1 files changed, 11 insertions, 4 deletions

diff --git a/upstream/archlinux/man3/OSSL_CMP_exec_certreq.3ssl b/upstream/archlinux/man3/OSSL_CMP_exec_certreq.3ssl
index cc97f934..99128720 100644
--- a/upstream/archlinux/man3/OSSL_CMP_exec_certreq.3ssl
+++ b/upstream/archlinux/man3/OSSL_CMP_exec_certreq.3ssl
@@ -55,7 +55,7 @@
 .\" ========================================================================
 .\"
 .IX Title "OSSL_CMP_EXEC_CERTREQ 3ssl"
-.TH OSSL_CMP_EXEC_CERTREQ 3ssl 2024-01-30 3.2.1 OpenSSL
+.TH OSSL_CMP_EXEC_CERTREQ 3ssl 2024-04-28 3.3.0 OpenSSL
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -137,8 +137,8 @@ Typically \fIcrm\fR is NULL, then the template ingredients are taken from \fIctx
 and need to be filled in using \fBOSSL_CMP_CTX_set1_subjectName\fR\|(3),
 \&\fBOSSL_CMP_CTX_set0_newPkey\fR\|(3), \fBOSSL_CMP_CTX_set1_oldCert\fR\|(3), etc.
 For P10CR, \fBOSSL_CMP_CTX_set1_p10CSR\fR\|(3) needs to be used instead.
-The enrollment session may be blocked by sleeping until the addressed
-CA (or an intermediate PKI component) can fully process and answer the request.
+The enrollment session may be blocked (with polling and sleeping in between)
+until the server side can fully process and ultimately answer the request.
 .PP
 \&\fBOSSL_CMP_try_certreq()\fR is an alternative to the above functions that is
 more flexible regarding what to do after receiving a checkAfter value.
@@ -177,11 +177,15 @@ We take "accepted" and "grantedWithMods" as clear success and handle
 typically return them as an indication that the certificate was already revoked.
 "rejection" is a clear error. The values "waiting" and "keyUpdateWarning"
 make no sense for revocation and thus are treated as an error as well.
+The revocation session may be blocked (with polling and sleeping in between)
+until the server can fully process and ultimately answer the request.
 .PP
 \&\fBOSSL_CMP_exec_GENM_ses()\fR sends a genm general message containing the sequence of
 infoType and infoValue pairs (InfoTypeAndValue; short: \fBITAV\fR)
 optionally provided in the \fIctx\fR using \fBOSSL_CMP_CTX_push0_genm_ITAV\fR\|(3).
-On success it records in \fIctx\fR the status \fBOSSL_CMP_PKISTATUS_accepted\fR
+The message exchange may be blocked (with polling and sleeping in between)
+until the server can fully process and ultimately answer the request.
+On success the function records in \fIctx\fR status \fBOSSL_CMP_PKISTATUS_accepted\fR
 and returns the list of \fBITAV\fRs received in a genp response message.
 This can be used, for instance,
 with infoType \f(CW\*(C`signKeyPairTypes\*(C'\fR to obtain the set of signature
@@ -269,6 +273,9 @@ The OpenSSL CMP support was added in OpenSSL 3.0.
 .PP
 \&\fBOSSL_CMP_get1_caCerts()\fR and \fBOSSL_CMP_get1_rootCaKeyUpdate()\fR
 were added in OpenSSL 3.2.
+.PP
+Support for delayed delivery of all types of response messages
+was added in OpenSSL 3.3.
 .SH COPYRIGHT
 .IX Header "COPYRIGHT"
 Copyright 2007\-2023 The OpenSSL Project Authors. All Rights Reserved.