|
|
|
@ -1,10 +1,72 @@
|
|
|
|
|
This file is part of MXE.
|
|
|
|
|
See index.html for further information.
|
|
|
|
|
|
|
|
|
|
diff -uNPr a/doc/apps/cms.pod b/doc/apps/cms.pod
|
|
|
|
|
--- a/doc/apps/cms.pod 2013-02-11 15:26:04.000000000 +0000
|
|
|
|
|
+++ b/doc/apps/cms.pod 2013-06-01 22:08:31.005787054 +0100
|
|
|
|
|
@@ -450,28 +450,28 @@
|
|
|
|
|
From fa1d94198fa75abfdb2e3fdbe071d37677347375 Mon Sep 17 00:00:00 2001
|
|
|
|
|
From: Mark Brand <mabrand@mabrand.nl>
|
|
|
|
|
Date: Wed, 8 Jan 2014 02:19:10 +0100
|
|
|
|
|
Subject: [PATCH 1/2] winsock2
|
|
|
|
|
|
|
|
|
|
-This patch has been taken from:
|
|
|
|
|
-http://rt.openssl.org/Ticket/Display.html?id=2285&user=guest&pass=guest
|
|
|
|
|
|
|
|
|
|
diff --git a/e_os.h b/e_os.h
|
|
|
|
|
index 79c1392..efe345f 100644
|
|
|
|
|
--- a/e_os.h
|
|
|
|
|
+++ b/e_os.h
|
|
|
|
|
@@ -492,7 +492,7 @@ static unsigned int _strlen31(const char *str)
|
|
|
|
|
# endif
|
|
|
|
|
# if !defined(IPPROTO_IP)
|
|
|
|
|
/* winsock[2].h was included already? */
|
|
|
|
|
-# include <winsock.h>
|
|
|
|
|
+# include <winsock2.h>
|
|
|
|
|
# endif
|
|
|
|
|
# ifdef getservbyname
|
|
|
|
|
# undef getservbyname
|
|
|
|
|
diff --git a/ssl/dtls1.h b/ssl/dtls1.h
|
|
|
|
|
index e65d501..7762089 100644
|
|
|
|
|
--- a/ssl/dtls1.h
|
|
|
|
|
+++ b/ssl/dtls1.h
|
|
|
|
|
@@ -68,7 +68,7 @@
|
|
|
|
|
#endif
|
|
|
|
|
#ifdef OPENSSL_SYS_WIN32
|
|
|
|
|
/* Needed for struct timeval */
|
|
|
|
|
-#include <winsock.h>
|
|
|
|
|
+#include <winsock2.h>
|
|
|
|
|
#elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
|
|
|
|
|
#include <sys/timeval.h>
|
|
|
|
|
#else
|
|
|
|
|
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
|
|
|
|
|
index 4f80be8..af5f1be 100644
|
|
|
|
|
--- a/ssl/ssltest.c
|
|
|
|
|
+++ b/ssl/ssltest.c
|
|
|
|
|
@@ -193,7 +193,7 @@
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifdef OPENSSL_SYS_WINDOWS
|
|
|
|
|
-#include <winsock.h>
|
|
|
|
|
+#include <winsock2.h>
|
|
|
|
|
#else
|
|
|
|
|
#include OPENSSL_UNISTD
|
|
|
|
|
#endif
|
|
|
|
|
--
|
|
|
|
|
1.8.4
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
From ea68b7956d716fe09d7b47764e32127f5c1d0f10 Mon Sep 17 00:00:00 2001
|
|
|
|
|
From: Tom Molesworth <tom@entitymodel.com>
|
|
|
|
|
Date: Wed, 8 Jan 2014 02:20:21 +0100
|
|
|
|
|
Subject: [PATCH 2/2] Patch OpenSSL POD docs for perl-5.16+
|
|
|
|
|
|
|
|
|
|
Stricter validation in recent Perl versions means the install
|
|
|
|
|
stage fails without these applied.
|
|
|
|
|
|
|
|
|
|
Should be harmless for earlier versions of perl.
|
|
|
|
|
|
|
|
|
|
diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod
|
|
|
|
|
index a09588a..a8301c7 100644
|
|
|
|
|
--- a/doc/apps/cms.pod
|
|
|
|
|
+++ b/doc/apps/cms.pod
|
|
|
|
|
@@ -450,28 +450,28 @@ remains DER.
