|
 |
dad6e3e |
diff -up openssl-1.0.1e/doc/apps/cms.pod.manfix openssl-1.0.1e/doc/apps/cms.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/apps/cms.pod.manfix 2013-02-11 16:26:04.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/apps/cms.pod 2013-09-12 11:17:42.147092310 +0200
|
|
|
dad6e3e |
@@ -450,28 +450,28 @@ remains DER.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
the operation was completely successfully.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
an error occurred parsing the command options.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 2
|
|
|
dad6e3e |
+=item C<2>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
one of the input files could not be read.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 3
|
|
|
dad6e3e |
+=item C<3>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
an error occurred creating the CMS file or when reading the MIME
|
|
|
dad6e3e |
message.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 4
|
|
|
dad6e3e |
+=item C<4>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
an error occurred decrypting or verifying the message.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 5
|
|
|
dad6e3e |
+=item C<5>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
the message was verified correctly but an error occurred writing out
|
|
|
dad6e3e |
the signers certificates.
|
|
|
9b36f08 |
diff -up openssl-1.0.1e/doc/apps/ec.pod.manfix openssl-1.0.1e/doc/apps/ec.pod
|
|
|
9b36f08 |
--- openssl-1.0.1e/doc/apps/ec.pod.manfix 2013-02-11 16:26:04.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/apps/ec.pod 2013-09-12 11:17:42.147092310 +0200
|
|
|
9b36f08 |
@@ -93,10 +93,6 @@ prints out the public, private key compo
|
|
|
9b36f08 |
|
|
|
9b36f08 |
this option prevents output of the encoded version of the key.
|
|
|
9b36f08 |
|
|
|
9b36f08 |
-=item B<-modulus>
|
|
|
9b36f08 |
-
|
|
|
9b36f08 |
-this option prints out the value of the public key component of the key.
|
|
|
9b36f08 |
-
|
|
|
9b36f08 |
=item B<-pubin>
|
|
|
9b36f08 |
|
|
|
9b36f08 |
by default a private key is read from the input file: with this option a
|
|
|
6a0a35e |
diff -up openssl-1.0.1e/doc/apps/openssl.pod.manfix openssl-1.0.1e/doc/apps/openssl.pod
|
|
|
6a0a35e |
--- openssl-1.0.1e/doc/apps/openssl.pod.manfix 2013-02-11 16:26:04.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/apps/openssl.pod 2013-09-12 11:17:42.148092331 +0200
|
|
|
6a0a35e |
@@ -163,7 +163,7 @@ Create or examine a netscape certificate
|
|
|
6a0a35e |
|
|
|
6a0a35e |
Online Certificate Status Protocol utility.
|
|
|
6a0a35e |
|
|
|
6a0a35e |
-=item L<B<passwd>|passwd(1)>
|
|
|
6a0a35e |
+=item L<B<passwd>|sslpasswd(1)>
|
|
|
6a0a35e |
|
|
|
6a0a35e |
Generation of hashed passwords.
|
|
|
6a0a35e |
|
|
|
6a0a35e |
@@ -187,7 +187,7 @@ Public key algorithm parameter managemen
|
|
|
6a0a35e |
|
|
|
6a0a35e |
Public key algorithm cryptographic operation utility.
|
|
|
6a0a35e |
|
|
|
6a0a35e |
-=item L<B<rand>|rand(1)>
|
|
|
6a0a35e |
+=item L<B<rand>|sslrand(1)>
|
|
|
6a0a35e |
|
|
|
6a0a35e |
Generate pseudo-random bytes.
