From e040a42e44b40f09ce485f66c9198456a3f8a457 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 22 Jul 2016 11:55:10 +0100
Subject: [PATCH] Update the SSL_set_bio()/SSL_set0_rbio()/SSL_set0_wbio() docs

Update the documentation for the newly renamed and modified SSL_set0_rbio()
and SSL_set0_wbio() functions. State that they should be preferred over
SSL_set_bio(). Attempt to document the ownership rules for SSL_set_bio().

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 doc/ssl/SSL_set_bio.pod | 82 ++++++++++++++++++++++++++++++++++-------
 1 file changed, 68 insertions(+), 14 deletions(-)

diff --git a/doc/ssl/SSL_set_bio.pod b/doc/ssl/SSL_set_bio.pod
index 204c89e3fc..e8e55f4648 100644
--- a/doc/ssl/SSL_set_bio.pod
+++ b/doc/ssl/SSL_set_bio.pod
@@ -2,31 +2,85 @@
 
 =head1 NAME
 
-SSL_set_bio, SSL_set_rbio, SSL_set_wbio - connect the SSL object with a BIO
+SSL_set_bio, SSL_set0_rbio, SSL_set0_wbio - connect the SSL object with a BIO
 
 =head1 SYNOPSIS
 
  #include <openssl/ssl.h>
 
  void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
- void SSL_set_rbio(SSL *s, BIO *rbio);
- void SSL_set_wbio(SSL *s, BIO *wbio);
+ void SSL_set0_rbio(SSL *s, BIO *rbio);
+ void SSL_set0_wbio(SSL *s, BIO *wbio);
 
 =head1 DESCRIPTION
 
-SSL_set_bio() connects the BIOs B<rbio> and B<wbio> for the read and write
-operations of the TLS/SSL (encrypted) side of B<ssl>.
+SSL_set0_rbio() connects the BIO B<rbio> for the read operations of the B<ssl>
+object. The SSL engine inherits the behaviour of B<rbio>. If the BIO is
+non-blocking then the B<ssl> object will also have non-blocking behaviour. This
+function transfers ownership of B<rbio> to B<ssl>. It will be automatically
+freed using L<BIO_free_all(3)> when the B<ssl> is freed. On calling this
+function, any existing B<rbio> that was previously set will also be freed via a
+call to L<BIO_free_all(3)> (this includes the case where the B<rbio> is set to
+the same value as previously).
 
-The SSL engine inherits the behaviour of B<rbio> and B<wbio>, respectively.
-If a BIO is non-blocking, the B<ssl> will also have non-blocking behaviour.
+SSL_set0_wbio() works in the same as SSL_set0_rbio() except that it connects
+the BIO B<wbio> for the write operations of the B<ssl> object. Note that if the
+rbio and wbio are the same then SSL_set0_rbio() and SSL_set0_wbio() each take
+ownership of one reference. Therefore it may be necessary to increment the
+number of references available using L<BIO_up_ref(3)> before calling the set0
+functions.
 
-If there was already a BIO connected to B<ssl>, BIO_free() will be called
-(for both the reading and writing side, if different).
+SSL_set_bio() does a similar job as SSL_set0_rbio() and SSL_set0_wbio() except
+that it connects both the B<rbio> and the B<wbio> at the same time. This
+function transfers the ownership of B<rbio> and B<wbio> to B<ssl> except that
+the rules for this are much more complex. For this reason this function is
+considered a legacy function and SSL_set0_rbio() and SSL_set0_wbio() should be
+used in preference. The ownership rules are as follows:
 
-SSL_set_rbio() does the same job as SSL_set_bio() except that it enables you
-to only connect the read bio, without touching the write bio. Similarly
-SSL_set_wbio() enables you to connect the write bio without touching the read
-bio.
+=over 4
+
+=item
+
+If neither the rbio or wbio have changed from their previous values then nothing
+is done.
+
+=item
+
+If the rbio and wbio parameters are different and both are different to their
+previously set values then one reference is consumed for the rbio and one
+reference is consumed for the wbio.
+
+=item
+
+If the rbio and wbio parameters are the same and the rbio is not the same as the
+previously set value then one reference is consumed.
+
+=item
+
+If the rbio and wbio parameters are the same and the rbio is the same as the
+previously set value, then no additional references are consumed.
+
+=item
+
+If the rbio and wbio parameters are different and the rbio is the same as the
+previously set value then one reference is consumbed for the wbio and no
+references are consumed for the rbio.
+
+=item
+
+If the rbio and wbio parameters are different and the wbio is the same as the
+previously set value and the old rbio and wbio values were the same as each
+other then one reference is consumed for the rbio and no references are consumed
+for the wbio.
+
+=item
+
+If the rbio and wbio parameters are different and the wbio is the same as the
+previously set value and the old rbio and wbio values were different to each
+other then one reference is consumed for the rbio and one reference is consumed
+for the wbio.
+
+=back
 
 =head1 RETURN VALUES
 
@@ -40,7 +94,7 @@ L<SSL_shutdown(3)>, L<ssl(3)>, L<bio(3)>
 
 =head1 HISTORY
 
-SSL_set_rbio() and SSL_set_wbio() were added in OpenSSL 1.1.0.
+SSL_set0_rbio() and SSL_set0_wbio() were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-- 
2.25.1