All missing sections are added.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4976)
Similar care should be take to ensure the data is in the correct format
when calling ASN1_STRING_set().
+=head1 RETURN VALUES
+
+ASN1_STRING_length() returns the length of the content of B<x>.
+
+ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to
+the data of B<x>.
+
+ASN1_STRING_dup() returns a valid B<ASN1_STRING> structure or B<NULL> if an
+error occurred.
+
+ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0,
+according to whether B<a> is greater than, equal to, or less than B<b>.
+
+ASN1_STRING_set() returns 1 on success or 0 on error.
+
+ASN1_STRING_type() returns the type of B<x>.
+
+ASN1_STRING_to_UTF8() returns the number of bytes in output string B<out> or a
+negative value if an error occurred.
+
=head1 SEE ALSO
L<ERR_get_error(3)>
=head1 COPYRIGHT
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER
+=head1 RETURN VALUES
+
+ASN1_STRING_print_ex() and ASN1_STRING_print_ex_fp() return the number of
+characters written or -1 if an error occurred.
+
+ASN1_STRING_print() returns 1 on success or 0 on error.
+
+ASN1_tag2str() returns a human-readable name of the specified ASN.1 B<tag>.
+
=head1 SEE ALSO
L<X509_NAME_print_ex(3)>,
BIO_flush(sbio);
BIO_free_all(sbio);
+=head1 RETURN VALUES
+
+BIO_f_ssl() returns the SSL B<BIO_METHOD> structure.
+
+BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(),
+BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on
+success or a value which is less than or equal to 0 if an error occurred.
+
+BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return
+a valid B<BIO> structure on success or B<NULL> if an error occurred.
+
+BIO_ssl_copy_session_id() returns 1 on success or 0 on error.
+
+BIO_do_handshake() returns 1 if the connection was established successfully.
+A zero or negative value is returned if the connection could not be established.
+
=head1 HISTORY
In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly,
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with
an offset into the opaque exdata part of the TYPE object.
+=head1 RETURN VALUES
+
+TYPE_get_new_ex_index() returns a new index on success or -1 on error.
+
+TYPE_set_ex_data() returns 1 on success or 0 on error.
+
+TYPE_get_ex_data() returns the application data or NULL if an error occurred.
+
=head1 SEE ALSO
L<CRYPTO_get_ex_new_index(3)>.
in response to the application calling BIO_callback_ctrl(). The parameters for
the function have the same meaning as for BIO_callback_ctrl().
+=head1 RETURN VALUES
+
+BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.
+
+BIO_meth_new(int type, const char *name) returns a valid B<BIO_METHOD> or NULL
+if an error occurred.
+
+The B<BIO_meth_set> functions return 1 on success or 0 on error.
+
+The B<BIO_meth_get> functions return the corresponding function pointers.
+
=head1 SEE ALSO
L<bio>, L<BIO_find_type>, L<BIO_ctrl>, L<BIO_read_ex>, L<BIO_new>
when hostserv_prio == BIO_PARSE_PRIO_SERV
service => *host untouched, *service = "service"
+=head1 RETURN VALUES
+
+BIO_parse_hostserv() returns 1 on success or 0 on error.
+
=head1 SEE ALSO
L<BIO_ADDRINFO(3)>
=head1 COPYRIGHT
-Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
=head1 DESCRIPTION
-BIO_s_mem() return the memory BIO method function.
+BIO_s_mem() returns the memory BIO method function.
A memory BIO is a source/sink BIO which uses memory for its I/O. Data
written to a memory BIO is stored in a BUF_MEM structure which is extended
BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
BIO_free(mem);
+=head1 RETURN VALUES
+
+BIO_s_mem() and BIO_s_secmem() return a valid memory B<BIO_METHOD> structure.
+
+BIO_set_mem_eof_return(), BIO_get_mem_data(), BIO_set_mem_buf() and BIO_get_mem_ptr()
+return 1 on success or a value which is less than or equal to 0 if an error occurred.
+
+BIO_new_mem_buf() returns a valid B<BIO> structure on success or NULL on error.
+
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
The BIO_debug_callback() function is a good example, its source is
in crypto/bio/bio_cb.c
+=head1 RETURN VALUES
+
+BIO_get_callback_ex() and BIO_get_callback() return the callback function
+previously set by a call to BIO_set_callback_ex() and BIO_set_callback()
+respectively.