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -39,10 +101,11 @@ diff -uNPr a/doc/apps/cms.pod b/doc/apps/cms.pod
|
|
|
|
|
|
|
|
|
|
the message was verified correctly but an error occurred writing out
|
|
|
|
|
the signers certificates.
|
|
|
|
|
diff -uNPr a/doc/apps/smime.pod b/doc/apps/smime.pod
|
|
|
|
|
--- a/doc/apps/smime.pod 2013-02-11 15:26:04.000000000 +0000
|
|
|
|
|
+++ b/doc/apps/smime.pod 2013-06-01 22:09:26.732719037 +0100
|
|
|
|
|
@@ -308,28 +308,28 @@
|
|
|
|
|
diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod
|
|
|
|
|
index e4e89af..617343f 100644
|
|
|
|
|
--- a/doc/apps/smime.pod
|
|
|
|
|
+++ b/doc/apps/smime.pod
|
|
|
|
|
@@ -308,28 +308,28 @@ remains DER.
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -77,10 +140,11 @@ diff -uNPr a/doc/apps/smime.pod b/doc/apps/smime.pod
|
|
|
|
|
|
|
|
|
|
the message was verified correctly but an error occurred writing out
|
|
|
|
|
the signers certificates.
|
|
|
|
|
diff -uNPr a/doc/crypto/rand.pod b/doc/crypto/rand.pod
|
|
|
|
|
--- a/doc/crypto/rand.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/crypto/rand.pod 2013-06-01 22:15:07.474188667 +0100
|
|
|
|
|
@@ -74,17 +74,14 @@
|
|
|
|
|
diff --git a/doc/crypto/rand.pod b/doc/crypto/rand.pod
|
|
|
|
|
index 1c068c8..801ef88 100644
|
|
|
|
|
--- a/doc/crypto/rand.pod
|
|
|
|
|
+++ b/doc/crypto/rand.pod
|
|
|
|
|
@@ -74,17 +74,14 @@ First up I will state the things I believe I need for a good RNG.
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -101,7 +165,7 @@ diff -uNPr a/doc/crypto/rand.pod b/doc/crypto/rand.pod
|
|
|
|
|
The state should be very large. If the RNG is being used to generate
|
|
|
|
|
4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
|
|
|
|
|
If your RNG state only has 128 bits, you are obviously limiting the
|
|
|
|
|
@@ -93,14 +90,12 @@
|
|
|
|
|
@@ -93,14 +90,12 @@ carried away on this last point but it does indicate that it may not be
|
|
|
|
|
a bad idea to keep quite a lot of RNG state. It should be easier to
|
|
|
|
|
break a cipher than guess the RNG seed data.
|
|
|
|
|
|
|
|
|
@ -118,7 +182,7 @@ diff -uNPr a/doc/crypto/rand.pod b/doc/crypto/rand.pod
|
|
|
|
|
When using data to seed the RNG state, the data used should not be
|
|
|
|
|
extractable from the RNG state. I believe this should be a
|
|
|
|
|
requirement because one possible source of 'secret' semi random
|
|
|
|
|
@@ -108,13 +103,11 @@
|
|
|
|
|
@@ -108,13 +103,11 @@ data would be a private key or a password. This data must
|
|
|
|
|
not be disclosed by either subsequent random numbers or a
|
|
|
|
|
'core' dump left by a program crash.