|
|
|
6a0a35e |
|
|
|
6a0a35e |
@@ -401,9 +401,9 @@ L<crl(1)|crl(1)>, L
|
|
|
6a0a35e |
L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
|
|
|
6a0a35e |
L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
|
|
|
6a0a35e |
L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
|
|
|
6a0a35e |
-L<passwd(1)|passwd(1)>,
|
|
|
6a0a35e |
+L<sslpasswd(1)|sslpasswd(1)>,
|
|
|
6a0a35e |
L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
|
|
|
6a0a35e |
-L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
|
|
|
6a0a35e |
+L<sslrand(1)|sslrand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
|
|
|
6a0a35e |
L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
|
|
|
6a0a35e |
L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
|
|
|
6a0a35e |
L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
|
|
|
9b36f08 |
diff -up openssl-1.0.1e/doc/apps/s_client.pod.manfix openssl-1.0.1e/doc/apps/s_client.pod
|
|
|
fa93b62 |
--- openssl-1.0.1e/doc/apps/s_client.pod.manfix 2013-09-12 11:17:41.517078502 +0200
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/apps/s_client.pod 2013-09-12 11:17:42.149092353 +0200
|
|
|
9b36f08 |
@@ -32,9 +32,14 @@ B<openssl> B<s_client>
|
|
|
9b36f08 |
[B<-ssl2>]
|
|
|
9b36f08 |
[B<-ssl3>]
|
|
|
9b36f08 |
[B<-tls1>]
|
|
|
9b36f08 |
+[B<-tls1_1>]
|
|
|
9b36f08 |
+[B<-tls1_2>]
|
|
|
9b36f08 |
+[B<-dtls1>]
|
|
|
9b36f08 |
[B<-no_ssl2>]
|
|
|
9b36f08 |
[B<-no_ssl3>]
|
|
|
9b36f08 |
[B<-no_tls1>]
|
|
|
9b36f08 |
+[B<-no_tls1_1>]
|
|
|
9b36f08 |
+[B<-no_tls1_2>]
|
|
|
9b36f08 |
[B<-bugs>]
|
|
|
9b36f08 |
[B<-cipher cipherlist>]
|
|
|
9b36f08 |
[B<-starttls protocol>]
|
|
|
ae08b15 |
@@ -44,6 +49,7 @@ B<openssl> B<s_client>
|
|
|
ae08b15 |
[B<-sess_out filename>]
|
|
|
ae08b15 |
[B<-sess_in filename>]
|
|
|
ae08b15 |
[B<-rand file(s)>]
|
|
|
ae08b15 |
+[B<-nextprotoneg protocols>]
|
|
|
ae08b15 |
|
|
|
ae08b15 |
=head1 DESCRIPTION
|
|
|
ae08b15 |
|
|
|
ae08b15 |
@@ -182,7 +188,7 @@ Use the PSK key B<key> when using a PSK
|
|
|
9b36f08 |
given as a hexadecimal number without leading 0x, for example -psk
|
|
|
9b36f08 |
1a2b3c4d.
|
|
|
9b36f08 |
|
|
|
9b36f08 |
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
|
|
|
9b36f08 |
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
|
|
|
9b36f08 |
|
|
|
9b36f08 |
these options disable the use of certain SSL or TLS protocols. By default
|
|
|
9b36f08 |
the initial handshake uses a method which should be compatible with all
|
|
|
ae08b15 |
@@ -243,6 +249,17 @@ Multiple files can be specified separate
|
|
|
ae08b15 |
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
|
|
|
ae08b15 |
all others.
|
|
|
ae08b15 |
|
|
|
ae08b15 |
+=item B<-nextprotoneg protocols>
|
|
|
ae08b15 |
+
|
|
|
ae08b15 |
+enable Next Protocol Negotiation TLS extension and provide a list of
|
|
|
ae08b15 |
+comma-separated protocol names that the client should advertise
|
|
|
ae08b15 |
+support for. The list should contain most wanted protocols first.
|
|
|
ae08b15 |
+Protocol names are printable ASCII strings, for example "http/1.1" or
|
|
|
ae08b15 |
+"spdy/3".
|
|
|
ae08b15 |
+Empty list of protocols is treated specially and will cause the client to
|
|
|
ae08b15 |
+advertise support for the TLS extension but disconnect just after
|
|
|
ae08b15 |
+reciving ServerHello with a list of server supported protocols.