+
+BIO_get_callback_arg() returns a B<char> pointer to the value previously set
+via a call to BIO_set_callback_arg().
+
+BIO_debug_callback() returns 1 or B<ret> if it's called after specific BIO
+operations.
+
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
worked around by only passing the relevant data to ASN1 functions when
the entire structure can be read or written.
+=head1 RETURN VALUES
+
+BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and
+BIO_should_retry() return either 1 or 0 based on the actual conditions
+of the B<BIO>.
+
+BIO_retry_type() returns a flag combination presenting the cause of a retry
+condition or false if there is no retry condition.
+
+BIO_get_retry_BIO() returns a valid B<BIO> structure.
+
+BIO_get_retry_reason() returns the reason for a special condition.
+
=head1 SEE ALSO
L<bio>
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
BN_swap() exchanges the values of I<a> and I<b>.
+=head1 RETURN VALUES
+
+BN_swap() does not return a value.
+
=head1 COPYRIGHT
Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
B<all> is set to B<0> only modules loaded from DSOs will be unloads. If
B<all> is B<1> all modules, including builtin modules will be unloaded.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
None of the functions return a value.
=head1 COPYRIGHT
-Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2004-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
of crypt(3).
The B<salt> must be two ASCII characters.
+The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL
+character.
+
DES_enc_write() writes I<len> bytes to file descriptor I<fd> from
buffer I<buf>. The data is encrypted via I<pcbc_encrypt> (default)
using I<sched> for the key and I<iv> as a starting vector. The actual
Single-key DES is insecure due to its short key size. ECB mode is
not suitable for most applications; see L<des_modes(7)>.
+=head1 RETURN VALUES
+
+DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key()
+return 0 on success or negative values on error.
+
+DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the
+last 4 bytes of the checksum of the input.
+
+DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() -
+to a static buffer on success; otherwise they return NULL.
+
=head1 HISTORY
The requirement that the B<salt> parameter to DES_crypt() and DES_fcrypt()
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
DH_security_bits() returns the number of security bits of the given B<dh>
key. See L<BN_security_bits(3)>.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
DH_size() returns the prime size of Diffie-Hellman in bytes.
is lost during that conversion, but the resulting DH parameters
contain its length.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
DSA_dup_DH() returns the new B<DH> structure, and NULL on error. The
error codes can be obtained by L<ERR_get_error(3)>.
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
The PRNG must be seeded prior to calling DSA_generate_key().
-=head1 RETURN VALUE
+=head1 RETURN VALUES
DSA_generate_key() returns 1 on success, 0 otherwise.
The error codes can be obtained by L<ERR_get_error(3)>.
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
=back
-=head1 RETURN VALUE
+=head1 RETURN VALUES
DSA_generate_parameters_ex() returns a 1 on success, or 0 otherwise.
The error codes can be obtained by L<ERR_get_error(3)>.
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
DSA_security_bits() returns the number of security bits of the given B<dsa>
key. See L<BN_security_bits(3)>.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
DSA_size() returns the signature size in bytes.
=back
+=head1 RETURN VALUES
+
+ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev()
+return a valid B<ENGINE> structure or NULL if an error occurred.
+
+ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.
+
+ENGINE_by_id() returns a valid B<ENGINE> structure or NULL if an error occurred.
+
+ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.
+
+All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and
+ENGINE_get_digest_engine() return a valid B<ENGINE> structure on success or NULL
+if an error occurred.
+
+All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.
+
+ENGINE_set_default() returns 1 on success or 0 on error.
+
+ENGINE_get_table_flags() returns an unsigned integer value representing the
+global table flags which are used to control the registration behaviour of
+B<ENGINE> implementations.
+
+All ENGINE_register_TYPE() functions return 1 on success or 0 on error.
+
+ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success
+or 0 on error.
+
+ENGINE_ctrl() returns a positive value on success or others on error.
+
+ENGINE_cmd_is_executable() returns 1 if B<cmd> is executable or 0 otherwise.
+
+ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.
+
+ENGINE_new() returns a valid B<ENGINE> structure on success or NULL if an error
+occurred.
+
+ENGINE_free() returns 1 on success or 0 on error.
+
+ENGINE_up_ref() returns 1 on success or 0 on error.
+
+ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.
+
+All other B<ENGINE_set_*> functions return 1 on success or 0 on error.
+
+ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier
+and the name of the ENGINE B<e> respectively.
