_version.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_get_protocol_version.3,v 1.2 2018/03/24 00:55:37 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_get_protocol_version.3,v 1.3 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by TJ Saunders <tj@castaglia.org> 4.\" This file was written by TJ Saunders <tj@castaglia.org>
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 24 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SESSION_GET_PROTOCOL_VERSION 3 52.Dt SSL_SESSION_GET_PROTOCOL_VERSION 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_SESSION_get_protocol_version 55.Nm SSL_SESSION_get_protocol_version
56.Nd get the session protocol version 56.Nd get the session protocol version
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft int 60.Ft int
60.Fo SSL_SESSION_get_protocol_version 61.Fo SSL_SESSION_get_protocol_version
diff --git a/src/lib/libssl/man/SSL_SESSION_get_time.3 b/src/lib/libssl/man/SSL_SESSION_get_time.3
index aaadec5137..28aeedf72c 100644
--- a/src/lib/libssl/man/SSL_SESSION_get_time.3
+++ b/src/lib/libssl/man/SSL_SESSION_get_time.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_get_time.3,v 1.8 2019/06/08 15:25:43 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_get_time.3,v 1.9 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: June 8 2019 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_SESSION_GET_TIME 3 53.Dt SSL_SESSION_GET_TIME 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -63,6 +63,7 @@
63.Nm SSL_set_timeout 63.Nm SSL_set_timeout
64.Nd retrieve and manipulate session time and timeout settings 64.Nd retrieve and manipulate session time and timeout settings
65.Sh SYNOPSIS 65.Sh SYNOPSIS
66.Lb libssl libcrypto
66.In openssl/ssl.h 67.In openssl/ssl.h
67.Ft long 68.Ft long
68.Fn SSL_SESSION_get_time "const SSL_SESSION *s" 69.Fn SSL_SESSION_get_time "const SSL_SESSION *s"
diff --git a/src/lib/libssl/man/SSL_SESSION_has_ticket.3 b/src/lib/libssl/man/SSL_SESSION_has_ticket.3
index 322b49feef..07b894c4f8 100644
--- a/src/lib/libssl/man/SSL_SESSION_has_ticket.3
+++ b/src/lib/libssl/man/SSL_SESSION_has_ticket.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_has_ticket.3,v 1.2 2018/03/24 00:55:37 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_has_ticket.3,v 1.3 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL f2baac27 Feb 8 15:43:16 2015 +0000 2.\" full merge up to: OpenSSL f2baac27 Feb 8 15:43:16 2015 +0000
3.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 3.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
4.\" 4.\"
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: March 24 2018 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_SESSION_HAS_TICKET 3 53.Dt SSL_SESSION_HAS_TICKET 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_SESSION_get_ticket_lifetime_hint 57.Nm SSL_SESSION_get_ticket_lifetime_hint
58.Nd get details about the ticket associated with a session 58.Nd get details about the ticket associated with a session
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fo SSL_SESSION_has_ticket 63.Fo SSL_SESSION_has_ticket
diff --git a/src/lib/libssl/man/SSL_SESSION_is_resumable.3 b/src/lib/libssl/man/SSL_SESSION_is_resumable.3
index 48d7d17889..ddc037c1aa 100644
--- a/src/lib/libssl/man/SSL_SESSION_is_resumable.3
+++ b/src/lib/libssl/man/SSL_SESSION_is_resumable.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_is_resumable.3,v 1.1 2021/09/14 14:08:15 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_is_resumable.3,v 1.2 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 2.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
3.\" 3.\"
4.\" This file was written by Matt Caswell <matt@openssl.org>. 4.\" This file was written by Matt Caswell <matt@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: September 14 2021 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SESSION_IS_RESUMABLE 3 52.Dt SSL_SESSION_IS_RESUMABLE 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_SESSION_is_resumable 55.Nm SSL_SESSION_is_resumable
56.Nd determine whether an SSL_SESSION object can be used for resumption 56.Nd determine whether an SSL_SESSION object can be used for resumption
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft int 60.Ft int
60.Fo SSL_SESSION_is_resumable 61.Fo SSL_SESSION_is_resumable
diff --git a/src/lib/libssl/man/SSL_SESSION_new.3 b/src/lib/libssl/man/SSL_SESSION_new.3
index 2dcdb264c1..88d1995850 100644
--- a/src/lib/libssl/man/SSL_SESSION_new.3
+++ b/src/lib/libssl/man/SSL_SESSION_new.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_new.3,v 1.9 2021/09/14 14:08:15 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_new.3,v 1.10 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,13 +14,14 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: September 14 2021 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_SESSION_NEW 3 18.Dt SSL_SESSION_NEW 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
21.Nm SSL_SESSION_new 21.Nm SSL_SESSION_new
22.Nd construct a new SSL_SESSION object 22.Nd construct a new SSL_SESSION object
23.Sh SYNOPSIS 23.Sh SYNOPSIS
24.Lb libssl libcrypto
24.In openssl/ssl.h 25.In openssl/ssl.h
25.Ft SSL_SESSION * 26.Ft SSL_SESSION *
26.Fn SSL_SESSION_new void 27.Fn SSL_SESSION_new void
diff --git a/src/lib/libssl/man/SSL_SESSION_print.3 b/src/lib/libssl/man/SSL_SESSION_print.3
index e92debde0e..65742140d0 100644
--- a/src/lib/libssl/man/SSL_SESSION_print.3
+++ b/src/lib/libssl/man/SSL_SESSION_print.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_print.3,v 1.4 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_print.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,7 +14,7 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: June 12 2019 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_SESSION_PRINT 3 18.Dt SSL_SESSION_PRINT 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
@@ -22,6 +22,7 @@
22.Nm SSL_SESSION_print_fp 22.Nm SSL_SESSION_print_fp
23.Nd print some properties of an SSL_SESSION object 23.Nd print some properties of an SSL_SESSION object
24.Sh SYNOPSIS 24.Sh SYNOPSIS
25.Lb libssl libcrypto
25.In openssl/ssl.h 26.In openssl/ssl.h
26.Ft int 27.Ft int
27.Fo SSL_SESSION_print 28.Fo SSL_SESSION_print
diff --git a/src/lib/libssl/man/SSL_SESSION_set1_id_context.3 b/src/lib/libssl/man/SSL_SESSION_set1_id_context.3
index dd7595baca..24f1de4fda 100644
--- a/src/lib/libssl/man/SSL_SESSION_set1_id_context.3
+++ b/src/lib/libssl/man/SSL_SESSION_set1_id_context.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_SESSION_set1_id_context.3,v 1.4 2018/03/24 00:55:37 schwarze Exp $ 1.\" $OpenBSD: SSL_SESSION_set1_id_context.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: 2.\" full merge up to:
3.\" OpenSSL SSL_SESSION_get0_id_context b31db505 Mar 24 16:01:50 2017 3.\" OpenSSL SSL_SESSION_get0_id_context b31db505 Mar 24 16:01:50 2017
4.\" 4.\"
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: March 24 2018 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_SESSION_SET1_ID_CONTEXT 3 53.Dt SSL_SESSION_SET1_ID_CONTEXT 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_SESSION_set1_id_context 57.Nm SSL_SESSION_set1_id_context
58.Nd get and set the SSL ID context associated with a session 58.Nd get and set the SSL ID context associated with a session
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft const unsigned char * 62.Ft const unsigned char *
62.Fo SSL_SESSION_get0_id_context 63.Fo SSL_SESSION_get0_id_context
diff --git a/src/lib/libssl/man/SSL_accept.3 b/src/lib/libssl/man/SSL_accept.3
index fb1d89eb57..ecb757aaa5 100644
--- a/src/lib/libssl/man/SSL_accept.3
+++ b/src/lib/libssl/man/SSL_accept.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_accept.3,v 1.6 2019/06/08 15:25:43 schwarze Exp $ 1.\" $OpenBSD: SSL_accept.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,13 +49,14 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: June 8 2019 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_ACCEPT 3 53.Dt SSL_ACCEPT 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
56.Nm SSL_accept 56.Nm SSL_accept
57.Nd wait for a TLS/SSL client to initiate a TLS/SSL handshake 57.Nd wait for a TLS/SSL client to initiate a TLS/SSL handshake
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft int 61.Ft int
61.Fn SSL_accept "SSL *ssl" 62.Fn SSL_accept "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_alert_type_string.3 b/src/lib/libssl/man/SSL_alert_type_string.3
index 354865e546..0f051cc0a6 100644
--- a/src/lib/libssl/man/SSL_alert_type_string.3
+++ b/src/lib/libssl/man/SSL_alert_type_string.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_alert_type_string.3,v 1.7 2024/10/13 08:25:09 jsg Exp $ 1.\" $OpenBSD: SSL_alert_type_string.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: October 13 2024 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_ALERT_TYPE_STRING 3 52.Dt SSL_ALERT_TYPE_STRING 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_alert_desc_string_long 58.Nm SSL_alert_desc_string_long
59.Nd get textual description of alert information 59.Nd get textual description of alert information
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft const char * 63.Ft const char *
63.Fn SSL_alert_type_string "int value" 64.Fn SSL_alert_type_string "int value"
diff --git a/src/lib/libssl/man/SSL_clear.3 b/src/lib/libssl/man/SSL_clear.3
index 809c3b20f4..5e4da1257f 100644
--- a/src/lib/libssl/man/SSL_clear.3
+++ b/src/lib/libssl/man/SSL_clear.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_clear.3,v 1.5 2021/06/11 19:41:39 jmc Exp $ 1.\" $OpenBSD: SSL_clear.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,13 +49,14 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: June 11 2021 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CLEAR 3 53.Dt SSL_CLEAR 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
56.Nm SSL_clear 56.Nm SSL_clear
57.Nd reset SSL object to allow another connection 57.Nd reset SSL object to allow another connection
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft int 61.Ft int
61.Fn SSL_clear "SSL *ssl" 62.Fn SSL_clear "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_connect.3 b/src/lib/libssl/man/SSL_connect.3
index d5b962a480..a0cd8f8443 100644
--- a/src/lib/libssl/man/SSL_connect.3
+++ b/src/lib/libssl/man/SSL_connect.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_connect.3,v 1.6 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_connect.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,13 +49,14 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: March 27 2018 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_CONNECT 3 53.Dt SSL_CONNECT 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
56.Nm SSL_connect 56.Nm SSL_connect
57.Nd initiate the TLS/SSL handshake with a TLS/SSL server 57.Nd initiate the TLS/SSL handshake with a TLS/SSL server
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft int 61.Ft int
61.Fn SSL_connect "SSL *ssl" 62.Fn SSL_connect "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_copy_session_id.3 b/src/lib/libssl/man/SSL_copy_session_id.3
index a7a7a8aa99..75a52e8879 100644
--- a/src/lib/libssl/man/SSL_copy_session_id.3
+++ b/src/lib/libssl/man/SSL_copy_session_id.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_copy_session_id.3,v 1.7 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_copy_session_id.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,13 +14,14 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: June 12 2019 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_COPY_SESSION_ID 3 18.Dt SSL_COPY_SESSION_ID 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
21.Nm SSL_copy_session_id 21.Nm SSL_copy_session_id
22.Nd copy session details between SSL objects 22.Nd copy session details between SSL objects
23.Sh SYNOPSIS 23.Sh SYNOPSIS
24.Lb libssl libcrypto
24.In openssl/ssl.h 25.In openssl/ssl.h
25.Ft int 26.Ft int
26.Fo SSL_copy_session_id 27.Fo SSL_copy_session_id
diff --git a/src/lib/libssl/man/SSL_do_handshake.3 b/src/lib/libssl/man/SSL_do_handshake.3
index e9327b4229..78b41db2f4 100644
--- a/src/lib/libssl/man/SSL_do_handshake.3
+++ b/src/lib/libssl/man/SSL_do_handshake.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_do_handshake.3,v 1.6 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_do_handshake.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Martin Sjoegren <martin@strakt.com>. 4.\" This file was written by Martin Sjoegren <martin@strakt.com>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_DO_HANDSHAKE 3 52.Dt SSL_DO_HANDSHAKE 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_do_handshake 55.Nm SSL_do_handshake
56.Nd perform a TLS/SSL handshake 56.Nd perform a TLS/SSL handshake
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft int 60.Ft int
60.Fn SSL_do_handshake "SSL *ssl" 61.Fn SSL_do_handshake "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_dup.3 b/src/lib/libssl/man/SSL_dup.3
index a83440b431..f7d999fb62 100644
--- a/src/lib/libssl/man/SSL_dup.3
+++ b/src/lib/libssl/man/SSL_dup.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_dup.3,v 1.5 2022/07/13 22:05:53 schwarze Exp $ 1.\" $OpenBSD: SSL_dup.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,13 +14,14 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: July 13 2022 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_DUP 3 18.Dt SSL_DUP 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
21.Nm SSL_dup 21.Nm SSL_dup
22.Nd deep copy of an SSL object 22.Nd deep copy of an SSL object
23.Sh SYNOPSIS 23.Sh SYNOPSIS
24.Lb libssl libcrypto
24.In openssl/ssl.h 25.In openssl/ssl.h
25.Ft SSL * 26.Ft SSL *
26.Fo SSL_dup 27.Fo SSL_dup
diff --git a/src/lib/libssl/man/SSL_dup_CA_list.3 b/src/lib/libssl/man/SSL_dup_CA_list.3
index d073b07176..553c03bd8c 100644
--- a/src/lib/libssl/man/SSL_dup_CA_list.3
+++ b/src/lib/libssl/man/SSL_dup_CA_list.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_dup_CA_list.3,v 1.6 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_dup_CA_list.3,v 1.7 2025/06/08 22:47:20 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,7 +14,7 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: June 12 2019 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_DUP_CA_LIST 3 18.Dt SSL_DUP_CA_LIST 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
@@ -22,6 +22,8 @@
22.Nd deep copy of a stack of X.509 Name objects 22.Nd deep copy of a stack of X.509 Name objects
23.\" The capital "N" in "Name" is intentional (X.509 syntax). 23.\" The capital "N" in "Name" is intentional (X.509 syntax).
