Adjust capitalization of OpenSSL when not referencing openssl CLI (ap…

…ache#8056)

contrib/openssl/README.md

@@ -1,10 +1,10 @@
-async-test.c is source for a sample openssl crypto engine.  It wraps the standard RSA operations.
+async-test.c is source for a sample OpenSSL crypto engine.  It wraps the standard RSA operations.
 For the private key operations it spawns a thread to sleep for 5 seconds and then pauses the asynchronous job.
 
-It should be built as follows.  It must be build against openssl 1.1 or better for access to the ASYNC_*_job apis.
+It should be built as follows.  It must be build against OpenSSL 1.1 or better for access to the ASYNC_*_job apis.
 
-gcc -fPIC -shared -g -o async-test.so -I<path to openssl headers> -L<path to openssl library> -lssl -lcrypto -lpthread async_engine.c
+gcc -fPIC -shared -g -o async-test.so -I<path to OpenSSL headers> -L<path to OpenSSL library> -lssl -lcrypto -lpthread async_engine.c
 
-load_engine.cnf is an example openssl config file that can be passed to Traffic Server via the proxy.config.ssl.engine.conf_file setting.
+load_engine.cnf is an example OpenSSL config file that can be passed to Traffic Server via the proxy.config.ssl.engine.conf_file setting.
 It describes which crypto engines should be loaded and how they should be used.  In the case of our async-test crypto engine it will be used for
 RSA operations

doc/admin-guide/files/records.config.en.rst

@@ -3845,16 +3845,16 @@ Client-Related Configuration
 
 .. ts:cv:: CONFIG proxy.config.ssl.async.handshake.enabled INT 0
 
-   Enables the use of openssl async job during the TLS handshake.  Traffic
-   Server must be build against openssl 1.1 or greater or this to take affect.
+   Enables the use of OpenSSL async job during the TLS handshake.  Traffic
+   Server must be build against OpenSSL 1.1 or greater or this to take affect.
    Can be useful if using a crypto engine that communicates off chip.  The
    thread will be rescheduled for other work until the crypto engine operation
    completes. A test crypto engine that inserts a 5 second delay on private key
    operations can be found at :ts:git:`contrib/openssl/async_engine.c`.
 
 .. ts:cv:: CONFIG proxy.config.ssl.engine.conf_file STRING NULL
 
-   Specify the location of the openssl config file used to load dynamic crypto
+   Specify the location of the OpenSSL config file used to load dynamic crypto
    engines. This setting assumes an absolute path.  An example config file is at
    :ts:git:`contrib/openssl/load_engine.cnf`.
 

doc/admin-guide/monitoring/statistics/core/ssl.en.rst

@@ -83,7 +83,7 @@ SSL/TLS
 .. ts:stat:: global proxy.process.ssl.ssl_error_async integer
    :type: counter
 
-   Track the number of times openssl async jobs paused.
+   Track the number of times OpenSSL async jobs paused.
 
 .. ts:stat:: global proxy.process.ssl.ssl_session_cache_eviction integer
    :type: counter

doc/admin-guide/plugins/ssl_session_reuse.en.rst

@@ -34,7 +34,7 @@ For Session ID base resumption in uses the ATS SSL Session Cache for the local s
 Redis to communication new sessions with its peers.  When a new session is seen by an ATS instances it
 publishes an encrypted copy of the session state to the local Redis channel.  When a new session is received
 on the Redis channel, the plugin stores that session state into its local ATS SSL session cache.  Once the
-session state is in the local ATS SSL session cache it is available to the openssl library for future TLS
+session state is in the local ATS SSL session cache it is available to the OpenSSL library for future TLS
 handshakes.
 
 For the ticket based session resumption, the plugin implements logic to decide on a Session Ticket Encryption Key (STEK)

doc/admin-guide/security/index.en.rst

@@ -284,7 +284,7 @@ Authority Information Access field of the signed certificate. For example::
 Traffic Server can also use prefetched OCSP stapling responses if ssl_ocsp_name parameter
 is used in :file:`ssl_multicert.config`. Take into account that when using prefetched
 OCSP stapling responses traffic server will not refresh them and it should be done
-externally. This can be done using openssl::
+externally. This can be done using OpenSSL::
 
     $ openssl ocsp -issuer ca.crt -cert cert.crt -host ocsp.digicert.com:80 \
     -header "Host=ocsp.digicert.com" -respout /var/cache/ocsp/cert.ocsp

doc/developer-guide/api/functions/TSSslSession.en.rst

@@ -44,7 +44,7 @@ These functions tend to be used with the :macro:`TS_SSL_SESSION_HOOK`.
 
