Whoa. Apps are running on android. Switched to a static build of OpenSSL 1.1.1t for simplicity.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4211 ed5197a5-7fde-0310-b194-c3ffbd925b24

deps/openssl/android/arm64-v8a/usr/local/share/man/man5/config.5

@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "CONFIG 5"
-.TH CONFIG 5 "2020-04-21" "1.1.1g" "OpenSSL"
+.TH CONFIG 5 "2023-02-07" "1.1.1t" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -407,12 +407,11 @@ Example of a configuration with the system default:
 \& ssl_conf = ssl_sect
 \&
 \& [ssl_sect]
-\&
 \& system_default = system_default_sect
 \&
 \& [system_default_sect]
-\&
 \& MinProtocol = TLSv1.2
+\& MinProtocol = DTLSv1.2
 .Ve
 .SH "NOTES"
 .IX Header "NOTES"
@@ -506,8 +505,8 @@ Simple OpenSSL library configuration example to enter \s-1FIPS\s0 mode:
 Note: in the above example you will get an error in non \s-1FIPS\s0 capable versions
 of OpenSSL.
 .PP
-Simple OpenSSL library configuration to make \s-1TLS 1.3\s0 the system-default
-minimum \s-1TLS\s0 version:
+Simple OpenSSL library configuration to make \s-1TLS 1.2\s0 and \s-1DTLS 1.2\s0 the
+system-default minimum \s-1TLS\s0 and \s-1DTLS\s0 versions, respectively:
 .PP
 .Vb 2
 \& # Toplevel section for openssl (including libssl)
@@ -521,9 +520,14 @@ minimum \s-1TLS\s0 version:
 \& system_default = system_default_section
 \&
 \& [system_default_section]
-\& MinProtocol = TLSv1.3
+\& MinProtocol = TLSv1.2
+\& MinProtocol = DTLSv1.2
 .Ve
 .PP
+The minimum \s-1TLS\s0 protocol is applied to \fB\s-1SSL_CTX\s0\fR objects that are TLS-based,
+and the minimum \s-1DTLS\s0 protocol to those are DTLS-based.
+The same applies also to maximum versions set with \fBMaxProtocol\fR.
+.PP
 More complex OpenSSL library configuration. Add \s-1OID\s0 and don't enter \s-1FIPS\s0 mode:
 .PP
 .Vb 3
@@ -584,7 +588,7 @@ the value.
 The escaping isn't quite right: if you want to use sequences like \fB\en\fR
 you can't use any quote escaping on the same line.
 .PP
-Files are loaded in a single pass. This means that an variable expansion
+Files are loaded in a single pass. This means that a variable expansion
 will only work if the variables referenced are defined earlier in the
 file.
 .SH "SEE ALSO"

deps/openssl/android/arm64-v8a/usr/local/share/man/man5/x509v3_config.5

@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "X509V3_CONFIG 5"
-.TH X509V3_CONFIG 5 "2020-04-21" "1.1.1g" "OpenSSL"
+.TH X509V3_CONFIG 5 "2023-02-07" "1.1.1t" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -202,8 +202,8 @@ The following sections describe each supported extension in detail.
 .IX Subsection "Basic Constraints."
 This is a multi valued extension which indicates whether a certificate is
 a \s-1CA\s0 certificate. The first (mandatory) name is \fB\s-1CA\s0\fR followed by \fB\s-1TRUE\s0\fR or
-\&\fB\s-1FALSE\s0\fR. If \fB\s-1CA\s0\fR is \fB\s-1TRUE\s0\fR then an optional \fBpathlen\fR name followed by an
-non-negative value can be included.
+\&\fB\s-1FALSE\s0\fR. If \fB\s-1CA\s0\fR is \fB\s-1TRUE\s0\fR then an optional \fBpathlen\fR name followed by a
+nonnegative value can be included.
 .PP
 For example:
 .PP
@@ -696,7 +696,7 @@ will only recognize the last value. This can be worked around by using the form:
 \&\fBASN1_generate_nconf\fR\|(3)
 .SH "COPYRIGHT"
 .IX Header "COPYRIGHT"
-Copyright 2004\-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2004\-2020 The OpenSSL Project Authors. All Rights Reserved.
 .PP
 Licensed under the OpenSSL license (the \*(L"License\*(R").  You may not use
 this file except in compliance with the License.  You can obtain a copy