24.Sh SYNOPSIS 24.Sh SYNOPSIS
25.Lb libssl libcrypto
26.In openssl/ssl.h
25.Ft STACK_OF(X509_NAME) * 27.Ft STACK_OF(X509_NAME) *
26.Fo SSL_dup_CA_list 28.Fo SSL_dup_CA_list
27.Fa "const STACK_OF(X509_NAME) *sk" 29.Fa "const STACK_OF(X509_NAME) *sk"
diff --git a/src/lib/libssl/man/SSL_export_keying_material.3 b/src/lib/libssl/man/SSL_export_keying_material.3
index e32a5c5d61..d3daa3a5a3 100644
--- a/src/lib/libssl/man/SSL_export_keying_material.3
+++ b/src/lib/libssl/man/SSL_export_keying_material.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_export_keying_material.3,v 1.3 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_export_keying_material.3,v 1.4 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL a599574b Jun 28 17:18:27 2017 +0100 2.\" OpenSSL a599574b Jun 28 17:18:27 2017 +0100
3.\" OpenSSL 23cec1f4 Jun 21 13:55:02 2017 +0100 3.\" OpenSSL 23cec1f4 Jun 21 13:55:02 2017 +0100
4.\" 4.\"
@@ -49,13 +49,14 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: June 12 2019 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_EXPORT_KEYING_MATERIAL 3 53.Dt SSL_EXPORT_KEYING_MATERIAL 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
56.Nm SSL_export_keying_material 56.Nm SSL_export_keying_material
57.Nd obtain keying material for application use 57.Nd obtain keying material for application use
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft int 61.Ft int
61.Fo SSL_export_keying_material 62.Fo SSL_export_keying_material
diff --git a/src/lib/libssl/man/SSL_free.3 b/src/lib/libssl/man/SSL_free.3
index c713ded121..b630bc8a2e 100644
--- a/src/lib/libssl/man/SSL_free.3
+++ b/src/lib/libssl/man/SSL_free.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_free.3,v 1.6 2021/06/11 19:41:39 jmc Exp $ 1.\" $OpenBSD: SSL_free.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 11 2021 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_FREE 3 52.Dt SSL_FREE 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_free 55.Nm SSL_free
56.Nd free an allocated SSL structure 56.Nd free an allocated SSL structure
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft void 60.Ft void
60.Fn SSL_free "SSL *ssl" 61.Fn SSL_free "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_SSL_CTX.3 b/src/lib/libssl/man/SSL_get_SSL_CTX.3
index 60fda555bc..eaf1b6ff11 100644
--- a/src/lib/libssl/man/SSL_get_SSL_CTX.3
+++ b/src/lib/libssl/man/SSL_get_SSL_CTX.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_SSL_CTX.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_get_SSL_CTX.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_SSL_CTX 3 52.Dt SSL_GET_SSL_CTX 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_get_SSL_CTX 55.Nm SSL_get_SSL_CTX
56.Nd get the SSL_CTX from which an SSL is created 56.Nd get the SSL_CTX from which an SSL is created
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft SSL_CTX * 60.Ft SSL_CTX *
60.Fn SSL_get_SSL_CTX "const SSL *ssl" 61.Fn SSL_get_SSL_CTX "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_certificate.3 b/src/lib/libssl/man/SSL_get_certificate.3
index eb53ea49bf..72ae7ec541 100644
--- a/src/lib/libssl/man/SSL_get_certificate.3
+++ b/src/lib/libssl/man/SSL_get_certificate.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_certificate.3,v 1.5 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_get_certificate.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,7 +14,7 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: June 12 2019 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_GET_CERTIFICATE 3 18.Dt SSL_GET_CERTIFICATE 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
@@ -22,6 +22,7 @@
22.Nm SSL_get_privatekey 22.Nm SSL_get_privatekey
23.Nd get SSL certificate and private key 23.Nd get SSL certificate and private key
24.Sh SYNOPSIS 24.Sh SYNOPSIS
25.Lb libssl libcrypto
25.In openssl/ssl.h 26.In openssl/ssl.h
26.Ft X509 * 27.Ft X509 *
27.Fo SSL_get_certificate 28.Fo SSL_get_certificate
diff --git a/src/lib/libssl/man/SSL_get_ciphers.3 b/src/lib/libssl/man/SSL_get_ciphers.3
index 8030f0bbb1..d723f7959e 100644
--- a/src/lib/libssl/man/SSL_get_ciphers.3
+++ b/src/lib/libssl/man/SSL_get_ciphers.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_ciphers.3,v 1.11 2020/09/16 07:25:15 schwarze Exp $ 1.\" $OpenBSD: SSL_get_ciphers.3,v 1.12 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" selective merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100 3.\" selective merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100
4.\" 4.\"
@@ -69,7 +69,7 @@
69.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 69.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
70.\" OF THE POSSIBILITY OF SUCH DAMAGE. 70.\" OF THE POSSIBILITY OF SUCH DAMAGE.
71.\" 71.\"
72.Dd $Mdocdate: September 16 2020 $ 72.Dd $Mdocdate: June 8 2025 $
73.Dt SSL_GET_CIPHERS 3 73.Dt SSL_GET_CIPHERS 3
74.Os 74.Os
75.Sh NAME 75.Sh NAME
@@ -80,6 +80,7 @@
80.Nm SSL_get_cipher_list 80.Nm SSL_get_cipher_list
81.Nd get lists of available SSL_CIPHERs 81.Nd get lists of available SSL_CIPHERs
82.Sh SYNOPSIS 82.Sh SYNOPSIS
83.Lb libssl libcrypto
83.In openssl/ssl.h 84.In openssl/ssl.h
84.Ft STACK_OF(SSL_CIPHER) * 85.Ft STACK_OF(SSL_CIPHER) *
85.Fn SSL_get_ciphers "const SSL *ssl" 86.Fn SSL_get_ciphers "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_client_CA_list.3 b/src/lib/libssl/man/SSL_get_client_CA_list.3
index e80e5cb6f5..8be7020489 100644
--- a/src/lib/libssl/man/SSL_get_client_CA_list.3
+++ b/src/lib/libssl/man/SSL_get_client_CA_list.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_client_CA_list.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_get_client_CA_list.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: March 27 2018 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_GET_CLIENT_CA_LIST 3 53.Dt SSL_GET_CLIENT_CA_LIST 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_CTX_get_client_CA_list 57.Nm SSL_CTX_get_client_CA_list
58.Nd get list of client CAs 58.Nd get list of client CAs
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft STACK_OF(X509_NAME) * 62.Ft STACK_OF(X509_NAME) *
62.Fn SSL_get_client_CA_list "const SSL *s" 63.Fn SSL_get_client_CA_list "const SSL *s"
diff --git a/src/lib/libssl/man/SSL_get_client_random.3 b/src/lib/libssl/man/SSL_get_client_random.3
index eda74db355..131972b688 100644
--- a/src/lib/libssl/man/SSL_get_client_random.3
+++ b/src/lib/libssl/man/SSL_get_client_random.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_client_random.3,v 1.2 2018/03/24 00:55:37 schwarze Exp $ 1.\" $OpenBSD: SSL_get_client_random.3,v 1.3 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 2.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
3.\" 3.\"
4.\" This file was written by Nick Mathewson <nickm@torproject.org> 4.\" This file was written by Nick Mathewson <nickm@torproject.org>
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 24 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_CLIENT_RANDOM 3 52.Dt SSL_GET_CLIENT_RANDOM 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_SESSION_get_master_key 57.Nm SSL_SESSION_get_master_key
58.Nd get internal TLS handshake random values and master key 58.Nd get internal TLS handshake random values and master key
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft size_t 62.Ft size_t
62.Fo SSL_get_client_random 63.Fo SSL_get_client_random
diff --git a/src/lib/libssl/man/SSL_get_current_cipher.3 b/src/lib/libssl/man/SSL_get_current_cipher.3
index 6b951d03ca..37f6409023 100644
--- a/src/lib/libssl/man/SSL_get_current_cipher.3
+++ b/src/lib/libssl/man/SSL_get_current_cipher.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_current_cipher.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_get_current_cipher.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,17 +48,18 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_CURRENT_CIPHER 3 52.Dt SSL_GET_CURRENT_CIPHER 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_get_current_cipher , 55.Nm SSL_get_current_cipher ,
56.Nm SSL_get_cipher , 56.Nm SSL_get_cipher ,
57.Nm SSL_get_cipher_name , 57.Nm SSL_get_cipher_name ,
58.Nm SSL_get_cipher_bits , 58.Nm SSL_get_cipher_bits ,
59.Nm SSL_get_cipher_version 59.Nm SSL_get_cipher_version
60.Nd get SSL_CIPHER of a connection 60.Nd get SSL_CIPHER of a connection
61.Sh SYNOPSIS 61.Sh SYNOPSIS
62.Lb libssl libcrypto
62.In openssl/ssl.h 63.In openssl/ssl.h
63.Ft const SSL_CIPHER * 64.Ft const SSL_CIPHER *
64.Fn SSL_get_current_cipher "const SSL *ssl" 65.Fn SSL_get_current_cipher "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_default_timeout.3 b/src/lib/libssl/man/SSL_get_default_timeout.3
index 47737d8ee0..ef119780a3 100644
--- a/src/lib/libssl/man/SSL_get_default_timeout.3
+++ b/src/lib/libssl/man/SSL_get_default_timeout.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_default_timeout.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_get_default_timeout.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_DEFAULT_TIMEOUT 3 52.Dt SSL_GET_DEFAULT_TIMEOUT 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_get_default_timeout 55.Nm SSL_get_default_timeout
56.Nd get default session timeout value 56.Nd get default session timeout value
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft long 60.Ft long
60.Fn SSL_get_default_timeout "const SSL *ssl" 61.Fn SSL_get_default_timeout "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_error.3 b/src/lib/libssl/man/SSL_get_error.3
index 5d325b3f56..ba64b779ac 100644
--- a/src/lib/libssl/man/SSL_get_error.3
+++ b/src/lib/libssl/man/SSL_get_error.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_error.3,v 1.5 2018/04/29 07:37:01 guenther Exp $ 1.\" $OpenBSD: SSL_get_error.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 2.\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400
3.\" 3.\"
4.\" This file was written by Bodo Moeller <bodo@openssl.org>. 4.\" This file was written by Bodo Moeller <bodo@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: April 29 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_ERROR 3 52.Dt SSL_GET_ERROR 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_get_error 55.Nm SSL_get_error
56.Nd obtain result code for TLS/SSL I/O operation 56.Nd obtain result code for TLS/SSL I/O operation
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft int 60.Ft int
60.Fn SSL_get_error "const SSL *ssl" "int ret" 61.Fn SSL_get_error "const SSL *ssl" "int ret"
diff --git a/src/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 b/src/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
index a249cda6ac..234034ac2d 100644
--- a/src/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
+++ b/src/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_ex_data_X509_STORE_CTX_idx.3,v 1.5 2022/02/06 00:29:02 jsg Exp $ 1.\" $OpenBSD: SSL_get_ex_data_X509_STORE_CTX_idx.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: February 6 2022 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_EX_DATA_X509_STORE_CTX_IDX 3 52.Dt SSL_GET_EX_DATA_X509_STORE_CTX_IDX 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_get_ex_data_X509_STORE_CTX_idx 55.Nm SSL_get_ex_data_X509_STORE_CTX_idx
56.Nd get ex_data index to access SSL structure from X509_STORE_CTX 56.Nd get ex_data index to access SSL structure from X509_STORE_CTX
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft int 60.Ft int
60.Fn SSL_get_ex_data_X509_STORE_CTX_idx void 61.Fn SSL_get_ex_data_X509_STORE_CTX_idx void
diff --git a/src/lib/libssl/man/SSL_get_ex_new_index.3 b/src/lib/libssl/man/SSL_get_ex_new_index.3
index cecd25fa44..811df94fc7 100644
--- a/src/lib/libssl/man/SSL_get_ex_new_index.3
+++ b/src/lib/libssl/man/SSL_get_ex_new_index.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_ex_new_index.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_get_ex_new_index.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_EX_NEW_INDEX 3 52.Dt SSL_GET_EX_NEW_INDEX 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_get_ex_data 57.Nm SSL_get_ex_data
58.Nd internal application specific data functions 58.Nd internal application specific data functions
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fo SSL_get_ex_new_index 63.Fo SSL_get_ex_new_index
diff --git a/src/lib/libssl/man/SSL_get_fd.3 b/src/lib/libssl/man/SSL_get_fd.3
index 1e093424cb..3a7948d35f 100644
--- a/src/lib/libssl/man/SSL_get_fd.3
+++ b/src/lib/libssl/man/SSL_get_fd.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_fd.3,v 1.6 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_get_fd.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_FD 3 52.Dt SSL_GET_FD 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_get_wfd 57.Nm SSL_get_wfd