|
|
|
ae08b15 |
+
|
|
|
ae08b15 |
=back
|
|
|
ae08b15 |
|
|
|
ae08b15 |
=head1 CONNECTED COMMANDS
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/apps/smime.pod.manfix openssl-1.0.1e/doc/apps/smime.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/apps/smime.pod.manfix 2013-02-11 16:26:04.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/apps/smime.pod 2013-09-12 11:17:42.150092375 +0200
|
|
|
dad6e3e |
@@ -308,28 +308,28 @@ remains DER.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
the operation was completely successfully.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
an error occurred parsing the command options.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 2
|
|
|
dad6e3e |
+=item C<2>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
one of the input files could not be read.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 3
|
|
|
dad6e3e |
+=item C<3>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
an error occurred creating the PKCS#7 file or when reading the MIME
|
|
|
dad6e3e |
message.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 4
|
|
|
dad6e3e |
+=item C<4>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
an error occurred decrypting or verifying the message.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 5
|
|
|
dad6e3e |
+=item C<5>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
the message was verified correctly but an error occurred writing out
|
|
|
dad6e3e |
the signers certificates.
|
|
|
9b36f08 |
diff -up openssl-1.0.1e/doc/apps/s_server.pod.manfix openssl-1.0.1e/doc/apps/s_server.pod
|
|
|
9b36f08 |
--- openssl-1.0.1e/doc/apps/s_server.pod.manfix 2013-02-11 16:26:04.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/apps/s_server.pod 2013-09-12 11:17:42.150092375 +0200
|
|
|
9c324da |
@@ -40,10 +40,16 @@ B<openssl> B<s_server>
|
|
|
9b36f08 |
[B<-ssl2>]
|
|
|
9b36f08 |
[B<-ssl3>]
|
|
|
9b36f08 |
[B<-tls1>]
|
|
|
9b36f08 |
+[B<-tls1_1>]
|
|
|
9b36f08 |
+[B<-tls1_2>]
|
|
|
9b36f08 |
+[B<-dtls1>]
|
|
|
9b36f08 |
[B<-no_ssl2>]
|
|
|
9b36f08 |
[B<-no_ssl3>]
|
|
|
9b36f08 |
[B<-no_tls1>]
|
|
|
9b36f08 |
+[B<-no_tls1_1>]
|
|
|
9b36f08 |
+[B<-no_tls1_2>]
|
|
|
9b36f08 |
[B<-no_dhe>]
|
|
|
9c324da |
+[B<-no_ecdhe>]
|
|
|
9b36f08 |
[B<-bugs>]
|
|
|
9b36f08 |
[B<-hack>]
|
|
|
9c324da |
[B<-www>]
|
|
|
ae08b15 |
@@ -54,6 +60,7 @@ B<openssl> B<s_server>
|
|
|
ae08b15 |
[B<-no_ticket>]
|
|
|
ae08b15 |
[B<-id_prefix arg>]
|
|
|
ae08b15 |
[B<-rand file(s)>]
|
|
|
ae08b15 |
+[B<-nextprotoneg protocols>]
|
|
|
ae08b15 |
|
|
|
ae08b15 |
=head1 DESCRIPTION
|
|
|
ae08b15 |
|
|
|
ae08b15 |
@@ -131,6 +138,10 @@ a static set of parameters hard coded in
|
|
|
9c324da |
if this option is set then no DH parameters will be loaded effectively
|
|
|
9c324da |
disabling the ephemeral DH cipher suites.
|
|
|
9c324da |
|
|
|
9c324da |
+=item B<-no_ecdhe>
|
|
|
9c324da |
+
|
|
|
9c324da |
+if this option is set then ephemeral ECDH cipher suites will be disabled.
|
|
|
9c324da |
+
|
|
|
9c324da |
=item B<-no_tmp_rsa>
|
|
|
9c324da |
|
|
|
9c324da |
certain export cipher suites sometimes use a temporary RSA key, this option
|
|
|
ae08b15 |
@@ -201,7 +212,7 @@ Use the PSK key B<key> when using a PSK
|
|
|
9b36f08 |
given as a hexadecimal number without leading 0x, for example -psk
|
|
|
9b36f08 |
1a2b3c4d.