|
|
|
|
|
|
|
|
|
@ -134,66 +198,11 @@ diff -uNPr a/doc/crypto/rand.pod b/doc/crypto/rand.pod
|
|
|
|
|
Given the random number output stream, it should not be possible to determine
|
|
|
|
|
the RNG state or the next random number.
|
|
|
|
|
|
|
|
|
|
diff -uNPr a/doc/crypto/X509_STORE_CTX_get_error.pod b/doc/crypto/X509_STORE_CTX_get_error.pod
|
|
|
|
|
--- a/doc/crypto/X509_STORE_CTX_get_error.pod 2013-02-11 15:26:04.000000000 +0000
|
|
|
|
|
+++ b/doc/crypto/X509_STORE_CTX_get_error.pod 2013-06-01 22:11:00.014931266 +0100
|
|
|
|
|
@@ -278,6 +278,8 @@
|
|
|
|
|
an application specific error. This will never be returned unless explicitly
|
|
|
|
|
set by an application.
|
|
|
|
|
|
|
|
|
|
+=back
|
|
|
|
|
+
|
|
|
|
|
=head1 NOTES
|
|
|
|
|
|
|
|
|
|
The above functions should be used instead of directly referencing the fields
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod
|
|
|
|
|
--- a/doc/ssl/SSL_accept.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_accept.pod 2013-06-01 22:21:46.302545052 +0100
|
|
|
|
|
@@ -44,18 +44,16 @@
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
-
|
|
|
|
|
+=item * 1
|
|
|
|
|
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
|
|
|
|
established.
|
|
|
|
|
|
|
|
|
|
-=item 0
|
|
|
|
|
-
|
|
|
|
|
+=item * 0
|
|
|
|
|
The TLS/SSL handshake was not successful but was shut down controlled and
|
|
|
|
|
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
|
|
|
|
return value B<ret> to find out the reason.
|
|
|
|
|
|
|
|
|
|
-=item E<lt>0
|
|
|
|
|
+=item * E<lt>0
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was not successful because a fatal error occurred either
|
|
|
|
|
at the protocol level or a connection failure occurred. The shutdown was
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_clear.pod b/doc/ssl/SSL_clear.pod
|
|
|
|
|
--- a/doc/ssl/SSL_clear.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_clear.pod 2013-06-01 22:15:07.474188667 +0100
|
|
|
|
|
@@ -56,13 +56,11 @@
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item 0
|
|
|
|
|
-
|
|
|
|
|
+=item * 0
|
|
|
|
|
The SSL_clear() operation could not be performed. Check the error stack to
|
|
|
|
|
find out the reason.
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
-
|
|
|
|
|
+=item * 1
|
|
|
|
|
The SSL_clear() operation was successful.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_COMP_add_compression_method.pod b/doc/ssl/SSL_COMP_add_compression_method.pod
|
|
|
|
|
--- a/doc/ssl/SSL_COMP_add_compression_method.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_COMP_add_compression_method.pod 2013-06-01 22:12:10.753575547 +0100
|
|
|
|
|
@@ -53,11 +53,11 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_COMP_add_compression_method.pod b/doc/ssl/SSL_COMP_add_compression_method.pod
|
|
|
|
|
index 42fa66b..d531299 100644
|
|
|
|
|
--- a/doc/ssl/SSL_COMP_add_compression_method.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_COMP_add_compression_method.pod
|
|
|
|
|
@@ -53,11 +53,11 @@ SSL_COMP_add_compression_method() may return the following values:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -207,35 +216,11 @@ diff -uNPr a/doc/ssl/SSL_COMP_add_compression_method.pod b/doc/ssl/SSL_COMP_add_
|
|
|
|
|
|
|
|
|
|
The operation failed. Check the error queue to find out the reason.
|
|
|
|
|
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_connect.pod b/doc/ssl/SSL_connect.pod
|
|
|
|
|
--- a/doc/ssl/SSL_connect.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_connect.pod 2013-06-01 22:22:44.109437174 +0100
|
|
|
|
|
@@ -41,18 +41,16 @@
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
-
|
|
|
|
|
+=item * 1
|
|
|
|
|
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
|
|
|
|
established.