58.Nd get file descriptor linked to an SSL object 58.Nd get file descriptor linked to an SSL object
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fn SSL_get_fd "const SSL *ssl" 63.Fn SSL_get_fd "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_finished.3 b/src/lib/libssl/man/SSL_get_finished.3
index 3cfb655ea0..e5c8a36cf6 100644
--- a/src/lib/libssl/man/SSL_get_finished.3
+++ b/src/lib/libssl/man/SSL_get_finished.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_finished.3,v 1.2 2021/01/30 10:48:15 tb Exp $ 1.\" $OpenBSD: SSL_get_finished.3,v 1.3 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2020 Theo Buehler <tb@openbsd.org> 3.\" Copyright (c) 2020 Theo Buehler <tb@openbsd.org>
4.\" 4.\"
@@ -14,7 +14,7 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: January 30 2021 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_GET_FINISHED 3 18.Dt SSL_GET_FINISHED 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
@@ -22,6 +22,7 @@
22.Nm SSL_get_peer_finished 22.Nm SSL_get_peer_finished
23.Nd get last sent or last expected finished message 23.Nd get last sent or last expected finished message
24.Sh SYNOPSIS 24.Sh SYNOPSIS
25.Lb libssl libcrypto
25.In openssl/ssl.h 26.In openssl/ssl.h
26.Ft size_t 27.Ft size_t
27.Fn SSL_get_finished "const SSL *ssl" "void *buf" "size_t count" 28.Fn SSL_get_finished "const SSL *ssl" "void *buf" "size_t count"
diff --git a/src/lib/libssl/man/SSL_get_peer_cert_chain.3 b/src/lib/libssl/man/SSL_get_peer_cert_chain.3
index eb2ae53dc4..c4f778aac6 100644
--- a/src/lib/libssl/man/SSL_get_peer_cert_chain.3
+++ b/src/lib/libssl/man/SSL_get_peer_cert_chain.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_peer_cert_chain.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_get_peer_cert_chain.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_get_peer_cert_chain.pod 1f164c6f Jan 18 01:40:36 2017 +0100 2.\" OpenSSL SSL_get_peer_cert_chain.pod 1f164c6f Jan 18 01:40:36 2017 +0100
3.\" OpenSSL SSL_get_peer_cert_chain.pod 9b86974e Aug 17 15:21:33 2015 -0400 3.\" OpenSSL SSL_get_peer_cert_chain.pod 9b86974e Aug 17 15:21:33 2015 -0400
4.\" 4.\"
@@ -50,13 +50,14 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: March 27 2018 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_GET_PEER_CERT_CHAIN 3 54.Dt SSL_GET_PEER_CERT_CHAIN 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
57.Nm SSL_get_peer_cert_chain 57.Nm SSL_get_peer_cert_chain
58.Nd get the X509 certificate chain sent by the peer 58.Nd get the X509 certificate chain sent by the peer
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft STACK_OF(X509) * 62.Ft STACK_OF(X509) *
62.Fn SSL_get_peer_cert_chain "const SSL *ssl" 63.Fn SSL_get_peer_cert_chain "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_peer_certificate.3 b/src/lib/libssl/man/SSL_get_peer_certificate.3
index 99f9330288..9ac35a607d 100644
--- a/src/lib/libssl/man/SSL_get_peer_certificate.3
+++ b/src/lib/libssl/man/SSL_get_peer_certificate.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_peer_certificate.3,v 1.6 2021/06/26 17:36:28 tb Exp $ 1.\" $OpenBSD: SSL_get_peer_certificate.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 26 2021 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_PEER_CERTIFICATE 3 52.Dt SSL_GET_PEER_CERTIFICATE 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_get_peer_certificate 55.Nm SSL_get_peer_certificate
56.Nd get the X509 certificate of the peer 56.Nd get the X509 certificate of the peer
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft X509 * 60.Ft X509 *
60.Fn SSL_get_peer_certificate "const SSL *ssl" 61.Fn SSL_get_peer_certificate "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_rbio.3 b/src/lib/libssl/man/SSL_get_rbio.3
index 38096fbecf..7179277f71 100644
--- a/src/lib/libssl/man/SSL_get_rbio.3
+++ b/src/lib/libssl/man/SSL_get_rbio.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_rbio.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_get_rbio.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_RBIO 3 52.Dt SSL_GET_RBIO 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -56,6 +56,7 @@
56.Nm SSL_get_wbio 56.Nm SSL_get_wbio
57.Nd get BIO linked to an SSL object 57.Nd get BIO linked to an SSL object
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft BIO * 61.Ft BIO *
61.Fn SSL_get_rbio "SSL *ssl" 62.Fn SSL_get_rbio "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_server_tmp_key.3 b/src/lib/libssl/man/SSL_get_server_tmp_key.3
index aeeb358240..c55036d526 100644
--- a/src/lib/libssl/man/SSL_get_server_tmp_key.3
+++ b/src/lib/libssl/man/SSL_get_server_tmp_key.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_server_tmp_key.3,v 1.4 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_get_server_tmp_key.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_get_server_tmp_key.pod 508fafd8 Apr 3 15:41:21 2017 +0100 2.\" OpenSSL SSL_get_server_tmp_key.pod 508fafd8 Apr 3 15:41:21 2017 +0100
3.\" 3.\"
4.\" This file was written by Matt Caswell <matt@openssl.org> 4.\" This file was written by Matt Caswell <matt@openssl.org>
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 12 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_SERVER_TMP_KEY 3 52.Dt SSL_GET_SERVER_TMP_KEY 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_get_server_tmp_key 55.Nm SSL_get_server_tmp_key
56.Nd temporary server key during a handshake 56.Nd temporary server key during a handshake
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft long 60.Ft long
60.Fo SSL_get_server_tmp_key 61.Fo SSL_get_server_tmp_key
diff --git a/src/lib/libssl/man/SSL_get_session.3 b/src/lib/libssl/man/SSL_get_session.3
index 2ab43fdd3e..597888a0bd 100644
--- a/src/lib/libssl/man/SSL_get_session.3
+++ b/src/lib/libssl/man/SSL_get_session.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_session.3,v 1.8 2022/03/31 17:27:18 naddy Exp $ 1.\" $OpenBSD: SSL_get_session.3,v 1.9 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: March 31 2022 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_GET_SESSION 3 53.Dt SSL_GET_SESSION 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -58,6 +58,7 @@
58.Nm SSL_get1_session 58.Nm SSL_get1_session
59.Nd retrieve TLS/SSL session data 59.Nd retrieve TLS/SSL session data
60.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
61.In openssl/ssl.h 62.In openssl/ssl.h
62.Ft SSL_SESSION * 63.Ft SSL_SESSION *
63.Fn SSL_get_session "const SSL *ssl" 64.Fn SSL_get_session "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_shared_ciphers.3 b/src/lib/libssl/man/SSL_get_shared_ciphers.3
index 207e8c42eb..9011780527 100644
--- a/src/lib/libssl/man/SSL_get_shared_ciphers.3
+++ b/src/lib/libssl/man/SSL_get_shared_ciphers.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_shared_ciphers.3,v 1.5 2021/01/09 10:50:02 tb Exp $ 1.\" $OpenBSD: SSL_get_shared_ciphers.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,13 +14,14 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: January 9 2021 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_GET_SHARED_CIPHERS 3 18.Dt SSL_GET_SHARED_CIPHERS 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
21.Nm SSL_get_shared_ciphers 21.Nm SSL_get_shared_ciphers
22.Nd ciphers supported by both client and server 22.Nd ciphers supported by both client and server
23.Sh SYNOPSIS 23.Sh SYNOPSIS
24.Lb libssl libcrypto
24.In openssl/ssl.h 25.In openssl/ssl.h
25.Ft char * 26.Ft char *
26.Fo SSL_get_shared_ciphers 27.Fo SSL_get_shared_ciphers
diff --git a/src/lib/libssl/man/SSL_get_state.3 b/src/lib/libssl/man/SSL_get_state.3
index 297bbce876..0e1a20e6f7 100644
--- a/src/lib/libssl/man/SSL_get_state.3
+++ b/src/lib/libssl/man/SSL_get_state.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_state.3,v 1.5 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_get_state.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,7 +14,7 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: June 12 2019 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_GET_STATE 3 18.Dt SSL_GET_STATE 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
@@ -27,6 +27,7 @@
27.Nm SSL_is_init_finished 27.Nm SSL_is_init_finished
28.Nd inspect the state of the SSL state machine 28.Nd inspect the state of the SSL state machine
29.Sh SYNOPSIS 29.Sh SYNOPSIS
30.Lb libssl libcrypto
30.In openssl/ssl.h 31.In openssl/ssl.h
31.Ft int 32.Ft int
32.Fo SSL_get_state 33.Fo SSL_get_state
diff --git a/src/lib/libssl/man/SSL_get_verify_result.3 b/src/lib/libssl/man/SSL_get_verify_result.3
index 180cf1bb73..32a397f4a2 100644
--- a/src/lib/libssl/man/SSL_get_verify_result.3
+++ b/src/lib/libssl/man/SSL_get_verify_result.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_verify_result.3,v 1.6 2021/06/26 17:36:28 tb Exp $ 1.\" $OpenBSD: SSL_get_verify_result.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 26 2021 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_GET_VERIFY_RESULT 3 52.Dt SSL_GET_VERIFY_RESULT 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_get_verify_result 55.Nm SSL_get_verify_result
56.Nd get result of peer certificate verification 56.Nd get result of peer certificate verification
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft long 60.Ft long
60.Fn SSL_get_verify_result "const SSL *ssl" 61.Fn SSL_get_verify_result "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_get_version.3 b/src/lib/libssl/man/SSL_get_version.3
index a6cefb055b..d32dd34e0e 100644
--- a/src/lib/libssl/man/SSL_get_version.3
+++ b/src/lib/libssl/man/SSL_get_version.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_get_version.3,v 1.9 2021/04/15 16:13:22 tb Exp $ 1.\" $OpenBSD: SSL_get_version.3,v 1.10 2025/06/08 22:49:42 schwarze Exp $
2.\" full merge up to: OpenSSL e417070c Jun 8 11:37:06 2016 -0400 2.\" full merge up to: OpenSSL e417070c Jun 8 11:37:06 2016 -0400
3.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 3.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
4.\" 4.\"
@@ -49,21 +49,16 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: April 15 2021 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_GET_VERSION 3 53.Dt SSL_GET_VERSION 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
56.Nm SSL_get_version , 56.Nm SSL_get_version ,
57.Nm SSL_is_dtls , 57.Nm SSL_is_dtls ,
58.Nm SSL_version 58.Nm SSL_version
59.\" The following are intentionally undocumented because
60.\" - the longer term plan is to remove them
61.\" - nothing appears to be using them in the wild
62.\" - and they have the wrong namespace prefix
63.\" Nm TLS1_get_version
64.\" Nm TLS1_get_client_version
65.Nd get the protocol information of a connection 59.Nd get the protocol information of a connection
66.Sh SYNOPSIS 60.Sh SYNOPSIS
61.Lb libssl libcrypto
67.In openssl/ssl.h 62.In openssl/ssl.h
68.Ft const char * 63.Ft const char *
69.Fn SSL_get_version "const SSL *ssl" 64.Fn SSL_get_version "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_library_init.3 b/src/lib/libssl/man/SSL_library_init.3
index 053c1e6fcb..d25a248617 100644
--- a/src/lib/libssl/man/SSL_library_init.3
+++ b/src/lib/libssl/man/SSL_library_init.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_library_init.3,v 1.7 2019/06/14 13:41:31 schwarze Exp $ 1.\" $OpenBSD: SSL_library_init.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 14 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_LIBRARY_INIT 3 52.Dt SSL_LIBRARY_INIT 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSLeay_add_ssl_algorithms 57.Nm SSLeay_add_ssl_algorithms
58.Nd initialize SSL library by registering algorithms 58.Nd initialize SSL library by registering algorithms
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fn SSL_library_init void 63.Fn SSL_library_init void
diff --git a/src/lib/libssl/man/SSL_load_client_CA_file.3 b/src/lib/libssl/man/SSL_load_client_CA_file.3
index f782d96dce..e57900c941 100644
--- a/src/lib/libssl/man/SSL_load_client_CA_file.3
+++ b/src/lib/libssl/man/SSL_load_client_CA_file.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_load_client_CA_file.3,v 1.9 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_load_client_CA_file.3,v 1.10 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file is a derived work. 4.\" This file is a derived work.
@@ -65,7 +65,7 @@
65.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 65.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
66.\" OF THE POSSIBILITY OF SUCH DAMAGE. 66.\" OF THE POSSIBILITY OF SUCH DAMAGE.
