1 files changed, 48 insertions, 30 deletions
diff --git a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
index 5f8da325bb..42f68e0a3a 100644
--- a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
+++ b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.9 2024/06/28 14:48:43 tb Exp $
+.\"     $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.10 2024/07/11 13:50:44 tb Exp $
 .\"     OpenSSL 87b81496 Apr 19 12:38:27 2017 -0400
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 28 2024 $
+.Dd $Mdocdate: July 11 2024 $
 .Dt SSL_CTX_SET_ALPN_SELECT_CB 3
 .Os
 .Sh NAME
@@ -85,10 +85,10 @@
 .Fo SSL_select_next_proto
 .Fa "unsigned char **out"
 .Fa "unsigned char *outlen"
-.Fa "const unsigned char *server"
+.Fa "const unsigned char *peer_list"
-.Fa "unsigned int server_len"
+.Fa "unsigned int peer_list_len"
-.Fa "const unsigned char *client"
+.Fa "const unsigned char *supported_list"
-.Fa "unsigned int client_len"
+.Fa "unsigned int supported_list_len"
 .Fc
 .Ft void
 .Fo SSL_get0_alpn_selected
@@ -149,7 +149,6 @@ parameter is the pointer set via
 .Pp
 .Fn SSL_select_next_proto
 is a helper function used to select protocols.
-It implements the standard protocol selection.
 It is expected that this function is called from the application
 callback
 .Fa cb .
@@ -163,32 +162,30 @@ should ignore
 and fail by returning
 .Dv SSL_TLSEXT_ERR_ALERT_FATAL .
 The protocol data in
-.Fa server ,
+.Fa peer_list ,
-.Fa server_len
+.Fa peer_list_len
 and
-.Fa client ,
+.Fa supported_list ,
-.Fa client_len
+.Fa supported_list_len
-must be in the protocol-list format described below.
+must be two non-empty lists, validly encoded
+in the protocol-list format described below.
 The first item in the
-.Fa server ,
+.Fa peer_list
-.Fa server_len
+that matches an item in the
-list that matches an item in the
+.Fa supported_list
-.Fa client ,
+is selected, and returned in
-.Fa client_len
-list is selected, and returned in
 .Fa out ,
 .Fa outlen .
 The
 .Fa out
 value will point into either
-.Fa server
+.Fa peer_list
 or
-.Fa client ,
+.Fa supported_list ,
 so it must not be modified and
 should be copied immediately.
 If no match is found, the first item in
-.Fa client ,
+.Fa supported_list
-.Fa client_len
 is returned in
 .Fa out ,
 .Fa outlen .
@@ -213,17 +210,13 @@ of non-empty, 8-bit length-prefixed byte strings.
 The length-prefix byte is not included in the length.
 Each string is limited to 255 bytes.
 A byte-string length of 0 is invalid.
-A truncated byte-string is invalid.
 The length of the vector is not in the vector itself, but in a separate
 variable.
 .Pp
 For example:
 .Bd -literal
-unsigned char vector[] = {
+const unsigned char *vector = "\e6" "spdy/1" "\e8" "http/1.1";
-        6, 's', 'p', 'd', 'y', '/', '1',
+unsigned int length = strlen(vector);
-        8, 'h', 't', 't', 'p', '/', '1', '.', '1'
-};
-unsigned int length = sizeof(vector);
 .Ed
 .Pp
 The ALPN callback is executed after the servername callback; as that
@@ -249,8 +242,8 @@ A match was found and is returned in
 .It OPENSSL_NPN_NO_OVERLAP
 No match was found.
 The first item in
-.Fa client ,
+.Fa supported_list ,
-.Fa client_len
+.Fa supported_list_len
 is returned in
 .Fa out ,
 .Fa outlen .
@@ -273,6 +266,16 @@ configured for this connection.
 .Xr ssl 3 ,
 .Xr SSL_CTX_set_tlsext_servername_arg 3 ,
 .Xr SSL_CTX_set_tlsext_servername_callback 3
+.Sh STANDARDS
+.Rs
+.%T TLS Application-Layer Protocol Negotiation Extension
+.%R RFC 7301
+.Re
+.Pp
+.Rs
+.%T TLS Next Protocol Negotiation Extension
+.%U https://datatracker.ietf.org/doc/html/draft-agl-tls-nextprotoneg
+.Re
 .Sh HISTORY
 .Fn SSL_select_next_proto
 first appeared in OpenSSL 1.0.1 and has been available since
@@ -285,3 +288,18 @@ and
 .Fn SSL_get0_alpn_selected
 first appeared in OpenSSL 1.0.2 and have been available since
 .Ox 5.7 .