|
|
|
|
|
|
|
|
|
|
-=item 0
|
|
|
|
|
-
|
|
|
|
|
+=item * 0
|
|
|
|
|
The TLS/SSL handshake was not successful but was shut down controlled and
|
|
|
|
|
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
|
|
|
|
return value B<ret> to find out the reason.
|
|
|
|
|
|
|
|
|
|
-=item E<lt>0
|
|
|
|
|
+=item * E<lt>0
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was not successful, because a fatal error occurred either
|
|
|
|
|
at the protocol level or a connection failure occurred. The shutdown was
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_CTX_add_session.pod b/doc/ssl/SSL_CTX_add_session.pod
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_add_session.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_add_session.pod 2013-06-01 22:13:06.396509142 +0100
|
|
|
|
|
@@ -52,15 +52,15 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_CTX_add_session.pod b/doc/ssl/SSL_CTX_add_session.pod
|
|
|
|
|
index 82676b2..ca89dcc 100644
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_add_session.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_add_session.pod
|
|
|
|
|
@@ -52,15 +52,15 @@ The following values are returned by all functions:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -257,10 +242,11 @@ diff -uNPr a/doc/ssl/SSL_CTX_add_session.pod b/doc/ssl/SSL_CTX_add_session.pod
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_load_verify_locations.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_load_verify_locations.pod 2013-06-01 22:13:55.759563092 +0100
|
|
|
|
|
@@ -100,13 +100,13 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod
|
|
|
|
|
index 84a799f..66031d4 100644
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_load_verify_locations.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_load_verify_locations.pod
|
|
|
|
|
@@ -100,13 +100,13 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -276,28 +262,31 @@ diff -uNPr a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_ve
|
|
|
|
|
|
|
|
|
|
The operation succeeded.
|
|
|
|
|
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_CTX_set_client_CA_list.pod b/doc/ssl/SSL_CTX_set_client_CA_list.pod
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_set_client_CA_list.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_set_client_CA_list.pod 2013-06-01 22:15:07.470188744 +0100
|
|
|
|
|
@@ -66,12 +66,10 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_CTX_set_client_CA_list.pod b/doc/ssl/SSL_CTX_set_client_CA_list.pod
|
|
|
|
|
index 5e66133..2874fb8 100644
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_set_client_CA_list.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_set_client_CA_list.pod
|
|
|
|
|
@@ -66,13 +66,13 @@ values:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
-
|
|
|
|
|
+=item * 1
|
|
|
|
|
The operation succeeded.
|
|
|
|
|
|
|
|
|
|
-=item 0
|
|
|
|
|
-
|
|
|
|
|
+=item * 0
|
|
|
|
|
|
|
|
|
|
A failure while manipulating the STACK_OF(X509_NAME) object occurred or
|
|
|
|
|
the X509_NAME could not be extracted from B<cacert>. Check the error stack
|
|
|
|
|
to find out the reason.
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_CTX_set_session_id_context.pod b/doc/ssl/SSL_CTX_set_session_id_context.pod
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_set_session_id_context.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_set_session_id_context.pod 2013-06-01 22:15:07.470188744 +0100
|
|
|
|
|
@@ -64,14 +64,12 @@
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
+=item * 1
|
|
|
|
|
|
|
|
|
|
The operation succeeded.
