1 files changed, 0 insertions, 240 deletions
diff --git a/src/lib/libtls/man/tls_read.3 b/src/lib/libtls/man/tls_read.3
deleted file mode 100644
index f9d949eef5..0000000000
--- a/src/lib/libtls/man/tls_read.3
+++ /dev/null
@@ -1,240 +0,0 @@
-.\" $OpenBSD: tls_read.3,v 1.8 2023/09/18 17:25:15 schwarze Exp $
-.\"
-.\" Copyright (c) 2014, 2015 Ted Unangst <tedu@openbsd.org>
-.\" Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
-.\" Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
-.\" Copyright (c) 2015 Bob Beck <beck@openbsd.org>
-.\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.Dd $Mdocdate: September 18 2023 $
-.Dt TLS_READ 3
-.Os
-.Sh NAME
-.Nm tls_read ,
-.Nm tls_write ,
-.Nm tls_handshake ,
-.Nm tls_error ,
-.Nm tls_close
-.Nd use a TLS connection
-.Sh SYNOPSIS
-.In tls.h
-.Ft ssize_t
-.Fo tls_read
-.Fa "struct tls *ctx"
-.Fa "void *buf"
-.Fa "size_t buflen"
-.Fc
-.Ft ssize_t
-.Fo tls_write
-.Fa "struct tls *ctx"
-.Fa "const void *buf"
-.Fa "size_t buflen"
-.Fc
-.Ft int
-.Fn tls_handshake "struct tls *ctx"
-.Ft const char *
-.Fn tls_error "struct tls *ctx"
-.Ft int
-.Fn tls_close "struct tls *ctx"
-.Sh DESCRIPTION
-.Fn tls_read
-reads
-.Fa buflen
-bytes of data from the socket into
-.Fa buf .
-It returns the amount of data read.
-.Pp
-.Fn tls_write
-writes
-.Fa buflen
-bytes of data from
-.Fa buf
-to the socket.
-It returns the amount of data written.
-.Pp
-.Fn tls_handshake
-explicitly performs the TLS handshake.
-It is only necessary to call this function if you need to guarantee that the
-handshake has completed, as both
-.Fn tls_read
-and
-.Fn tls_write
-automatically perform the TLS handshake when necessary.
-.Pp
-The
-.Fn tls_error
-function may be used to retrieve a string containing more information
-about the most recent error relating to a context.
-.Pp
-.Fn tls_close
-closes a connection after use.
-Only the TLS layer will be shut down and the caller is responsible for closing
-the file descriptors, unless the connection was established using
-.Xr tls_connect 3
-or
-.Xr tls_connect_servername 3 .
-After closing the connection,
-.Fa ctx
-can be passed to
-.Xr tls_free 3 .
-.Sh RETURN VALUES
-.Fn tls_read
-and
-.Fn tls_write
-return a size on success or -1 on error.
-.Pp
-.Fn tls_handshake
-and
-.Fn tls_close
-return 0 on success or -1 on error.
-.Pp
-The
-.Fn tls_read ,
-.Fn tls_write ,
-.Fn tls_handshake ,
-and
-.Fn tls_close
-functions also have two special return values:
-.Pp
-.Bl -tag -width "TLS_WANT_POLLOUT" -offset indent -compact
-.It Dv TLS_WANT_POLLIN
-The underlying read file descriptor needs to be readable in order to continue.
-.It Dv TLS_WANT_POLLOUT
-The underlying write file descriptor needs to be writeable in order to continue.
-.El
-.Pp
-In the case of blocking file descriptors, the same function call should be
-repeated immediately.
-In the case of non-blocking file descriptors, the same function call should be
-repeated when the required condition has been met.
-.Pp
-Callers of these functions cannot rely on the value of the global
-.Ar errno .
-To prevent mishandling of error conditions,
-.Fn tls_read ,
-.Fn tls_write ,
-.Fn tls_handshake ,
-and
-.Fn tls_close
-all explicitly clear
-.Ar errno .
-.Pp
-.Fn tls_error
-returns
-.Dv NULL
-if no error occurred with
-.Fa ctx
-during or since the last call to
-.Fn tls_handshake ,
-.Fn tls_read ,
-.Fn tls_write ,
-.Fn tls_close ,
-or
-.Xr tls_reset 3
-involving
-.Fa ctx ,
-or if memory allocation failed while trying to assemble the string
-describing the most recent error related to
-.Fa ctx .
-.Sh EXAMPLES
-The following example demonstrates how to handle TLS writes on a blocking
-file descriptor:
-.Bd -literal -offset indent
-\&...
-while (len > 0) {
-        ssize_t ret;
-        ret = tls_write(ctx, buf, len);
-        if (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT)
-                continue;
-        if (ret == -1)
-                errx(1, "tls_write: %s", tls_error(ctx));
-        buf += ret;
-        len -= ret;
-}
-\&...
-.Ed
-.Pp
-The following example demonstrates how to handle TLS writes on a
-non-blocking file descriptor using
-.Xr poll 2 :
-.Bd -literal -offset indent
-\&...
