This commit was manufactured by cvs2git to create tag 'tb_20250414'.tb_20250414

author: cvs2svn <admin@example.com> 2025-04-14 17:32:06 +0000
committer: cvs2svn <admin@example.com> 2025-04-14 17:32:06 +0000
commit: eb8dd9dca1228af0cd132f515509051ecfabf6f6 (patch)
tree: edb6da6af7e865d488dc1a29309f1e1ec226e603 /src/lib/libcrypto/man/X509_new.3
parent: 247f0352e0ed72a4f476db9dc91f4d982bc83eb2 (diff)
download: openbsd-tb_20250414.tar.gz
openbsd-tb_20250414.tar.bz2
openbsd-tb_20250414.zip
1 files changed, 0 insertions, 279 deletions
diff --git a/src/lib/libcrypto/man/X509_new.3 b/src/lib/libcrypto/man/X509_new.3
deleted file mode 100644
index 7b62363d4d..0000000000
--- a/src/lib/libcrypto/man/X509_new.3
+++ /dev/null
@@ -1,279 +0,0 @@
-.\" $OpenBSD: X509_new.3,v 1.45 2024/09/02 08:04:32 tb Exp $
-.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
-.\"
-.\" This file is a derived work.
-.\" The changes are covered by the following Copyright and license:
-.\"
-.\" Copyright (c) 2016, 2018, 2019, 2021 Ingo Schwarze <schwarze@openbsd.org>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
-.\" Copyright (c) 2002, 2006, 2015, 2016 The OpenSSL Project.
-.\" All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in
-.\"    the documentation and/or other materials provided with the
-.\"    distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\"    software must display the following acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-.\"
-.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-.\"    endorse or promote products derived from this software without
-.\"    prior written permission. For written permission, please contact
-.\"    openssl-core@openssl.org.
-.\"
-.\" 5. Products derived from this software may not be called "OpenSSL"
-.\"    nor may "OpenSSL" appear in their names without prior written
-.\"    permission of the OpenSSL Project.
-.\"
-.\" 6. Redistributions of any form whatsoever must retain the following
-.\"    acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: September 2 2024 $
-.Dt X509_NEW 3
-.Os
-.Sh NAME
-.Nm X509_new ,
-.Nm X509_dup ,
-.Nm X509_REQ_to_X509 ,
-.Nm X509_free ,
-.Nm X509_up_ref ,
-.Nm X509_chain_up_ref
-.Nd X.509 certificate object
-.Sh SYNOPSIS
-.In openssl/x509.h
-.Ft X509 *
-.Fn X509_new void
-.Ft X509 *
-.Fo X509_dup
-.Fa "X509 *a"
-.Fc
-.Ft X509 *
-.Fo X509_REQ_to_X509
-.Fa "X509_REQ *req"
-.Fa "int days"
-.Fa "EVP_PKEY *pkey"
-.Fc
-.Ft void
-.Fo X509_free
-.Fa "X509 *a"
-.Fc
-.Ft int
-.Fo X509_up_ref
-.Fa "X509 *a"
-.Fc
-.Ft STACK_OF(X509) *
-.Fo X509_chain_up_ref
-.Fa "STACK_OF(X509) *chain"
-.Fc
-.Sh DESCRIPTION
-.Fn X509_new
-allocates and initializes an empty
-.Vt X509
-object with reference count 1.
-It represents an ASN.1
-.Vt Certificate
-structure defined in RFC 5280 section 4.1.
-It can hold a public key together with information about the person,
-organization, device, or function the associated private key belongs to.
-.Pp
-.Fn X509_dup
-creates a deep copy of
-.Fa a
-using
-.Xr ASN1_item_dup 3 ,
-setting the reference count of the copy to 1.
-.Pp
-.Fn X509_REQ_to_X509
-allocates a new certificate object, copies the public key from
-.Fa req
-into it, copies the subject name of
-.Fa req
-to both the subject and issuer names of the new certificate, sets the
-.Fa notBefore
-field to the current time and the
-.Fa notAfter
-field to the given number of
-.Fa days
-in the future, and signs the new certificate with
-.Xr X509_sign 3
-using
-.Fa pkey
-and the MD5 algorithm.