|
|
|
|
|
|
|
|
|
|
diff --git a/doc/ssl/SSL_CTX_set_session_id_context.pod b/doc/ssl/SSL_CTX_set_session_id_context.pod
|
|
|
|
|
index 58fc685..b3306aa 100644
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_set_session_id_context.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_set_session_id_context.pod
|
|
|
|
|
@@ -64,14 +64,12 @@ return the following values:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -314,10 +303,11 @@ diff -uNPr a/doc/ssl/SSL_CTX_set_session_id_context.pod b/doc/ssl/SSL_CTX_set_se
|
|
|
|
|
The operation succeeded.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_CTX_set_ssl_version.pod b/doc/ssl/SSL_CTX_set_ssl_version.pod
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_set_ssl_version.pod 2013-02-11 15:26:04.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_set_ssl_version.pod 2013-06-01 22:15:07.470188744 +0100
|
|
|
|
|
@@ -42,12 +42,10 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_CTX_set_ssl_version.pod b/doc/ssl/SSL_CTX_set_ssl_version.pod
|
|
|
|
|
index 254f2b4..21df5a2 100644
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_set_ssl_version.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_set_ssl_version.pod
|
|
|
|
|
@@ -42,12 +42,10 @@ and SSL_set_ssl_method():
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -332,21 +322,20 @@ diff -uNPr a/doc/ssl/SSL_CTX_set_ssl_version.pod b/doc/ssl/SSL_CTX_set_ssl_versi
|
|
|
|
|
The operation succeeded.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2013-02-11 15:26:04.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2013-06-01 22:16:32.156565713 +0100
|
|
|
|
|
@@ -81,7 +81,9 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
|
|
|
|
|
index 7e60df5..77e2139 100644
|
|
|
|
|
--- a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
|
|
|
|
|
@@ -83,7 +83,7 @@ Return values from the server callback are interpreted as follows:
|
|
|
|
|
|
|
|
|
|
Return values from the server callback are interpreted as follows:
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item > 0
|
|
|
|
|
+=over 4
|
|
|
|
|
+
|
|
|
|
|
+=item * > 0
|
|
|
|
|
|
|
|
|
|
PSK identity was found and the server callback has provided the PSK
|
|
|
|
|
successfully in parameter B<psk>. Return value is the length of
|
|
|
|
|
@@ -94,9 +96,11 @@
|
|
|
|
|
@@ -96,7 +96,7 @@ data to B<psk> and return the length of the random data, so the
|
|
|
|
|
connection will fail with decryption_error before it will be finished
|
|
|
|
|
completely.
|
|
|
|
|
|
|
|
|
@ -355,39 +344,109 @@ diff -uNPr a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod b/doc/ssl/SSL_CTX_use_psk
|
|
|
|
|
|
|
|
|
|
PSK identity was not found. An "unknown_psk_identity" alert message
|
|
|
|
|
will be sent and the connection setup fails.
|
|
|
|
|
diff --git a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod
|
|
|
|
|
index b1c34d1..b8a2c17 100644
|
|
|
|
|
--- a/doc/ssl/SSL_accept.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_accept.pod
|
|
|
|
|
@@ -44,18 +44,18 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item 0
|
|
|
|
|
+=item * 0
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was not successful but was shut down controlled and
|
|
|
|
|
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
|
|
|
|
return value B<ret> to find out the reason.
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
+=item * 1
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
|
|
|
|
established.
|
|
|
|
|
|
|
|
|
|
-=item E<lt>0
|
|
|
|
|
+=item * E<lt>0
|
|
|
|
|
|
|
|
|
|
+=back
|
|
|
|
|
+
|
|
|
|
|
=cut
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_do_handshake.pod b/doc/ssl/SSL_do_handshake.pod
|
|
|
|
|
--- a/doc/ssl/SSL_do_handshake.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_do_handshake.pod 2013-06-01 22:23:52.496126530 +0100
|
|
|
|
|
@@ -45,18 +45,16 @@
|
|
|
|
|
The TLS/SSL handshake was not successful because a fatal error occurred either
|
|
|
|
|
at the protocol level or a connection failure occurred. The shutdown was
|
|
|
|
|
diff --git a/doc/ssl/SSL_clear.pod b/doc/ssl/SSL_clear.pod
|
|
|
|
|
index d4df1bf..c6416cf 100644
|
|
|
|
|
--- a/doc/ssl/SSL_clear.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_clear.pod
|
|
|
|
|
@@ -56,13 +56,11 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item 0
|
|
|
|
|
-
|
|
|
|
|
+=item * 0
|
|
|
|
|
The SSL_clear() operation could not be performed. Check the error stack to
|
|
|
|
|
find out the reason.
