As the perl-generated assembler files have been committed, add the

perl-generated (.pod) manual pages too. This is another nail in the
perl5 coffin (for base perl, not the port or the language in general).

1 files changed, 447 insertions, 0 deletions

diff --git a/secure/lib/libcrypto/man/ciphers.1 b/secure/lib/libcrypto/man/ciphers.1
new file mode 100644
index 0000000..19d38ec
--- /dev/null
+++ b/secure/lib/libcrypto/man/ciphers.1
@@ -0,0 +1,447 @@
+.\" Automatically generated by Pod::Man version 1.15
+.\" Thu May  9 13:13:58 2002
+.\"
+.\" Standard preamble:
+.\" ======================================================================
+.de Sh \" Subsection heading
+.br
+.if t .Sp
+.ne 5
+.PP
+\fB\\$1\fR
+.PP
+..
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Ip \" List item
+.br
+.ie \\n(.$>=3 .ne \\$3
+.el .ne 3
+.IP "\\$1" \\$2
+..
+.de Vb \" Begin verbatim text
+.ft CW
+.nf
+.ne \\$1
+..
+.de Ve \" End verbatim text
+.ft R
+
+.fi
+..
+.\" Set up some character translations and predefined strings.  \*(-- will
+.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
+.\" double quote, and \*(R" will give a right double quote.  | will give a
+.\" real vertical bar.  \*(C+ will give a nicer C++.  Capital omega is used
+.\" to do unbreakable dashes and therefore won't be available.  \*(C` and
+.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
+.tr \(*W-|\(bv\*(Tr
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.ie n \{\
+.    ds -- \(*W-
+.    ds PI pi
+.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
+.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
+.    ds L" ""
+.    ds R" ""
+.    ds C` ""
+.    ds C' ""
+'br\}
+.el\{\
+.    ds -- \|\(em\|
+.    ds PI \(*p
+.    ds L" ``
+.    ds R" ''
+'br\}
+.\"
+.\" If the F register is turned on, we'll generate index entries on stderr
+.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
+.\" index entries marked with X<> in POD.  Of course, you'll have to process
+.\" the output yourself in some meaningful fashion.
+.if \nF \{\
+.    de IX
+.    tm Index:\\$1\t\\n%\t"\\$2"
+..
+.    nr % 0
+.    rr F
+.\}
+.\"
+.\" For nroff, turn off justification.  Always turn off hyphenation; it
+.\" makes way too many mistakes in technical documents.
+.hy 0
+.if n .na
+.\"
+.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
+.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
+.bd B 3
+.    \" fudge factors for nroff and troff
+.if n \{\
+.    ds #H 0
+.    ds #V .8m
+.    ds #F .3m
+.    ds #[ \f1
+.    ds #] \fP
+.\}
+.if t \{\
+.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
+.    ds #V .6m
+.    ds #F 0
+.    ds #[ \&
+.    ds #] \&
+.\}
+.    \" simple accents for nroff and troff
+.if n \{\
+.    ds ' \&
+.    ds ` \&
+.    ds ^ \&
+.    ds , \&
+.    ds ~ ~
+.    ds /
+.\}
+.if t \{\
+.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
+.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
+.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
+.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
+.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
+.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
+.\}
+.    \" troff and (daisy-wheel) nroff accents
+.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
+.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
+.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
+.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
+.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
+.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
+.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
+.ds ae a\h'-(\w'a'u*4/10)'e
+.ds Ae A\h'-(\w'A'u*4/10)'E
+.    \" corrections for vroff
+.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
+.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
+.    \" for low resolution devices (crt and lpr)
+.if \n(.H>23 .if \n(.V>19 \
+\{\
+.    ds : e
+.    ds 8 ss
+.    ds o a
+.    ds d- d\h'-1'\(ga
+.    ds D- D\h'-1'\(hy
+.    ds th \o'bp'
+.    ds Th \o'LP'
+.    ds ae ae
+.    ds Ae AE
+.\}
+.rm #[ #] #H #V #F C
+.\" ======================================================================
+.\"
+.IX Title "CIPHERS 1"
+.TH CIPHERS 1 "perl v5.6.1" "2000-11-13" "User Contributed Perl Documentation"
+.UC
+.SH "NAME"
+ciphers \- \s-1SSL\s0 cipher display and cipher list tool.
