diff options
Diffstat (limited to 'openssl/doc/ssl')
20 files changed, 43 insertions, 37 deletions
diff --git a/openssl/doc/ssl/SSL_COMP_add_compression_method.pod b/openssl/doc/ssl/SSL_COMP_add_compression_method.pod index 42fa66b19..f4d191c9b 100644 --- a/openssl/doc/ssl/SSL_COMP_add_compression_method.pod +++ b/openssl/doc/ssl/SSL_COMP_add_compression_method.pod @@ -53,11 +53,11 @@ SSL_COMP_add_compression_method() may return the following values: =over 4 -=item 0 +=item Z<>0 The operation succeeded. -=item 1 +=item Z<>1 The operation failed. Check the error queue to find out the reason. diff --git a/openssl/doc/ssl/SSL_CTX_add_session.pod b/openssl/doc/ssl/SSL_CTX_add_session.pod index 82676b26b..8e0abd36c 100644 --- a/openssl/doc/ssl/SSL_CTX_add_session.pod +++ b/openssl/doc/ssl/SSL_CTX_add_session.pod @@ -52,13 +52,13 @@ The following values are returned by all functions: =over 4 -=item 0 +=item Z<>0 The operation failed. In case of the add operation, it was tried to add the same (identical) session twice. In case of the remove operation, the session was not found in the cache. -=item 1 +=item Z<>1 The operation succeeded. diff --git a/openssl/doc/ssl/SSL_CTX_load_verify_locations.pod b/openssl/doc/ssl/SSL_CTX_load_verify_locations.pod index 84a799fc7..d1d897719 100644 --- a/openssl/doc/ssl/SSL_CTX_load_verify_locations.pod +++ b/openssl/doc/ssl/SSL_CTX_load_verify_locations.pod @@ -100,13 +100,13 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The operation failed because B<CAfile> and B<CApath> are NULL or the processing at one of the locations specified failed. Check the error stack to find out the reason. -=item 1 +=item Z<>1 The operation succeeded. diff --git a/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod b/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod index 5e6613335..5e9739266 100644 --- a/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod +++ b/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod @@ -66,13 +66,13 @@ values: =over 4 -=item 0 +=item Z<>0 A failure while manipulating the STACK_OF(X509_NAME) object occurred or the X509_NAME could not be extracted from B<cacert>. Check the error stack to find out the reason. -=item 1 +=item Z<>1 The operation succeeded. diff --git a/openssl/doc/ssl/SSL_CTX_set_msg_callback.pod b/openssl/doc/ssl/SSL_CTX_set_msg_callback.pod index 0015e6ea7..8b82d94a3 100644 --- a/openssl/doc/ssl/SSL_CTX_set_msg_callback.pod +++ b/openssl/doc/ssl/SSL_CTX_set_msg_callback.pod @@ -11,8 +11,8 @@ SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, SSL_set_msg_callback, SS void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg); - void SSL_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); - void SSL_set_msg_callback_arg(SSL_CTX *ctx, void *arg); + void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); + void SSL_set_msg_callback_arg(SSL *ssl, void *arg); =head1 DESCRIPTION diff --git a/openssl/doc/ssl/SSL_CTX_set_options.pod b/openssl/doc/ssl/SSL_CTX_set_options.pod index fded0601b..d8866927a 100644 --- a/openssl/doc/ssl/SSL_CTX_set_options.pod +++ b/openssl/doc/ssl/SSL_CTX_set_options.pod @@ -112,6 +112,12 @@ vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers. +=item SSL_OP_TLSEXT_PADDING + +Adds a padding extension to ensure the ClientHello size is never between +256 and 511 bytes in length. This is needed as a workaround for some +implementations. + =item SSL_OP_ALL All of the above bug workarounds. diff --git a/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod b/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod index 58fc68550..7c9e51533 100644 --- a/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod +++ b/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod @@ -64,13 +64,13 @@ return the following values: =over 4 -=item 0 +=item Z<>0 The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error is logged to the error stack. -=item 1 +=item Z<>1 The operation succeeded. diff --git a/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod b/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod index 254f2b439..e254f9657 100644 --- a/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod +++ b/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod @@ -42,11 +42,11 @@ and SSL_set_ssl_method(): =over 4 -=item 0 +=item Z<>0 The new choice failed, check the error stack to find out the reason. -=item 1 +=item Z<>1 The operation succeeded. diff --git a/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod b/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod index 7e60df5ba..9da7201a9 100644 --- a/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod +++ b/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod @@ -96,7 +96,7 @@ data to B<psk> and return the length of the random data, so the connection will fail with decryption_error before it will be finished completely. -=item 0 +=item Z<>0 PSK identity was not found. An "unknown_psk_identity" alert message will be sent and the connection setup fails. diff --git a/openssl/doc/ssl/SSL_accept.pod b/openssl/doc/ssl/SSL_accept.pod index b1c34d15b..223944417 100644 --- a/openssl/doc/ssl/SSL_accept.pod +++ b/openssl/doc/ssl/SSL_accept.pod @@ -44,13 +44,13 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value B<ret> to find out the reason. -=item 1 +=item Z<>1 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established. diff --git a/openssl/doc/ssl/SSL_clear.pod b/openssl/doc/ssl/SSL_clear.pod index