-If
-.Fa req
-contains at least one attribute,
-the version of the new certificate is set to 2.
-.Pp
-.Fn X509_free
-decrements the reference count of the
-.Vt X509
-structure
-.Fa a
-and frees it up if the reference count reaches 0.
-If
-.Fa a
-is a
-.Dv NULL
-pointer, no action occurs.
-.Pp
-.Fn X509_up_ref
-increments the reference count of
-.Fa a
-by 1.
-This function is useful if a certificate structure is being used
-by several different operations each of which will free it up after
-use: this avoids the need to duplicate the entire certificate
-structure.
-.Pp
-.Fn X509_chain_up_ref
-performs a shallow copy of the given
-.Fa chain
-using
-.Fn sk_X509_dup
-and increments the reference count of each contained certificate
-by 1.
-Its purpose is similar to
-.Fn X509_up_ref :
-The returned chain persists after the original is freed.
-.Sh RETURN VALUES
-.Fn X509_new ,
-.Fn X509_dup ,
-and
-.Fn X509_REQ_to_X509
-return a pointer to the newly allocated object or
-.Dv NULL
-if an error occurs; an error code can be obtained by
-.Xr ERR_get_error 3 .
-.Pp
-.Fn X509_up_ref
-returns 1 for success or 0 for failure.
-.Pp
-.Fn X509_chain_up_ref
-returns the copy of the
-.Fa chain
-or
-.Dv NULL
-if an error occurs.
-.Sh SEE ALSO
-.Xr ASIdentifiers_new 3 ,
-.Xr ASRange_new 3 ,
-.Xr AUTHORITY_KEYID_new 3 ,
-.Xr BASIC_CONSTRAINTS_new 3 ,
-.Xr crypto 3 ,
-.Xr d2i_X509 3 ,
-.Xr IPAddressRange_new 3 ,
-.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
-.Xr X509_ALGOR_new 3 ,
-.Xr X509_ATTRIBUTE_new 3 ,
-.Xr X509_check_ca 3 ,
-.Xr X509_check_host 3 ,
-.Xr X509_check_issued 3 ,
-.Xr X509_check_private_key 3 ,
-.Xr X509_check_purpose 3 ,
-.Xr X509_CINF_new 3 ,
-.Xr X509_cmp 3 ,
-.Xr X509_CRL_new 3 ,
-.Xr X509_digest 3 ,
-.Xr X509_EXTENSION_new 3 ,
-.Xr X509_find_by_subject 3 ,
-.Xr X509_get0_notBefore 3 ,
-.Xr X509_get0_signature 3 ,
-.Xr X509_get1_email 3 ,
-.Xr X509_get_ex_new_index 3 ,
-.Xr X509_get_extension_flags 3 ,
-.Xr X509_get_pubkey 3 ,
-.Xr X509_get_pubkey_parameters 3 ,
-.Xr X509_get_serialNumber 3 ,
-.Xr X509_get_subject_name 3 ,
-.Xr X509_get_version 3 ,
-.Xr X509_INFO_new 3 ,
-.Xr X509_load_cert_file 3 ,
-.Xr X509_LOOKUP_hash_dir 3 ,
-.Xr X509_LOOKUP_new 3 ,
-.Xr X509_NAME_new 3 ,
-.Xr X509_OBJECT_new 3 ,
-.Xr X509_PKEY_new 3 ,
-.Xr X509_print_ex 3 ,
-.Xr X509_PUBKEY_new 3 ,
-.Xr X509_PURPOSE_set 3 ,
-.Xr X509_REQ_new 3 ,
-.Xr X509_SIG_new 3 ,
-.Xr X509_sign 3 ,
-.Xr X509_STORE_CTX_new 3 ,
-.Xr X509_STORE_get_by_subject 3 ,
-.Xr X509_STORE_new 3 ,
-.Xr X509v3_addr_add_inherit 3 ,
-.Xr X509v3_addr_get_range 3 ,
-.Xr X509v3_addr_inherits 3 ,
-.Xr X509v3_addr_subset 3 ,
-.Xr X509v3_addr_validate_path 3 ,
-.Xr X509v3_asid_add_id_or_range 3
-.Sh STANDARDS
-RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
-Certificate Revocation List (CRL) Profile
-.Sh HISTORY
-.Fn X509_new
-and
-.Fn X509_free
-appeared in SSLeay 0.4 or earlier,
-.Fn X509_dup
-in SSLeay 0.4.4, and
-.Fn X509_REQ_to_X509
-in SSLeay 0.6.0 .