67.\" 67.\"
68.Dd $Mdocdate: June 12 2019 $ 68.Dd $Mdocdate: June 8 2025 $
69.Dt SSL_LOAD_CLIENT_CA_FILE 3 69.Dt SSL_LOAD_CLIENT_CA_FILE 3
70.Os 70.Os
71.Sh NAME 71.Sh NAME
@@ -74,6 +74,7 @@
74.Nm SSL_add_dir_cert_subjects_to_stack 74.Nm SSL_add_dir_cert_subjects_to_stack
75.Nd load certificate names from files 75.Nd load certificate names from files
76.Sh SYNOPSIS 76.Sh SYNOPSIS
77.Lb libssl libcrypto
77.In openssl/ssl.h 78.In openssl/ssl.h
78.Ft STACK_OF(X509_NAME) * 79.Ft STACK_OF(X509_NAME) *
79.Fn SSL_load_client_CA_file "const char *file" 80.Fn SSL_load_client_CA_file "const char *file"
diff --git a/src/lib/libssl/man/SSL_new.3 b/src/lib/libssl/man/SSL_new.3
index 22c5dbf2db..3906a346d7 100644
--- a/src/lib/libssl/man/SSL_new.3
+++ b/src/lib/libssl/man/SSL_new.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_new.3,v 1.7 2022/07/13 22:05:53 schwarze Exp $ 1.\" $OpenBSD: SSL_new.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 1c7ae3dd Mar 29 19:17:55 2017 +1000 2.\" full merge up to: OpenSSL 1c7ae3dd Mar 29 19:17:55 2017 +1000
3.\" 3.\"
4.\" This file was written by Richard Levitte <levitte@openssl.org> 4.\" This file was written by Richard Levitte <levitte@openssl.org>
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: July 13 2022 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_NEW 3 53.Dt SSL_NEW 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_up_ref 57.Nm SSL_up_ref
58.Nd create a new SSL structure for a connection 58.Nd create a new SSL structure for a connection
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft SSL * 62.Ft SSL *
62.Fn SSL_new "SSL_CTX *ctx" 63.Fn SSL_new "SSL_CTX *ctx"
diff --git a/src/lib/libssl/man/SSL_num_renegotiations.3 b/src/lib/libssl/man/SSL_num_renegotiations.3
index 6a81b76a60..d366f97c4a 100644
--- a/src/lib/libssl/man/SSL_num_renegotiations.3
+++ b/src/lib/libssl/man/SSL_num_renegotiations.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_num_renegotiations.3,v 1.5 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_num_renegotiations.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,7 +14,7 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: June 12 2019 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_NUM_RENEGOTIATIONS 3 18.Dt SSL_NUM_RENEGOTIATIONS 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
@@ -23,6 +23,7 @@
23.Nm SSL_total_renegotiations 23.Nm SSL_total_renegotiations
24.Nd renegotiation counters 24.Nd renegotiation counters
25.Sh SYNOPSIS 25.Sh SYNOPSIS
26.Lb libssl libcrypto
26.In openssl/ssl.h 27.In openssl/ssl.h
27.Ft long 28.Ft long
28.Fo SSL_num_renegotiations 29.Fo SSL_num_renegotiations
diff --git a/src/lib/libssl/man/SSL_pending.3 b/src/lib/libssl/man/SSL_pending.3
index bbc2e9bdd2..c304302ed8 100644
--- a/src/lib/libssl/man/SSL_pending.3
+++ b/src/lib/libssl/man/SSL_pending.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_pending.3,v 1.5 2020/01/23 03:40:18 beck Exp $ 1.\" $OpenBSD: SSL_pending.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 2.\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>, 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>,
@@ -50,13 +50,14 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: January 23 2020 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_PENDING 3 54.Dt SSL_PENDING 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
57.Nm SSL_pending 57.Nm SSL_pending
58.Nd obtain number of readable bytes buffered in an SSL object 58.Nd obtain number of readable bytes buffered in an SSL object
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fn SSL_pending "const SSL *ssl" 63.Fn SSL_pending "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_read.3 b/src/lib/libssl/man/SSL_read.3
index bb72a8ed82..3d42fd8a90 100644
--- a/src/lib/libssl/man/SSL_read.3
+++ b/src/lib/libssl/man/SSL_read.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_read.3,v 1.8 2021/10/24 15:10:13 schwarze Exp $ 1.\" $OpenBSD: SSL_read.3,v 1.9 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL 5a2443ae Nov 14 11:37:36 2016 +0000 2.\" full merge up to: OpenSSL 5a2443ae Nov 14 11:37:36 2016 +0000
3.\" partial merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 3.\" partial merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
4.\" 4.\"
@@ -51,7 +51,7 @@
51.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52.\" OF THE POSSIBILITY OF SUCH DAMAGE. 52.\" OF THE POSSIBILITY OF SUCH DAMAGE.
53.\" 53.\"
54.Dd $Mdocdate: October 24 2021 $ 54.Dd $Mdocdate: June 8 2025 $
55.Dt SSL_READ 3 55.Dt SSL_READ 3
56.Os 56.Os
57.Sh NAME 57.Sh NAME
@@ -61,6 +61,7 @@
61.Nm SSL_peek 61.Nm SSL_peek
62.Nd read bytes from a TLS connection 62.Nd read bytes from a TLS connection
63.Sh SYNOPSIS 63.Sh SYNOPSIS
64.Lb libssl libcrypto
64.In openssl/ssl.h 65.In openssl/ssl.h
65.Ft int 66.Ft int
66.Fn SSL_read_ex "SSL *ssl" "void *buf" "size_t num" "size_t *readbytes" 67.Fn SSL_read_ex "SSL *ssl" "void *buf" "size_t num" "size_t *readbytes"
diff --git a/src/lib/libssl/man/SSL_read_early_data.3 b/src/lib/libssl/man/SSL_read_early_data.3
index 1435c15935..d36b1e49f7 100644
--- a/src/lib/libssl/man/SSL_read_early_data.3
+++ b/src/lib/libssl/man/SSL_read_early_data.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_read_early_data.3,v 1.4 2021/11/26 13:48:22 jsg Exp $ 1.\" $OpenBSD: SSL_read_early_data.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" content checked up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200 2.\" content checked up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200
3.\" 3.\"
4.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org> 4.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
@@ -15,7 +15,7 @@
15.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17.\" 17.\"
18.Dd $Mdocdate: November 26 2021 $ 18.Dd $Mdocdate: June 8 2025 $
19.Dt SSL_READ_EARLY_DATA 3 19.Dt SSL_READ_EARLY_DATA 3
20.Os 20.Os
21.Sh NAME 21.Sh NAME
@@ -30,6 +30,7 @@
30.Nm SSL_get_early_data_status 30.Nm SSL_get_early_data_status
31.Nd transmit application data during the handshake 31.Nd transmit application data during the handshake
32.Sh SYNOPSIS 32.Sh SYNOPSIS
33.Lb libssl libcrypto
33.In openssl/ssl.h 34.In openssl/ssl.h
34.Ft int 35.Ft int
35.Fo SSL_CTX_set_max_early_data 36.Fo SSL_CTX_set_max_early_data
diff --git a/src/lib/libssl/man/SSL_renegotiate.3 b/src/lib/libssl/man/SSL_renegotiate.3
index 8188d37323..badfe8c6cb 100644
--- a/src/lib/libssl/man/SSL_renegotiate.3
+++ b/src/lib/libssl/man/SSL_renegotiate.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_renegotiate.3,v 1.9 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_renegotiate.3,v 1.10 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL SSL_key_update.pod 4fbfe86a Feb 16 17:04:40 2017 +0000 2.\" OpenSSL SSL_key_update.pod 4fbfe86a Feb 16 17:04:40 2017 +0000
3.\" 3.\"
4.\" This file is a derived work. 4.\" This file is a derived work.
@@ -65,7 +65,7 @@
65.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 65.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
66.\" OF THE POSSIBILITY OF SUCH DAMAGE. 66.\" OF THE POSSIBILITY OF SUCH DAMAGE.
67.\" 67.\"
68.Dd $Mdocdate: June 12 2019 $ 68.Dd $Mdocdate: June 8 2025 $
69.Dt SSL_RENEGOTIATE 3 69.Dt SSL_RENEGOTIATE 3
70.Os 70.Os
71.Sh NAME 71.Sh NAME
@@ -74,6 +74,7 @@
74.Nm SSL_renegotiate_pending 74.Nm SSL_renegotiate_pending
75.Nd initiate a new TLS handshake 75.Nd initiate a new TLS handshake
76.Sh SYNOPSIS 76.Sh SYNOPSIS
77.Lb libssl libcrypto
77.In openssl/ssl.h 78.In openssl/ssl.h
78.Ft int 79.Ft int
79.Fo SSL_renegotiate 80.Fo SSL_renegotiate
diff --git a/src/lib/libssl/man/SSL_rstate_string.3 b/src/lib/libssl/man/SSL_rstate_string.3
index 99613ba3c0..624c1b08ab 100644
--- a/src/lib/libssl/man/SSL_rstate_string.3
+++ b/src/lib/libssl/man/SSL_rstate_string.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_rstate_string.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_rstate_string.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_RSTATE_STRING 3 52.Dt SSL_RSTATE_STRING 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -56,6 +56,7 @@
56.Nm SSL_rstate_string_long 56.Nm SSL_rstate_string_long
57.Nd get textual description of state of an SSL object during read operation 57.Nd get textual description of state of an SSL object during read operation
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft const char * 61.Ft const char *
61.Fn SSL_rstate_string "SSL *ssl" 62.Fn SSL_rstate_string "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_session_reused.3 b/src/lib/libssl/man/SSL_session_reused.3
index add61a904b..3340144660 100644
--- a/src/lib/libssl/man/SSL_session_reused.3
+++ b/src/lib/libssl/man/SSL_session_reused.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_session_reused.3,v 1.6 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_session_reused.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 12 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SESSION_REUSED 3 52.Dt SSL_SESSION_REUSED 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_session_reused 55.Nm SSL_session_reused
56.Nd query whether a reused session was negotiated during handshake 56.Nd query whether a reused session was negotiated during handshake
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft int 60.Ft int
60.Fn SSL_session_reused "SSL *ssl" 61.Fn SSL_session_reused "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_set1_host.3 b/src/lib/libssl/man/SSL_set1_host.3
index 2a3935c3f2..2c6cdbe5a1 100644
--- a/src/lib/libssl/man/SSL_set1_host.3
+++ b/src/lib/libssl/man/SSL_set1_host.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set1_host.3,v 1.4 2021/03/31 16:56:46 tb Exp $ 1.\" $OpenBSD: SSL_set1_host.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200 2.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200
3.\" 3.\"
4.\" This file was written by Viktor Dukhovni <viktor@openssl.org> 4.\" This file was written by Viktor Dukhovni <viktor@openssl.org>
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 31 2021 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SET1_HOST 3 52.Dt SSL_SET1_HOST 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_get0_peername 57.Nm SSL_get0_peername
58.Nd SSL server verification parameters 58.Nd SSL server verification parameters
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fo SSL_set1_host 63.Fo SSL_set1_host
diff --git a/src/lib/libssl/man/SSL_set1_param.3 b/src/lib/libssl/man/SSL_set1_param.3
index cd8ad40ad0..2d255a0991 100644
--- a/src/lib/libssl/man/SSL_set1_param.3
+++ b/src/lib/libssl/man/SSL_set1_param.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set1_param.3,v 1.6 2022/09/10 10:22:46 jsg Exp $ 1.\" $OpenBSD: SSL_set1_param.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: 2.\" full merge up to:
3.\" OpenSSL man3/SSL_CTX_get0_param 99d63d46 Oct 26 13:56:48 2016 -0400 3.\" OpenSSL man3/SSL_CTX_get0_param 99d63d46 Oct 26 13:56:48 2016 -0400
4.\" 4.\"
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: September 10 2022 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_SET1_PARAM 3 53.Dt SSL_SET1_PARAM 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -59,6 +59,7 @@
59.Nm SSL_set1_param 59.Nm SSL_set1_param
60.Nd get and set verification parameters 60.Nd get and set verification parameters
61.Sh SYNOPSIS 61.Sh SYNOPSIS
62.Lb libssl libcrypto
62.In openssl/ssl.h 63.In openssl/ssl.h
63.Ft X509_VERIFY_PARAM * 64.Ft X509_VERIFY_PARAM *
64.Fo SSL_CTX_get0_param 65.Fo SSL_CTX_get0_param
diff --git a/src/lib/libssl/man/SSL_set_SSL_CTX.3 b/src/lib/libssl/man/SSL_set_SSL_CTX.3
index 2abaefb292..3a909dabe6 100644
--- a/src/lib/libssl/man/SSL_set_SSL_CTX.3
+++ b/src/lib/libssl/man/SSL_set_SSL_CTX.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_SSL_CTX.3,v 1.4 2022/07/13 22:05:53 schwarze Exp $ 1.\" $OpenBSD: SSL_set_SSL_CTX.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,13 +14,14 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: July 13 2022 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_SET_SSL_CTX 3 18.Dt SSL_SET_SSL_CTX 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
21.Nm SSL_set_SSL_CTX 21.Nm SSL_set_SSL_CTX
22.Nd modify an SSL connection object to use another context 22.Nd modify an SSL connection object to use another context
23.Sh SYNOPSIS 23.Sh SYNOPSIS
24.Lb libssl libcrypto
24.In openssl/ssl.h 25.In openssl/ssl.h
25.Ft SSL_CTX * 26.Ft SSL_CTX *
26.Fo SSL_set_SSL_CTX 27.Fo SSL_set_SSL_CTX
diff --git a/src/lib/libssl/man/SSL_set_bio.3 b/src/lib/libssl/man/SSL_set_bio.3
index e727f442d6..98ce9a7080 100644
