From b6cd845f3a7c60079cda7b955e026fb603d03a8c Mon Sep 17 00:00:00 2001 From: schwarze <> Date: Mon, 21 Aug 2017 08:31:19 +0000 Subject: Mention three functions related to protocol selection by the client that are deprecated no-ops in LibreSSL, but that OpenSSL explicitly documented on April 19, 2017, without deprecating them. --- src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 | 51 +++++++++++++++++++++++-- 1 file changed, 48 insertions(+), 3 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 index eb6c543478..175689d79b 100644 --- a/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 +++ b/src/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 @@ -1,4 +1,5 @@ -.\" $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.3 2017/08/12 21:03:08 jsing Exp $ +.\" $OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.4 2017/08/21 08:31:19 schwarze Exp $ +.\" OpenSSL 87b81496 Apr 19 12:38:27 2017 -0400 .\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 .\" .\" This file was written by Todd Short . @@ -48,15 +49,18 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 12 2017 $ +.Dd $Mdocdate: August 21 2017 $ .Dt SSL_CTX_SET_ALPN_SELECT_CB 3 .Os .Sh NAME .Nm SSL_CTX_set_alpn_protos , .Nm SSL_set_alpn_protos , .Nm SSL_CTX_set_alpn_select_cb , +.Nm SSL_CTX_set_next_proto_select_cb , +.Nm SSL_CTX_set_next_protos_advertised_cb , .Nm SSL_select_next_proto , -.Nm SSL_get0_alpn_selected +.Nm SSL_get0_alpn_selected , +.Nm SSL_get0_next_proto_negotiated .Nd handle application layer protocol negotiation (ALPN) .Sh SYNOPSIS .In openssl/ssl.h @@ -80,6 +84,21 @@ unsigned int inlen, void *arg)" .Fa "void *arg" .Fc +.Ft void +.Fo SSL_CTX_set_next_proto_select_cb +.Fa "SSL_CTX *ctx" +.Fa "int (*cb)(SSL *ssl, unsigned char **out,\ + unsigned char *outlen, const unsigned char *in,\ + unsigned int inlen, void *arg)" +.Fa "void *arg" +.Fc +.Ft void +.Fo SSL_CTX_set_next_protos_advertised_cb +.Fa "SSL_CTX *ctx" +.Fa "int (*cb)(SSL *ssl, const unsigned char **out,\ + unsigned char *outlen, void *arg)" +.Fa "void *arg" +.Fc .Ft int .Fo SSL_select_next_proto .Fa "unsigned char **out" @@ -95,6 +114,12 @@ .Fa "const unsigned char **data" .Fa "unsigned int *len" .Fc +.Ft void +.Fo SSL_get0_next_proto_negotiated +.Fa "const SSL *ssl" +.Fa "const unsigned char **data" +.Fa "unsigned int *len" +.Fc .Sh DESCRIPTION .Fn SSL_CTX_set_alpn_protos and @@ -182,6 +207,16 @@ is returned in .Fa out , .Fa outlen . .Pp +.Fn SSL_CTX_set_next_proto_select_cb +is deprecated and has no effect. +It used to set a callback that was called when a client needed to +select a protocol from the server's provided list. +.Pp +.Fn SSL_CTX_set_next_protos_advertised_cb +is deprecated and has no effect. +It used to set a callback that was called when a TLS server needed +a list of supported protocols for Next Protocol Negotiation. +.Pp .Fn SSL_get0_alpn_selected returns a pointer to the selected protocol in .Fa data @@ -197,6 +232,16 @@ is set to 0 if no protocol has been selected. .Fa data must not be freed. .Pp +.Fn SSL_get0_next_proto_negotiated +is deprecated and has no effect except that it always sets +.Pf * Fa data +to +.Dv NULL +and +.Pf * Fa len +to 0. +It used to return the client's requested protocol for this connection. +.Pp The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed byte strings. The length-prefix byte is not included in the length. -- cgit v1.2.3-55-g6feb