|
|
|
9b36f08 |
|
|
|
9b36f08 |
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
|
|
|
9b36f08 |
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
|
|
|
9b36f08 |
|
|
|
9b36f08 |
these options disable the use of certain SSL or TLS protocols. By default
|
|
|
9b36f08 |
the initial handshake uses a method which should be compatible with all
|
|
|
ae08b15 |
@@ -276,6 +287,14 @@ Multiple files can be specified separate
|
|
|
ae08b15 |
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
|
|
|
ae08b15 |
all others.
|
|
|
ae08b15 |
|
|
|
ae08b15 |
+=item B<-nextprotoneg protocols>
|
|
|
ae08b15 |
+
|
|
|
ae08b15 |
+enable Next Protocol Negotiation TLS extension and provide a
|
|
|
ae08b15 |
+comma-separated list of supported protocol names.
|
|
|
ae08b15 |
+The list should contain most wanted protocols first.
|
|
|
ae08b15 |
+Protocol names are printable ASCII strings, for example "http/1.1" or
|
|
|
ae08b15 |
+"spdy/3".
|
|
|
ae08b15 |
+
|
|
|
ae08b15 |
=back
|
|
|
ae08b15 |
|
|
|
ae08b15 |
=head1 CONNECTED COMMANDS
|
|
|
fa93b62 |
diff -up openssl-1.0.1e/doc/apps/verify.pod.manfix openssl-1.0.1e/doc/apps/verify.pod
|
|
|
fa93b62 |
--- openssl-1.0.1e/doc/apps/verify.pod.manfix 2013-02-11 16:26:04.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/apps/verify.pod 2013-09-12 11:25:13.994994992 +0200
|
|
|
fa93b62 |
@@ -25,6 +25,7 @@ B<openssl> B<verify>
|
|
|
fa93b62 |
[B<-untrusted file>]
|
|
|
fa93b62 |
[B<-help>]
|
|
|
fa93b62 |
[B<-issuer_checks>]
|
|
|
fa93b62 |
+[B<-attime timestamp>]
|
|
|
fa93b62 |
[B<-verbose>]
|
|
|
fa93b62 |
[B<->]
|
|
|
fa93b62 |
[certificates]
|
|
|
fa93b62 |
@@ -80,6 +81,12 @@ rejected. The presence of rejection mess
|
|
|
fa93b62 |
anything is wrong; during the normal verification process, several
|
|
|
fa93b62 |
rejections may take place.
|
|
|
fa93b62 |
|
|
|
fa93b62 |
+=item B<-attime timestamp>
|
|
|
fa93b62 |
+
|
|
|
fa93b62 |
+Perform validation checks using the time specified by B<timestamp> and not
|
|
|
fa93b62 |
+the current system time. B<timestamp> is the number of seconds since
|
|
|
fa93b62 |
+01.01.1970 (UNIX time).
|
|
|
fa93b62 |
+
|
|
|
fa93b62 |
=item B<-policy arg>
|
|
|
fa93b62 |
|
|
|
fa93b62 |
Enable policy processing and add B<arg> to the user-initial-policy-set (see
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_accept.pod.manfix openssl-1.0.1e/doc/ssl/SSL_accept.pod
|
|
|
fa93b62 |
--- openssl-1.0.1e/doc/ssl/SSL_accept.pod.manfix 2013-09-12 11:17:42.129091915 +0200
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_accept.pod 2013-09-12 11:17:42.156092507 +0200
|
|
|
dad6e3e |
@@ -44,13 +44,13 @@ The following return values can occur:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The TLS/SSL handshake was not successful but was shut down controlled and
|
|
|
dad6e3e |
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
|
|
dad6e3e |
return value B<ret> to find out the reason.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
|
|
dad6e3e |
established.
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_clear.pod.manfix openssl-1.0.1e/doc/ssl/SSL_clear.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_clear.pod.manfix 2013-02-11 16:02:48.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_clear.pod 2013-09-12 11:17:42.158092551 +0200
|
|
|
dad6e3e |
@@ -56,12 +56,12 @@ The following return values can occur:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The SSL_clear() operation could not be performed. Check the error stack to
|
|
|
dad6e3e |
find out the reason.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The SSL_clear() operation was successful.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod.manfix openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod
|
|
|
fa93b62 |
--- openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod.manfix 2013-09-12 11:17:42.049090162 +0200
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod 2013-09-12 11:17:42.159092573 +0200
|
|
|
6a0a35e |
@@ -60,11 +60,11 @@ SSL_COMP_add_compression_method() may re
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation succeeded.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation failed. Check the error queue to find out the reason.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_connect.pod.manfix openssl-1.0.1e/doc/ssl/SSL_connect.pod
|
|
|
fa93b62 |
--- openssl-1.0.1e/doc/ssl/SSL_connect.pod.manfix 2013-09-12 11:17:42.130091937 +0200
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_connect.pod 2013-09-12 11:17:42.161092616 +0200
|
|
|
dad6e3e |
@@ -41,13 +41,13 @@ The following return values can occur:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The TLS/SSL handshake was not successful but was shut down controlled and
|
|
|
dad6e3e |
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
|
|
dad6e3e |
return value B<ret> to find out the reason.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
|
|
dad6e3e |
established.
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod.manfix 2013-02-11 16:02:48.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod 2013-09-12 11:17:42.162092638 +0200
|
|
|
dad6e3e |
@@ -52,13 +52,13 @@ The following values are returned by all
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation failed. In case of the add operation, it was tried to add
|
|
|
dad6e3e |
the same (identical) session twice. In case of the remove operation, the
|
|
|
dad6e3e |
session was not found in the cache.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation succeeded.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod.manfix 2013-02-11 16:02:48.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod 2013-09-12 11:17:42.163092660 +0200
|
|
|
dad6e3e |
@@ -100,13 +100,13 @@ The following return values can occur:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation failed because B<CAfile> and B<CApath> are NULL or the
|
|
|
dad6e3e |
processing at one of the locations specified failed. Check the error
|
|
|
dad6e3e |
stack to find out the reason.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation succeeded.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod
|
|
|
fa93b62 |
--- openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod.manfix 2013-09-12 11:17:42.132091981 +0200
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod 2013-09-12 11:17:42.164092682 +0200
|
|
|
dad6e3e |
@@ -66,13 +66,13 @@ values:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
A failure while manipulating the STACK_OF(X509_NAME) object occurred or
|
|
|
dad6e3e |
the X509_NAME could not be extracted from B<cacert>. Check the error stack
|
|
|
dad6e3e |
to find out the reason.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation succeeded.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod.manfix 2013-02-11 16:02:48.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod 2013-09-12 11:17:42.166092726 +0200
|
|
|
dad6e3e |
@@ -64,13 +64,13 @@ return the following values:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
|
|
|
dad6e3e |
the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
|
|
|
dad6e3e |
is logged to the error stack.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation succeeded.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod.manfix 2013-02-11 16:26:04.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod 2013-09-12 11:17:42.167092748 +0200
|
|
|
dad6e3e |
@@ -42,11 +42,11 @@ and SSL_set_ssl_method():
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The new choice failed, check the error stack to find out the reason.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation succeeded.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod.manfix openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
|
|
|
fa93b62 |
--- openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod.manfix 2013-09-12 11:17:42.133092003 +0200
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2013-09-12 11:17:42.168092770 +0200
|
|
|
dad6e3e |
@@ -96,7 +96,7 @@ data to B<psk> and return the length of
|
|
|
dad6e3e |
connection will fail with decryption_error before it will be finished
|
|
|
dad6e3e |
completely.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
PSK identity was not found. An "unknown_psk_identity" alert message
|
|
|
dad6e3e |
will be sent and the connection setup fails.
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod.manfix openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod
|
|
|
fa93b62 |
--- openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod.manfix 2013-09-12 11:17:42.135092047 +0200
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod 2013-09-12 11:17:42.170092814 +0200
|
|
|
dad6e3e |
@@ -45,13 +45,13 @@ The following return values can occur:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The TLS/SSL handshake was not successful but was shut down controlled and
|
|
|
dad6e3e |
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
|
|
dad6e3e |
return value B<ret> to find out the reason.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
|
|
dad6e3e |
established.