-pfd[0].fd = fd;
-pfd[0].events = POLLIN|POLLOUT;
-while (len > 0) {
-        nready = poll(pfd, 1, 0);
-        if (nready == -1)
-                err(1, "poll");
-        if ((pfd[0].revents & (POLLERR|POLLNVAL)))
-                errx(1, "bad fd %d", pfd[0].fd);
-        if ((pfd[0].revents & (pfd[0].events|POLLHUP))) {
-                ssize_t ret;
-                ret = tls_write(ctx, buf, len);
-                if (ret == TLS_WANT_POLLIN)
-                        pfd[0].events = POLLIN;
-                else if (ret == TLS_WANT_POLLOUT)
-                        pfd[0].events = POLLOUT;
-                else if (ret == -1)
-                        errx(1, "tls_write: %s", tls_error(ctx));
-                else {
-                        buf += ret;
-                        len -= ret;
-                }
-        }
-}
-\&...
-.Ed
-.Sh SEE ALSO
-.Xr tls_accept_socket 3 ,
-.Xr tls_configure 3 ,
-.Xr tls_conn_version 3 ,
-.Xr tls_connect 3 ,
-.Xr tls_init 3 ,
-.Xr tls_ocsp_process_response 3
-.Sh HISTORY
-.Fn tls_read ,
-.Fn tls_write ,
-.Fn tls_error ,
-and
-.Fn tls_close
-appeared in
-.Ox 5.6
-and got their final names in
-.Ox 5.7 .
-.Pp
-.Fn tls_handshake
-appeared in
-.Ox 5.9 .
-.Sh AUTHORS
-.An Joel Sing Aq Mt jsing@openbsd.org
-with contributions from
-.An Bob Beck Aq Mt beck@openbsd.org
-.Sh CAVEATS
-The function
-.Fn tls_error
-returns an internal pointer.
-It must not be freed by the application, or a double free error
-will occur.
-The pointer will become invalid when the next error occurs with
-.Fa ctx .
-Consequently, if the application may need the message at a later
-time, it has to copy the string before calling the next
-.Sy libtls
-function involving
-.Fa ctx ,
-or a segmentation fault or read access to unintended data is the
-likely result.

diff --git a/src/lib/libtls/man/tls_read.3 b/src/lib/libtls/man/tls_read.3 deleted file mode 100644 index f9d949eef5..0000000000 --- a/src/lib/libtls/man/tls_read.3 +++ /dev/null
@@ -1,240 +0,0 @@
1	.\" $OpenBSD: tls_read.3,v 1.8 2023/09/18 17:25:15 schwarze Exp $
2	.\"
3	.\" Copyright (c) 2014, 2015 Ted Unangst <tedu@openbsd.org>
4	.\" Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
5	.\" Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
6	.\" Copyright (c) 2015 Bob Beck <beck@openbsd.org>
7	.\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
8	.\"
9	.\" Permission to use, copy, modify, and distribute this software for any
10	.\" purpose with or without fee is hereby granted, provided that the above
11	.\" copyright notice and this permission notice appear in all copies.
12	.\"
13	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20	.\"
21	.Dd $Mdocdate: September 18 2023 $
22	.Dt TLS_READ 3
23	.Os
24	.Sh NAME
25	.Nm tls_read ,
26	.Nm tls_write ,
27	.Nm tls_handshake ,
28	.Nm tls_error ,
29	.Nm tls_close
30	.Nd use a TLS connection
31	.Sh SYNOPSIS
32	.In tls.h
33	.Ft ssize_t
34	.Fo tls_read
35	.Fa "struct tls *ctx"
36	.Fa "void *buf"
37	.Fa "size_t buflen"
38	.Fc
39	.Ft ssize_t
40	.Fo tls_write
41	.Fa "struct tls *ctx"
42	.Fa "const void *buf"
43	.Fa "size_t buflen"
44	.Fc
45	.Ft int
46	.Fn tls_handshake "struct tls *ctx"
47	.Ft const char *
48	.Fn tls_error "struct tls *ctx"
49	.Ft int
50	.Fn tls_close "struct tls *ctx"
51	.Sh DESCRIPTION
52	.Fn tls_read
53	reads
54	.Fa buflen
55	bytes of data from the socket into
56	.Fa buf .
57	It returns the amount of data read.
58	.Pp
59	.Fn tls_write
60	writes
61	.Fa buflen
62	bytes of data from
63	.Fa buf
64	to the socket.
65	It returns the amount of data written.
66	.Pp
67	.Fn tls_handshake
68	explicitly performs the TLS handshake.
69	It is only necessary to call this function if you need to guarantee that the
70	handshake has completed, as both
71	.Fn tls_read
72	and
73	.Fn tls_write
74	automatically perform the TLS handshake when necessary.
75	.Pp
76	The
77	.Fn tls_error
78	function may be used to retrieve a string containing more information
79	about the most recent error relating to a context.
80	.Pp
81	.Fn tls_close
82	closes a connection after use.
83	Only the TLS layer will be shut down and the caller is responsible for closing
84	the file descriptors, unless the connection was established using
85	.Xr tls_connect 3
86	or
87	.Xr tls_connect_servername 3 .
