From e8801f3f365431a170f57db622a9de49fcc59e24 Mon Sep 17 00:00:00 2001 From: jim <> Date: Sun, 4 May 2014 21:08:16 +0000 Subject: Remove trailing whitespace. ok jmc@ --- src/lib/libssl/src/doc/ssl/BIO_f_ssl.pod | 12 ++++++------ src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.pod | 2 +- .../libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.pod | 4 ++-- src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod | 4 ++-- src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod | 2 +- .../libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod | 4 ++-- src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod | 8 ++++---- src/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_accept.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_alert_type_string.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_connect.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_get_current_cipher.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_library_init.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.pod | 2 +- src/lib/libssl/src/doc/ssl/SSL_read.pod | 4 ++-- src/lib/libssl/src/doc/ssl/SSL_shutdown.pod | 4 ++-- src/lib/libssl/src/doc/ssl/SSL_write.pod | 4 ++-- 22 files changed, 36 insertions(+), 36 deletions(-) diff --git a/src/lib/libssl/src/doc/ssl/BIO_f_ssl.pod b/src/lib/libssl/src/doc/ssl/BIO_f_ssl.pod index bc5861ab34..9b5ed719b4 100644 --- a/src/lib/libssl/src/doc/ssl/BIO_f_ssl.pod +++ b/src/lib/libssl/src/doc/ssl/BIO_f_ssl.pod @@ -36,7 +36,7 @@ BIO_ssl_shutdown - SSL BIO BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO "flavour" to -SSL I/O. +SSL I/O. I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established @@ -63,7 +63,7 @@ BIO_set_ssl_mode() sets the SSL BIO mode to B. If B is 1 client mode is set. If B is 0 server mode is set. BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count -to B. When set after every B bytes of I/O (read and write) +to B. When set after every B bytes of I/O (read and write) the SSL session is automatically renegotiated. B must be at least 512 bytes. @@ -84,7 +84,7 @@ BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using B) and a connect BIO. -BIO_ssl_copy_session_id() copies an SSL session id between +BIO_ssl_copy_session_id() copies an SSL session id between BIO chains B and B. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer. @@ -187,7 +187,7 @@ unencrypted example in L. /* Could examine ssl here to get connection info */ BIO_puts(sbio, "GET / HTTP/1.0\n\n"); - for(;;) { + for(;;) { len = BIO_read(sbio, tmpbuf, 1024); if(len <= 0) break; BIO_write(out, tmpbuf, len); @@ -252,9 +252,9 @@ a client and also echoes the request to standard output. /* By doing this when a new connection is established * we automatically have sbio inserted into it. The * BIO chain is now 'swallowed' by the accept BIO and - * will be freed when the accept BIO is freed. + * will be freed when the accept BIO is freed. */ - + BIO_set_accept_bios(acpt,sbio); out = BIO_new_fp(stdout, BIO_NOCLOSE); diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod index fd927f8d7d..03d03ec9d2 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod @@ -59,7 +59,7 @@ The following values are returned by all functions: session was not found in the cache. =item C<1> - + The operation succeeded. =back diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.pod index 148c36c871..833a3af14d 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.pod @@ -26,7 +26,7 @@ As sessions will not be reused ones they are expired, they should be removed from the cache to save resources. This can either be done automatically whenever 255 new sessions were established (see L) -or manually by calling SSL_CTX_flush_sessions(). +or manually by calling SSL_CTX_flush_sessions(). The parameter B specifies the time which should be used for the expiration test, in most cases the actual time given by time(0) diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.pod index c0f4f85708..29a4a7c375 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.pod @@ -26,7 +26,7 @@ SSL_CTX_set_cert_verify_callback(), the supplied callback function is called instead. By setting I to NULL, the default behaviour is restored. When the verification must be performed, I will be called with -the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The +the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The argument I is specified by the application when setting I. I should return 1 to indicate verification success and 0 to @@ -35,7 +35,7 @@ returns 0, the handshake will fail. As the verification procedure may allow to continue the connection in case of failure (by always returning 1) the verification result must be set in any case using the B member of I so that the calling application will be informed -about the detailed result of the verification procedure! +about the detailed result of the verification procedure! Within I, I has access to the I function set using L. diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod index bcf35dc85b..a68fbd09ee 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod @@ -9,7 +9,7 @@ client certificate =head1 SYNOPSIS #include - + void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list); void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list); int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert); @@ -42,7 +42,7 @@ This list must explicitly be set using SSL_CTX_set_client_CA_list() for B and SSL_set_client_CA_list() for the specific B. The list specified overrides the previous setting. The CAs listed do not become trusted (B only contains the names, not the complete certificates); use -L +L to additionally load them for verification. If