1 files changed, 71 insertions, 42 deletions
diff --git a/src/lib/libssl/man/SSL_CIPHER_get_name.3 b/src/lib/libssl/man/SSL_CIPHER_get_name.3
index b85fdffe8d..9a1446efba 100644
--- a/src/lib/libssl/man/SSL_CIPHER_get_name.3
+++ b/src/lib/libssl/man/SSL_CIPHER_get_name.3
@@ -1,8 +1,10 @@
-.\"     $OpenBSD: SSL_CIPHER_get_name.3,v 1.3 2017/07/05 11:43:09 schwarze Exp $
+.\" $OpenBSD: SSL_CIPHER_get_name.3,v 1.4 2018/02/27 14:13:52 schwarze Exp $
-.\"     OpenSSL 45f55f6a Nov 30 15:35:22 2014 +0100
+.\" full merge up to: OpenSSL 45f55f6a Nov 30 15:35:22 2014 +0100
+.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
 .\"
-.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
+.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>
-.\" Copyright (c) 2000, 2001, 2005, 2009, 2013, 2014 The OpenSSL Project.
+.\" and Paul Yang <yang.yang@baishancloud.com>.
+.\" Copyright (c) 2000, 2005, 2009, 2013, 2014, 2017 The OpenSSL Project.
 .\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -49,13 +51,14 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 5 2017 $
+.Dd $Mdocdate: February 27 2018 $
 .Dt SSL_CIPHER_GET_NAME 3
 .Os
 .Sh NAME
 .Nm SSL_CIPHER_get_name ,
 .Nm SSL_CIPHER_get_bits ,
 .Nm SSL_CIPHER_get_version ,
+.Nm SSL_CIPHER_get_id ,
 .Nm SSL_CIPHER_description
 .Nd get SSL_CIPHER properties
 .Sh SYNOPSIS
@@ -66,18 +69,14 @@
 .Fn SSL_CIPHER_get_bits "const SSL_CIPHER *cipher" "int *alg_bits"
 .Ft char *
 .Fn SSL_CIPHER_get_version "const SSL_CIPHER *cipher"
+.Ft unsigned long
+.Fn SSL_CIPHER_get_id "const SSL_CIPHER *cipher"
 .Ft char *
 .Fn SSL_CIPHER_description "const SSL_CIPHER *cipher" "char *buf" "int size"
 .Sh DESCRIPTION
 .Fn SSL_CIPHER_get_name
 returns a pointer to the name of
 .Fa cipher .
-If the
-.Fa cipher
-is
-.Dv NULL ,
-it returns
-.Qq (NONE) .
 .Pp
 .Fn SSL_CIPHER_get_bits
 returns the number of secret bits used for
@@ -86,13 +85,7 @@ If
 .Fa alg_bits
 is not
 .Dv NULL ,
-it contains the number of bits processed by the
+the number of bits processed by the chosen algorithm is stored into it.
-chosen algorithm.
-If
-.Fa cipher
-is
-.Dv NULL ,
-0 is returned.
 .Pp
 .Fn SSL_CIPHER_get_version
 returns a string which indicates the SSL/TLS protocol version that first
@@ -104,19 +97,32 @@ In some cases it should possibly return
 but the function does not; use
 .Fn SSL_CIPHER_description
 instead.
-If
+.Pp
-.Fa cipher
+.Fn SSL_CIPHER_get_id
-is
+returns the ID of the given
-.Dv NULL ,
+.Fa cipher ,
-.Qq (NONE)
+which must not be
-is returned.
+.Dv NULL .
+The ID here is an OpenSSL-specific concept, which stores a prefix
+of 0x0300 in the higher two bytes and the IANA-specified chipher
+suite ID in the lower two bytes.
+For instance, TLS_RSA_WITH_NULL_MD5 has IANA ID "0x00, 0x01", so
+.Fn SSL_CIPHER_get_id
+returns 0x03000001.
 .Pp
 .Fn SSL_CIPHER_description
-returns a textual description of the cipher used into the buffer
+copies a textual description of
-.Fa buf
+.Fa cipher
-of length
+into the buffer
-.Fa len
+.Fa buf ,
-provided.
+which must be at least
+.Fa size
+bytes long.
+The
+.Fa cipher
+argument must not be a
+.Dv NULL
+pointer.
 If
 .Fa buf
 is
@@ -128,13 +134,16 @@ that buffer should be freed using the
 function.
 If
 .Fa len
-is too small, or if
+is too small to hold the description, a pointer to the static string
-.Fa buf
-is
-.Dv NULL
-and the allocation fails, a pointer to the string
 .Qq Buffer too small
 is returned.
+If memory allocation fails, which can happen even if a
+.Fa buf
+of sufficient size is provided, a pointer to the static string
+.Qq OPENSSL_malloc Error
+is returned and the content of
+.Fa buf
+remains unchanged.
 .Pp
 The string returned by
 .Fn SSL_CIPHER_description
@@ -196,6 +205,34 @@ Message digest:
 .Sy STREEBOG256 ,
 .Sy STREEBOG512 .
 .El
+.Sh RETURN VALUES
+.Fn SSL_CIPHER_get_name
+returns an internal pointer to a NUL-terminated string.
+.Fn SSL_CIPHER_get_version
+returns a pointer to a static NUL-terminated string.
+If
+.Fa cipher
+is a
+.Dv NULL
+pointer, both functions return a pointer to the static string
+.Qq Pq NONE .
+.Pp
+.Fn SSL_CIPHER_get_bits
+returns a positive integer representing the number of secret bits
+or 0 if
+.Fa cipher
+is a
+.Dv NULL
+pointer.
+.Pp
+.Fn SSL_CIPHER_get_id
+returns a 32-bit unsigned integer.
+.Pp
+.Fn SSL_CIPHER_description
+returns
+.Fa buf
+or a newly allocated string on success or a pointer to a static
+string on error.
 .Sh EXAMPLES
 An example for the output of
 .Fn SSL_CIPHER_description :
@@ -214,14 +251,6 @@ A complete list can be retrieved by invoking the following command:
 .Sh BUGS
 If
 .Fn SSL_CIPHER_description
-is called with
-.Fa cipher
-being
-.Dv NULL ,
-the library crashes.
-.Pp
-If
-.Fn SSL_CIPHER_description
 cannot handle a built-in cipher,
 the according description of the cipher property is
 .Qq unknown .

diff --git a/src/lib/libssl/man/SSL_CIPHER_get_name.3 b/src/lib/libssl/man/SSL_CIPHER_get_name.3 index b85fdffe8d..9a1446efba 100644 --- a/src/lib/libssl/man/SSL_CIPHER_get_name.3 +++ b/src/lib/libssl/man/SSL_CIPHER_get_name.3
@@ -1,8 +1,10 @@
1	.\" $OpenBSD: SSL_CIPHER_get_name.3,v 1.3 2017/07/05 11:43:09 schwarze Exp $	1	.\" $OpenBSD: SSL_CIPHER_get_name.3,v 1.4 2018/02/27 14:13:52 schwarze Exp $
2	.\" OpenSSL 45f55f6a Nov 30 15:35:22 2014 +0100	2	.\" full merge up to: OpenSSL 45f55f6a Nov 30 15:35:22 2014 +0100
		3	.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
3	.\"	4	.\"
4	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.	5	.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>
5	.\" Copyright (c) 2000, 2001, 2005, 2009, 2013, 2014 The OpenSSL Project.	6	.\" and Paul Yang <yang.yang@baishancloud.com>.
		7	.\" Copyright (c) 2000, 2005, 2009, 2013, 2014, 2017 The OpenSSL Project.
6	.\" All rights reserved.	8	.\" All rights reserved.