+.SH "SYNOPSIS"
+.IX Header "SYNOPSIS"
+\&\fBopenssl\fR \fBciphers\fR
+[\fB\-v\fR]
+[\fB\-ssl2\fR]
+[\fB\-ssl3\fR]
+[\fB\-tls1\fR]
+[\fBcipherlist\fR]
+.SH "DESCRIPTION"
+.IX Header "DESCRIPTION"
+The \fBcipherlist\fR command converts OpenSSL cipher lists into ordered
+\&\s-1SSL\s0 cipher preference lists. It can be used as a test tool to determine
+the appropriate cipherlist.
+.SH "COMMAND OPTIONS"
+.IX Header "COMMAND OPTIONS"
+.Ip "\fB\-v\fR" 4
+.IX Item "-v"
+verbose option. List ciphers with a complete description of
+protocol version (SSLv2 or SSLv3; the latter includes \s-1TLS\s0), key exchange,
+authentication, encryption and mac algorithms used along with any key size
+restrictions and whether the algorithm is classed as an \*(L"export\*(R" cipher.
+Note that without the \fB\-v\fR option, ciphers may seem to appear twice
+in a cipher list; this is when similar ciphers are available for
+\&\s-1SSL\s0 v2 and for \s-1SSL\s0 v3/TLS v1.
+.Ip "\fB\-ssl3\fR" 4
+.IX Item "-ssl3"
+only include \s-1SSL\s0 v3 ciphers.
+.Ip "\fB\-ssl2\fR" 4
+.IX Item "-ssl2"
+only include \s-1SSL\s0 v2 ciphers.
+.Ip "\fB\-tls1\fR" 4
+.IX Item "-tls1"
+only include \s-1TLS\s0 v1 ciphers.
+.Ip "\fB\-h\fR, \fB\-?\fR" 4
+.IX Item "-h, -?"
+print a brief usage message.
+.Ip "\fBcipherlist\fR" 4
+.IX Item "cipherlist"
+a cipher list to convert to a cipher preference list. If it is not included
+then the default cipher list will be used. The format is described below.
+.SH "CIPHER LIST FORMAT"
+.IX Header "CIPHER LIST FORMAT"
+The cipher list consists of one or more \fIcipher strings\fR separated by colons.
+Commas or spaces are also acceptable separators but colons are normally used.
+.PP
+The actual cipher string can take several different forms.
+.PP
+It can consist of a single cipher suite such as \fB\s-1RC4\-SHA\s0\fR.
+.PP
+It can represent a list of cipher suites containing a certain algorithm, or
+cipher suites of a certain type. For example \fB\s-1SHA1\s0\fR represents all ciphers
+suites using the digest algorithm \s-1SHA1\s0 and \fBSSLv3\fR represents all \s-1SSL\s0 v3
+algorithms.
+.PP
+Lists of cipher suites can be combined in a single cipher string using the
+\&\fB+\fR character. This is used as a logical \fBand\fR operation. For example
+\&\fB\s-1SHA1+DES\s0\fR represents all cipher suites containing the \s-1SHA1\s0 \fBand\fR the \s-1DES\s0
+algorithms.
+.PP
+Each cipher string can be optionally preceded by the characters \fB!\fR,
+\&\fB-\fR or \fB+\fR.
+.PP
+If \fB!\fR is used then the ciphers are permanently deleted from the list.
+The ciphers deleted can never reappear in the list even if they are
+explicitly stated.
+.PP
+If \fB-\fR is used then the ciphers are deleted from the list, but some or
+all of the ciphers can be added again by later options.