d4df1bfac..ba192bd51 100644 --- a/openssl/doc/ssl/SSL_clear.pod +++ b/openssl/doc/ssl/SSL_clear.pod @@ -56,12 +56,12 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The SSL_clear() operation could not be performed. Check the error stack to find out the reason. -=item 1 +=item Z<>1 The SSL_clear() operation was successful. diff --git a/openssl/doc/ssl/SSL_connect.pod b/openssl/doc/ssl/SSL_connect.pod index 946ca89d7..68e2b82b8 100644 --- a/openssl/doc/ssl/SSL_connect.pod +++ b/openssl/doc/ssl/SSL_connect.pod @@ -41,13 +41,13 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value B<ret> to find out the reason. -=item 1 +=item Z<>1 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established. diff --git a/openssl/doc/ssl/SSL_do_handshake.pod b/openssl/doc/ssl/SSL_do_handshake.pod index 7f8cf249e..b35ddf5f1 100644 --- a/openssl/doc/ssl/SSL_do_handshake.pod +++ b/openssl/doc/ssl/SSL_do_handshake.pod @@ -45,13 +45,13 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value B<ret> to find out the reason. -=item 1 +=item Z<>1 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established. diff --git a/openssl/doc/ssl/SSL_get_peer_cert_chain.pod b/openssl/doc/ssl/SSL_get_peer_cert_chain.pod index 49fb88f86..059376c76 100644 --- a/openssl/doc/ssl/SSL_get_peer_cert_chain.pod +++ b/openssl/doc/ssl/SSL_get_peer_cert_chain.pod @@ -8,11 +8,11 @@ SSL_get_peer_cert_chain - get the X509 certificate chain of the peer #include <openssl/ssl.h> - STACKOF(X509) *SSL_get_peer_cert_chain(const SSL *ssl); + STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl); =head1 DESCRIPTION -SSL_get_peer_cert_chain() returns a pointer to STACKOF(X509) certificates +SSL_get_peer_cert_chain() returns a pointer to STACK_OF(X509) certificates forming the certificate chain of the peer. If called on the client side, the stack also contains the peer's certificate; if called on the server side, the peer's certificate must be obtained separately using @@ -24,7 +24,7 @@ If the peer did not present a certificate, NULL is returned. The peer certificate chain is not necessarily available after reusing a session, in which case a NULL pointer is returned. -The reference count of the STACKOF(X509) object is not incremented. +The reference count of the STACK_OF(X509) object is not incremented. If the corresponding session is freed, the pointer must not be used any longer. @@ -39,7 +39,7 @@ The following return values can occur: No certificate was presented by the peer or no connection was established or the certificate chain is no longer available when a session is reused. -=item Pointer to a STACKOF(X509) +=item Pointer to a STACK_OF(X509) The return value points to the certificate chain presented by the peer. diff --git a/openssl/doc/ssl/SSL_read.pod b/openssl/doc/ssl/SSL_read.pod index 7038cd2d7..8ca0ce505 100644 --- a/openssl/doc/ssl/SSL_read.pod +++ b/openssl/doc/ssl/SSL_read.pod @@ -86,7 +86,7 @@ The following return values can occur: The read operation was successful; the return value is the number of bytes actually read from the TLS/SSL connection. -=item 0 +=item Z<>0 The read operation was not successful. The reason may either be a clean shutdown due to a "close notify" alert sent by the peer (in which case diff --git a/openssl/doc/ssl/SSL_session_reused.pod b/openssl/doc/ssl/SSL_session_reused.pod index da7d06264..b09d8a71b 100644 --- a/openssl/doc/ssl/SSL_session_reused.pod +++ b/openssl/doc/ssl/SSL_session_reused.pod @@ -27,11 +27,11 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 A new session was negotiated. -=item 1 +=item Z<>1 A session was reused. diff --git a/openssl/doc/ssl/SSL_set_fd.pod b/openssl/doc/ssl/SSL_set_fd.pod index 70291128f..148087160 100644 --- a/openssl/doc/ssl/SSL_set_fd.pod +++ b/openssl/doc/ssl/SSL_set_fd.pod @@ -35,11 +35,11 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The operation failed. Check the error stack to find out why. -=item 1 +=item Z<>1 The operation succeeded. diff --git a/openssl/doc/ssl/SSL_set_session.pod b/openssl/doc/ssl/SSL_set_session.pod index 5f54714ad..197b52183 100644 --- a/openssl/doc/ssl/SSL_set_session.pod +++ b/openssl/doc/ssl/SSL_set_session.pod @@ -37,11 +37,11 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The operation failed; check the error stack to find out the reason. -=item 1 +=item Z<>1 The operation succeeded. diff --git a/openssl/doc/ssl/SSL_shutdown.pod b/openssl/doc/ssl/SSL_shutdown.pod index 42a89b7c6..85d4a64b0 100644 --- a/openssl/doc/ssl/SSL_shutdown.pod +++ b/openssl/doc/ssl/SSL_shutdown.pod @@ -92,14 +92,14 @@ The following return values can occur: =over 4 -=item 0 +=item Z<>0 The shutdown is not yet finished. Call SSL_shutdown() for a second time, if a bidirectional shutdown shall be performed. The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. -=item 1 +=item Z<>1 The shutdown was successfully completed. The "close notify" alert was sent and the peer's "close notify" alert was received. diff --git a/openssl/doc/ssl/SSL_write.pod b/openssl/doc/ssl/SSL_write.pod index e013c12d5..a57617f3e 100644 --- a/openssl/doc/ssl/SSL_write.pod +++ b/openssl/doc/ssl/SSL_write.pod @@ -79,7 +79,7 @@ The following return values can occur: The write operation was successful, the return value is the number of bytes actually written to the TLS/SSL connection. -=item 0 +=item Z<>0 The write operation was not successful. Probably the underlying connection was closed. Call SSL_get_error() with the return value B<ret> to find out, |