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
-
|
|
|
|
|
+=item * 1
|
|
|
|
|
The SSL_clear() operation was successful.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
diff --git a/doc/ssl/SSL_connect.pod b/doc/ssl/SSL_connect.pod
|
|
|
|
|
index 946ca89..792821e 100644
|
|
|
|
|
--- a/doc/ssl/SSL_connect.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_connect.pod
|
|
|
|
|
@@ -41,18 +41,18 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item 0
|
|
|
|
|
+=item * 0
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was not successful but was shut down controlled and
|
|
|
|
|
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
|
|
|
|
return value B<ret> to find out the reason.
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
+=item * 1
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
|
|
|
|
established.
|
|
|
|
|
|
|
|
|
|
-=item E<lt>0
|
|
|
|
|
+=item * E<lt>0
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was not successful, because a fatal error occurred either
|
|
|
|
|
at the protocol level or a connection failure occurred. The shutdown was
|
|
|
|
|
diff --git a/doc/ssl/SSL_do_handshake.pod b/doc/ssl/SSL_do_handshake.pod
|
|
|
|
|
index 7f8cf24..c46d18d 100644
|
|
|
|
|
--- a/doc/ssl/SSL_do_handshake.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_do_handshake.pod
|
|
|
|
|
@@ -45,18 +45,18 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item 0
|
|
|
|
|
-
|
|
|
|
|
+=item * 0
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was not successful but was shut down controlled and
|
|
|
|
|
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
|
|
|
|
return value B<ret> to find out the reason.
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
+=item * 1
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
|
|
|
|
established.
|
|
|
|
|
|
|
|
|
|
-=item E<lt>0
|
|
|
|
|
+=item * E<lt>0
|
|
|
|
|
|
|
|
|
|
The TLS/SSL handshake was not successful because a fatal error occurred either
|
|
|
|
|
at the protocol level or a connection failure occurred. The shutdown was
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod b/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
|
|
|
|
|
--- a/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod 2013-06-01 22:23:52.496126530 +0100
|
|
|
|
|
@@ -36,11 +36,11 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod b/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
|
|
|
|
|
index 165c6a5..073e99c 100644
|
|
|
|
|
--- a/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
|
|
|
|
|
@@ -36,11 +36,11 @@ before the SSL index is created.
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -401,10 +460,11 @@ diff -uNPr a/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod b/doc/ssl/SSL_get_ex
|
|
|
|
|
|
|
|
|
|
An error occurred, check the error stack for a detailed error message.
|
|
|
|
|
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_get_fd.pod b/doc/ssl/SSL_get_fd.pod
|
|
|
|
|
--- a/doc/ssl/SSL_get_fd.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_get_fd.pod 2013-06-01 22:26:15.961376995 +0100
|
|
|
|
|
@@ -26,12 +26,12 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_get_fd.pod b/doc/ssl/SSL_get_fd.pod
|
|
|
|
|
index 89260b5..1207658 100644
|
|
|
|
|
--- a/doc/ssl/SSL_get_fd.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_get_fd.pod
|
|
|
|
|
@@ -26,12 +26,12 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -419,10 +479,11 @@ diff -uNPr a/doc/ssl/SSL_get_fd.pod b/doc/ssl/SSL_get_fd.pod
|
|
|
|
|
|
|
|
|
|
The file descriptor linked to B<ssl>.
