From 732983eb415ca204672d7f84162dda916ccf9535 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Tue, 15 Mar 2016 16:00:36 -0400 Subject: [PATCH] CURLOPT_SSLENGINE.3: Only for OpenSSL built with engine support Bug: https://curl.haxx.se/mail/lib-2016-03/0150.html Reported-by: Oliver Graute --- docs/libcurl/opts/CURLOPT_SSLENGINE.3 | 19 ++++++++++++------ docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 | 20 ++++++++++++------- 2 files changed, 26 insertions(+), 13 deletions(-) diff --git a/docs/libcurl/opts/CURLOPT_SSLENGINE.3 b/docs/libcurl/opts/CURLOPT_SSLENGINE.3 index 0874a2150..d0c48a4b2 100644 --- a/docs/libcurl/opts/CURLOPT_SSLENGINE.3 +++ b/docs/libcurl/opts/CURLOPT_SSLENGINE.3 @@ -30,9 +30,6 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLENGINE, char *id); .SH DESCRIPTION Pass a pointer to a zero terminated string as parameter. It will be used as the identifier for the crypto engine you want to use for your private key. - -If the crypto device cannot be loaded, \fICURLE_SSL_ENGINE_NOTFOUND\fP is -returned. .SH DEFAULT NULL .SH PROTOCOLS @@ -40,9 +37,19 @@ All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. .SH EXAMPLE TODO .SH AVAILABILITY -If built TLS enabled. +Only if the SSL backend is OpenSSL built with engine support. .SH RETURN VALUE -Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or -CURLE_OUT_OF_MEMORY if there was insufficient heap space. +CURLE_OK - Engine found. + +CURLE_SSL_ENGINE_NOTFOUND - Engine not found, or OpenSSL was not built with +engine support. + +CURLE_SSL_ENGINE_INITFAILED - Engine found but initialization failed. + +CURLE_NOT_BUILT_IN - Option not built in, OpenSSL is not the SSL backend. + +CURLE_UNKNOWN_OPTION - Option not recognized. + +CURLE_OUT_OF_MEMORY - Insufficient heap space. .SH "SEE ALSO" .BR CURLOPT_SSLENGINE_DEFAULT "(3), " CURLOPT_SSLKEY "(3), " diff --git a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 index 27dc738e2..2fe7aed10 100644 --- a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 +++ b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 @@ -28,11 +28,10 @@ CURLOPT_SSLENGINE_DEFAULT \- make SSL engine default CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLENGINE_DEFAULT, long val); .SH DESCRIPTION -Pass a long set to 1 as parameter. Sets the actual crypto engine as the -default for (asymmetric) crypto operations. +Pass a long set to 1 to make the already specified crypto engine the default +for (asymmetric) crypto operations. -If the crypto device cannot be set, \fICURLE_SSL_ENGINE_SETFAILED\fP is -returned. +This option has no effect unless set after \fICURLOPT_SSLENGINE\fP. .SH DEFAULT None .SH PROTOCOLS @@ -40,9 +39,16 @@ All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. .SH EXAMPLE TODO .SH AVAILABILITY -If built TLS enabled. +Only if the SSL backend is OpenSSL built with engine support. .SH RETURN VALUE -Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or -CURLE_OUT_OF_MEMORY if there was insufficient heap space. +CURLE_OK - Engine set as default. + +CURLE_SSL_ENGINE_SETFAILED - Engine could not be set as default. + +CURLE_NOT_BUILT_IN - Option not built in, OpenSSL is not the SSL backend. + +CURLE_UNKNOWN_OPTION - Option not recognized. + +CURLE_OUT_OF_MEMORY - Insufficient heap space. .SH "SEE ALSO" .BR CURLOPT_SSLENGINE "(3), " CURLOPT_SSLCERT "(3), " -- 2.40.0