+.PP
+If \fB+\fR is used then the ciphers are moved to the end of the list. This
+option doesn't add any new ciphers it just moves matching existing ones.
+.PP
+If none of these characters is present then the string is just interpreted
+as a list of ciphers to be appended to the current preference list. If the
+list includes any ciphers already present they will be ignored: that is they
+will not moved to the end of the list.
+.PP
+Additionally the cipher string \fB@STRENGTH\fR can be used at any point to sort
+the current cipher list in order of encryption algorithm key length.
+.SH "CIPHER STRINGS"
+.IX Header "CIPHER STRINGS"
+The following is a list of all permitted cipher strings and their meanings.
+.Ip "\fB\s-1DEFAULT\s0\fR" 4
+.IX Item "DEFAULT"
+the default cipher list. This is determined at compile time and is normally
+\&\fB\s-1ALL:\s0!ADH:RC4+RSA:+SSLv2:@STRENGTH\fR. This must be the first cipher string
+specified.
+.Ip "\fB\s-1ALL\s0\fR" 4
+.IX Item "ALL"
+all ciphers suites except the \fBeNULL\fR ciphers which must be explicitly enabled.
+.Ip "\fB\s-1HIGH\s0\fR" 4
+.IX Item "HIGH"
+\&\*(L"high\*(R" encryption cipher suites. This currently means those with key lengths larger
+than 128 bits.
+.Ip "\fB\s-1MEDIUM\s0\fR" 4
+.IX Item "MEDIUM"
+\&\*(L"medium\*(R" encryption cipher suites, currently those using 128 bit encryption.
+.Ip "\fB\s-1LOW\s0\fR" 4
+.IX Item "LOW"
+\&\*(L"low\*(R" encryption cipher suites, currently those using 64 or 56 bit encryption algorithms
+but excluding export cipher suites.
+.Ip "\fB\s-1EXP\s0\fR, \fB\s-1EXPORT\s0\fR" 4
+.IX Item "EXP, EXPORT"
+export encryption algorithms. Including 40 and 56 bits algorithms.
+.Ip "\fB\s-1EXPORT40\s0\fR" 4
+.IX Item "EXPORT40"
+40 bit export encryption algorithms
+.Ip "\fB\s-1EXPORT56\s0\fR" 4
+.IX Item "EXPORT56"
+56 bit export encryption algorithms.
+.Ip "\fBeNULL\fR, \fB\s-1NULL\s0\fR" 4
+.IX Item "eNULL, NULL"
+the \*(L"\s-1NULL\s0\*(R" ciphers that is those offering no encryption. Because these offer no
+encryption at all and are a security risk they are disabled unless explicitly
+included.
+.Ip "\fBaNULL\fR" 4
+.IX Item "aNULL"
+the cipher suites offering no authentication. This is currently the anonymous
+\&\s-1DH\s0 algorithms. These cipher suites are vulnerable to a \*(L"man in the middle\*(R"
+attack and so their use is normally discouraged.
+.Ip "\fBkRSA\fR, \fB\s-1RSA\s0\fR" 4
+.IX Item "kRSA, RSA"
+cipher suites using \s-1RSA\s0 key exchange.
+.Ip "\fBkEDH\fR" 4
+.IX Item "kEDH"
+cipher suites using ephemeral \s-1DH\s0 key agreement.
+.Ip "\fBkDHr\fR, \fBkDHd\fR" 4
+.IX Item "kDHr, kDHd"
+cipher suites using \s-1DH\s0 key agreement and \s-1DH\s0 certificates signed by CAs with \s-1RSA\s0
+and \s-1DSS\s0 keys respectively. Not implemented.
+.Ip "\fBaRSA\fR" 4
+.IX Item "aRSA"
+cipher suites using \s-1RSA\s0 authentication, i.e. the certificates carry \s-1RSA\s0 keys.
+.Ip "\fBaDSS\fR, \fB\s-1DSS\s0\fR" 4
+.IX Item "aDSS, DSS"
+cipher suites using \s-1DSS\s0 authentication, i.e. the certificates carry \s-1DSS\s0 keys.