--- a/src/lib/libssl/man/SSL_set_bio.3
+++ b/src/lib/libssl/man/SSL_set_bio.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_bio.3,v 1.6 2020/10/08 18:21:30 tb Exp $ 1.\" $OpenBSD: SSL_set_bio.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL acb5b343 Sep 16 16:00:38 2000 +0000 2.\" OpenSSL acb5b343 Sep 16 16:00:38 2000 +0000
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: October 8 2020 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SET_BIO 3 52.Dt SSL_SET_BIO 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_set_bio 55.Nm SSL_set_bio
56.Nd connect the SSL object with a BIO 56.Nd connect the SSL object with a BIO
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft void 60.Ft void
60.Fn SSL_set_bio "SSL *ssl" "BIO *rbio" "BIO *wbio" 61.Fn SSL_set_bio "SSL *ssl" "BIO *rbio" "BIO *wbio"
diff --git a/src/lib/libssl/man/SSL_set_connect_state.3 b/src/lib/libssl/man/SSL_set_connect_state.3
index c2072c4370..b7d126d046 100644
--- a/src/lib/libssl/man/SSL_set_connect_state.3
+++ b/src/lib/libssl/man/SSL_set_connect_state.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_connect_state.3,v 1.6 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_set_connect_state.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 2.\" full merge up to OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
3.\" selective merge up to: OpenSSL dbd007d7 Jul 28 13:31:27 2017 +0800 3.\" selective merge up to: OpenSSL dbd007d7 Jul 28 13:31:27 2017 +0800
4.\" 4.\"
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: March 27 2018 $ 53.Dd $Mdocdate: June 8 2025 $
54.Dt SSL_SET_CONNECT_STATE 3 54.Dt SSL_SET_CONNECT_STATE 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -59,6 +59,7 @@
59.Nm SSL_is_server 59.Nm SSL_is_server
60.Nd prepare SSL object to work in client or server mode 60.Nd prepare SSL object to work in client or server mode
61.Sh SYNOPSIS 61.Sh SYNOPSIS
62.Lb libssl libcrypto
62.In openssl/ssl.h 63.In openssl/ssl.h
63.Ft void 64.Ft void
64.Fn SSL_set_connect_state "SSL *ssl" 65.Fn SSL_set_connect_state "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_set_fd.3 b/src/lib/libssl/man/SSL_set_fd.3
index 7b9727e9ad..3c4441e677 100644
--- a/src/lib/libssl/man/SSL_set_fd.3
+++ b/src/lib/libssl/man/SSL_set_fd.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_fd.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_set_fd.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SET_FD 3 52.Dt SSL_SET_FD 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_set_wfd 57.Nm SSL_set_wfd
58.Nd connect the SSL object with a file descriptor 58.Nd connect the SSL object with a file descriptor
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft int 62.Ft int
62.Fn SSL_set_fd "SSL *ssl" "int fd" 63.Fn SSL_set_fd "SSL *ssl" "int fd"
diff --git a/src/lib/libssl/man/SSL_set_max_send_fragment.3 b/src/lib/libssl/man/SSL_set_max_send_fragment.3
index 7de087a743..d5265ebb74 100644
--- a/src/lib/libssl/man/SSL_set_max_send_fragment.3
+++ b/src/lib/libssl/man/SSL_set_max_send_fragment.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_max_send_fragment.3,v 1.5 2019/06/12 09:36:30 schwarze Exp $ 1.\" $OpenBSD: SSL_set_max_send_fragment.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL doc/man3/SSL_CTX_set_split_send_fragment.pod 2.\" OpenSSL doc/man3/SSL_CTX_set_split_send_fragment.pod
3.\" OpenSSL 6782e5fd Oct 21 16:16:20 2016 +0100 3.\" OpenSSL 6782e5fd Oct 21 16:16:20 2016 +0100
4.\" 4.\"
@@ -49,7 +49,7 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: June 12 2019 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_SET_MAX_SEND_FRAGMENT 3 53.Dt SSL_SET_MAX_SEND_FRAGMENT 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
@@ -57,6 +57,7 @@
57.Nm SSL_set_max_send_fragment 57.Nm SSL_set_max_send_fragment
58.Nd control fragment sizes 58.Nd control fragment sizes
59.Sh SYNOPSIS 59.Sh SYNOPSIS
60.Lb libssl libcrypto
60.In openssl/ssl.h 61.In openssl/ssl.h
61.Ft long 62.Ft long
62.Fo SSL_CTX_set_max_send_fragment 63.Fo SSL_CTX_set_max_send_fragment
diff --git a/src/lib/libssl/man/SSL_set_psk_use_session_callback.3 b/src/lib/libssl/man/SSL_set_psk_use_session_callback.3
index 7f2bfcc010..d53f5b97c9 100644
--- a/src/lib/libssl/man/SSL_set_psk_use_session_callback.3
+++ b/src/lib/libssl/man/SSL_set_psk_use_session_callback.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_psk_use_session_callback.3,v 1.1 2021/09/14 14:30:57 schwarze Exp $ 1.\" $OpenBSD: SSL_set_psk_use_session_callback.3,v 1.2 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL man3/SSL_CTX_set_psk_client_callback.pod 2.\" OpenSSL man3/SSL_CTX_set_psk_client_callback.pod
3.\" checked up to 24a535ea Sep 22 13:14:20 2020 +0100 3.\" checked up to 24a535ea Sep 22 13:14:20 2020 +0100
4.\" 4.\"
@@ -16,7 +16,7 @@
16.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18.\" 18.\"
19.Dd $Mdocdate: September 14 2021 $ 19.Dd $Mdocdate: June 8 2025 $
20.Dt SSL_SET_PSK_USE_SESSION_CALLBACK 3 20.Dt SSL_SET_PSK_USE_SESSION_CALLBACK 3
21.Os 21.Os
22.Sh NAME 22.Sh NAME
@@ -24,6 +24,7 @@
24.Nm SSL_psk_use_session_cb_func 24.Nm SSL_psk_use_session_cb_func
25.Nd set TLS pre-shared key client callback 25.Nd set TLS pre-shared key client callback
26.Sh SYNOPSIS 26.Sh SYNOPSIS
27.Lb libssl libcrypto
27.In openssl/ssl.h 28.In openssl/ssl.h
28.Ft typedef int 29.Ft typedef int
29.Fo (*SSL_psk_use_session_cb_func) 30.Fo (*SSL_psk_use_session_cb_func)
diff --git a/src/lib/libssl/man/SSL_set_session.3 b/src/lib/libssl/man/SSL_set_session.3
index 7d85f5ad0c..db3fc6a85c 100644
--- a/src/lib/libssl/man/SSL_set_session.3
+++ b/src/lib/libssl/man/SSL_set_session.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_session.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_set_session.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 05ea606a May 20 20:52:46 2016 -0400 2.\" OpenSSL 05ea606a May 20 20:52:46 2016 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SET_SESSION 3 52.Dt SSL_SET_SESSION 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_set_session 55.Nm SSL_set_session
56.Nd set a TLS/SSL session to be used during TLS/SSL connect 56.Nd set a TLS/SSL session to be used during TLS/SSL connect
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft int 60.Ft int
60.Fn SSL_set_session "SSL *ssl" "SSL_SESSION *session" 61.Fn SSL_set_session "SSL *ssl" "SSL_SESSION *session"
diff --git a/src/lib/libssl/man/SSL_set_shutdown.3 b/src/lib/libssl/man/SSL_set_shutdown.3
index ef8c004f76..1c1d59e927 100644
--- a/src/lib/libssl/man/SSL_set_shutdown.3
+++ b/src/lib/libssl/man/SSL_set_shutdown.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_shutdown.3,v 1.7 2024/12/19 06:45:21 jmc Exp $ 1.\" $OpenBSD: SSL_set_shutdown.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: December 19 2024 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SET_SHUTDOWN 3 52.Dt SSL_SET_SHUTDOWN 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -56,6 +56,7 @@
56.Nm SSL_get_shutdown 56.Nm SSL_get_shutdown
57.Nd manipulate shutdown state of an SSL connection 57.Nd manipulate shutdown state of an SSL connection
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft void 61.Ft void
61.Fn SSL_set_shutdown "SSL *ssl" "int mode" 62.Fn SSL_set_shutdown "SSL *ssl" "int mode"
diff --git a/src/lib/libssl/man/SSL_set_tmp_ecdh.3 b/src/lib/libssl/man/SSL_set_tmp_ecdh.3
index 8fd2d9fd5b..0794efdfb7 100644
--- a/src/lib/libssl/man/SSL_set_tmp_ecdh.3
+++ b/src/lib/libssl/man/SSL_set_tmp_ecdh.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_tmp_ecdh.3,v 1.6 2021/11/30 15:58:08 jsing Exp $ 1.\" $OpenBSD: SSL_set_tmp_ecdh.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -14,7 +14,7 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: November 30 2021 $ 17.Dd $Mdocdate: June 8 2025 $
18.Dt SSL_SET_TMP_ECDH 3 18.Dt SSL_SET_TMP_ECDH 3
19.Os 19.Os
20.Sh NAME 20.Sh NAME
@@ -26,6 +26,7 @@
26.Nm SSL_CTX_set_tmp_ecdh_callback 26.Nm SSL_CTX_set_tmp_ecdh_callback
27.Nd select a curve for ECDH ephemeral key exchange 27.Nd select a curve for ECDH ephemeral key exchange
28.Sh SYNOPSIS 28.Sh SYNOPSIS
29.Lb libssl libcrypto
29.In openssl/ssl.h 30.In openssl/ssl.h
30.Ft long 31.Ft long
31.Fo SSL_set_tmp_ecdh 32.Fo SSL_set_tmp_ecdh
diff --git a/src/lib/libssl/man/SSL_set_verify_result.3 b/src/lib/libssl/man/SSL_set_verify_result.3
index 4b7cc6ec3c..f43d375bc9 100644
--- a/src/lib/libssl/man/SSL_set_verify_result.3
+++ b/src/lib/libssl/man/SSL_set_verify_result.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_set_verify_result.3,v 1.5 2020/03/29 17:05:02 schwarze Exp $ 1.\" $OpenBSD: SSL_set_verify_result.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,13 +48,14 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 29 2020 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_SET_VERIFY_RESULT 3 52.Dt SSL_SET_VERIFY_RESULT 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
55.Nm SSL_set_verify_result 55.Nm SSL_set_verify_result
56.Nd override result of peer certificate verification 56.Nd override result of peer certificate verification
57.Sh SYNOPSIS 57.Sh SYNOPSIS
58.Lb libssl libcrypto
58.In openssl/ssl.h 59.In openssl/ssl.h
59.Ft void 60.Ft void
60.Fn SSL_set_verify_result "SSL *ssl" "long verify_result" 61.Fn SSL_set_verify_result "SSL *ssl" "long verify_result"
diff --git a/src/lib/libssl/man/SSL_shutdown.3 b/src/lib/libssl/man/SSL_shutdown.3
index bfb1e91ea7..ad49a47d8e 100644
--- a/src/lib/libssl/man/SSL_shutdown.3
+++ b/src/lib/libssl/man/SSL_shutdown.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_shutdown.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_shutdown.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -49,13 +49,14 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: March 27 2018 $ 52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_SHUTDOWN 3 53.Dt SSL_SHUTDOWN 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
56.Nm SSL_shutdown 56.Nm SSL_shutdown
57.Nd shut down a TLS/SSL connection 57.Nd shut down a TLS/SSL connection
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft int 61.Ft int
61.Fn SSL_shutdown "SSL *ssl" 62.Fn SSL_shutdown "SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_state_string.3 b/src/lib/libssl/man/SSL_state_string.3
index 1070335448..d202056eec 100644
--- a/src/lib/libssl/man/SSL_state_string.3
+++ b/src/lib/libssl/man/SSL_state_string.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_state_string.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_state_string.3,v 1.5 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_STATE_STRING 3 52.Dt SSL_STATE_STRING 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -56,6 +56,7 @@
56.Nm SSL_state_string_long 56.Nm SSL_state_string_long
57.Nd get textual description of state of an SSL object 57.Nd get textual description of state of an SSL object
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft const char * 61.Ft const char *
61.Fn SSL_state_string "const SSL *ssl" 62.Fn SSL_state_string "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_want.3 b/src/lib/libssl/man/SSL_want.3
index 24e8645ba8..c7c2ee4885 100644
--- a/src/lib/libssl/man/SSL_want.3
+++ b/src/lib/libssl/man/SSL_want.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_want.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ 1.\" $OpenBSD: SSL_want.3,v 1.6 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 2.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 27 2018 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt SSL_WANT 3 52.Dt SSL_WANT 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -59,6 +59,7 @@
59.Nm SSL_want_x509_lookup 59.Nm SSL_want_x509_lookup
60.Nd obtain state information TLS/SSL I/O operation 60.Nd obtain state information TLS/SSL I/O operation
61.Sh SYNOPSIS 61.Sh SYNOPSIS
62.Lb libssl libcrypto
62.In openssl/ssl.h 63.In openssl/ssl.h
63.Ft int 64.Ft int
64.Fn SSL_want "const SSL *ssl" 65.Fn SSL_want "const SSL *ssl"
diff --git a/src/lib/libssl/man/SSL_write.3 b/src/lib/libssl/man/SSL_write.3
index 2c6fbcef08..54d0953e82 100644
--- a/src/lib/libssl/man/SSL_write.3
+++ b/src/lib/libssl/man/SSL_write.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: SSL_write.3,v 1.7 2021/10/24 15:10:13 schwarze Exp $ 1.\" $OpenBSD: SSL_write.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" partial merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 3.\" partial merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
4.\" 4.\"
@@ -51,7 +51,7 @@
51.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52.\" OF THE POSSIBILITY OF SUCH DAMAGE. 52.\" OF THE POSSIBILITY OF SUCH DAMAGE.
