Upgrade chrome's OpenSSL to same version Android ships with.

openssl/doc/ssleay.txt

 
 Bundle of old SSLeay documentation files [OBSOLETE!]
 
 *** WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! ***
 
 OBSOLETE means that nothing in this document should be trusted.  This
 document is provided mostly for historical purposes (it wasn't even up
 to date at the time SSLeay 0.8.1 was released) and as inspiration.  If
 you copy some snippet of code from this document, please _check_ that
 it really is correct from all points of view.  For example, you can
 check with the other documents in this directory tree, or by comparing
 with relevant parts of the include files.
 
 People have done the mistake of trusting what's written here.  Please
 don't do that.
 
 *** WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! ***
 
 
 ==== readme ========================================================
 
 This is the old 0.6.6 docuementation.  Most of the cipher stuff is still
-relevent but I'm working (very slowly) on new docuemtation.
+relevent but I'm working (very slowly) on new documentation.
 The current version can be found online at
 
 http://www.cryptsoft.com/ssleay/doc
 
 ==== API.doc ========================================================
 
 SSL - SSLv2/v3/v23 etc.
 
 BIO - methods and how they plug together
 
@@ skipping 507 matching lines @@
 Ok, where to begin....
 In the begining, when SSLeay was small (April 1995), there
 were but few applications, they did happily cohabit in
 the one bin directory.  Then over time, they did multiply and grow,
 and they started to look like microsoft software; 500k to print 'hello world'.
 A new approach was needed.  They were coalessed into one 'Monolithic'
 application, ssleay.  This one program is composed of many programs that
 can all be compiled independantly.
 
 ssleay has 3 modes of operation.
-1) If the ssleay binaray has the name of one of its component programs, it
-executes that program and then exits.  This can be achieve by using hard or
+1) If the ssleay binary has the name of one of its component programs, it
+executes that program and then exits.  This can be achieved by using hard or
 symbolic links, or failing that, just renaming the binary.
 2) If the first argument to ssleay is the name of one of the component
 programs, that program runs that program and then exits.
 3) If there are no arguments, ssleay enters a 'command' mode.  Each line is
 interpreted as a program name plus arguments.  After each 'program' is run,
 ssleay returns to the comand line.
 
 dgst    - message digests
 enc     - encryption and base64 encoding
 
@@ skipping 615 matching lines @@
 -       'Method' is the BIO method.
 -       'callback', when configured, is called before and after 
         each BIO method is called for that particular BIO.  This 
         is intended primarily for debugging and of informational feedback.
 -       'init' is 0 when the BIO can be used for operation.  
         Often, after a BIO is created, a number of operations may 
         need to be performed before it is available for use.  An 
         example is for BIO_s_sock().  A socket needs to be 
         assigned to the BIO before it can be used.
 -       'shutdown', this flag indicates if the underlying 
-        comunication primative being used should be closed/freed 
+        communication primitive being used should be closed/freed 
         when the BIO is closed.
 -       'flags' is used to hold extra state.  It is primarily used 
         to hold information about why a non-blocking operation 
         failed and to record startup protocol information for the 
         SSL BIO.
 -       'num' and 'ptr' are used to hold instance specific state 
         like file descriptors or local data structures.
 -       'next_bio' is used by filter BIOs to hold the pointer of the
         next BIO in the chain. written data is sent to this BIO and
         data read is taken from it.
@@ skipping 593 matching lines @@
 int BN_zero(BIGNUM *a)
         Set 'a' to hold the value zero.
         This is a=0.
         
 int BN_set_word(BIGNUM *a, unsigned long w);
         Set 'a' to hold the value of 'w'.  'w' is an unsigned long.
         This is a=w.
 
 unsigned long BN_get_word(BIGNUM *a);
         Returns 'a' in an unsigned long.  Not remarkably, often 'a' will
-        be biger than a word, in which case 0xffffffffL is returned.
+        be bigger than a word, in which case 0xffffffffL is returned.
 
 Word Operations
 These functions are much more efficient that the normal bignum arithmetic
 operations.
 
 BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
         Return the remainder of 'a' divided by 'w'.
         This is return(a%w).
         
 int BN_add_word(BIGNUM *a, unsigned long w);
@@ skipping 238 matching lines @@
 #define PEM_read_bio_PKCS7(bp,x,cb)
 #define PEM_read_bio_DHparams(bp,x,cb)
 int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
 RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
 
 Now you will notice that macros like
 #define PEM_write_X509(fp,x) \
                 PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
                                         (char *)x, NULL,NULL,0,NULL)
 Don't do encryption normally.  If you want to PEM encrypt your X509 structure,
-either just call PEM_ASN1_write directly or just define you own
+either just call PEM_ASN1_write directly or just define your own
 macro variant.  As you can see, this macro just sets all encryption related
 parameters to NULL.
 
 
 --------------------------
 The SSL library.
 