 The functions work with the :type:`TSSslSessionID` object to identify sessions to retrieve, insert, or delete.
 
-The functions also work with the :type:`TSSslSession` object which can be cast to a pointer to the openssl SSL_SESSION object.
+The functions also work with the :type:`TSSslSession` object which can be cast to a pointer to the OpenSSL SSL_SESSION object.
 
 These functions perform the appropriate locking on the session cache to avoid errors.
 

doc/developer-guide/api/types/TSHttpHookID.en.rst

@@ -99,17 +99,17 @@ Enumeration Members
 Description
 ===========
 
-Note that :macro:`TS_SSL_CERT_HOOK` and :macro:`TS_SSL_SNI_HOOK` correspond to the same openssl
+Note that :macro:`TS_SSL_CERT_HOOK` and :macro:`TS_SSL_SNI_HOOK` correspond to the same OpenSSL
 callbacks. This is done for backwards compatibility. :macro:`TS_SSL_SNI_HOOK` is expected
 to be deprecated and removed, plugins using this should change to :macro:`TS_SSL_CERT_HOOK` or
 :macro:`TS_SSL_SERVERNAME_HOOK` as appropriate.
 
-.. warning:: openssl 1.0.2 and later versions
+.. warning:: OpenSSL 1.0.2 and later versions
 
-   :macro:`TS_SSL_SERVERNAME_HOOK` is invoked for the openssl servername callback.
-   :macro:`TS_SSL_SNI_HOOK` and :macro:`TS_SSL_CERT_HOOK` are invoked for the openssl certificate
+   :macro:`TS_SSL_SERVERNAME_HOOK` is invoked for the OpenSSL servername callback.
+   :macro:`TS_SSL_SNI_HOOK` and :macro:`TS_SSL_CERT_HOOK` are invoked for the OpenSSL certificate
    callback which is not guaranteed to be invoked for a TLS transaction.
 
-   This is a behavior change dependent on the version of openssl. To avoid problems use
+   This is a behavior change dependent on the version of OpenSSL. To avoid problems use
    :macro:`TS_SSL_SERVERNAME_HOOK` to get called back for all TLS transaction and
    :macro:`TS_SSL_CERT_HOOK` to get called back only to select a certificate.

doc/developer-guide/api/types/TSSslSession.en.rst

@@ -40,10 +40,10 @@ Description
 ===========
 
 :type:`TSSslSessionID` represents the SSL session ID as a buffer and length.  The ``TS_SSL_MAX_SSL_SESSION_ID_LENGTH`` is the same value
-as the openssl constant ``SSL_MAX_SSL_SESSION_ID_LENGTH``. The plugin has direct access to this object since creating and
+as the OpenSSL constant ``SSL_MAX_SSL_SESSION_ID_LENGTH``. The plugin has direct access to this object since creating and
 manipulating session IDs seems like a fairly common operation (rather than providing an API to access the data via an
 opaque TS object type).
 
 
-:type:`TSSslSession` references the SSL session object.  It can be cast to the openssl type ``SSL_SESSION``.
+:type:`TSSslSession` references the SSL session object.  It can be cast to the OpenSSL type ``SSL_SESSION``.
 

doc/developer-guide/plugins/hooks-and-transactions/ssl-hooks.en.rst

@@ -82,11 +82,11 @@ always be called after TS_VCONN_START_HOOK.
 
 The Traffic Server core first evaluates the settings in the ssl_multicert.config file based on the
 server name. Then the core SNI callback executes the plugin registered SNI callback code. The plugin
-callback can access the servername by calling the openssl function SSL_get_servername().
+callback can access the servername by calling the OpenSSL function SSL_get_servername().
 