53.\" 53.\"
54.Dd $Mdocdate: October 24 2021 $ 54.Dd $Mdocdate: June 8 2025 $
55.Dt SSL_WRITE 3 55.Dt SSL_WRITE 3
56.Os 56.Os
57.Sh NAME 57.Sh NAME
@@ -59,6 +59,7 @@
59.Nm SSL_write 59.Nm SSL_write
60.Nd write bytes to a TLS connection 60.Nd write bytes to a TLS connection
61.Sh SYNOPSIS 61.Sh SYNOPSIS
62.Lb libssl libcrypto
62.In openssl/ssl.h 63.In openssl/ssl.h
63.Ft int 64.Ft int
64.Fn SSL_write_ex "SSL *ssl" "const void *buf" "size_t num" "size_t *written" 65.Fn SSL_write_ex "SSL *ssl" "const void *buf" "size_t num" "size_t *written"
diff --git a/src/lib/libssl/man/d2i_SSL_SESSION.3 b/src/lib/libssl/man/d2i_SSL_SESSION.3
index 7a2bc529ab..6b0dfc86b9 100644
--- a/src/lib/libssl/man/d2i_SSL_SESSION.3
+++ b/src/lib/libssl/man/d2i_SSL_SESSION.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: d2i_SSL_SESSION.3,v 1.7 2019/06/08 15:25:43 schwarze Exp $ 1.\" $OpenBSD: d2i_SSL_SESSION.3,v 1.8 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\" 3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: June 8 2019 $ 51.Dd $Mdocdate: June 8 2025 $
52.Dt D2I_SSL_SESSION 3 52.Dt D2I_SSL_SESSION 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -56,6 +56,7 @@
56.Nm i2d_SSL_SESSION 56.Nm i2d_SSL_SESSION
57.Nd convert SSL_SESSION object from/to ASN1 representation 57.Nd convert SSL_SESSION object from/to ASN1 representation
58.Sh SYNOPSIS 58.Sh SYNOPSIS
59.Lb libssl libcrypto
59.In openssl/ssl.h 60.In openssl/ssl.h
60.Ft SSL_SESSION * 61.Ft SSL_SESSION *
61.Fn d2i_SSL_SESSION "SSL_SESSION **a" "const unsigned char **pp" "long length" 62.Fn d2i_SSL_SESSION "SSL_SESSION **a" "const unsigned char **pp" "long length"
diff --git a/src/lib/libssl/pqueue.c b/src/lib/libssl/pqueue.c
index 602969deb0..aafd0a704e 100644
--- a/src/lib/libssl/pqueue.c
+++ b/src/lib/libssl/pqueue.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pqueue.c,v 1.5 2014/06/12 15:49:31 deraadt Exp $ */ 1/* $OpenBSD: pqueue.c,v 1.7 2025/05/04 10:53:38 tb Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -68,7 +68,7 @@ typedef struct _pqueue {
68} pqueue_s; 68} pqueue_s;
69 69
70pitem * 70pitem *
71pitem_new(unsigned char *prio64be, void *data) 71pitem_new(const unsigned char *prio64be, void *data)
72{ 72{
73 pitem *item = malloc(sizeof(pitem)); 73 pitem *item = malloc(sizeof(pitem));
74 74
@@ -154,7 +154,7 @@ pqueue_pop(pqueue_s *pq)
154} 154}
155 155
156pitem * 156pitem *
157pqueue_find(pqueue_s *pq, unsigned char *prio64be) 157pqueue_find(pqueue_s *pq, const unsigned char *prio64be)
158{ 158{
159 pitem *next; 159 pitem *next;
160 160
diff --git a/src/lib/libssl/pqueue.h b/src/lib/libssl/pqueue.h
index cdda4a3961..79ddf7a105 100644
--- a/src/lib/libssl/pqueue.h
+++ b/src/lib/libssl/pqueue.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: pqueue.h,v 1.4 2016/11/04 18:28:58 guenther Exp $ */ 1/* $OpenBSD: pqueue.h,v 1.7 2025/05/04 10:53:38 tb Exp $ */
2 2
3/* 3/*
4 * DTLS implementation written by Nagendra Modadugu 4 * DTLS implementation written by Nagendra Modadugu
@@ -61,7 +61,7 @@
61#ifndef HEADER_PQUEUE_H 61#ifndef HEADER_PQUEUE_H
62#define HEADER_PQUEUE_H 62#define HEADER_PQUEUE_H
63 63
64__BEGIN_HIDDEN_DECLS 64__BEGIN_HIDDEN_DECLS
65 65
66typedef struct _pqueue *pqueue; 66typedef struct _pqueue *pqueue;
67 67
@@ -73,7 +73,7 @@ typedef struct _pitem {
73 73
74typedef struct _pitem *piterator; 74typedef struct _pitem *piterator;
75 75
76pitem *pitem_new(unsigned char *prio64be, void *data); 76pitem *pitem_new(const unsigned char *prio64be, void *data);
77void pitem_free(pitem *item); 77void pitem_free(pitem *item);
78 78
79pqueue pqueue_new(void); 79pqueue pqueue_new(void);
@@ -82,12 +82,12 @@ void pqueue_free(pqueue pq);
82pitem *pqueue_insert(pqueue pq, pitem *item); 82pitem *pqueue_insert(pqueue pq, pitem *item);
83pitem *pqueue_peek(pqueue pq); 83pitem *pqueue_peek(pqueue pq);
84pitem *pqueue_pop(pqueue pq); 84pitem *pqueue_pop(pqueue pq);
85pitem *pqueue_find(pqueue pq, unsigned char *prio64be); 85pitem *pqueue_find(pqueue pq, const unsigned char *prio64be);
86pitem *pqueue_iterator(pqueue pq); 86pitem *pqueue_iterator(pqueue pq);
87pitem *pqueue_next(piterator *iter); 87pitem *pqueue_next(piterator *iter);
88 88
89int pqueue_size(pqueue pq); 89int pqueue_size(pqueue pq);
90 90
91__END_HIDDEN_DECLS 91__END_HIDDEN_DECLS
92 92
93#endif /* ! HEADER_PQUEUE_H */ 93#endif /* ! HEADER_PQUEUE_H */
diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version
index c2665004b4..97e30d617d 100644
--- a/src/lib/libssl/shlib_version
+++ b/src/lib/libssl/shlib_version
@@ -1,3 +1,3 @@
1# Don't forget to give libtls the same type of bump! 1# Don't forget to give libtls the same type of bump!
2major=59 2major=60
3minor=1 3minor=0
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index a1ed22b778..e8a11ebdb9 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl.h,v 1.247 2025/03/12 14:03:55 jsing Exp $ */ 1/* $OpenBSD: ssl.h,v 1.248 2025/04/18 07:34:01 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -231,9 +231,9 @@ extern "C" {
231#define SSL_TXT_kRSA "kRSA" 231#define SSL_TXT_kRSA "kRSA"
232#define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */ 232#define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */
233#define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */ 233#define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */
234#define SSL_TXT_kDH "kDH" /* no such ciphersuites supported! */ 234#define SSL_TXT_kDH "kDH" /* no such ciphersuites supported! */
235#define SSL_TXT_kEDH "kEDH" 235#define SSL_TXT_kEDH "kEDH"
236#define SSL_TXT_kKRB5 "kKRB5" 236#define SSL_TXT_kKRB5 "kKRB5"
237#define SSL_TXT_kECDHr "kECDHr" 237#define SSL_TXT_kECDHr "kECDHr"
238#define SSL_TXT_kECDHe "kECDHe" 238#define SSL_TXT_kECDHe "kECDHe"
239#define SSL_TXT_kECDH "kECDH" 239#define SSL_TXT_kECDH "kECDH"
@@ -245,7 +245,7 @@ extern "C" {
245#define SSL_TXT_aDSS "aDSS" 245#define SSL_TXT_aDSS "aDSS"
246#define SSL_TXT_aDH "aDH" /* no such ciphersuites supported! */ 246#define SSL_TXT_aDH "aDH" /* no such ciphersuites supported! */
247#define SSL_TXT_aECDH "aECDH" 247#define SSL_TXT_aECDH "aECDH"
248#define SSL_TXT_aKRB5 "aKRB5" 248#define SSL_TXT_aKRB5 "aKRB5"
249#define SSL_TXT_aECDSA "aECDSA" 249#define SSL_TXT_aECDSA "aECDSA"
250#define SSL_TXT_aPSK "aPSK" 250#define SSL_TXT_aPSK "aPSK"
251 251
@@ -260,7 +260,7 @@ extern "C" {
260#define SSL_TXT_EECDH "EECDH" /* previous name for ECDHE */ 260#define SSL_TXT_EECDH "EECDH" /* previous name for ECDHE */
261#define SSL_TXT_AECDH "AECDH" 261#define SSL_TXT_AECDH "AECDH"
262#define SSL_TXT_ECDSA "ECDSA" 262#define SSL_TXT_ECDSA "ECDSA"
263#define SSL_TXT_KRB5 "KRB5" 263#define SSL_TXT_KRB5 "KRB5"
264#define SSL_TXT_PSK "PSK" 264#define SSL_TXT_PSK "PSK"
265#define SSL_TXT_SRP "SRP" 265#define SSL_TXT_SRP "SRP"
266 266
@@ -1117,7 +1117,7 @@ const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
1117int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits); 1117int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
1118const char * SSL_CIPHER_get_version(const SSL_CIPHER *c); 1118const char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
1119const char * SSL_CIPHER_get_name(const SSL_CIPHER *c); 1119const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
1120unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c); 1120unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
1121uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c); 1121uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c);
1122const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr); 1122const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
1123int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c); 1123int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
@@ -1272,16 +1272,16 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
1272SSL *SSL_new(SSL_CTX *ctx); 1272SSL *SSL_new(SSL_CTX *ctx);
1273void SSL_free(SSL *ssl); 1273void SSL_free(SSL *ssl);
1274int SSL_up_ref(SSL *ssl); 1274int SSL_up_ref(SSL *ssl);
1275int SSL_accept(SSL *ssl); 1275int SSL_accept(SSL *ssl);
1276int SSL_connect(SSL *ssl); 1276int SSL_connect(SSL *ssl);
1277int SSL_is_dtls(const SSL *s); 1277int SSL_is_dtls(const SSL *s);
1278int SSL_is_server(const SSL *s); 1278int SSL_is_server(const SSL *s);
1279int SSL_read(SSL *ssl, void *buf, int num); 1279int SSL_read(SSL *ssl, void *buf, int num);
1280int SSL_peek(SSL *ssl, void *buf, int num); 1280int SSL_peek(SSL *ssl, void *buf, int num);
1281int SSL_write(SSL *ssl, const void *buf, int num); 1281int SSL_write(SSL *ssl, const void *buf, int num);
1282int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *bytes_read); 1282int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *bytes_read);
1283int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *bytes_peeked); 1283int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *bytes_peeked);
1284int SSL_write_ex(SSL *ssl, const void *buf, size_t num, size_t *bytes_written); 1284int SSL_write_ex(SSL *ssl, const void *buf, size_t num, size_t *bytes_written);
1285 1285
1286#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL) 1286#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL)
1287uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx); 1287uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
index 1b1110b4e9..03dda33530 100644
--- a/src/lib/libssl/ssl3.h
+++ b/src/lib/libssl/ssl3.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl3.h,v 1.60 2024/03/02 11:47:41 tb Exp $ */ 1/* $OpenBSD: ssl3.h,v 1.61 2025/04/18 07:34:01 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -134,7 +134,7 @@ extern "C" {
134 134
135#define SSL3_CK_RSA_NULL_MD5 0x03000001 135#define SSL3_CK_RSA_NULL_MD5 0x03000001
136#define SSL3_CK_RSA_NULL_SHA 0x03000002 136#define SSL3_CK_RSA_NULL_SHA 0x03000002
137#define SSL3_CK_RSA_RC4_40_MD5 0x03000003 137#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
138#define SSL3_CK_RSA_RC4_128_MD5 0x03000004 138#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
139#define SSL3_CK_RSA_RC4_128_SHA 0x03000005 139#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
140#define SSL3_CK_RSA_RC2_40_MD5 0x03000006 140#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
@@ -145,10 +145,10 @@ extern "C" {
145 145
146#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B 146#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
147#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C 147#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
148#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D 148#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
149#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E 149#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
150#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F 150#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
151#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010 151#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
152 152
153#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011 153#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
154#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012 154#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
@@ -168,22 +168,22 @@ extern "C" {
168#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E 168#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
169#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F 169#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
170#define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 170#define SSL3_CK_KRB5_RC4_128_SHA 0x03000020
171#define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 171#define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021
172#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 172#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022
173#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023 173#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023
174#define SSL3_CK_KRB5_RC4_128_MD5 0x03000024 174#define SSL3_CK_KRB5_RC4_128_MD5 0x03000024
175#define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025 175#define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025
176 176
177#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026 177#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026
178#define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027 178#define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027
179#define SSL3_CK_KRB5_RC4_40_SHA 0x03000028 179#define SSL3_CK_KRB5_RC4_40_SHA 0x03000028
180#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029 180#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029
181#define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A 181#define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A
182#define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B 182#define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B
183 183
184#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" 184#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
185#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" 185#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
186#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" 186#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