88	After closing the connection,
89	.Fa ctx
90	can be passed to
91	.Xr tls_free 3 .
92	.Sh RETURN VALUES
93	.Fn tls_read
94	and
95	.Fn tls_write
96	return a size on success or -1 on error.
97	.Pp
98	.Fn tls_handshake
99	and
100	.Fn tls_close
101	return 0 on success or -1 on error.
102	.Pp
103	The
104	.Fn tls_read ,
105	.Fn tls_write ,
106	.Fn tls_handshake ,
107	and
108	.Fn tls_close
109	functions also have two special return values:
110	.Pp
111	.Bl -tag -width "TLS_WANT_POLLOUT" -offset indent -compact
112	.It Dv TLS_WANT_POLLIN
113	The underlying read file descriptor needs to be readable in order to continue.
114	.It Dv TLS_WANT_POLLOUT
115	The underlying write file descriptor needs to be writeable in order to continue.
116	.El
117	.Pp
118	In the case of blocking file descriptors, the same function call should be
119	repeated immediately.
120	In the case of non-blocking file descriptors, the same function call should be
121	repeated when the required condition has been met.
122	.Pp
123	Callers of these functions cannot rely on the value of the global
124	.Ar errno .
125	To prevent mishandling of error conditions,
126	.Fn tls_read ,
127	.Fn tls_write ,
128	.Fn tls_handshake ,
129	and
130	.Fn tls_close
131	all explicitly clear
132	.Ar errno .
133	.Pp
134	.Fn tls_error
135	returns
136	.Dv NULL
137	if no error occurred with
138	.Fa ctx
139	during or since the last call to
140	.Fn tls_handshake ,
141	.Fn tls_read ,
142	.Fn tls_write ,
143	.Fn tls_close ,
144	or
145	.Xr tls_reset 3
146	involving
147	.Fa ctx ,
148	or if memory allocation failed while trying to assemble the string
149	describing the most recent error related to
150	.Fa ctx .
151	.Sh EXAMPLES
152	The following example demonstrates how to handle TLS writes on a blocking
153	file descriptor:
154	.Bd -literal -offset indent
155	\&...
156	while (len > 0) {
157	ssize_t ret;
158
159	ret = tls_write(ctx, buf, len);
160	if (ret == TLS_WANT_POLLIN \|\| ret == TLS_WANT_POLLOUT)
161	continue;
162	if (ret == -1)
163	errx(1, "tls_write: %s", tls_error(ctx));
164	buf += ret;
165	len -= ret;
166	}
167	\&...
168	.Ed
169	.Pp
170	The following example demonstrates how to handle TLS writes on a
171	non-blocking file descriptor using
172	.Xr poll 2 :
173	.Bd -literal -offset indent
174	\&...
175	pfd[0].fd = fd;
176	pfd[0].events = POLLIN\|POLLOUT;
177	while (len > 0) {
178	nready = poll(pfd, 1, 0);
179	if (nready == -1)
180	err(1, "poll");
181	if ((pfd[0].revents & (POLLERR\|POLLNVAL)))
182	errx(1, "bad fd %d", pfd[0].fd);
183	if ((pfd[0].revents & (pfd[0].events\|POLLHUP))) {
184	ssize_t ret;
185
186	ret = tls_write(ctx, buf, len);
187	if (ret == TLS_WANT_POLLIN)
188	pfd[0].events = POLLIN;
189	else if (ret == TLS_WANT_POLLOUT)
190	pfd[0].events = POLLOUT;
191	else if (ret == -1)
192	errx(1, "tls_write: %s", tls_error(ctx));
193	else {
194	buf += ret;
195	len -= ret;
196	}
197	}
198	}
199	\&...
200	.Ed
201	.Sh SEE ALSO
202	.Xr tls_accept_socket 3 ,
203	.Xr tls_configure 3 ,
204	.Xr tls_conn_version 3 ,
205	.Xr tls_connect 3 ,
206	.Xr tls_init 3 ,
207	.Xr tls_ocsp_process_response 3
208	.Sh HISTORY
209	.Fn tls_read ,
210	.Fn tls_write ,
211	.Fn tls_error ,
212	and
213	.Fn tls_close
214	appeared in
215	.Ox 5.6
216	and got their final names in
217	.Ox 5.7 .
218	.Pp
219	.Fn tls_handshake
220	appeared in
221	.Ox 5.9 .
222	.Sh AUTHORS
223	.An Joel Sing Aq Mt jsing@openbsd.org
224	with contributions from
225	.An Bob Beck Aq Mt beck@openbsd.org
226	.Sh CAVEATS
227	The function
228	.Fn tls_error
229	returns an internal pointer.
230	It must not be freed by the application, or a double free error
231	will occur.
232	The pointer will become invalid when the next error occurs with
233	.Fa ctx .
234	Consequently, if the application may need the message at a later
235	time, it has to copy the string before calling the next
236	.Sy libtls
237	function involving
238	.Fa ctx ,
239	or a segmentation fault or read access to unintended data is the
240	likely result.