diff options
| author | tb <> | 2022-01-19 20:28:06 +0000 |
|---|---|---|
| committer | tb <> | 2022-01-19 20:28:06 +0000 |
| commit | 66fde14c38746fcf4eb247cc5a703458437fcd9d (patch) | |
| tree | 7fd5a5942f76de33914a8387621afd027413907d /src/lib/libcrypto/man/PKCS7_verify.3 | |
| parent | 588ca0cba94f4202b54289ec730f971a07e97001 (diff) | |
| download | openbsd-66fde14c38746fcf4eb247cc5a703458437fcd9d.tar.gz openbsd-66fde14c38746fcf4eb247cc5a703458437fcd9d.tar.bz2 openbsd-66fde14c38746fcf4eb247cc5a703458437fcd9d.zip | |
Document the bizarre fact that {CMS,PCKS7}_get0_signers() needs some
freeing of what they return despite being get0 functions: the stack
of X509s that they return must be freed with sk_X509_free(). The get0
thus probably refers to the individual certs, but not to the stack
itself.
The libcrypto and libssl APIs never cease to amaze with new traps.
ok inoguchi
Diffstat (limited to 'src/lib/libcrypto/man/PKCS7_verify.3')
| -rw-r--r-- | src/lib/libcrypto/man/PKCS7_verify.3 | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/lib/libcrypto/man/PKCS7_verify.3 b/src/lib/libcrypto/man/PKCS7_verify.3 index 42c3338e67..2895da16d8 100644 --- a/src/lib/libcrypto/man/PKCS7_verify.3 +++ b/src/lib/libcrypto/man/PKCS7_verify.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: PKCS7_verify.3,v 1.9 2019/06/10 14:58:48 schwarze Exp $ | 1 | .\" $OpenBSD: PKCS7_verify.3,v 1.10 2022/01/19 20:28:06 tb Exp $ |
| 2 | .\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 | 2 | .\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 |
| 3 | .\" | 3 | .\" |
| 4 | .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. | 4 | .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. |
| @@ -48,7 +48,7 @@ | |||
| 48 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 48 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 49 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 49 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
| 50 | .\" | 50 | .\" |
| 51 | .Dd $Mdocdate: June 10 2019 $ | 51 | .Dd $Mdocdate: January 19 2022 $ |
| 52 | .Dt PKCS7_VERIFY 3 | 52 | .Dt PKCS7_VERIFY 3 |
| 53 | .Os | 53 | .Os |
| 54 | .Sh NAME | 54 | .Sh NAME |
| @@ -100,6 +100,8 @@ operation. | |||
| 100 | .Fn PKCS7_get0_signers | 100 | .Fn PKCS7_get0_signers |
| 101 | retrieves the signer's certificates from | 101 | retrieves the signer's certificates from |
| 102 | .Fa p7 . | 102 | .Fa p7 . |
| 103 | The signers must be freed with | ||
| 104 | .Fn sk_X509_free . | ||
| 103 | It does | 105 | It does |
| 104 | .Sy not | 106 | .Sy not |
| 105 | check their validity or whether any signatures are valid. | 107 | check their validity or whether any signatures are valid. |
| @@ -220,6 +222,8 @@ an error occurs. | |||
| 220 | returns all signers or | 222 | returns all signers or |
| 221 | .Dv NULL | 223 | .Dv NULL |
| 222 | if an error occurred. | 224 | if an error occurred. |
| 225 | The signers must be freed with | ||
| 226 | .Fn sk_X509_free . | ||
| 223 | .Pp | 227 | .Pp |
| 224 | The error can be obtained from | 228 | The error can be obtained from |
| 225 | .Xr ERR_get_error 3 . | 229 | .Xr ERR_get_error 3 . |