+.Ip "\fBaDH\fR" 4
+.IX Item "aDH"
+cipher suites effectively using \s-1DH\s0 authentication, i.e. the certificates carry
+\&\s-1DH\s0 keys.  Not implemented.
+.Ip "\fBkFZA\fR, \fBaFZA\fR, \fBeFZA\fR, \fB\s-1FZA\s0\fR" 4
+.IX Item "kFZA, aFZA, eFZA, FZA"
+ciphers suites using \s-1FORTEZZA\s0 key exchange, authentication, encryption or all
+\&\s-1FORTEZZA\s0 algorithms. Not implemented.
+.Ip "\fBTLSv1\fR, \fBSSLv3\fR, \fBSSLv2\fR" 4
+.IX Item "TLSv1, SSLv3, SSLv2"
+\&\s-1TLS\s0 v1.0, \s-1SSL\s0 v3.0 or \s-1SSL\s0 v2.0 cipher suites respectively.
+.Ip "\fB\s-1DH\s0\fR" 4
+.IX Item "DH"
+cipher suites using \s-1DH\s0, including anonymous \s-1DH\s0.
+.Ip "\fB\s-1ADH\s0\fR" 4
+.IX Item "ADH"
+anonymous \s-1DH\s0 cipher suites.
+.Ip "\fB3DES\fR" 4
+.IX Item "3DES"
+cipher suites using triple \s-1DES\s0.
+.Ip "\fB\s-1DES\s0\fR" 4
+.IX Item "DES"
+cipher suites using \s-1DES\s0 (not triple \s-1DES\s0).
+.Ip "\fB\s-1RC4\s0\fR" 4
+.IX Item "RC4"
+cipher suites using \s-1RC4\s0.
+.Ip "\fB\s-1RC2\s0\fR" 4
+.IX Item "RC2"
+cipher suites using \s-1RC2\s0.
+.Ip "\fB\s-1IDEA\s0\fR" 4
+.IX Item "IDEA"
+cipher suites using \s-1IDEA\s0.
+.Ip "\fB\s-1MD5\s0\fR" 4
+.IX Item "MD5"
+cipher suites using \s-1MD5\s0.
+.Ip "\fB\s-1SHA1\s0\fR, \fB\s-1SHA\s0\fR" 4
+.IX Item "SHA1, SHA"
+cipher suites using \s-1SHA1\s0.
+.SH "CIPHER SUITE NAMES"
+.IX Header "CIPHER SUITE NAMES"
+The following lists give the \s-1SSL\s0 or \s-1TLS\s0 cipher suites names from the
+relevant specification and their OpenSSL equivalents.
+.Sh "\s-1SSL\s0 v3.0 cipher suites."
+.IX Subsection "SSL v3.0 cipher suites."
+.Vb 10
+\& SSL_RSA_WITH_NULL_MD5                   NULL-MD5
+\& SSL_RSA_WITH_NULL_SHA                   NULL-SHA
+\& SSL_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
+\& SSL_RSA_WITH_RC4_128_MD5                RC4-MD5
+\& SSL_RSA_WITH_RC4_128_SHA                RC4-SHA
+\& SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
+\& SSL_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
+\& SSL_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
+\& SSL_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
+\& SSL_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
+.Ve
+.Vb 12
+\& SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
+\& SSL_DH_DSS_WITH_DES_CBC_SHA             Not implemented.
+\& SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
+\& SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
+\& SSL_DH_RSA_WITH_DES_CBC_SHA             Not implemented.
+\& SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
+\& SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
+\& SSL_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
+\& SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
+\& SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
+\& SSL_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
+\& SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
+.Ve
+.Vb 5
+\& SSL_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
+\& SSL_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
+\& SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
+\& SSL_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
+\& SSL_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
+.Ve
+.Vb 3
+\& SSL_FORTEZZA_KEA_WITH_NULL_SHA          Not implemented.