187#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" 187#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
188#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" 188#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
189#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" 189#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
@@ -194,10 +194,10 @@ extern "C" {
194 194
195#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA" 195#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
196#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA" 196#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
197#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA" 197#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
198#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA" 198#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
199#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA" 199#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
200#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA" 200#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
201 201
202#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA" 202#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
203#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA" 203#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
@@ -215,18 +215,18 @@ extern "C" {
215#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" 215#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
216#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" 216#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
217#define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" 217#define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA"
218#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" 218#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA"
219#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" 219#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
220#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" 220#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
221#define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" 221#define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5"
222#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5" 222#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5"
223 223
224#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" 224#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
225#define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" 225#define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA"
226#define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" 226#define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA"
227#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" 227#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
228#define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5" 228#define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5"
229#define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" 229#define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5"
230 230
231#define SSL3_SSL_SESSION_ID_LENGTH 32 231#define SSL3_SSL_SESSION_ID_LENGTH 32
232#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 232#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
index eac2d9e61f..90822490e2 100644
--- a/src/lib/libssl/ssl_err.c
+++ b/src/lib/libssl/ssl_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_err.c,v 1.53 2024/10/09 08:00:29 tb Exp $ */ 1/* $OpenBSD: ssl_err.c,v 1.55 2025/05/10 05:49:21 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -669,8 +669,7 @@ SSL_state_func_code(int state) {
669} 669}
670 670
671void 671void
672SSL_error_internal(const SSL *s, int r, char *f, int l) 672SSL_error_internal(const SSL *s, int r, const char *f, int l)
673{ 673{
674 ERR_PUT_error(ERR_LIB_SSL, 674 ERR_PUT_error(ERR_LIB_SSL, SSL_state_func_code(s->s3->hs.state), r, f, l);
675 (SSL_state_func_code(s->s3->hs.state)), r, f, l);
676} 675}
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index ce68981493..630724e670 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.331 2025/03/12 14:03:55 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.333 2025/06/09 10:14:38 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1298,7 +1298,7 @@ SSL_shutdown(SSL *s)
1298 return (-1); 1298 return (-1);
1299 } 1299 }
1300 1300
1301 if (s != NULL && !SSL_in_init(s)) 1301 if (!SSL_in_init(s))
1302 return (s->method->ssl_shutdown(s)); 1302 return (s->method->ssl_shutdown(s));
1303 1303
1304 return (1); 1304 return (1);
@@ -3008,8 +3008,9 @@ SSL_dup(SSL *s)
3008 3008
3009 /* Dup the client_CA list */ 3009 /* Dup the client_CA list */
3010 if (s->client_CA != NULL) { 3010 if (s->client_CA != NULL) {
3011 if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL) goto err; 3011 if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL)
3012 ret->client_CA = sk; 3012 goto err;
3013 ret->client_CA = sk;
3013 for (i = 0; i < sk_X509_NAME_num(sk); i++) { 3014 for (i = 0; i < sk_X509_NAME_num(sk); i++) {
3014 xn = sk_X509_NAME_value(sk, i); 3015 xn = sk_X509_NAME_value(sk, i);
3015 if (sk_X509_NAME_set(sk, i, 3016 if (sk_X509_NAME_set(sk, i,
diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h
index 6095940388..acb87f8650 100644
--- a/src/lib/libssl/ssl_local.h
+++ b/src/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_local.h,v 1.27 2025/03/09 15:12:18 tb Exp $ */ 1/* $OpenBSD: ssl_local.h,v 1.33 2025/05/10 06:04:36 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -203,7 +203,7 @@ __BEGIN_HIDDEN_DECLS
203/* Bits for algorithm_auth (server authentication) */ 203/* Bits for algorithm_auth (server authentication) */
204#define SSL_aRSA 0x00000001L /* RSA auth */ 204#define SSL_aRSA 0x00000001L /* RSA auth */
205#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */ 205#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */
206#define SSL_aECDSA 0x00000040L /* ECDSA auth*/ 206#define SSL_aECDSA 0x00000040L /* ECDSA auth*/
207#define SSL_aTLS1_3 0x00000400L /* TLSv1.3 authentication */ 207#define SSL_aTLS1_3 0x00000400L /* TLSv1.3 authentication */
208 208
209/* Bits for algorithm_enc (symmetric encryption) */ 209/* Bits for algorithm_enc (symmetric encryption) */
@@ -289,12 +289,8 @@ __BEGIN_HIDDEN_DECLS
289 * SSL_aDSS <- DSA_SIGN 289 * SSL_aDSS <- DSA_SIGN
290 */ 290 */
291 291
292/* From ECC-TLS draft, used in encoding the curve type in 292/* From RFC 4492, section 5.4. Only named curves are supported. */
293 * ECParameters 293#define NAMED_CURVE_TYPE 3
294 */
295#define EXPLICIT_PRIME_CURVE_TYPE 1
296#define EXPLICIT_CHAR2_CURVE_TYPE 2
297#define NAMED_CURVE_TYPE 3
298 294
299typedef struct ssl_cert_pkey_st { 295typedef struct ssl_cert_pkey_st {
300 X509 *x509; 296 X509 *x509;
@@ -396,7 +392,7 @@ struct ssl_method_st {
396 * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint 392 * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
397 * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity 393 * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
398 * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket 394 * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
399 * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only) 395 * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
400 * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method 396 * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
401 * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username 397 * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
402 * } 398 * }
@@ -1054,7 +1050,7 @@ struct ssl_st {
1054 1050
1055 int renegotiate;/* 1 if we are renegotiating. 1051 int renegotiate;/* 1 if we are renegotiating.
1056 * 2 if we are a server and are inside a handshake 1052 * 2 if we are a server and are inside a handshake
1057 * (i.e. not just sending a HelloRequest) */ 1053 * (i.e. not just sending a HelloRequest) */
1058 1054
1059 int rstate; /* where we are when reading */ 1055 int rstate; /* where we are when reading */
1060 1056
@@ -1078,7 +1074,7 @@ typedef struct ssl3_record_internal_st {
1078 1074
1079typedef struct ssl3_buffer_internal_st { 1075typedef struct ssl3_buffer_internal_st {
1080 unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes, 1076 unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
1081 * see ssl3_setup_buffers() */ 1077 * see ssl3_setup_buffers() */
1082 size_t len; /* buffer size */ 1078 size_t len; /* buffer size */
1083 int offset; /* where to 'copy from' */ 1079 int offset; /* where to 'copy from' */
1084 int left; /* how many bytes left */ 1080 int left; /* how many bytes left */
@@ -1443,9 +1439,10 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char *md_out,
1443 unsigned int mac_secret_length); 1439 unsigned int mac_secret_length);
1444int SSL_state_func_code(int _state); 1440int SSL_state_func_code(int _state);
1445 1441
1446#define SSLerror(s, r) SSL_error_internal(s, r, OPENSSL_FILE, OPENSSL_LINE) 1442void SSL_error_internal(const SSL *s, int r, const char *f, int l);
1447#define SSLerrorx(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) 1443#define SSLerror(s, r) SSL_error_internal(s, r, OPENSSL_FILE, OPENSSL_LINE)
1448void SSL_error_internal(const SSL *s, int r, char *f, int l); 1444#define SSLerrorx(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE)
1445#define SYSerror(r) ERR_PUT_error(ERR_LIB_SYS,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE)
1449 1446
1450#ifndef OPENSSL_NO_SRTP 1447#ifndef OPENSSL_NO_SRTP
1451 1448
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
index b19944ca83..9966217ca3 100644
--- a/src/lib/libssl/ssl_stat.c
+++ b/src/lib/libssl/ssl_stat.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_stat.c,v 1.23 2024/10/12 03:54:18 tb Exp $ */ 1/* $OpenBSD: ssl_stat.c,v 1.24 2025/05/22 08:25:26 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -438,72 +438,7 @@ LSSL_ALIAS(SSL_alert_type_string);
438const char * 438const char *
439SSL_alert_desc_string(int value) 439SSL_alert_desc_string(int value)
440{ 440{
441 switch (value & 0xff) { 441 return "!!";
442 case SSL_AD_CLOSE_NOTIFY:
443 return "CN";
444 case SSL_AD_UNEXPECTED_MESSAGE:
445 return "UM";
446 case SSL_AD_BAD_RECORD_MAC:
447 return "BM";
448 case SSL_AD_RECORD_OVERFLOW:
449 return "RO";
450 case SSL_AD_DECOMPRESSION_FAILURE:
451 return "DF";
452 case SSL_AD_HANDSHAKE_FAILURE:
453 return "HF";
454 case SSL_AD_BAD_CERTIFICATE:
455 return "BC";
456 case SSL_AD_UNSUPPORTED_CERTIFICATE:
457 return "UC";
458 case SSL_AD_CERTIFICATE_REVOKED:
459 return "CR";
460 case SSL_AD_CERTIFICATE_EXPIRED:
461 return "CE";
462 case SSL_AD_CERTIFICATE_UNKNOWN:
463 return "CU";
464 case SSL_AD_ILLEGAL_PARAMETER:
465 return "IP";
466 case SSL_AD_UNKNOWN_CA:
467 return "CA";
468 case SSL_AD_ACCESS_DENIED:
469 return "AD";
470 case SSL_AD_DECODE_ERROR:
471 return "DE";
472 case SSL_AD_DECRYPT_ERROR:
473 return "CY";
474 case SSL_AD_PROTOCOL_VERSION:
475 return "PV";
476 case SSL_AD_INSUFFICIENT_SECURITY:
477 return "IS";
478 case SSL_AD_INTERNAL_ERROR:
479 return "IE";
480 case SSL_AD_INAPPROPRIATE_FALLBACK:
481 return "IF";
482 case SSL_AD_USER_CANCELLED:
483 return "US";
484 case SSL_AD_NO_RENEGOTIATION:
485 return "NR";
486 case SSL_AD_MISSING_EXTENSION:
487 return "ME";
488 case SSL_AD_UNSUPPORTED_EXTENSION:
489 return "UE";
490 case SSL_AD_CERTIFICATE_UNOBTAINABLE:
491 return "CO";
492 case SSL_AD_UNRECOGNIZED_NAME:
493 return "UN";
494 case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
495 return "BR";
496 case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
497 return "BH";
498 case SSL_AD_UNKNOWN_PSK_IDENTITY:
499 return "UP";
500 case SSL_AD_CERTIFICATE_REQUIRED:
501 return "CQ"; /* XXX */
502 case SSL_AD_NO_APPLICATION_PROTOCOL:
503 return "AP";
504 default:
505 return "UK";
506 }
507} 442}
508LSSL_ALIAS(SSL_alert_desc_string); 443LSSL_ALIAS(SSL_alert_desc_string);
509 444
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 08bf5593ec..9209597601 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_tlsext.c,v 1.154 2024/07/09 12:27:27 beck Exp $ */ 1/* $OpenBSD: ssl_tlsext.c,v 1.156 2025/06/07 10:23:21 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -2410,13 +2410,12 @@ tlsext_randomize_build_order(SSL *s)
2410{ 2410{
2411 const struct tls_extension *psk_ext; 2411 const struct tls_extension *psk_ext;
2412 size_t idx, new_idx; 2412 size_t idx, new_idx;
2413 size_t alpn_idx = 0, sni_idx = 0;
2414 2413
2415 free(s->tlsext_build_order); 2414 free(s->tlsext_build_order);
2416 s->tlsext_build_order_len = 0; 2415 s->tlsext_build_order_len = 0;
2417 2416
2418 if ((s->tlsext_build_order = calloc(sizeof(*s->tlsext_build_order), 2417 if ((s->tlsext_build_order = calloc(N_TLS_EXTENSIONS,
2419 N_TLS_EXTENSIONS)) == NULL) 2418 sizeof(*s->tlsext_build_order))) == NULL)
2420 return 0; 2419 return 0;
2421 s->tlsext_build_order_len = N_TLS_EXTENSIONS; 2420 s->tlsext_build_order_len = N_TLS_EXTENSIONS;
2422 2421
@@ -2433,28 +2432,6 @@ tlsext_randomize_build_order(SSL *s)
2433 s->tlsext_build_order[new_idx] = &tls_extensions[idx]; 2432 s->tlsext_build_order[new_idx] = &tls_extensions[idx];
2434 } 2433 }
2435 2434
2436 /*
2437 * XXX - Apache2 special until year 2025: ensure that SNI precedes ALPN
2438 * for clients so that virtual host setups work correctly.
2439 */
2440
2441 if (s->server)
2442 return 1;
2443
2444 for (idx = 0; idx < N_TLS_EXTENSIONS; idx++) {
2445 if (s->tlsext_build_order[idx]->type == TLSEXT_TYPE_alpn)
2446 alpn_idx = idx;
2447 if (s->tlsext_build_order[idx]->type == TLSEXT_TYPE_server_name)
2448 sni_idx = idx;
2449 }
2450 if (alpn_idx < sni_idx) {
2451 const struct tls_extension *tmp;
2452
2453 tmp = s->tlsext_build_order[alpn_idx];
2454 s->tlsext_build_order[alpn_idx] = s->tlsext_build_order[sni_idx];
2455 s->tlsext_build_order[sni_idx] = tmp;
2456 }
2457
2458 return 1; 2435 return 1;
2459} 2436}
2460 2437
@@ -2466,8 +2443,8 @@ tlsext_linearize_build_order(SSL *s)
2466 free(s->tlsext_build_order); 2443 free(s->tlsext_build_order);
2467 s->tlsext_build_order_len = 0; 2444 s->tlsext_build_order_len = 0;
2468 2445
2469 if ((s->tlsext_build_order = calloc(sizeof(*s->tlsext_build_order), 2446 if ((s->tlsext_build_order = calloc(N_TLS_EXTENSIONS,
2470 N_TLS_EXTENSIONS)) == NULL) 2447 sizeof(*s->tlsext_build_order))) == NULL)
2471 return 0; 2448 return 0;
2472 s->tlsext_build_order_len = N_TLS_EXTENSIONS; 2449 s->tlsext_build_order_len = N_TLS_EXTENSIONS;
2473 2450
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index b200f78098..57cd180d09 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.204 2025/01/18 14:17:05 tb Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.206 2025/05/31 15:17:11 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -151,6 +151,7 @@ tls1_clear(SSL *s)
151} 151}
152 152
153struct supported_group { 153struct supported_group {
154 uint16_t group_id;
154 int nid; 155 int nid;
155 int bits; 156 int bits;
156}; 157};
@@ -160,119 +161,148 @@ struct supported_group {
160 * https://www.iana.org/assignments/tls-parameters/#tls-parameters-8 161 * https://www.iana.org/assignments/tls-parameters/#tls-parameters-8
161 */ 162 */
162static const struct supported_group nid_list[] = { 163static const struct supported_group nid_list[] = {
163 [1] = { 164 {
165 .group_id = 1,
164 .nid = NID_sect163k1, 166 .nid = NID_sect163k1,
165 .bits = 80, 167 .bits = 80,
166 }, 168 },
167 [2] = { 169 {
170 .group_id = 2,
168 .nid = NID_sect163r1, 171 .nid = NID_sect163r1,
169 .bits = 80, 172 .bits = 80,
170 }, 173 },
171 [3] = { 174 {
175 .group_id = 3,
172 .nid = NID_sect163r2, 176 .nid = NID_sect163r2,
173 .bits = 80, 177 .bits = 80,
174 }, 178 },
175 [4] = { 179 {
180 .group_id = 4,
176 .nid = NID_sect193r1, 181 .nid = NID_sect193r1,
177 .bits = 80, 182 .bits = 80,
178 }, 183 },
179 [5] = { 184 {
185 .group_id = 5,
180 .nid = NID_sect193r2, 186 .nid = NID_sect193r2,
181 .bits = 80, 187 .bits = 80,
182 }, 188 },
183 [6] = { 189 {
190 .group_id = 6,
184 .nid = NID_sect233k1, 191 .nid = NID_sect233k1,
185 .bits = 112, 192 .bits = 112,
186 }, 193 },
187 [7] = { 194 {
195 .group_id = 7,
188 .nid = NID_sect233r1, 196 .nid = NID_sect233r1,
189 .bits = 112, 197 .bits = 112,
190 }, 198 },
191 [8] = { 199 {
200 .group_id = 8,
192 .nid = NID_sect239k1, 201 .nid = NID_sect239k1,
193 .bits = 112, 202 .bits = 112,
194 }, 203 },
195 [9] = { 204 {
205 .group_id = 9,
196 .nid = NID_sect283k1, 206 .nid = NID_sect283k1,
197 .bits = 128, 207 .bits = 128,
198 }, 208 },
199 [10] = { 209 {
210 .group_id = 10,
200 .nid = NID_sect283r1, 211 .nid = NID_sect283r1,
201 .bits = 128, 212 .bits = 128,
202 }, 213 },
203 [11] = { 214 {
215 .group_id = 11,
204 .nid = NID_sect409k1, 216 .nid = NID_sect409k1,
205 .bits = 192, 217 .bits = 192,
206 }, 218 },
207 [12] = { 219 {
220 .group_id = 12,
208 .nid = NID_sect409r1, 221 .nid = NID_sect409r1,
209 .bits = 192, 222 .bits = 192,
210 }, 223 },
211 [13] = { 224 {
225 .group_id = 13,
212 .nid = NID_sect571k1, 226 .nid = NID_sect571k1,
213 .bits = 256, 227 .bits = 256,
214 }, 228 },
215 [14] = { 229 {
230 .group_id = 14,
216 .nid = NID_sect571r1, 231 .nid = NID_sect571r1,
217 .bits = 256, 232 .bits = 256,
218 }, 233 },
219 [15] = { 234 {
235 .group_id = 15,
220 .nid = NID_secp160k1, 236 .nid = NID_secp160k1,
221 .bits = 80, 237 .bits = 80,
222 }, 238 },
223 [16] = { 239 {
240 .group_id = 16,
224 .nid = NID_secp160r1, 241 .nid = NID_secp160r1,
225 .bits = 80, 242 .bits = 80,
226 }, 243 },
227 [17] = { 244 {
245 .group_id = 17,
228 .nid = NID_secp160r2, 246 .nid = NID_secp160r2,
229 .bits = 80, 247 .bits = 80,
230 }, 248 },
231 [18] = { 249 {
250 .group_id = 18,
232 .nid = NID_secp192k1, 251 .nid = NID_secp192k1,
233 .bits = 80, 252 .bits = 80,
234 }, 253 },
235 [19] = { 254 {
255 .group_id = 19,
236 .nid = NID_X9_62_prime192v1, /* aka secp192r1 */ 256 .nid = NID_X9_62_prime192v1, /* aka secp192r1 */
237 .bits = 80, 257 .bits = 80,
238 }, 258 },
239 [20] = { 259 {
260 .group_id = 20,
240 .nid = NID_secp224k1, 261 .nid = NID_secp224k1,
241 .bits = 112, 262 .bits = 112,
242 }, 263 },
243 [21] = { 264 {
265 .group_id = 21,
244 .nid = NID_secp224r1, 266 .nid = NID_secp224r1,
245 .bits = 112, 267 .bits = 112,
246 }, 268 },
247 [22] = { 269 {
270 .group_id = 22,
248 .nid = NID_secp256k1, 271 .nid = NID_secp256k1,
249 .bits = 128, 272 .bits = 128,
250 }, 273 },
251 [23] = { 274 {
275 .group_id = 23,
252 .nid = NID_X9_62_prime256v1, /* aka secp256r1 */ 276 .nid = NID_X9_62_prime256v1, /* aka secp256r1 */
253 .bits = 128, 277 .bits = 128,
254 }, 278 },
255 [24] = { 279 {
280 .group_id = 24,
256 .nid = NID_secp384r1, 281 .nid = NID_secp384r1,
257 .bits = 192, 282 .bits = 192,
258 }, 283 },
259 [25] = { 284 {
285 .group_id = 25,
260 .nid = NID_secp521r1, 286 .nid = NID_secp521r1,
261 .bits = 256, 287 .bits = 256,
262 }, 288 },
263 [26] = { 289 {
290 .group_id = 26,
264 .nid = NID_brainpoolP256r1, 291 .nid = NID_brainpoolP256r1,
265 .bits = 128, 292 .bits = 128,
266 }, 293 },
267 [27] = { 294 {
295 .group_id = 27,
268 .nid = NID_brainpoolP384r1, 296 .nid = NID_brainpoolP384r1,
269 .bits = 192, 297 .bits = 192,
270 }, 298 },
271 [28] = { 299 {
300 .group_id = 28,
272 .nid = NID_brainpoolP512r1, 301 .nid = NID_brainpoolP512r1,
273 .bits = 256, 302 .bits = 256,
274 }, 303 },
275 [29] = { 304 {
305 .group_id = 29,
276 .nid = NID_X25519, 306 .nid = NID_X25519,
277 .bits = 128, 307 .bits = 128,
278 }, 308 },
@@ -339,18 +369,41 @@ static const uint16_t ecgroups_server_default[] = {
339 24, /* secp384r1 (24) */ 369 24, /* secp384r1 (24) */
340}; 370};
341 371
372static const struct supported_group *
373tls1_supported_group_by_id(uint16_t group_id)
374{
375 int i;
376
377 for (i = 0; i < NID_LIST_LEN; i++) {
378 if (group_id == nid_list[i].group_id)
379 return &nid_list[i];
380 }
381
382 return NULL;
383}
384
385static const struct supported_group *
386tls1_supported_group_by_nid(int nid)
387{
388 int i;
389
390 for (i = 0; i < NID_LIST_LEN; i++) {
391 if (nid == nid_list[i].nid)
392 return &nid_list[i];
393 }
394
395 return NULL;
396}
397
342int 398int
343tls1_ec_group_id2nid(uint16_t group_id, int *out_nid) 399tls1_ec_group_id2nid(uint16_t group_id, int *out_nid)
344{ 400{
345 int nid; 401 const struct supported_group *sg;
346
347 if (group_id >= NID_LIST_LEN)
348 return 0;
349 402
350 if ((nid = nid_list[group_id].nid) == 0) 403 if ((sg = tls1_supported_group_by_id(group_id)) == NULL)
351 return 0; 404 return 0;
352 405
353 *out_nid = nid; 406 *out_nid = sg->nid;
354 407
355 return 1; 408 return 1;
356} 409}
@@ -358,15 +411,12 @@ tls1_ec_group_id2nid(uint16_t group_id, int *out_nid)
358int 411int
359tls1_ec_group_id2bits(uint16_t group_id, int *out_bits) 412tls1_ec_group_id2bits(uint16_t group_id, int *out_bits)
360{ 413{
361 int bits; 414 const struct supported_group *sg;
362
363 if (group_id >= NID_LIST_LEN)
364 return 0;
365 415
366 if ((bits = nid_list[group_id].bits) == 0) 416 if ((sg = tls1_supported_group_by_id(group_id)) == NULL)
367 return 0; 417 return 0;
368 418
369 *out_bits = bits; 419 *out_bits = sg->bits;
370 420
371 return 1; 421 return 1;
372} 422}
@@ -374,19 +424,14 @@ tls1_ec_group_id2bits(uint16_t group_id, int *out_bits)
374int 424int
375tls1_ec_nid2group_id(int nid, uint16_t *out_group_id) 425tls1_ec_nid2group_id(int nid, uint16_t *out_group_id)
376{ 426{
377 uint16_t group_id; 427 const struct supported_group *sg;
378 428
379 if (nid == 0) 429 if ((sg = tls1_supported_group_by_nid(nid)) == NULL)
380 return 0; 430 return 0;
381 431
382 for (group_id = 0; group_id < NID_LIST_LEN; group_id++) { 432 *out_group_id = sg->group_id;
383 if (nid_list[group_id].nid == nid) {
384 *out_group_id = group_id;
385 return 1;
386 }
387 }
388 433
389 return 0; 434 return 1;
390} 435}
391 436
392/* 437/*
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index d018fced5c..2d5dffc6cf 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls1.h,v 1.60 2024/10/23 01:57:19 jsg Exp $ */ 1/* $OpenBSD: tls1.h,v 1.61 2025/04/18 07:34:01 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -197,7 +197,7 @@ extern "C" {
197/* Codes 110-114 from RFC 3546. */ 197/* Codes 110-114 from RFC 3546. */
198#define TLS1_AD_UNSUPPORTED_EXTENSION 110 198#define TLS1_AD_UNSUPPORTED_EXTENSION 110
199#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111 199#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
200#define TLS1_AD_UNRECOGNIZED_NAME 112 200#define TLS1_AD_UNRECOGNIZED_NAME 112
201#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113 201#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
202#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114 202#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
203/* Code 115 from RFC 4279. */ 203/* Code 115 from RFC 4279. */
@@ -455,7 +455,7 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
455#define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098 455#define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
456#define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099 456#define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
457#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A 457#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
458#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B 458#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
459 459
460/* TLS v1.2 GCM ciphersuites from RFC 5288. */ 460/* TLS v1.2 GCM ciphersuites from RFC 5288. */
461#define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C 461#define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index 331a3ad1a7..c3470b2931 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_lib.c,v 1.77 2024/01/27 14:23:51 jsing Exp $ */ 1/* $OpenBSD: tls13_lib.c,v 1.78 2025/06/07 10:25:12 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2019 Bob Beck <beck@openbsd.org> 4 * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -538,7 +538,7 @@ tls13_ctx_new(int mode, SSL *ssl)
538{ 538{
539 struct tls13_ctx *ctx = NULL; 539 struct tls13_ctx *ctx = NULL;
540 540
541 if ((ctx = calloc(sizeof(struct tls13_ctx), 1)) == NULL) 541 if ((ctx = calloc(1, sizeof(*ctx))) == NULL)
542 goto err; 542 goto err;
543 543
544 ctx->hs = &ssl->s3->hs; 544 ctx->hs = &ssl->s3->hs;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-14 09:04:15 +0000