 Processing will continue regardless of whether the hook callback executes
-:c:func:`TSVConnReenable()` since the openssl implementation does not allow for pausing processing
-during the openssl servername callback.
+:c:func:`TSVConnReenable()` since the OpenSSL implementation does not allow for pausing processing
+during the OpenSSL servername callback.
 
 TS_SSL_CERT_HOOK
 ----------------
@@ -95,7 +95,7 @@ This hook is called as the server certificate is selected for the TLS handshake.
 can execute code to create or select the certificate that should be used for the TLS handshake.
 This will override the default Traffic Server certificate selection.
 
-If you are running with openssl 1.0.2 or later, you can control whether the TLS handshake processing
+If you are running with OpenSSL 1.0.2 or later, you can control whether the TLS handshake processing
 will continue after the certificate hook callback execute by calling :c:func:`TSVConnReenable()` or
 not.  The TLS handshake processing will not proceed until :c:func:`TSVConnReenable()` is called.
 
@@ -111,7 +111,7 @@ object using the :c:func:`TSVConnSslVerifyCTXGet()` method and fetch the peer's
 any additional checks.
 
 Processing will continue regardless of whether the hook callback executes
-:c:func:`TSVConnReenable()` since the openssl implementation does not allow for pausing processing
+:c:func:`TSVConnReenable()` since the OpenSSL implementation does not allow for pausing processing
 during the certificate verify callback.  The plugin can use the :c:func:`TSVConnReenableEx()`
 function to pass in the TS_EVENT_ERROR and stop the TLS handshake.
 
@@ -124,7 +124,7 @@ the :c:func:`TSVConnSslVerifyCTXGet()` method and fetch the peer's certificates
 additional checks.
 
 Processing will continue regardless of whether the hook callback executes
-:c:func:`TSVConnReenable()` since the openssl implementation does not allow for pausing processing
+:c:func:`TSVConnReenable()` since the OpenSSL implementation does not allow for pausing processing
 during the certificate verify callback.  The plugin can use the :c:func:`TSVConnReenableEx()`
 function to pass in the TS_EVENT_ERROR and
 

doc/developer-guide/plugins/hooks-and-transactions/ssl-session-api.en.rst

@@ -30,7 +30,7 @@ to enable the plugin to update the session cache based on outside information, e
 .. macro:: TS_SSL_SESSION_HOOK
 
 This hook is invoked when a change has been made to the ATS session cache or a session has been accessed
-from ATS via openssl.  These hooks are only activated if the ATS implementation of the session cache is in
+from ATS via OpenSSL.  These hooks are only activated if the ATS implementation of the session cache is in
 use.  This means :ts:cv:`proxy.config.ssl.session_cache` has been set to 2.
 
 The hook callback has the following signature
@@ -39,7 +39,7 @@ The hook callback has the following signature
 
 The edata parameter is a pointer to a :type:`TSSslSessionID`.
 
-This callback in synchronous since the underlying openssl callback is unable to pause processing.
+This callback in synchronous since the underlying OpenSSL callback is unable to pause processing.
 
 The following events can be sent to this callback
 

doc/getting-started/index.en.rst

@@ -151,9 +151,9 @@ libraries on the machine used to build |TS|:
 
 - pkgconfig
 - libtool
-- gcc (>= 4.3 or clang > 3.0)
+- C++ compiler (gcc >= 4.3 or clang > 3.0)
 - GNU make
-- openssl
+- OpenSSL or BoringSSL
 - pcre
 - libcap
 - flex (for TPROXY)

plugins/experimental/magick/README

@@ -12,7 +12,7 @@ The input for the plug-in's request is the query parameter "magick" which contai
 
 To avoid being exploited, the plug-in accepts one configuration argument specified on `plugin.config`; a OpenSSL's RSA256 public key file used to verify if the raw content of the "magick" parameter is valid and authorized. When it is configured, an additional query parameter "magickSig" is required on each request.
 
-The size of the keys directly impact how easy to compute (and break) the signature as well as the length of it. Generate a private & public pair of RSA256 keys using the following openssl commands:
+The size of the keys directly impact how easy to compute (and break) the signature as well as the length of it. Generate a private & public pair of RSA256 keys using the following OpenSSL commands:
 
 ```
 # private key