diff options
Diffstat (limited to 'man')
| -rw-r--r-- | man/Makefile.am | 20 | ||||
| -rw-r--r-- | man/tls_config_set_protocols.3 | 12 | ||||
| -rw-r--r-- | man/tls_load_file.3 | 32 |
3 files changed, 18 insertions, 46 deletions
diff --git a/man/Makefile.am b/man/Makefile.am index 5b39dc7..b6d3b54 100644 --- a/man/Makefile.am +++ b/man/Makefile.am @@ -89,16 +89,6 @@ install-data-hook: ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_handshake.3" ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_reset.3" ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_write.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_chain.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_depth.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_string.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_free.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_new.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_intermediates.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_chains.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_depth.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_signatures.3" - ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_purpose.3" uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/tls_accept_cbs.3" @@ -178,13 +168,3 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/tls_handshake.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_reset.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_write.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_chain.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_depth.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_string.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_free.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_new.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_intermediates.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_chains.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_depth.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_signatures.3" - -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_purpose.3" diff --git a/man/tls_config_set_protocols.3 b/man/tls_config_set_protocols.3 index 7c62493..32b8cce 100644 --- a/man/tls_config_set_protocols.3 +++ b/man/tls_config_set_protocols.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tls_config_set_protocols.3,v 1.11 2021/01/02 19:58:44 schwarze Exp $ +.\" $OpenBSD: tls_config_set_protocols.3,v 1.12 2023/07/02 06:37:27 beck Exp $ .\" .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> .\" Copyright (c) 2015, 2016 Joel Sing <jsing@openbsd.org> @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: January 2 2021 $ +.Dd $Mdocdate: July 2 2023 $ .Dt TLS_CONFIG_SET_PROTOCOLS 3 .Os .Sh NAME @@ -76,10 +76,6 @@ Possible values are the bitwise OR of: .Pp .Bl -item -offset indent -compact .It -.Dv TLS_PROTOCOL_TLSv1_0 -.It -.Dv TLS_PROTOCOL_TLSv1_1 -.It .Dv TLS_PROTOCOL_TLSv1_2 .It .Dv TLS_PROTOCOL_TLSv1_3 @@ -87,7 +83,7 @@ Possible values are the bitwise OR of: .Pp Additionally, the values .Dv TLS_PROTOCOL_TLSv1 -(TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3), +(TLSv1.2, TLSv1.3), .Dv TLS_PROTOCOLS_ALL (all supported protocols) and .Dv TLS_PROTOCOLS_DEFAULT @@ -106,8 +102,6 @@ The protocol string is a comma or colon separated list of keywords. Valid keywords are: .Pp .Bl -tag -width "tlsv1.3" -offset indent -compact -.It Dv tlsv1.0 -.It Dv tlsv1.1 .It Dv tlsv1.2 .It Dv tlsv1.3 .It Dv all diff --git a/man/tls_load_file.3 b/man/tls_load_file.3 index d836a04..cf33b57 100644 --- a/man/tls_load_file.3 +++ b/man/tls_load_file.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tls_load_file.3,v 1.11 2018/11/29 14:24:23 tedu Exp $ +.\" $OpenBSD: tls_load_file.3,v 1.14 2022/01/01 02:18:28 jsg Exp $ .\" .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> .\" Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org> @@ -17,7 +17,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: November 29 2018 $ +.Dd $Mdocdate: January 1 2022 $ .Dt TLS_LOAD_FILE 3 .Os .Sh NAME @@ -217,8 +217,7 @@ call, ensuring that the memory contents is discarded. returns the path of the file that contains the default root certificates. .Pp .Fn tls_config_set_ca_file -sets the filename used to load a file -containing the root certificates. +loads a file containing the root certificates. .Pp .Fn tls_config_set_ca_path sets the path (directory) which should be searched for root @@ -228,52 +227,51 @@ certificates. sets the root certificates directly from memory. .Pp .Fn tls_config_set_cert_file -sets file from which the public certificate will be read. +loads a file containing the public certificate. .Pp .Fn tls_config_set_cert_mem sets the public certificate directly from memory. .Pp .Fn tls_config_set_crl_file -sets the filename used to load a file containing the -Certificate Revocation List (CRL). +loads a file containing the Certificate Revocation List (CRL). .Pp .Fn tls_config_set_crl_mem sets the CRL directly from memory. .Pp .Fn tls_config_set_key_file -sets the file from which the private key will be read. +loads a file containing the private key. .Pp .Fn tls_config_set_key_mem directly sets the private key from memory. .Pp .Fn tls_config_set_ocsp_staple_file -sets a DER-encoded OCSP response to be stapled during the TLS handshake from -the specified file. +loads a file containing a DER-encoded OCSP response to be stapled +during the TLS handshake. .Pp .Fn tls_config_set_ocsp_staple_mem sets a DER-encoded OCSP response to be stapled during the TLS handshake from memory. .Pp .Fn tls_config_set_keypair_file -sets the files from which the public certificate, and private key will be read. +loads two files from which the public certificate and private key will be read. .Pp .Fn tls_config_set_keypair_mem -directly sets the public certificate, and private key from memory. +directly sets the public certificate and private key from memory. .Pp .Fn tls_config_set_keypair_ocsp_file -sets the files from which the public certificate, private key, and DER-encoded -OCSP staple will be read. +loads three files containing the public certificate, private key, +and DER-encoded OCSP staple. .Pp .Fn tls_config_set_keypair_ocsp_mem directly sets the public certificate, private key, and DER-encoded OCSP staple from memory. .Pp .Fn tls_config_add_keypair_file -adds an additional public certificate, and private key from the specified files, +adds an additional public certificate and private key from the specified files, used as an alternative certificate for Server Name Indication (server only). .Pp .Fn tls_config_add_keypair_mem -adds an additional public certificate, and private key from memory, used as an +adds an additional public certificate and private key from memory, used as an alternative certificate for Server Name Indication (server only). .Pp .Fn tls_config_add_keypair_ocsp_file @@ -359,7 +357,7 @@ appeared in .Ox 6.2 . .Sh AUTHORS .An Joel Sing Aq Mt jsing@openbsd.org -with contibutions from +with contributions from .An Ted Unangst Aq Mt tedu@openbsd.org and .An Bob Beck Aq Mt beck@openbsd.org . |