 #define SSL_set_info_callback(ssl,cb)
 #define SSL_CTX_set_info_callback(ctx,cb)
 void callback(SSL *ssl,int location,int ret)
@@ skipping 3487 matching lines @@
 cached SSL_SESSIONS (which can be reused) and the certificate lookup
 information.  Each SSL structure needs to be associated with a SSL_CTX.
 Normally only one SSL_CTX structure is needed per program.
 
 SSL_CTX *SSL_CTX_new(void ); 
 void    SSL_CTX_free(SSL_CTX *);
 These 2 functions create and destroy SSL_CTX structures
 
 The SSL_CTX has a session_cache_mode which is by default,
 in SSL_SESS_CACHE_SERVER mode.  What this means is that the library
-will automatically add new session-id's to the cache apon sucsessful
+will automatically add new session-id's to the cache upon successful
 SSL_accept() calls.
 If SSL_SESS_CACHE_CLIENT is set, then client certificates are also added
 to the cache.
 SSL_set_session_cache_mode(ctx,mode)  will set the 'mode' and
 SSL_get_session_cache_mode(ctx) will get the cache 'mode'.
 The modes can be
 SSL_SESS_CACHE_OFF      - no caching
 SSL_SESS_CACHE_CLIENT   - only SSL_connect()
 SSL_SESS_CACHE_SERVER   - only SSL_accept()
 SSL_SESS_NO_CACHE_BOTH  - Either SSL_accept() or SSL_connect().
 If SSL_SESS_CACHE_NO_AUTO_CLEAR is set, old timed out sessions are
 not automatically removed each 255, SSL_connect()s or SSL_accept()s.
 
-By default, apon every 255 successful SSL_connect() or SSL_accept()s,
+By default, upon every 255 successful SSL_connect() or SSL_accept()s,
 the cache is flush.  Please note that this could be expensive on
 a heavily loaded SSL server, in which case, turn this off and
 clear the cache of old entries 'manually' (with one of the functions
 listed below) every few hours.  Perhaps I should up this number, it is hard
-to say.  Remember, the '255' new calls is just a mechanims to get called
+to say.  Remember, the '255' new calls is just a mechanism to get called
 every now and then, in theory at most 255 new session-id's will have been
 added but if 100 are added every minute, you would still have
 500 in the cache before any would start being flushed (assuming a 3 minute
 timeout)..
 
 int SSL_CTX_sess_hits(SSL_CTX *ctx);
 int SSL_CTX_sess_misses(SSL_CTX *ctx);
 int SSL_CTX_sess_timeouts(SSL_CTX *ctx);
 These 3 functions return statistics about the SSL_CTX.  These 3 are the
 number of session id reuses.  hits is the number of reuses, misses are the
@@ skipping 22 matching lines @@
 SSL_SESSION *get_session_callback(unsigned char *sess_id,int sess_id_len,
         int *copy);
 
 The get_session_callback is intended to return null if no session id is found.
 The reference count on the SSL_SESSION in incremented by the SSL library,
 if copy is 1.  Otherwise, the reference count is not modified.
 
 void SSL_CTX_sess_set_get_cb(ctx,cb) sets the callback and
 int (*cb)()SSL_CTX_sess_get_get_cb(ctx) returns the callback.
 
-These callbacks are basically indended to be used by processes to
+These callbacks are basically intended to be used by processes to
 send their session-id's to other processes.  I currently have not implemented
-non-blocking semantics for these callbacks, it is upto the appication
-to make the callbacks effiecent if they require blocking (perhaps
+non-blocking semantics for these callbacks, it is upto the application
+to make the callbacks efficient if they require blocking (perhaps
 by 'saving' them and then 'posting them' when control returns from
 the SSL_accept().
 
 LHASH *SSL_CTX_sessions(SSL_CTX *ctx)
 This returns the session cache.  The lhash strucutre can be accessed for
 statistics about the cache.
 
 void lh_stats(LHASH *lh, FILE *out);
 void lh_node_stats(LHASH *lh, FILE *out);
 void lh_node_usage_stats(LHASH *lh, FILE *out);
@@ skipping 937 matching lines @@
 Some 'read-ahead' mode information.
 A previous session-id to re-use.
 
 A connection is made by using SSL_connect or SSL_accept.
 When non-blocking IO is being used, there are functions that can be used
 to determin where and why the SSL_connect or SSL_accept did not complete.
 This information can be used to recall the functions when the 'error'
 condition has dissapeared.
 
 After the connection has been made, information can be retrived about the
-SSL session and the session-id values that have been decided apon.
+SSL session and the session-id values that have been decided upon.
 The 'peer' certificate can be retrieved.
 
 The session-id values include
 'start time'
 'timeout length'
 
 
 
 ==== stack.doc ========================================================
 
@@ skipping 418 matching lines @@
 
 If you specify a SSLv2 cipher, and the mode is SSLv23 and the server
 can talk SSLv3, it will claim there is no cipher since you should be
 using SSLv3.
 
 When tracing debug stuff, remember BIO_s_socket() is different to
 BIO_s_connect().
 
 BSD/OS assember is not working