Mention three functions related to protocol selection by the client

that are deprecated no-ops in LibreSSL, but that OpenSSL explicitly
documented on April 19, 2017, without deprecating them.

1 files changed, 48 insertions, 3 deletions

diff --git a/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3 b/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
index eb6c543478b..175689d79bd 100644
--- a/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
+++ b/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
@@ -1,4 +1,5 @@
-.\"	$OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.3 2017/08/12 21:03:08 jsing Exp $
+.\"	$OpenBSD: SSL_CTX_set_alpn_select_cb.3,v 1.4 2017/08/21 08:31:19 schwarze Exp $
+.\"	OpenSSL 87b81496 Apr 19 12:38:27 2017 -0400
 .\"	OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Todd Short <tshort@akamai.com>.
@@ -48,15 +49,18 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 12 2017 $
+.Dd $Mdocdate: August 21 2017 $
 .Dt SSL_CTX_SET_ALPN_SELECT_CB 3
 .Os
 .Sh NAME
 .Nm SSL_CTX_set_alpn_protos ,
 .Nm SSL_set_alpn_protos ,
 .Nm SSL_CTX_set_alpn_select_cb ,
+.Nm SSL_CTX_set_next_proto_select_cb ,
+.Nm SSL_CTX_set_next_protos_advertised_cb ,
 .Nm SSL_select_next_proto ,
-.Nm SSL_get0_alpn_selected
+.Nm SSL_get0_alpn_selected ,
+.Nm SSL_get0_next_proto_negotiated
 .Nd handle application layer protocol negotiation (ALPN)
 .Sh SYNOPSIS
 .In openssl/ssl.h
@@ -80,6 +84,21 @@
  unsigned int inlen, void *arg)"
 .Fa "void *arg"
 .Fc
+.Ft void
+.Fo SSL_CTX_set_next_proto_select_cb
+.Fa "SSL_CTX *ctx"
+.Fa "int (*cb)(SSL *ssl, unsigned char **out,\
+ unsigned char *outlen, const unsigned char *in,\
+ unsigned int inlen, void *arg)"
+.Fa "void *arg"
+.Fc
+.Ft void
+.Fo SSL_CTX_set_next_protos_advertised_cb
+.Fa "SSL_CTX *ctx"
+.Fa "int (*cb)(SSL *ssl, const unsigned char **out,\
+ unsigned char *outlen, void *arg)"
+.Fa "void *arg"
+.Fc
 .Ft int
 .Fo SSL_select_next_proto
 .Fa "unsigned char **out"
@@ -95,6 +114,12 @@
 .Fa "const unsigned char **data"
 .Fa "unsigned int *len"
 .Fc
+.Ft void
+.Fo SSL_get0_next_proto_negotiated
+.Fa "const SSL *ssl"
+.Fa "const unsigned char **data"
+.Fa "unsigned int *len"
+.Fc
 .Sh DESCRIPTION
 .Fn SSL_CTX_set_alpn_protos
 and
@@ -182,6 +207,16 @@ is returned in
 .Fa out ,
 .Fa outlen .
 .Pp
+.Fn SSL_CTX_set_next_proto_select_cb
+is deprecated and has no effect.
+It used to set a callback that was called when a client needed to
+select a protocol from the server's provided list.
+.Pp
+.Fn SSL_CTX_set_next_protos_advertised_cb
+is deprecated and has no effect.
+It used to set a callback that was called when a TLS server needed
+a list of supported protocols for Next Protocol Negotiation.
+.Pp
 .Fn SSL_get0_alpn_selected
 returns a pointer to the selected protocol in
 .Fa data
@@ -197,6 +232,16 @@ is set to 0 if no protocol has been selected.
 .Fa data
 must not be freed.
 .Pp
+.Fn SSL_get0_next_proto_negotiated
+is deprecated and has no effect except that it always sets
+.Pf * Fa data
+to
+.Dv NULL
+and
+.Pf * Fa len
+to 0.
+It used to return the client's requested protocol for this connection.
+.Pp
 The protocol-lists must be in wire-format, which is defined as a vector
 of non-empty, 8-bit length-prefixed byte strings.
 The length-prefix byte is not included in the length.