7	.\"	9	.\"
8	.\" Redistribution and use in source and binary forms, with or without	10	.\" Redistribution and use in source and binary forms, with or without
@@ -49,13 +51,14 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	51	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	52	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	53	.\"
52	.Dd $Mdocdate: July 5 2017 $	54	.Dd $Mdocdate: February 27 2018 $
53	.Dt SSL_CIPHER_GET_NAME 3	55	.Dt SSL_CIPHER_GET_NAME 3
54	.Os	56	.Os
55	.Sh NAME	57	.Sh NAME
56	.Nm SSL_CIPHER_get_name ,	58	.Nm SSL_CIPHER_get_name ,
57	.Nm SSL_CIPHER_get_bits ,	59	.Nm SSL_CIPHER_get_bits ,
58	.Nm SSL_CIPHER_get_version ,	60	.Nm SSL_CIPHER_get_version ,
		61	.Nm SSL_CIPHER_get_id ,
59	.Nm SSL_CIPHER_description	62	.Nm SSL_CIPHER_description
60	.Nd get SSL_CIPHER properties	63	.Nd get SSL_CIPHER properties
61	.Sh SYNOPSIS	64	.Sh SYNOPSIS
@@ -66,18 +69,14 @@
66	.Fn SSL_CIPHER_get_bits "const SSL_CIPHER cipher" "int alg_bits"	69	.Fn SSL_CIPHER_get_bits "const SSL_CIPHER cipher" "int alg_bits"
67	.Ft char *	70	.Ft char *
68	.Fn SSL_CIPHER_get_version "const SSL_CIPHER *cipher"	71	.Fn SSL_CIPHER_get_version "const SSL_CIPHER *cipher"
		72	.Ft unsigned long
		73	.Fn SSL_CIPHER_get_id "const SSL_CIPHER *cipher"
69	.Ft char *	74	.Ft char *
70	.Fn SSL_CIPHER_description "const SSL_CIPHER cipher" "char buf" "int size"	75	.Fn SSL_CIPHER_description "const SSL_CIPHER cipher" "char buf" "int size"
71	.Sh DESCRIPTION	76	.Sh DESCRIPTION
72	.Fn SSL_CIPHER_get_name	77	.Fn SSL_CIPHER_get_name
73	returns a pointer to the name of	78	returns a pointer to the name of
74	.Fa cipher .	79	.Fa cipher .
75	If the
76	.Fa cipher
77	is
78	.Dv NULL ,
79	it returns
80	.Qq (NONE) .
81	.Pp	80	.Pp
82	.Fn SSL_CIPHER_get_bits	81	.Fn SSL_CIPHER_get_bits
83	returns the number of secret bits used for	82	returns the number of secret bits used for
@@ -86,13 +85,7 @@ If
86	.Fa alg_bits	85	.Fa alg_bits
87	is not	86	is not
88	.Dv NULL ,	87	.Dv NULL ,
89	it contains the number of bits processed by the	88	the number of bits processed by the chosen algorithm is stored into it.
90	chosen algorithm.
91	If
92	.Fa cipher
93	is
94	.Dv NULL ,
95	0 is returned.
96	.Pp	89	.Pp
97	.Fn SSL_CIPHER_get_version	90	.Fn SSL_CIPHER_get_version
98	returns a string which indicates the SSL/TLS protocol version that first	91	returns a string which indicates the SSL/TLS protocol version that first
@@ -104,19 +97,32 @@ In some cases it should possibly return
104	but the function does not; use	97	but the function does not; use
105	.Fn SSL_CIPHER_description	98	.Fn SSL_CIPHER_description
106	instead.	99	instead.
107	If	100	.Pp
108	.Fa cipher	101	.Fn SSL_CIPHER_get_id
109	is	102	returns the ID of the given
110	.Dv NULL ,	103	.Fa cipher ,
111	.Qq (NONE)	104	which must not be
112	is returned.	105	.Dv NULL .
