Convert libssl manpages from pod to mdoc(7).

libcrypto has not been started yet.

ok schwarze@ miod@

1 files changed, 89 insertions, 0 deletions

diff --git a/lib/libssl/doc/SSL_clear.3 b/lib/libssl/doc/SSL_clear.3
new file mode 100644
index 00000000000..dc596ce12a0
--- /dev/null
+++ b/lib/libssl/doc/SSL_clear.3
@@ -0,0 +1,89 @@
+.Dd $Mdocdate: October 12 2014 $
+.Dt SSL_CLEAR 3
+.Os
+.Sh NAME
+.Nm SSL_clear
+.Nd reset SSL object to allow another connection
+.Sh SYNOPSIS
+.In openssl/ssl.h
+.Ft int
+.Fn SSL_clear "SSL *ssl"
+.Sh DESCRIPTION
+Reset
+.Fa ssl
+to allow another connection.
+All settings (method, ciphers, BIOs) are kept.
+.Sh NOTES
+.Fn SSL_clear
+is used to prepare an
+.Vt SSL
+object for a new connection.
+While all settings are kept,
+a side effect is the handling of the current SSL session.
+If a session is still
+.Em open ,
+it is considered bad and will be removed from the session cache,
+as required by RFC2246.
+A session is considered open if
+.Xr SSL_shutdown 3
+was not called for the connection or at least
+.Xr SSL_set_shutdown 3
+was used to
+set the
+.Dv SSL_SENT_SHUTDOWN
+state.
+.Pp
+If a session was closed cleanly,
+the session object will be kept and all settings corresponding.
+This explicitly means that for example the special method used during the
+session will be kept for the next handshake.
+So if the session was a TLSv1 session, a
+.Vt SSL
+client object will use a TLSv1 client method for the next handshake and a
+.Vt SSL
+server object will use a TLSv1 server method, even if
+.Fn SSLv23_*_method Ns s
+were chosen on startup.
+This might lead to connection failures (see
+.Xr SSL_new 3 )
+for a description of the method's properties.
+.Sh WARNINGS
+.Fn SSL_clear
+resets the
+.Vt SSL
+object to allow for another connection.
+The reset operation however keeps several settings of the last sessions
+(some of these settings were made automatically during the last handshake).
+It only makes sense for a new connection with the exact same peer that shares
+these settings,
+and may fail if that peer changes its settings between connections.
+Use the sequence
+.Xr SSL_get_session 3 ;
+.Xr SSL_new 3 ;
+.Xr SSL_set_session 3 ;
+.Xr SSL_free 3
+instead to avoid such failures (or simply
+.Xr SSL_free 3 ;
+.Xr SSL_new 3
+if session reuse is not desired).
+.Sh RETURN VALUES
+The following return values can occur:
+.Bl -tag -width Ds
+.It 0
+The
+.Fn SSL_clear
+operation could not be performed.
+Check the error stack to find out the reason.
+.It 1
+The
+.Fn SSL_clear
+operation was successful.
+.El
+.Sh SEE ALSO
+.Xr ssl 3 ,
+.Xr SSL_CTX_set_client_cert_cb 3 ,
+.Xr SSL_CTX_set_options 3 ,
+.Xr SSL_free 3 ,
+.Xr SSL_new 3 ,
+.Xr SSL_set_shutdown 3 ,
+.Xr SSL_shutdown 3