+
+ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND()
+return corresponding method structures for each algorithms.
+
+ENGINE_get_destroy_function(), ENGINE_get_init_function(),
+ENGINE_get_finish_function(), ENGINE_get_ctrl_function(),
+ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(),
+ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function
+pointers of the callbacks.
+
+ENGINE_get_cipher() returns a valid B<EVP_CIPHER> structure on success or NULL
+if an error occurred.
+
+ENGINE_get_digest() returns a valid B<EVP_MD> structure on success or NULL if an
+error occurred.
+
+ENGINE_get_flags() returns an integer representing the ENGINE flags which are
+used to control various behaviours of an ENGINE.
+
+ENGINE_get_cmd_defns() returns an B<ENGINE_CMD_DEFN> structure or NULL if it's
+not set.
+
+ENGINE_load_private_key() and ENGINE_load_public_key() return a valid B<EVP_PKEY>
+structure on success or NULL if an error occurred.
+
=head1 SEE ALSO
L<OPENSSL_init_crypto(3)>, L<RSA_new_method(3)>, L<DSA_new(3)>, L<DH_new(3)>,
ERR_get_next_error_library() can be used to assign library numbers
to user libraries at runtime.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
ERR_load_strings() returns no value. ERR_PACK() return the error code.
ERR_get_next_error_library() returns zero on failure, otherwise a new
ERR_remove_thread_state() does the same thing, except the identifier is
an opaque pointer.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
ERR_remove_state() and ERR_remove_thread_state() return no value.
For an unknown B<t>, the text "not available" is returned.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
-The version number.
+OpenSSL_version_num() returns the version number.
+
+OpenSSL_version() returns requested version strings.
=head1 SEE ALSO
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
process should call OPENSSL_fork_parent() and the child process should
call OPENSSL_fork_child().
+=head1 RETURN VALUES
+
+OPENSSL_fork_prepare(), OPENSSL_fork_parent() and OPENSSL_fork_child() do not
+return values.
+
=head1 SEE ALSO
L<OPENSSL_init_crypto(3)>
performs at most B<max> probes in attempt to fill the B<vector[num]>,
with B<max> value of 0 meaning "as many as it takes."
-=head1 RETURN VALUE
+=head1 RETURN VALUES
Return value of 0 indicates that CPU is not capable of performing the
benchmark, either because oscillator counter or 'flush cache line' is
=head1 COPYRIGHT
-Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2011-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
void OPENSSL_load_builtin_modules(void);
void ASN1_add_oid_module(void);
- ENGINE_add_conf_module();
+ void ENGINE_add_conf_module(void);
=head1 DESCRIPTION
functionality may be missing from the application if an when new
modules are added.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
None of the functions return a value.
=head1 COPYRIGHT
-Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2004-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
is guaranteed to work.
-=head1 RETURN CODES
+=head1 RETURN VALUES
The read routines return either a pointer to the structure read or NULL
if an error occurred.
=head1 COPYRIGHT
-Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
B<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
+=head1 RETURN VALUES
+
+PKCS12_create() returns a valid B<PKCS12> structure or NULL if an error occurred.
+
=head1 SEE ALSO
L<d2i_PKCS12(3)>
=head1 COPYRIGHT
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
since no explicit initialisation or de-initialisation is necessary. See
L<OPENSSL_init_crypto(3)>.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
RAND_cleanup() returns no value.
OpenSSL can be configured at build time to try to use the EGD for seeding
automatically.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
RAND_egd() and RAND_egd_bytes() return the number of bytes read from the
daemon on success, or -1 if the connection failed or the daemon did not
RSA_check_key() is equivalent to RSA_check_key_ex() with a NULL B<cb>.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
RSA_check_key_ex() and RSA_check_key()
return 1 if B<rsa> is a valid RSA key, and 0 otherwise.
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
The process is then repeated for prime q and other primes (if any)
with B<BN_GENCB_call(cb, 3, i)> where B<i> indicates the i-th prime.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
RSA_generate_multi_prime_key() returns 1 on success or 0 on error.
RSA_generate_key_ex() returns 1 on success or 0 on error.
RSA_security_bits() returns the number of security bits of the given B<rsa>
key. See L<BN_security_bits(3)>.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
RSA_size() returns the size of modulus in bytes.
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
a human-readable string. Call SCT_validate() or SCT_LIST_validate()
beforehand in order to set the validation status of an SCT first.
