Regenerate manual pages for OpenSSL 0.9.8p.

1 files changed, 33 insertions, 42 deletions

diff --git a/secure/lib/libssl/man/SSL_CTX_set_options.3 b/secure/lib/libssl/man/SSL_CTX_set_options.3
index 2fe105b..a9de479 100644
--- a/secure/lib/libssl/man/SSL_CTX_set_options.3
+++ b/secure/lib/libssl/man/SSL_CTX_set_options.3
@@ -1,15 +1,7 @@
-.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.37
+.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
 .\"
 .\" Standard preamble:
 .\" ========================================================================
-.de Sh \" Subsection heading
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
 .de Sp \" Vertical space (when we can't use .PP)
 .if t .sp .5v
 .if n .sp
@@ -25,11 +17,11 @@
 ..
 .\" Set up some character translations and predefined strings.  \*(-- will
 .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote.  | will give a
-.\" real vertical bar.  \*(C+ will give a nicer C++.  Capital omega is used to
-.\" do unbreakable dashes and therefore won't be available.  \*(C` and \*(C'
-.\" expand to `' in nroff, nothing in troff, for use with C<>.
-.tr \(*W-|\(bv\*(Tr
+.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
+.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
+.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
+.\" nothing in troff, for use with C<>.
+.tr \(*W-
 .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
 .ie n \{\
 .    ds -- \(*W-
@@ -48,22 +40,25 @@
 .    ds R" ''
 'br\}
 .\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el       .ds Aq '
+.\"
 .\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
 .\" entries marked with X<> in POD.  Of course, you'll have to process the
 .\" output yourself in some meaningful fashion.
-.if \nF \{\
+.ie \nF \{\
 .    de IX
 .    tm Index:\\$1\t\\n%\t"\\$2"
 ..
 .    nr % 0
 .    rr F
 .\}
-.\"
-.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.hy 0
-.if n .na
+.el \{\
+.    de IX
+..
+.\}
 .\"
 .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
 .\" Fear.  Run.  Save yourself.  No user-serviceable parts.
@@ -129,31 +124,27 @@
 .\" ========================================================================
 .\"
 .IX Title "SSL_CTX_set_options 3"
-.TH SSL_CTX_set_options 3 "2010-03-24" "0.9.8n" "OpenSSL"
+.TH SSL_CTX_set_options 3 "2010-11-16" "0.9.8p" "OpenSSL"
+.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
 .SH "NAME"
 SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support \- manipulate SSL options
 .SH "SYNOPSIS"
 .IX Header "SYNOPSIS"
 .Vb 1
 \& #include <openssl/ssl.h>
-.Ve
-.PP
-.Vb 2
+\&
 \& long SSL_CTX_set_options(SSL_CTX *ctx, long options);
 \& long SSL_set_options(SSL *ssl, long options);
-.Ve
-.PP
-.Vb 2
+\&
 \& long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
 \& long SSL_clear_options(SSL *ssl, long options);
-.Ve
-.PP
-.Vb 2
+\&
 \& long SSL_CTX_get_options(SSL_CTX *ctx);
 \& long SSL_get_options(SSL *ssl);
-.Ve
-.PP
-.Vb 1
+\&
 \& long SSL_get_secure_renegotiation_support(SSL *ssl);
 .Ve
 .SH "DESCRIPTION"
@@ -219,8 +210,8 @@ via SSLv3. The cipher list changes....
 .Sp
 \&\s-1NEW\s0 \s-1INFORMATION\s0.  Try connecting with a cipher list of just
 \&\s-1DES\-CBC\-SHA:RC4\-MD5\s0.  For some weird reason, each new connection uses
-\&\s-1RC4\-MD5\s0, but a re-connect tries to use \s-1DES\-CBC\-SHA\s0.  So netscape, when
-doing a re\-connect, always takes the first cipher in the cipher list.
+\&\s-1RC4\-MD5\s0, but a re-connect tries to use DES-CBC-SHA.  So netscape, when
+doing a re-connect, always takes the first cipher in the cipher list.
 .IP "\s-1SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG\s0" 4
 .IX Item "SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG"
 \&...
@@ -271,7 +262,7 @@ Always create a new key when using temporary/ephemeral \s-1DH\s0 parameters
 (see \fISSL_CTX_set_tmp_dh_callback\fR\|(3)).
 This option must be used to prevent small subgroup attacks, when
 the \s-1DH\s0 parameters were not generated using \*(L"strong\*(R" primes
-(e.g. when using DSA\-parameters, see \fIdhparam\fR\|(1)).
+(e.g. when using DSA-parameters, see \fIdhparam\fR\|(1)).
 If \*(L"strong\*(R" primes were used, it is not strictly necessary to generate
 a new \s-1DH\s0 key during each handshake but it is also recommended.
 \&\fB\s-1SSL_OP_SINGLE_DH_USE\s0\fR should therefore be enabled whenever
@@ -286,7 +277,7 @@ with restricted \s-1RSA\s0 keylength). By setting this option, ephemeral
 \&\s-1RSA\s0 keys are always used. This option breaks compatibility with the
 \&\s-1SSL/TLS\s0 specifications and may lead to interoperability problems with
 clients and should therefore never be used. Ciphers with \s-1EDH\s0 (ephemeral
-Diffie\-Hellman) key exchange should be used instead.
+Diffie-Hellman) key exchange should be used instead.
 .IP "\s-1SSL_OP_CIPHER_SERVER_PREFERENCE\s0" 4
 .IX Item "SSL_OP_CIPHER_SERVER_PREFERENCE"
 When choosing a cipher, use the server's preferences instead of the client
@@ -304,7 +295,7 @@ will send its list of preferences to the client and the client chooses.
 .IX Item "SSL_OP_NETSCAPE_CA_DN_BUG"
 If we accept a netscape connection, demand a client cert, have a
 non-self-signed \s-1CA\s0 which does not have its \s-1CA\s0 in netscape, and the
-browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta 
+browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta
 .IP "\s-1SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG\s0" 4
 .IX Item "SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG"
 \&...
@@ -355,10 +346,10 @@ renegotiation is referred to as \fIunpatched\fR.
 .PP
 The following sections describe the operations permitted by OpenSSL's secure
 renegotiation implementation.
-.Sh "Patched client and server"
+.SS "Patched client and server"
 .IX Subsection "Patched client and server"
 Connections and renegotiation are always permitted by OpenSSL implementations.
-.Sh "Unpatched client and patched OpenSSL server"
+.SS "Unpatched client and patched OpenSSL server"
 .IX Subsection "Unpatched client and patched OpenSSL server"
 The initial connection suceeds but client renegotiation is denied by the
 server with a \fBno_renegotiation\fR warning alert if \s-1TLS\s0 v1.0 is used or a fatal
@@ -378,7 +369,7 @@ a \fBno_renegotiation\fR alert as fatal and respond with a fatal
 \&\fBhandshake_failure\fR alert. This is because the OpenSSL \s-1API\s0 currently has
 no provision to indicate to an application that a renegotiation attempt
 was refused.
-.Sh "Patched OpenSSL client and unpatched server."
+.SS "Patched OpenSSL client and unpatched server."
 .IX Subsection "Patched OpenSSL client and unpatched server."
 If the option \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR or
 \&\fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR is set then initial connections