summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbeck <>2017-01-03 06:29:04 +0000
committerbeck <>2017-01-03 06:29:04 +0000
commit99f2f286f627c0beccab8cbf5d1a772e6f9c803b (patch)
tree2a3494d51a0a7183f145cd7b9874876ee4035095
parent0576d53d5e90ceb7245e7ad4eedd3bb13b32a0b8 (diff)
downloadopenbsd-99f2f286f627c0beccab8cbf5d1a772e6f9c803b.tar.gz
openbsd-99f2f286f627c0beccab8cbf5d1a772e6f9c803b.tar.bz2
openbsd-99f2f286f627c0beccab8cbf5d1a772e6f9c803b.zip
It takes a special style of creative writing to be unspecific about the error
return code of a function in a man page. Let's remove the ambiguity and half truths in here. ok jsing@
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/man/X509_verify_cert.320
1 files changed, 5 insertions, 15 deletions
diff --git a/src/lib/libcrypto/man/X509_verify_cert.3 b/src/lib/libcrypto/man/X509_verify_cert.3
index 5d603e0387..a930910e03 100644
--- a/src/lib/libcrypto/man/X509_verify_cert.3
+++ b/src/lib/libcrypto/man/X509_verify_cert.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: X509_verify_cert.3,v 1.4 2016/12/05 18:26:34 schwarze Exp $ 1.\" $OpenBSD: X509_verify_cert.3,v 1.5 2017/01/03 06:29:04 beck Exp $
2.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 2.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
3.\" 3.\"
4.\" This file was written by Dr. Stephen Henson <steve@openssl.org>. 4.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: December 5 2016 $ 51.Dd $Mdocdate: January 3 2017 $
52.Dt X509_VERIFY_CERT 3 52.Dt X509_VERIFY_CERT 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -72,21 +72,11 @@ OpenSSL internally for certificate validation, in both the S/MIME and
72SSL/TLS code. 72SSL/TLS code.
73.Sh RETURN VALUES 73.Sh RETURN VALUES
74If a complete chain can be built and validated this function returns 1, 74If a complete chain can be built and validated this function returns 1,
75otherwise it return 0. 75otherwise it returns a value <= 0 indicating failure.
76.Pp 76.Pp
77In exceptional circumstances, it can also return a negative code, 77Additional error information can be obtained by examining
78but only if no certificate is set in
79.Fa ctx
80due to a programming error or if a retry operation is requested
81during internal lookups, which never happens with standard lookup
82methods.
83It is however recommended that application check for <= 0 return
84value on error.
85.Pp
86If the function fails, additional error information can be obtained
87by examining
88.Fa ctx , 78.Fa ctx ,
89for example using 79using
90.Xr X509_STORE_CTX_get_error 3 . 80.Xr X509_STORE_CTX_get_error 3 .
91.Sh SEE ALSO 81.Sh SEE ALSO
92.Xr openssl 1 , 82.Xr openssl 1 ,