+.Sh CAVEATS
+The fallback to the first supported protocol in
+.Fn SSL_select_next_proto
+comes from the opportunistic fallback mechanism in the NPN extension.
+This behavior does not make sense for ALPN,
+where missing protocol overlap should result in a handshake failure.
+To avoid accidental selection of a protocol that the server does not
+support, it is recommended to pass the locally configured protocols
+as second pair of protocols in the ALPN callback.
+.Sh BUGS
+The
+.Fa out
+argument of
+.Fn SSL_select_next_proto
+should have been const.

diff --git a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 index 5f8da325bb..42f68e0a3a 100644 --- a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 +++ b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.9 2024/06/28 14:48:43 tb Exp $	1	.\" $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.10 2024/07/11 13:50:44 tb Exp $
2	.\" OpenSSL 87b81496 Apr 19 12:38:27 2017 -0400	2	.\" OpenSSL 87b81496 Apr 19 12:38:27 2017 -0400
3	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	3	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
4	.\"	4	.\"
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: June 28 2024 $	52	.Dd $Mdocdate: July 11 2024 $
53	.Dt SSL_CTX_SET_ALPN_SELECT_CB 3	53	.Dt SSL_CTX_SET_ALPN_SELECT_CB 3
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -85,10 +85,10 @@
85	.Fo SSL_select_next_proto	85	.Fo SSL_select_next_proto
86	.Fa "unsigned char **out"	86	.Fa "unsigned char **out"
87	.Fa "unsigned char *outlen"	87	.Fa "unsigned char *outlen"
88	.Fa "const unsigned char *server"	88	.Fa "const unsigned char *peer_list"
89	.Fa "unsigned int server_len"	89	.Fa "unsigned int peer_list_len"
90	.Fa "const unsigned char *client"	90	.Fa "const unsigned char *supported_list"
91	.Fa "unsigned int client_len"	91	.Fa "unsigned int supported_list_len"
92	.Fc	92	.Fc
93	.Ft void	93	.Ft void
94	.Fo SSL_get0_alpn_selected	94	.Fo SSL_get0_alpn_selected
@@ -149,7 +149,6 @@ parameter is the pointer set via
149	.Pp	149	.Pp
150	.Fn SSL_select_next_proto	150	.Fn SSL_select_next_proto
151	is a helper function used to select protocols.	151	is a helper function used to select protocols.
152	It implements the standard protocol selection.
153	It is expected that this function is called from the application	152	It is expected that this function is called from the application
154	callback	153	callback
155	.Fa cb .	154	.Fa cb .
@@ -163,32 +162,30 @@ should ignore
163	and fail by returning	162	and fail by returning
164	.Dv SSL_TLSEXT_ERR_ALERT_FATAL .	163	.Dv SSL_TLSEXT_ERR_ALERT_FATAL .
165	The protocol data in	164	The protocol data in
166	.Fa server ,	165	.Fa peer_list ,
167	.Fa server_len	166	.Fa peer_list_len
168	and	167	and
169	.Fa client ,	168	.Fa supported_list ,
170	.Fa client_len	169	.Fa supported_list_len
171	must be in the protocol-list format described below.	170	must be two non-empty lists, validly encoded
		171	in the protocol-list format described below.
172	The first item in the	172	The first item in the
173	.Fa server ,	173	.Fa peer_list
174	.Fa server_len	174	that matches an item in the
175	list that matches an item in the	175	.Fa supported_list
176	.Fa client ,	176	is selected, and returned in
177	.Fa client_len
178	list is selected, and returned in
179	.Fa out ,	177	.Fa out ,
180	.Fa outlen .	178	.Fa outlen .
181	The	179	The
182	.Fa out	180	.Fa out
183	value will point into either	181	value will point into either
184	.Fa server	182	.Fa peer_list
185	or	183	or
186	.Fa client ,	184	.Fa supported_list ,
187	so it must not be modified and	185	so it must not be modified and
188	should be copied immediately.	186	should be copied immediately.