+\& SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA  Not implemented.
+\& SSL_FORTEZZA_KEA_WITH_RC4_128_SHA       Not implemented.
+.Ve
+.Sh "\s-1TLS\s0 v1.0 cipher suites."
+.IX Subsection "TLS v1.0 cipher suites."
+.Vb 10
+\& TLS_RSA_WITH_NULL_MD5                   NULL-MD5
+\& TLS_RSA_WITH_NULL_SHA                   NULL-SHA
+\& TLS_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
+\& TLS_RSA_WITH_RC4_128_MD5                RC4-MD5
+\& TLS_RSA_WITH_RC4_128_SHA                RC4-SHA
+\& TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
+\& TLS_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
+\& TLS_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
+\& TLS_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
+\& TLS_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
+.Ve
+.Vb 12
+\& TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
+\& TLS_DH_DSS_WITH_DES_CBC_SHA             Not implemented.
+\& TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
+\& TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
+\& TLS_DH_RSA_WITH_DES_CBC_SHA             Not implemented.
+\& TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
+\& TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
+\& TLS_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
+\& TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
+\& TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
+\& TLS_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
+\& TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
+.Ve
+.Vb 5
+\& TLS_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
+\& TLS_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
+\& TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
+\& TLS_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
+\& TLS_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
+.Ve
+.Sh "Additional Export 1024 and other cipher suites"
+.IX Subsection "Additional Export 1024 and other cipher suites"
+Note: these ciphers can also be used in \s-1SSL\s0 v3.
+.PP
+.Vb 5
+\& TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     EXP1024-DES-CBC-SHA
+\& TLS_RSA_EXPORT1024_WITH_RC4_56_SHA      EXP1024-RC4-SHA
+\& TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA
+\& TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA  EXP1024-DHE-DSS-RC4-SHA
+\& TLS_DHE_DSS_WITH_RC4_128_SHA            DHE-DSS-RC4-SHA
+.Ve
+.Sh "\s-1SSL\s0 v2.0 cipher suites."
+.IX Subsection "SSL v2.0 cipher suites."
+.Vb 7
+\& SSL_CK_RC4_128_WITH_MD5                 RC4-MD5
+\& SSL_CK_RC4_128_EXPORT40_WITH_MD5        EXP-RC4-MD5
+\& SSL_CK_RC2_128_CBC_WITH_MD5             RC2-MD5
+\& SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5    EXP-RC2-MD5
+\& SSL_CK_IDEA_128_CBC_WITH_MD5            IDEA-CBC-MD5
+\& SSL_CK_DES_64_CBC_WITH_MD5              DES-CBC-MD5
+\& SSL_CK_DES_192_EDE3_CBC_WITH_MD5        DES-CBC3-MD5
+.Ve
+.SH "NOTES"
+.IX Header "NOTES"
+The non-ephemeral \s-1DH\s0 modes are currently unimplemented in OpenSSL
+because there is no support for \s-1DH\s0 certificates.
+.PP
+Some compiled versions of OpenSSL may not include all the ciphers
+listed here because some ciphers were excluded at compile time.
+.SH "EXAMPLES"
+.IX Header "EXAMPLES"
+Verbose listing of all OpenSSL ciphers including \s-1NULL\s0 ciphers:
+.PP
+.Vb 1
+\& openssl ciphers -v 'ALL:eNULL'
+.Ve
+Include all ciphers except \s-1NULL\s0 and anonymous \s-1DH\s0 then sort by
+strength:
+.PP
+.Vb 1
+\& openssl ciphers -v 'ALL:!ADH:@STRENGTH'
+.Ve
+Include only 3DES ciphers and then place \s-1RSA\s0 ciphers last:
+.PP
+.Vb 1
+\& openssl ciphers -v '3DES:+RSA'
+.Ve
+.SH "SEE ALSO"
+.IX Header "SEE ALSO"
+s_client(1), s_server(1), ssl(3)