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_read.pod.manfix openssl-1.0.1e/doc/ssl/SSL_read.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_read.pod.manfix 2013-02-11 16:02:48.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_read.pod 2013-09-12 11:17:42.171092836 +0200
|
|
|
dad6e3e |
@@ -86,7 +86,7 @@ The following return values can occur:
|
|
|
dad6e3e |
The read operation was successful; the return value is the number of
|
|
|
dad6e3e |
bytes actually read from the TLS/SSL connection.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The read operation was not successful. The reason may either be a clean
|
|
|
dad6e3e |
shutdown due to a "close notify" alert sent by the peer (in which case
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_session_reused.pod.manfix openssl-1.0.1e/doc/ssl/SSL_session_reused.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_session_reused.pod.manfix 2013-02-11 16:02:48.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_session_reused.pod 2013-09-12 11:17:42.172092857 +0200
|
|
|
dad6e3e |
@@ -27,11 +27,11 @@ The following return values can occur:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
A new session was negotiated.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
A session was reused.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_set_fd.pod.manfix openssl-1.0.1e/doc/ssl/SSL_set_fd.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_set_fd.pod.manfix 2013-02-11 16:02:48.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_set_fd.pod 2013-09-12 11:17:42.174092901 +0200
|
|
|
dad6e3e |
@@ -35,11 +35,11 @@ The following return values can occur:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation failed. Check the error stack to find out why.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation succeeded.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_set_session.pod.manfix openssl-1.0.1e/doc/ssl/SSL_set_session.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_set_session.pod.manfix 2013-02-11 16:02:48.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_set_session.pod 2013-09-12 11:17:42.175092923 +0200
|
|
|
dad6e3e |
@@ -37,11 +37,11 @@ The following return values can occur:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation failed; check the error stack to find out the reason.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The operation succeeded.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_shutdown.pod.manfix openssl-1.0.1e/doc/ssl/SSL_shutdown.pod
|
|
|
fa93b62 |
--- openssl-1.0.1e/doc/ssl/SSL_shutdown.pod.manfix 2013-09-12 11:17:42.137092090 +0200
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod 2013-09-12 11:17:42.177092967 +0200
|
|
|
dad6e3e |
@@ -92,14 +92,14 @@ The following return values can occur:
|
|
|
dad6e3e |
|
|
|
dad6e3e |
=over 4
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The shutdown is not yet finished. Call SSL_shutdown() for a second time,
|
|
|
dad6e3e |
if a bidirectional shutdown shall be performed.
|
|
|
dad6e3e |
The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
|
|
|
dad6e3e |
erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 1
|
|
|
dad6e3e |
+=item C<1>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The shutdown was successfully completed. The "close notify" alert was sent
|
|
|
dad6e3e |
and the peer's "close notify" alert was received.
|
|
|
dad6e3e |
diff -up openssl-1.0.1e/doc/ssl/SSL_write.pod.manfix openssl-1.0.1e/doc/ssl/SSL_write.pod
|
|
|
dad6e3e |
--- openssl-1.0.1e/doc/ssl/SSL_write.pod.manfix 2013-02-11 16:02:48.000000000 +0100
|
|
|
fa93b62 |
+++ openssl-1.0.1e/doc/ssl/SSL_write.pod 2013-09-12 11:17:42.177092967 +0200
|
|
|
dad6e3e |
@@ -79,7 +79,7 @@ The following return values can occur:
|
|
|
dad6e3e |
The write operation was successful, the return value is the number of
|
|
|
dad6e3e |
bytes actually written to the TLS/SSL connection.
|
|
|
dad6e3e |
|
|
|
dad6e3e |
-=item 0
|
|
|
dad6e3e |
+=item C<0>
|
|
|
dad6e3e |
|
|
|
dad6e3e |
The write operation was not successful. Probably the underlying connection
|
|
|
dad6e3e |
was closed. Call SSL_get_error() with the return value B<ret> to find out,
|