189	If no match is found, the first item in	187	If no match is found, the first item in
190	.Fa client ,	188	.Fa supported_list
191	.Fa client_len
192	is returned in	189	is returned in
193	.Fa out ,	190	.Fa out ,
194	.Fa outlen .	191	.Fa outlen .
@@ -213,17 +210,13 @@ of non-empty, 8-bit length-prefixed byte strings.
213	The length-prefix byte is not included in the length.	210	The length-prefix byte is not included in the length.
214	Each string is limited to 255 bytes.	211	Each string is limited to 255 bytes.
215	A byte-string length of 0 is invalid.	212	A byte-string length of 0 is invalid.
216	A truncated byte-string is invalid.
217	The length of the vector is not in the vector itself, but in a separate	213	The length of the vector is not in the vector itself, but in a separate
218	variable.	214	variable.
219	.Pp	215	.Pp
220	For example:	216	For example:
221	.Bd -literal	217	.Bd -literal
222	unsigned char vector[] = {	218	const unsigned char *vector = "\e6" "spdy/1" "\e8" "http/1.1";
223	6, 's', 'p', 'd', 'y', '/', '1',	219	unsigned int length = strlen(vector);
224	8, 'h', 't', 't', 'p', '/', '1', '.', '1'
225	};
226	unsigned int length = sizeof(vector);
227	.Ed	220	.Ed
228	.Pp	221	.Pp
229	The ALPN callback is executed after the servername callback; as that	222	The ALPN callback is executed after the servername callback; as that
@@ -249,8 +242,8 @@ A match was found and is returned in
249	.It OPENSSL_NPN_NO_OVERLAP	242	.It OPENSSL_NPN_NO_OVERLAP
250	No match was found.	243	No match was found.
251	The first item in	244	The first item in
252	.Fa client ,	245	.Fa supported_list ,
253	.Fa client_len	246	.Fa supported_list_len
254	is returned in	247	is returned in
255	.Fa out ,	248	.Fa out ,
256	.Fa outlen .	249	.Fa outlen .
@@ -273,6 +266,16 @@ configured for this connection.
273	.Xr ssl 3 ,	266	.Xr ssl 3 ,
274	.Xr SSL_CTX_set_tlsext_servername_arg 3 ,	267	.Xr SSL_CTX_set_tlsext_servername_arg 3 ,
275	.Xr SSL_CTX_set_tlsext_servername_callback 3	268	.Xr SSL_CTX_set_tlsext_servername_callback 3
		269	.Sh STANDARDS
		270	.Rs
		271	.%T TLS Application-Layer Protocol Negotiation Extension
		272	.%R RFC 7301
		273	.Re
		274	.Pp
		275	.Rs
		276	.%T TLS Next Protocol Negotiation Extension
		277	.%U https://datatracker.ietf.org/doc/html/draft-agl-tls-nextprotoneg
		278	.Re
276	.Sh HISTORY	279	.Sh HISTORY
277	.Fn SSL_select_next_proto	280	.Fn SSL_select_next_proto
278	first appeared in OpenSSL 1.0.1 and has been available since	281	first appeared in OpenSSL 1.0.1 and has been available since
@@ -285,3 +288,18 @@ and
285	.Fn SSL_get0_alpn_selected	288	.Fn SSL_get0_alpn_selected
286	first appeared in OpenSSL 1.0.2 and have been available since	289	first appeared in OpenSSL 1.0.2 and have been available since
287	.Ox 5.7 .	290	.Ox 5.7 .
		291	.Sh CAVEATS
		292	The fallback to the first supported protocol in
		293	.Fn SSL_select_next_proto
		294	comes from the opportunistic fallback mechanism in the NPN extension.
		295	This behavior does not make sense for ALPN,
		296	where missing protocol overlap should result in a handshake failure.
		297	To avoid accidental selection of a protocol that the server does not
		298	support, it is recommended to pass the locally configured protocols
		299	as second pair of protocols in the ALPN callback.
		300	.Sh BUGS
		301	The
		302	.Fa out
		303	argument of
		304	.Fn SSL_select_next_proto
		305	should have been const.