-These functions have been available since
-.Ox 2.4 .
-.Pp
-.Fn X509_up_ref
-first appeared in OpenSSL 1.1.0 and has been available since
-.Ox 6.1 .
-.Pp
-.Fn X509_chain_up_ref
-first appeared in OpenSSL 1.0.2 and has been available since
-.Ox 6.3 .
-.Sh BUGS
-The X.509 public key infrastructure and its data types contain too
-many design bugs to list them.
-For lots of examples, see the classic
-.Lk https://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt\
- "X.509 Style Guide"
-that
-.An Peter Gutmann
-published in 2000.
author	cvs2svn <admin@example.com>	2025-04-14 17:32:06 +0000
committer	cvs2svn <admin@example.com>	2025-04-14 17:32:06 +0000
commit	eb8dd9dca1228af0cd132f515509051ecfabf6f6 (patch)
tree	edb6da6af7e865d488dc1a29309f1e1ec226e603 /src/lib/libcrypto/man/X509_new.3
parent	247f0352e0ed72a4f476db9dc91f4d982bc83eb2 (diff)
download	openbsd-tb_20250414.tar.gz openbsd-tb_20250414.tar.bz2 openbsd-tb_20250414.zip

diff --git a/src/lib/libcrypto/man/X509_new.3 b/src/lib/libcrypto/man/X509_new.3 deleted file mode 100644 index 7b62363d4d..0000000000 --- a/src/lib/libcrypto/man/X509_new.3 +++ /dev/null
@@ -1,279 +0,0 @@
1	.\" $OpenBSD: X509_new.3,v 1.45 2024/09/02 08:04:32 tb Exp $
2	.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
3	.\"
4	.\" This file is a derived work.
5	.\" The changes are covered by the following Copyright and license:
6	.\"
7	.\" Copyright (c) 2016, 2018, 2019, 2021 Ingo Schwarze <schwarze@openbsd.org>
8	.\"
9	.\" Permission to use, copy, modify, and distribute this software for any
10	.\" purpose with or without fee is hereby granted, provided that the above
11	.\" copyright notice and this permission notice appear in all copies.
12	.\"
13	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20	.\"
21	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
22	.\" Copyright (c) 2002, 2006, 2015, 2016 The OpenSSL Project.
23	.\" All rights reserved.
24	.\"
25	.\" Redistribution and use in source and binary forms, with or without
26	.\" modification, are permitted provided that the following conditions
27	.\" are met:
28	.\"
29	.\" 1. Redistributions of source code must retain the above copyright
30	.\" notice, this list of conditions and the following disclaimer.
31	.\"
32	.\" 2. Redistributions in binary form must reproduce the above copyright
33	.\" notice, this list of conditions and the following disclaimer in
34	.\" the documentation and/or other materials provided with the
35	.\" distribution.
36	.\"
37	.\" 3. All advertising materials mentioning features or use of this
38	.\" software must display the following acknowledgment:
39	.\" "This product includes software developed by the OpenSSL Project
40	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
41	.\"
42	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
43	.\" endorse or promote products derived from this software without
44	.\" prior written permission. For written permission, please contact
45	.\" openssl-core@openssl.org.
46	.\"
47	.\" 5. Products derived from this software may not be called "OpenSSL"
48	.\" nor may "OpenSSL" appear in their names without prior written
49	.\" permission of the OpenSSL Project.
