RAND: Rename the RAND_poll_ex() callback and its typedef

[openssl.git] / doc / man3 / SSL_get_error.pod

diff --git a/doc/man3/SSL_get_error.pod b/doc/man3/SSL_get_error.pod
index d165b888b5b4608339ca7805b65e1a3f9919b3b9..efa78ef0992a1b55e71fc631dfe52c927366fe4d 100644 (file)
--- a/doc/man3/SSL_get_error.pod
+++ b/doc/man3/SSL_get_error.pod
@@ -38,12 +38,12 @@ if and only if B<ret E<gt> 0>.
 
 =item SSL_ERROR_ZERO_RETURN
 
-The TLS/SSL connection has been closed.  If the protocol version is SSL 3.0
-or TLS 1.0, this result code is returned only if a closure
-alert has occurred in the protocol, i.e. if the connection has been
-closed cleanly. Note that in this case B<SSL_ERROR_ZERO_RETURN>
-does not necessarily indicate that the underlying transport
-has been closed.
+The TLS/SSL connection has been closed.
+If the protocol version is SSL 3.0 or higher, this result code is returned only
+if a closure alert has occurred in the protocol, i.e. if the connection has been
+closed cleanly.
+Note that in this case B<SSL_ERROR_ZERO_RETURN> does not necessarily
+indicate that the underlying transport has been closed.
 
 =item SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE
 
@@ -64,11 +64,11 @@ TLS/SSL I/O function should be retried.
 
 Caveat: Any TLS/SSL I/O function can lead to either of
 B<SSL_ERROR_WANT_READ> and B<SSL_ERROR_WANT_WRITE>.  In particular,
-SSL_read_ex(), SSL_read() SSL_peek_ex() or SSL_peek() may want to write data and
-SSL_write() or SSL_write_ex() may want to read data.  This is mainly because
+SSL_read_ex(), SSL_read(), SSL_peek_ex(), or SSL_peek() may want to write data
+and SSL_write() or SSL_write_ex() may want to read data.  This is mainly because
 TLS/SSL handshakes may occur at any time during the protocol (initiated by
 either the client or the server); SSL_read_ex(), SSL_read(), SSL_peek_ex(),
-SSL_peek(), SSL_write_ex() and SSL_write() will handle any pending handshakes.
+SSL_peek(), SSL_write_ex(), and SSL_write() will handle any pending handshakes.
 
 =item SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT
 
@@ -110,14 +110,18 @@ through a call to L<ASYNC_init_thread(3)>. The application should retry the
 operation after a currently executing asynchronous operation for the current
 thread has completed.
 
+=item SSL_ERROR_WANT_EARLY
+
+The operation did not complete because an application callback set by
+SSL_CTX_set_early_cb() has asked to be called again.
+The TLS/SSL I/O function should be called again later.
+Details depend on the application.
+
 =item SSL_ERROR_SYSCALL
 
-Some I/O error occurred.  The OpenSSL error queue may contain more
-information on the error.  If the error queue is empty
-(i.e. ERR_get_error() returns 0), B<ret> can be used to find out more
-about the error: If B<ret == 0>, an EOF was observed that violates
-the protocol.  If B<ret == -1>, the underlying B<BIO> reported an
-I/O error (for socket I/O on Unix systems, consult B<errno> for details).
+Some non-recoverable I/O error occurred.
+The OpenSSL error queue may contain more information on the error.
+For socket I/O on Unix systems, consult B<errno> for details.
 
 =item SSL_ERROR_SSL
 
@@ -128,15 +132,16 @@ OpenSSL error queue contains more information on the error.
 
 =head1 SEE ALSO
 
-L<ssl(3)>, L<err(3)>
+L<ssl(7)>
 
 =head1 HISTORY
 
 SSL_ERROR_WANT_ASYNC was added in OpenSSL 1.1.0.
+SSL_ERROR_WANT_EARLY was added in OpenSSL 1.1.1.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy