X-Git-Url: https://gitweb.dragonflybsd.org/dragonfly.git/blobdiff_plain/c30750c088df685e59014c324cec6781ffe9e0e2..e257b235ba0c7bfd5e02c180f6db95524dfda77e:/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 diff --git a/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 b/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 index 009fbc7e43..effeee6c86 100644 --- a/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 +++ b/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32 +.\" Automatically generated by Pod::Man 2.16 (Pod::Simple 3.05) .\" .\" Standard preamble: .\" ======================================================================== @@ -25,11 +25,11 @@ .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to -.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' -.\" expand to `' in nroff, nothing in troff, for use with C<>. -.tr \(*W-|\(bv\*(Tr +.\" double quote, and \*(R" will give a right double quote. \*(C+ will +.\" give a nicer C++. Capital omega is used to do unbreakable dashes and +.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, +.\" nothing in troff, for use with C<>. +.tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- @@ -48,22 +48,25 @@ . ds R" '' 'br\} .\" +.\" Escape single quotes in literal strings from groff's Unicode transform. +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" .\" If the F register is turned on, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. -.if \nF \{\ +.ie \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . nr % 0 . rr F .\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it makes -.\" way too many mistakes in technical documents. -.hy 0 -.if n .na +.el \{\ +. de IX +.. +.\} .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -129,21 +132,21 @@ .\" ======================================================================== .\" .IX Title "SSL_CTX_set_generate_session_id 3" -.TH SSL_CTX_set_generate_session_id 3 "2008-09-27" "0.9.8i" "OpenSSL" +.TH SSL_CTX_set_generate_session_id 3 "2009-01-11" "0.9.8j" "OpenSSL" +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh .SH "NAME" SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id \- manipulate generation of SSL session IDs (server only) .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& #include -.Ve -.PP -.Vb 2 +\& \& typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id, \& unsigned int *id_len); -.Ve -.PP -.Vb 4 +\& \& int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb); \& int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb); \& int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, @@ -229,29 +232,23 @@ The callback function listed will generate a session id with the server id given, and will fill the rest with pseudo random bytes: .PP .Vb 1 -\& const char session_id_prefix = "www-18"; -.Ve -.PP -.Vb 6 +\& const char session_id_prefix = "www\-18"; +\& \& #define MAX_SESSION_ID_ATTEMPTS 10 \& static int generate_session_id(const SSL *ssl, unsigned char *id, \& unsigned int *id_len) \& { \& unsigned int count = 0; \& const char *version; -.Ve -.PP -.Vb 3 +\& \& version = SSL_get_version(ssl); \& if (!strcmp(version, "SSLv2")) \& /* we must not change id_len */; -.Ve -.PP -.Vb 17 +\& \& do { \& RAND_pseudo_bytes(id, *id_len); \& /* Prefix the session_id with the required prefix. NB: If our -\& * prefix is too long, clip it - but there will be worse effects +\& * prefix is too long, clip it \- but there will be worse effects \& * anyway, eg. the server could only possibly create 1 session \& * ID (ie. the prefix!) so all future session negotiations will \& * fail due to conflicts. */