+=head1 RETURN VALUES
+
+SCT_validation_status_string() returns a null-terminated string representing
+the validation status of an B<SCT> object.
+
=head1 SEE ALSO
L<ct(7)>,
=head1 COPYRIGHT
-Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK Au=RSA Enc=AES(256) Mac=SHA384
+=head1 RETURN VALUES
+
+SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(),
+SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding
+value in a null-terminated string for a specific cipher or "(NONE)"
+if the cipher is not found.
+
+SSL_CIPHER_get_bits() returns a positive integer representing the number of
+secret bits or 0 if an error occurred.
+
+SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(),
+SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or
+B<NID_undef> if an error occurred.
+
+SSL_CIPHER_get_handshake_digest() returns a valid B<EVP_MD> structure or NULL
+if an error occurred.
+
+SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.
+
+SSL_CIPHER_find() returns a valid B<SSL_CIPHER> structure or NULL if an error
+occurred.
+
+SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.
+
+SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS
+protocol-specific ID.
+
=head1 HISTORY
SSL_CIPHER_get_version() was updated to always return the correct protocol
called to synchronize with the external cache (see
L<SSL_CTX_sess_set_get_cb(3)>).
+=head1 RETURN VALUES
+
+SSL_CTX_flush_sessions() does not return a value.
+
=head1 SEE ALSO
L<ssl(7)>,
=head1 COPYRIGHT
-Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
session must not be explicitly freed with
L<SSL_SESSION_free(3)>.
+=head1 RETURN VALUES
+
+SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb() and SSL_CTX_sess_get_get_cb()
+return different callback function pointers respectively.
+
=head1 SEE ALSO
L<ssl(7)>, L<d2i_SSL_SESSION(3)>,
modified directly but by using the
L<SSL_CTX_add_session(3)> family of functions.
+=head1 RETURN VALUES
+
+SSL_CTX_sessions() returns a pointer to the lhash of B<SSL_SESSION>.
+
=head1 SEE ALSO
L<ssl(7)>, L<LHASH(3)>,
=head1 COPYRIGHT
-Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
by the callback. So if an EC chain is set for a curve the client does not
support it will B<not> be used.
+=head1 RETURN VALUES
+
+SSL_CTX_set_cert_cb() and SSL_set_cert_cb() do not return values.
+
=head1 SEE ALSO
L<ssl(7)>, L<SSL_use_certificate(3)>,
=head1 COPYRIGHT
-Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
Within I<x509_store_ctx>, I<callback> has access to the I<verify_callback>
function set using L<SSL_CTX_set_verify(3)>.
+=head1 RETURN VALUES
+
+SSL_CTX_set_cert_verify_callback() does not return a value.
+
=head1 WARNINGS
Do not mix the verification callback described in this function with the
=head1 COPYRIGHT
-Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
If the callback returns no certificate, the OpenSSL library will not send
a certificate.
+=head1 RETURN VALUES
+
+SSL_CTX_get_client_cert_cb() returns function pointer of client_cert_cb() or
+NULL if the callback is not set.
+
=head1 BUGS
The client_cert_cb() cannot return a complete certificate chain, it can
=head1 COPYRIGHT
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
file, the key logging callback should log B<line>, followed by a newline.
B<line> will always be a NULL-terminated string.
+=head1 RETURN VALUES
+
+SSL_CTX_get_keylog_callback() returns a pointer to B<SSL_CTX_keylog_cb_func> or
+NULL if the callback is not set.
+
=head1 SEE ALSO
L<ssl(7)>
=back
+=head1 RETURN VALUES
+
+SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(), SSL_set_msg_callback()
+and SSL_set_msg_callback_arg() do not return values.
+
=head1 SEE ALSO
L<ssl(7)>, L<SSL_new(3)>
check the return values for errors will misbehave: for example it might
appear that a certificate is not set at all because it had been rejected.
+=head1 RETURN VALUES
+
+SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.
+
+SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that
+represents the security level with B<SSL_CTX> or B<SSL>, respectively.
+
+SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return
+values.
+
+SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer
+to the security callback or NULL if the callback is not set.
+
+SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra
+data pointer or NULL if the ex data is not set.
+
=head1 HISTORY
These functions were first added to OpenSSL 1.1.0
=head1 COPYRIGHT
-Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
value is made, and the caller retains ownership of the memory pointed to by
B<alpn>.
+=head1 RETURN VALUES
+
+SSL_SESSION_get0_hostname() returns either a string or NULL based on if there
+is the SNI value sent by client.
+
+SSL_SESSION_set1_hostname() returns 1 on success or 0 on error.
+
+SSL_SESSION_set1_alpn_selected() returns 1 on success or 0 on error.
+
=head1 SEE ALSO
L<ssl(7)>,
valid while the connection is in use. The session (and hence the ticket pointer)
may also become invalid as a result of a call to SSL_CTX_flush_sessions().
+=head1 RETURN VALUES
+
+SSL_SESSION_has_ticket() returns 1 if session ticket exists or 0 otherwise.
+
+SSL_SESSION_get_ticket_lifetime_hint() returns the number of seconds.
+
=head1 SEE ALSO
L<ssl(7)>,
=head1 COPYRIGHT
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
attempting to resume with a non-resumable session will result in a full
handshake.
+=head1 RETURN VALUES
+
+SSL_SESSION_is_resumable() returns 1 if the session is resumable or 0 otherwise.
+
=head1 SEE ALSO
L<ssl(7)>,
PEM_def_callback(), EVP_read_pw_string() and EVP_read_pw_string_min())
all use the default B<UI_METHOD>.
+=head1 RETURN VALUES
+
+UI_UTIL_read_pw_string() and UI_UTIL_read_pw() return 0 on success or a negative
+value on error.
+
+UI_UTIL_wrap_read_pem_callback() returns a valid B<UI_METHOD> structure or NULL
+if an error occurred.
+
=head1 SEE ALSO
L<UI_get_default_method(3)>
=head1 COPYRIGHT
-Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
the built-in method UI_OpenSSL() will produce UTF-8 encoded strings
instead.
+=head1 RETURN VALUES
+
+UI_new() and UI_new_method() return a valid B<UI> structure or NULL if an error
+occurred.
+
+UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(),
+UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(),
+UI_add_info_string(), UI_dup_info_string(), UI_add_error_string()
+and UI_dup_error_string() return a positive number on success or a value which
+is less than or equal to 0 otherwise.
+
+UI_construct_prompt() returns a string or NULL if an error occurred.
+
+UI_dup_user_data() returns 0 on success or -1 on error.
+
+UI_get0_result() returns a string or NULL on error.
+
+UI_get_result_length() returns a positive integer or 0 on success; otherwise it
+returns -1 on error.
+
+UI_process() returns 0 on success or a negative value on error.
+
+UI_ctrl() returns a mask on success or -1 on error.
+
+UI_get_default_method(), UI_get_method(), UI_Openssl(), UI_null() and
+UI_set_method() return either a valid B<UI_METHOD> structure or NULL
+respectively.
+
=head1 HISTORY
UI_dup_user_data()
X509_ALGOR_cmp() compares B<a> and B<b> and returns 0 if they have identical
encodings and non-zero otherwise.
+=head1 RETURN VALUES
+
+X509_ALGOR_dup() returns a valid B<X509_ALGOR> structure or NULL if an error
+occurred.
+
+X509_ALGOR_set0() returns 1 on success or 0 on error.
+
+X509_ALGOR_get0() and X509_ALGOR_set_md() return no values.
+
+X509_ALGOR_cmp() returns 0 if the two parameters have identical encodings and
+non-zero otherwise.
+
=head1 COPYRIGHT
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
OpenSSL includes a L<rehash(1)> utility which creates symlinks with correct
hashed names for all files with .pem suffix in a given directory.
+=head1 RETURN VALUES
+
+X509_LOOKUP_hash_dir() and X509_LOOKUP_file() always return a valid
+B<X509_LOOKUP_METHOD> structure.
+
+X509_load_cert_file(), X509_load_crl_file() and X509_load_cert_crl_file() return
+the number of loaded objects or 0 on error.
+
=head1 SEE ALSO
L<PEM_read_PrivateKey(3)>,
B<MBSTRING_ASC> but in the case of X509_set_data() the field name must be
set first so the relevant field information can be looked up internally.
+=head1 RETURN VALUES
+
+X509_NAME_ENTRY_get_object() returns a valid B<ASN1_OBJECT> structure if it is
+set or NULL if an error occurred.
+
+X509_NAME_ENTRY_get_data() returns a valid B<ASN1_STRING> structure if it is set
+or NULL if an error occurred.