		106	The ID here is an OpenSSL-specific concept, which stores a prefix
		107	of 0x0300 in the higher two bytes and the IANA-specified chipher
		108	suite ID in the lower two bytes.
		109	For instance, TLS_RSA_WITH_NULL_MD5 has IANA ID "0x00, 0x01", so
		110	.Fn SSL_CIPHER_get_id
		111	returns 0x03000001.
113	.Pp	112	.Pp
114	.Fn SSL_CIPHER_description	113	.Fn SSL_CIPHER_description
115	returns a textual description of the cipher used into the buffer	114	copies a textual description of
116	.Fa buf	115	.Fa cipher
117	of length	116	into the buffer
118	.Fa len	117	.Fa buf ,
119	provided.	118	which must be at least
		119	.Fa size
		120	bytes long.
		121	The
		122	.Fa cipher
		123	argument must not be a
		124	.Dv NULL
		125	pointer.
120	If	126	If
121	.Fa buf	127	.Fa buf
122	is	128	is
@@ -128,13 +134,16 @@ that buffer should be freed using the
128	function.	134	function.
129	If	135	If
130	.Fa len	136	.Fa len
131	is too small, or if	137	is too small to hold the description, a pointer to the static string
132	.Fa buf
133	is
134	.Dv NULL
135	and the allocation fails, a pointer to the string
136	.Qq Buffer too small	138	.Qq Buffer too small
137	is returned.	139	is returned.
		140	If memory allocation fails, which can happen even if a
		141	.Fa buf
		142	of sufficient size is provided, a pointer to the static string
		143	.Qq OPENSSL_malloc Error
		144	is returned and the content of
		145	.Fa buf
		146	remains unchanged.
138	.Pp	147	.Pp
139	The string returned by	148	The string returned by
140	.Fn SSL_CIPHER_description	149	.Fn SSL_CIPHER_description
@@ -196,6 +205,34 @@ Message digest:
196	.Sy STREEBOG256 ,	205	.Sy STREEBOG256 ,
197	.Sy STREEBOG512 .	206	.Sy STREEBOG512 .
198	.El	207	.El
		208	.Sh RETURN VALUES
		209	.Fn SSL_CIPHER_get_name
		210	returns an internal pointer to a NUL-terminated string.
		211	.Fn SSL_CIPHER_get_version
		212	returns a pointer to a static NUL-terminated string.
		213	If
		214	.Fa cipher
		215	is a
		216	.Dv NULL
		217	pointer, both functions return a pointer to the static string
		218	.Qq Pq NONE .
		219	.Pp
		220	.Fn SSL_CIPHER_get_bits
		221	returns a positive integer representing the number of secret bits
		222	or 0 if
		223	.Fa cipher
		224	is a
		225	.Dv NULL
		226	pointer.
		227	.Pp
		228	.Fn SSL_CIPHER_get_id
		229	returns a 32-bit unsigned integer.
		230	.Pp
		231	.Fn SSL_CIPHER_description
		232	returns
		233	.Fa buf
		234	or a newly allocated string on success or a pointer to a static
		235	string on error.
199	.Sh EXAMPLES	236	.Sh EXAMPLES
200	An example for the output of	237	An example for the output of
201	.Fn SSL_CIPHER_description :	238	.Fn SSL_CIPHER_description :
@@ -214,14 +251,6 @@ A complete list can be retrieved by invoking the following command:
214	.Sh BUGS	251	.Sh BUGS
215	If	252	If
216	.Fn SSL_CIPHER_description	253	.Fn SSL_CIPHER_description
217	is called with
218	.Fa cipher
219	being
220	.Dv NULL ,
221	the library crashes.
222	.Pp
223	If
224	.Fn SSL_CIPHER_description
225	cannot handle a built-in cipher,	254	cannot handle a built-in cipher,
226	the according description of the cipher property is	255	the according description of the cipher property is
227	.Qq unknown .	256	.Qq unknown .