Update documentation

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2550)

doc/man1/ciphers.pod

@@ -670,6 +670,14 @@ Note: these ciphers can also be used in SSL v3.
  TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256        DHE-PSK-CHACHA20-POLY1305
  TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256        RSA-PSK-CHACHA20-POLY1305
 
+=head2 TLS v1.3 cipher suites
+
+ TLS_AES_128_GCM_SHA256                     TLS13-AES-128-GCM-SHA256
+ TLS_AES_256_GCM_SHA384                     TLS13-AES-256-GCM-SHA384
+ TLS_CHACHA20_POLY1305_SHA256               TLS13-CHACHA20-POLY1305-SHA256
+ TLS_AES_128_CCM_SHA256                     TLS13-AES-128-CCM-SHA256
+ TLS_AES_128_CCM_8_SHA256                   TLS13-AES-128-CCM-8-SHA256
+
 =head2 Older names used by OpenSSL
 
 The following names are accepted by older releases:

doc/man3/SSL_CIPHER_get_name.pod

@@ -42,7 +42,9 @@ used by B<c>. If there is no digest (e.g. for AEAD ciphersuites) then
 B<NID_undef> is returned.
 
 SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method
-used by B<c>. If there is no key exchange, then B<NID_undef> is returned. Examples (not comprehensive):
+used by B<c>. If there is no key exchange, then B<NID_undef> is returned.
+If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3
+ciphersuites) B<NID_kx_any> is returned. Examples (not comprehensive):
 
  NID_kx_rsa
  NID_kx_ecdhe
@@ -51,7 +53,8 @@ used by B<c>. If there is no key exchange, then B<NID_undef> is returned. Exampl
 
 SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method
 used by B<c>. If there is no authentication, then B<NID_undef> is returned.
-Examples (not comprehensive):
+If any appropriate authentication algorithm can be used (as in the case of
+TLS 1.3 ciphersuites) B<NID_auth_any> is returned. Examples (not comprehensive):
 
  NID_auth_rsa
  NID_auth_ecdsa