|
|
|
|
|
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
|
|
|
|
|
--- a/doc/ssl/SSL_read.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_read.pod 2013-06-01 22:23:52.496126530 +0100
|
|
|
|
|
@@ -81,13 +81,12 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
|
|
|
|
|
index 7038cd2..de52b49 100644
|
|
|
|
|
--- a/doc/ssl/SSL_read.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_read.pod
|
|
|
|
|
@@ -81,13 +81,12 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -438,7 +499,7 @@ diff -uNPr a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
|
|
|
|
|
The read operation was not successful. The reason may either be a clean
|
|
|
|
|
shutdown due to a "close notify" alert sent by the peer (in which case
|
|
|
|
|
the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set
|
|
|
|
|
@@ -103,7 +102,7 @@
|
|
|
|
|
@@ -103,7 +102,7 @@ only be detected, whether the underlying connection was closed. It cannot
|
|
|
|
|
be checked, whether the closure was initiated by the peer or by something
|
|
|
|
|
else.
|
|
|
|
|
|
|
|
|
@ -447,10 +508,11 @@ diff -uNPr a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
|
|
|
|
|
|
|
|
|
|
The read operation was not successful, because either an error occurred
|
|
|
|
|
or action must be taken by the calling process. Call SSL_get_error() with the
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_session_reused.pod b/doc/ssl/SSL_session_reused.pod
|
|
|
|
|
--- a/doc/ssl/SSL_session_reused.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_session_reused.pod 2013-06-01 22:15:07.474188667 +0100
|
|
|
|
|
@@ -27,12 +27,10 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_session_reused.pod b/doc/ssl/SSL_session_reused.pod
|
|
|
|
|
index da7d062..e55c958 100644
|
|
|
|
|
--- a/doc/ssl/SSL_session_reused.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_session_reused.pod
|
|
|
|
|
@@ -27,12 +27,10 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -465,10 +527,11 @@ diff -uNPr a/doc/ssl/SSL_session_reused.pod b/doc/ssl/SSL_session_reused.pod
|
|
|
|
|
A session was reused.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_set_fd.pod b/doc/ssl/SSL_set_fd.pod
|
|
|
|
|
--- a/doc/ssl/SSL_set_fd.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_set_fd.pod 2013-06-01 22:15:07.470188744 +0100
|
|
|
|
|
@@ -35,12 +35,10 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_set_fd.pod b/doc/ssl/SSL_set_fd.pod
|
|
|
|
|
index 7029112..42bfa1a 100644
|
|
|
|
|
--- a/doc/ssl/SSL_set_fd.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_set_fd.pod
|
|
|
|
|
@@ -35,12 +35,10 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -483,10 +546,11 @@ diff -uNPr a/doc/ssl/SSL_set_fd.pod b/doc/ssl/SSL_set_fd.pod
|
|
|
|
|
The operation succeeded.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_set_session.pod b/doc/ssl/SSL_set_session.pod
|
|
|
|
|
--- a/doc/ssl/SSL_set_session.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_set_session.pod 2013-06-01 22:15:07.470188744 +0100
|
|
|
|
|
@@ -37,12 +37,10 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_set_session.pod b/doc/ssl/SSL_set_session.pod
|
|
|
|
|
index 5f54714..1aeee12 100644
|
|
|
|
|
--- a/doc/ssl/SSL_set_session.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_set_session.pod
|
|
|
|
|
@@ -37,12 +37,10 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -501,10 +565,11 @@ diff -uNPr a/doc/ssl/SSL_set_session.pod b/doc/ssl/SSL_set_session.pod
|
|
|
|
|
The operation succeeded.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_set_shutdown.pod b/doc/ssl/SSL_set_shutdown.pod
|
|
|
|
|
--- a/doc/ssl/SSL_set_shutdown.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_set_shutdown.pod 2013-06-01 22:29:14.361957917 +0100
|
|
|
|
|
@@ -24,16 +24,16 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_set_shutdown.pod b/doc/ssl/SSL_set_shutdown.pod
|
|
|
|
|
index 011a022..6f3e03e 100644
|
|
|
|
|
--- a/doc/ssl/SSL_set_shutdown.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_set_shutdown.pod
|
|
|
|
|
@@ -24,16 +24,16 @@ The shutdown state of an ssl connection is a bitmask of:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -524,36 +589,38 @@ diff -uNPr a/doc/ssl/SSL_set_shutdown.pod b/doc/ssl/SSL_set_shutdown.pod
|
|
|
|
|
|
|
|
|
|
A shutdown alert was received form the peer, either a normal "close notify"
|
|
|
|
|
or a fatal error.