50	.\"
51	.\" 6. Redistributions of any form whatsoever must retain the following
52	.\" acknowledgment:
53	.\" "This product includes software developed by the OpenSSL Project
54	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
55	.\"
56	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
57	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
58	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
59	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
60	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
61	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
62	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
63	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
64	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
65	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
68	.\"
69	.Dd $Mdocdate: September 2 2024 $
70	.Dt X509_NEW 3
71	.Os
72	.Sh NAME
73	.Nm X509_new ,
74	.Nm X509_dup ,
75	.Nm X509_REQ_to_X509 ,
76	.Nm X509_free ,
77	.Nm X509_up_ref ,
78	.Nm X509_chain_up_ref
79	.Nd X.509 certificate object
80	.Sh SYNOPSIS
81	.In openssl/x509.h
82	.Ft X509 *
83	.Fn X509_new void
84	.Ft X509 *
85	.Fo X509_dup
86	.Fa "X509 *a"
87	.Fc
88	.Ft X509 *
89	.Fo X509_REQ_to_X509
90	.Fa "X509_REQ *req"
91	.Fa "int days"
92	.Fa "EVP_PKEY *pkey"
93	.Fc
94	.Ft void
95	.Fo X509_free
96	.Fa "X509 *a"
97	.Fc
98	.Ft int
99	.Fo X509_up_ref
100	.Fa "X509 *a"
101	.Fc
102	.Ft STACK_OF(X509) *
103	.Fo X509_chain_up_ref
104	.Fa "STACK_OF(X509) *chain"
105	.Fc
106	.Sh DESCRIPTION
107	.Fn X509_new
108	allocates and initializes an empty
109	.Vt X509
110	object with reference count 1.
111	It represents an ASN.1
112	.Vt Certificate
113	structure defined in RFC 5280 section 4.1.
114	It can hold a public key together with information about the person,
115	organization, device, or function the associated private key belongs to.
116	.Pp
117	.Fn X509_dup
118	creates a deep copy of
119	.Fa a
120	using
121	.Xr ASN1_item_dup 3 ,
122	setting the reference count of the copy to 1.
123	.Pp
124	.Fn X509_REQ_to_X509
125	allocates a new certificate object, copies the public key from
126	.Fa req
127	into it, copies the subject name of
128	.Fa req
129	to both the subject and issuer names of the new certificate, sets the
130	.Fa notBefore
131	field to the current time and the
132	.Fa notAfter
133	field to the given number of
134	.Fa days
135	in the future, and signs the new certificate with
136	.Xr X509_sign 3
137	using
138	.Fa pkey
139	and the MD5 algorithm.
140	If
141	.Fa req
142	contains at least one attribute,
143	the version of the new certificate is set to 2.
144	.Pp
145	.Fn X509_free
146	decrements the reference count of the
147	.Vt X509
148	structure
149	.Fa a
150	and frees it up if the reference count reaches 0.
151	If
152	.Fa a
153	is a
154	.Dv NULL
155	pointer, no action occurs.
156	.Pp
157	.Fn X509_up_ref
158	increments the reference count of
159	.Fa a
160	by 1.
161	This function is useful if a certificate structure is being used
162	by several different operations each of which will free it up after
163	use: this avoids the need to duplicate the entire certificate
164	structure.
165	.Pp
166	.Fn X509_chain_up_ref
167	performs a shallow copy of the given
168	.Fa chain
169	using
170	.Fn sk_X509_dup
171	and increments the reference count of each contained certificate
172	by 1.
173	Its purpose is similar to
174	.Fn X509_up_ref :
175	The returned chain persists after the original is freed.
176	.Sh RETURN VALUES
177	.Fn X509_new ,
178	.Fn X509_dup ,
179	and
180	.Fn X509_REQ_to_X509
181	return a pointer to the newly allocated object or
182	.Dv NULL
183	if an error occurs; an error code can be obtained by
184	.Xr ERR_get_error 3 .
185	.Pp
186	.Fn X509_up_ref
187	returns 1 for success or 0 for failure.