the list of acceptable CAs is compiled in a file, the diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod index 8cb669daeb..0191a846a7 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod @@ -66,7 +66,7 @@ return after the handshake and successful completion. When we no longer need a read buffer or a write buffer for a given SSL, then release the memory we were using to hold it. Released memory is either appended to a list of unused RAM chunks on the SSL_CTX, or simply -freed if the list of unused chunks would become longer than +freed if the list of unused chunks would become longer than SSL_CTX->freelist_max_len, which defaults to 32. Using this flag can save around 34k per idle SSL connection. This flag has no effect on SSL v2 connections, or on DTLS connections. diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod index 935c9cd09b..434b452c57 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod @@ -174,7 +174,7 @@ will send its list of preferences to the client and the client chooses. If we accept a netscape connection, demand a client cert, have a non-self-signed CA which does not have its CA in netscape, and the -browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta +browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta =item SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod index c5d2f43dff..4c5d52ba4e 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod @@ -26,7 +26,7 @@ SSL_CTX object is being maintained, the sessions are unique for each SSL_CTX object. In order to reuse a session, a client must send the session's id to the -server. It can only send exactly one id. The server then either +server. It can only send exactly one id. The server then either agrees to reuse the session or it starts a full handshake (to create a new session). diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod index 29d1f8a6fb..974f1e1829 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod @@ -141,7 +141,7 @@ partly left out.) dh_tmp = dh_512; break; case 1024: - if (!dh_1024) + if (!dh_1024) dh_1024 = get_dh1024(); dh_tmp = dh_1024; break; diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod index 6fd6c03215..177c59f484 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod @@ -221,7 +221,7 @@ L). preverify_ok = 0; err = X509_V_ERR_CERT_CHAIN_TOO_LONG; X509_STORE_CTX_set_error(ctx, err); - } + } if (!preverify_ok) { printf("verify error:num=%d:%s:depth=%d:%s\n", err, X509_verify_cert_error_string(err), depth, buf); @@ -269,7 +269,7 @@ L). */ mydata.verify_depth = verify_depth; ... SSL_set_ex_data(ssl, mydata_index, &mydata); - + ... SSL_accept(ssl); /* check of success left out for clarity */ if (peer = SSL_get_peer_certificate(ssl)) diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod index 10be95fdb1..a3b2cf1eb5 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod @@ -66,7 +66,7 @@ SSL_use_certificate_file() loads the certificate from B into B. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred. -SSL_CTX_use_certificate_chain_file() loads a certificate chain from +SSL_CTX_use_certificate_chain_file() loads a certificate chain from B into B. The certificates must be in PEM format and must be sorted starting with the subject's certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and @@ -81,7 +81,7 @@ If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with -SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey(). +SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey(). SSL_CTX_use_PrivateKey_ASN1() adds the private key of type B @@ -108,7 +108,7 @@ the same check for B. If no key/certificate was explicitly added for this B, the last item added into B will be checked. =head1 NOTES - + The internal certificate store of OpenSSL can hold two private key/certificate pairs at a time: one key/certificate of type RSA and one key/certificate of type DSA. The certificate used depends on the cipher select, see @@ -116,7 +116,7 @@ also L. When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as B, binary encoding) can only contain -one certificate or private key, consequently +one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item. diff --git a/src/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.pod b/src/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.pod index 490337a32f..450a0127b9 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.pod @@ -52,7 +52,7 @@ valid values. SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success. -If any of the function is passed the NULL pointer for the session B, +If any of the function is passed the NULL pointer for the session B, 0 is returned. =head1 SEE ALSO diff --git a/src/lib/libssl/src/doc/ssl/SSL_accept.pod b/src/lib/libssl/src/doc/ssl/SSL_accept.pod index 288203f8af..42a539d354 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_accept.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_accept.pod @@ -18,7 +18,7 @@ B by setting an underlying B. =head1 NOTES -The behaviour of SSL_accept() depends on the underlying BIO. +The behaviour of SSL_accept() depends on the underlying BIO. If the underlying BIO is B, SSL_accept() will only return once the handshake has been finished or an error occurred, except for SGC (Server diff --git a/src/lib/libssl/src/doc/ssl/SSL_alert_type_string.pod b/src/lib/libssl/src/doc/ssl/SSL_alert_type_string.pod index 0329c34869..8e071e6119 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_alert_type_string.