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_shutdown.pod b/doc/ssl/SSL_shutdown.pod
|
|
|
|
|
--- a/doc/ssl/SSL_shutdown.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_shutdown.pod 2013-06-02 01:49:05.023205397 +0100
|
|
|
|
|
@@ -92,19 +92,17 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_shutdown.pod b/doc/ssl/SSL_shutdown.pod
|
|
|
|
|
index 42a89b7..2853e65 100644
|
|
|
|
|
--- a/doc/ssl/SSL_shutdown.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_shutdown.pod
|
|
|
|
|
@@ -92,19 +92,19 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
-
|
|
|
|
|
+=item * 1
|
|
|
|
|
The shutdown was successfully completed. The "close notify" alert was sent
|
|
|
|
|
and the peer's "close notify" alert was received.
|
|
|
|
|
|
|
|
|
|
-=item 0
|
|
|
|
|
-
|
|
|
|
|
+=item * 0
|
|
|
|
|
|
|
|
|
|
The shutdown is not yet finished. Call SSL_shutdown() for a second time,
|
|
|
|
|
if a bidirectional shutdown shall be performed.
|
|
|
|
|
The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
|
|
|
|
|
erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
|
|
|
|
|
|
|
|
|
|
-=item 1
|
|
|
|
|
+=item * 1
|
|
|
|
|
|
|
|
|
|
The shutdown was successfully completed. The "close notify" alert was sent
|
|
|
|
|
and the peer's "close notify" alert was received.
|
|
|
|
|
|
|
|
|
|
-=item -1
|
|
|
|
|
+=item * -1
|
|
|
|
|
|
|
|
|
|
The shutdown was not successful because a fatal error occurred either
|
|
|
|
|
at the protocol level or a connection failure occurred. It can also occur if
|
|
|
|
|
diff -uNPr a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod
|
|
|
|
|
--- a/doc/ssl/SSL_write.pod 2013-02-11 15:02:48.000000000 +0000
|
|
|
|
|
+++ b/doc/ssl/SSL_write.pod 2013-06-01 22:23:52.496126530 +0100
|
|
|
|
|
@@ -74,13 +74,12 @@
|
|
|
|
|
diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod
|
|
|
|
|
index e013c12..b2934b8 100644
|
|
|
|
|
--- a/doc/ssl/SSL_write.pod
|
|
|
|
|
+++ b/doc/ssl/SSL_write.pod
|
|
|
|
|
@@ -74,13 +74,12 @@ The following return values can occur:
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
@ -569,7 +636,7 @@ diff -uNPr a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod
|
|
|
|
|
The write operation was not successful. Probably the underlying connection
|
|
|
|
|
was closed. Call SSL_get_error() with the return value B<ret> to find out,
|
|
|
|
|
whether an error occurred or the connection was shut down cleanly
|
|
|
|
|
@@ -90,7 +89,7 @@
|
|
|
|
|
@@ -90,7 +89,7 @@ SSLv2 (deprecated) does not support a shutdown alert protocol, so it can
|
|
|
|
|
only be detected, whether the underlying connection was closed. It cannot
|
|
|
|
|
be checked, why the closure happened.
|
|
|
|
|
|
|
|
|
@ -578,3 +645,6 @@ diff -uNPr a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod
|
|
|
|
|
|
|
|
|
|
The write operation was not successful, because either an error occurred
|
|
|
|
|
or action must be taken by the calling process. Call SSL_get_error() with the
|
|
|
|
|
--
|
|
|
|
|
1.8.4
|
|
|
|
|
|