188	.Pp
189	.Fn X509_chain_up_ref
190	returns the copy of the
191	.Fa chain
192	or
193	.Dv NULL
194	if an error occurs.
195	.Sh SEE ALSO
196	.Xr ASIdentifiers_new 3 ,
197	.Xr ASRange_new 3 ,
198	.Xr AUTHORITY_KEYID_new 3 ,
199	.Xr BASIC_CONSTRAINTS_new 3 ,
200	.Xr crypto 3 ,
201	.Xr d2i_X509 3 ,
202	.Xr IPAddressRange_new 3 ,
203	.Xr PKCS8_PRIV_KEY_INFO_new 3 ,
204	.Xr X509_ALGOR_new 3 ,
205	.Xr X509_ATTRIBUTE_new 3 ,
206	.Xr X509_check_ca 3 ,
207	.Xr X509_check_host 3 ,
208	.Xr X509_check_issued 3 ,
209	.Xr X509_check_private_key 3 ,
210	.Xr X509_check_purpose 3 ,
211	.Xr X509_CINF_new 3 ,
212	.Xr X509_cmp 3 ,
213	.Xr X509_CRL_new 3 ,
214	.Xr X509_digest 3 ,
215	.Xr X509_EXTENSION_new 3 ,
216	.Xr X509_find_by_subject 3 ,
217	.Xr X509_get0_notBefore 3 ,
218	.Xr X509_get0_signature 3 ,
219	.Xr X509_get1_email 3 ,
220	.Xr X509_get_ex_new_index 3 ,
221	.Xr X509_get_extension_flags 3 ,
222	.Xr X509_get_pubkey 3 ,
223	.Xr X509_get_pubkey_parameters 3 ,
224	.Xr X509_get_serialNumber 3 ,
225	.Xr X509_get_subject_name 3 ,
226	.Xr X509_get_version 3 ,
227	.Xr X509_INFO_new 3 ,
228	.Xr X509_load_cert_file 3 ,
229	.Xr X509_LOOKUP_hash_dir 3 ,
230	.Xr X509_LOOKUP_new 3 ,
231	.Xr X509_NAME_new 3 ,
232	.Xr X509_OBJECT_new 3 ,
233	.Xr X509_PKEY_new 3 ,
234	.Xr X509_print_ex 3 ,
235	.Xr X509_PUBKEY_new 3 ,
236	.Xr X509_PURPOSE_set 3 ,
237	.Xr X509_REQ_new 3 ,
238	.Xr X509_SIG_new 3 ,
239	.Xr X509_sign 3 ,
240	.Xr X509_STORE_CTX_new 3 ,
241	.Xr X509_STORE_get_by_subject 3 ,
242	.Xr X509_STORE_new 3 ,
243	.Xr X509v3_addr_add_inherit 3 ,
244	.Xr X509v3_addr_get_range 3 ,
245	.Xr X509v3_addr_inherits 3 ,
246	.Xr X509v3_addr_subset 3 ,
247	.Xr X509v3_addr_validate_path 3 ,
248	.Xr X509v3_asid_add_id_or_range 3
249	.Sh STANDARDS
250	RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
251	Certificate Revocation List (CRL) Profile
252	.Sh HISTORY
253	.Fn X509_new
254	and
255	.Fn X509_free
256	appeared in SSLeay 0.4 or earlier,
257	.Fn X509_dup
258	in SSLeay 0.4.4, and
259	.Fn X509_REQ_to_X509
260	in SSLeay 0.6.0 .
261	These functions have been available since
262	.Ox 2.4 .
263	.Pp
264	.Fn X509_up_ref
265	first appeared in OpenSSL 1.1.0 and has been available since
266	.Ox 6.1 .
267	.Pp
268	.Fn X509_chain_up_ref
269	first appeared in OpenSSL 1.0.2 and has been available since
270	.Ox 6.3 .
271	.Sh BUGS
272	The X.509 public key infrastructure and its data types contain too
273	many design bugs to list them.
274	For lots of examples, see the classic
275	.Lk https://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt\
276	"X.509 Style Guide"
277	that
278	.An Peter Gutmann
279	published in 2000.