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_alert_type_string.pod @@ -217,7 +217,7 @@ point. This message is always a warning. =item "UP"/"unknown PSK identity" Sent by the server to indicate that it does not recognize a PSK -identity or an SRP identity. +identity or an SRP identity. =item "UK"/"unknown" diff --git a/src/lib/libssl/src/doc/ssl/SSL_connect.pod b/src/lib/libssl/src/doc/ssl/SSL_connect.pod index 0087f6b3e1..5b21119a91 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_connect.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_connect.pod @@ -18,7 +18,7 @@ underlying B. =head1 NOTES -The behaviour of SSL_connect() depends on the underlying BIO. +The behaviour of SSL_connect() depends on the underlying BIO. If the underlying BIO is B, SSL_connect() will only return once the handshake has been finished or an error occurred. diff --git a/src/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.pod b/src/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.pod index 68181b2407..8b5ac0df2c 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.pod @@ -9,7 +9,7 @@ SSL_get_client_CA_list, SSL_CTX_get_client_CA_list - get list of client CAs #include STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s); - STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx); + STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx); =head1 DESCRIPTION diff --git a/src/lib/libssl/src/doc/ssl/SSL_get_current_cipher.pod b/src/lib/libssl/src/doc/ssl/SSL_get_current_cipher.pod index e5ab12491e..2f69109a7a 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_get_current_cipher.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_get_current_cipher.pod @@ -27,7 +27,7 @@ the B object. SSL_get_cipher() and SSL_get_cipher_name() are identical macros to obtain the name of the currently used cipher. SSL_get_cipher_bits() is a -macro to obtain the number of secret/algorithm bits used and +macro to obtain the number of secret/algorithm bits used and SSL_get_cipher_version() returns the protocol name. See L for more details. diff --git a/src/lib/libssl/src/doc/ssl/SSL_library_init.pod b/src/lib/libssl/src/doc/ssl/SSL_library_init.pod index 8766776fea..4767c0ba8b 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_library_init.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_library_init.pod @@ -23,7 +23,7 @@ for SSL_library_init(). =head1 NOTES SSL_library_init() must be called before any other action takes place. -SSL_library_init() is not reentrant. +SSL_library_init() is not reentrant. =head1 WARNING diff --git a/src/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.pod b/src/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.pod index 02527dc2ed..5aa2b73447 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.pod @@ -30,7 +30,7 @@ Load names of CAs from file and use it as a client CA list: SSL_CTX *ctx; STACK_OF(X509_NAME) *cert_names; - ... + ... cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem"); if (cert_names != NULL) SSL_CTX_set_client_CA_list(ctx, cert_names); diff --git a/src/lib/libssl/src/doc/ssl/SSL_read.pod b/src/lib/libssl/src/doc/ssl/SSL_read.pod index 5f03ec3559..57dfbdfc28 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_read.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_read.pod @@ -22,7 +22,7 @@ not already explicitly performed by L or L. If the peer requests a re-negotiation, it will be performed transparently during the SSL_read() operation. The behaviour of SSL_read() depends on the -underlying BIO. +underlying BIO. For the transparent negotiation to succeed, the B must have been initialized to client or server mode. This is being done by calling @@ -47,7 +47,7 @@ record is complete and SSL_read() can succeed. If the underlying BIO is B, SSL_read() will only return, once the read operation has been finished or an error occurred, except when a -renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. +renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the L call. diff --git a/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod b/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod index d86ac7cb13..50f47c20d7 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod @@ -12,7 +12,7 @@ SSL_shutdown - shut down a TLS/SSL connection =head1 DESCRIPTION -SSL_shutdown() shuts down an active TLS/SSL connection. It sends the +SSL_shutdown() shuts down an active TLS/SSL connection. It sends the "close notify" shutdown alert to the peer. =head1 NOTES @@ -64,7 +64,7 @@ complete (return value of the first call is 0). As the shutdown is not specially handled in the SSLv2 protocol, SSL_shutdown() will succeed on the first call. -The behaviour of SSL_shutdown() additionally depends on the underlying BIO. +The behaviour of SSL_shutdown() additionally depends on the underlying BIO. If the underlying BIO is B, SSL_shutdown() will only return once the handshake step has been finished or an error occurred. diff --git a/src/lib/libssl/src/doc/ssl/SSL_write.pod b/src/lib/libssl/src/doc/ssl/SSL_write.pod index b0f73ae520..f248f7d740 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_write.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_write.pod @@ -22,7 +22,7 @@ not already explicitly performed by L or L. If the peer requests a re-negotiation, it will be performed transparently during the SSL_write() operation. The behaviour of SSL_write() depends on the -underlying BIO. +underlying BIO. For the transparent negotiation to succeed, the B must have been initialized to client or server mode. This is being done by calling @@ -31,7 +31,7 @@ before the first call to an L or SSL_write() function. If the underlying BIO is B, SSL_write() will only return, once the write operation has been finished or an error occurred, except when a -renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. +renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the L call. -- cgit v1.2.3-55-g6feb