+
+X509_NAME_ENTRY_set_object() and X509_NAME_ENTRY_set_data() return 1 on success
+or 0 on error.
+
+X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and
+X509_NAME_ENTRY_create_by_OBJ() return a valid B<X509_NAME_ENTRY> on success or
+NULL if an error occurred.
+
=head1 SEE ALSO
L<ERR_get_error(3)>, L<d2i_X509_NAME(3)>,
=head1 COPYRIGHT
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
B<XN_FLAG_COMPAT> uses a format identical to X509_NAME_print(): in fact it calls X509_NAME_print() internally.
+=head1 RETURN VALUES
+
+X509_NAME_oneline() returns a valid string on success or NULL on error.
+
+X509_NAME_print() returns 1 on success or 0 on error.
+
+X509_NAME_print_ex() and X509_NAME_print_ex_fp() return 1 on success or 0 on error
+if the B<XN_FLAG_COMPAT> is set, which is the same as X509_NAME_print(). Otherwise,
+it returns -1 on error or other values on success.
+
=head1 SEE ALSO
L<ASN1_STRING_print_ex(3)>
=head1 COPYRIGHT
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
except the pointers returned are not constant and can be modified:
for example to initialise them.
+=head1 RETURN VALUES
+
+X509_SIG_get0() and X509_SIG_getm() return no values.
+
=head1 SEE ALSO
L<d2i_X509(3)>
=head1 COPYRIGHT
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
This function checks if given certificate is CA certificate (can be used
to sign other certificates).
-=head1 RETURN VALUE
+=head1 RETURN VALUES
Function return 0, if it is not CA certificate, 1 if it is proper X509v3
CA certificate with B<basicConstraints> extension CA:TRUE,
=head1 COPYRIGHT
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
present in the I<subject> certificate and checks B<keyUsage> field of
I<issuer>.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
Function return B<X509_V_OK> if certificate I<subject> is issued by
I<issuer> or some B<X509_V_ERR*> constant to indicate an error.
=head1 COPYRIGHT
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
X509_REQ_check_private_key() is equivalent to X509_check_private_key()
except that B<x> represents a certificate request of structure B<X509_REQ>.
-=head1 RETURN VALUE
+=head1 RETURN VALUES
X509_check_private_key() and X509_REQ_check_private_key() return 1 if
the keys match each other, and 0 if not.
absent or malformed. Applications can determine the precise reason using
X509_get_ext_d2i().
-=head1 RETURN VALUE
+=head1 RETURN VALUES
X509_get_pathlen() returns the path length value, or -1 if the extension
is not present.
=head1 COPYRIGHT
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
Otherwise these behave in a similar way to d2i_X509() and i2d_X509()
described in the L<d2i_X509(3)> manual page.
+=head1 RETURN VALUES
+
+d2i_DHparams() returns a valid B<DH> structure or NULL if an error occurred.
+
+i2d_DHparams() returns the length of encoded data on success or a value which
+is less than or equal to 0 on error.
+
=head1 SEE ALSO
L<d2i_X509(3)>
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
work directly on memory: this can be readily worked around by converting the buffers
to memory BIOs, see L<BIO_s_mem(3)> for details.
+=head1 RETURN VALUES
+
+d2i_PKCS8PrivateKey_bio() and d2i_PKCS8PrivateKey_fp() return a valid B<EVP_PKEY>
+structure or NULL if an error occurred.
+
+i2d_PKCS8PrivateKey_bio(), i2d_PKCS8PrivateKey_fp(), i2d_PKCS8PrivateKey_nid_bio()
+and i2d_PKCS8PrivateKey_nid_fp() return 1 on success or 0 on error.
+
=head1 SEE ALSO
L<PEM_read_PrivateKey(3)>
=head1 COPYRIGHT
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
TBSCertificate portion of the B<X509> can be manually renewed by calling
i2d_re_X509_tbs().
+=head1 RETURN VALUES
+
+d2i_X509_AUX() returns a valid B<X509> structure or NULL if an error occurred.
+
+i2d_X509_AUX() returns the length of encoded data or -1 on error.
+
+i2d_re_X509_tbs(), i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() return the
+length of encoded data or 0 on error.
+
=head1 SEE ALSO
L<ERR_get_error(3)>
=head1 COPYRIGHT
-Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
projects / oweals / openssl.git / commitdiff