diff options
| author | jsing <> | 2015-09-14 16:16:38 +0000 |
|---|---|---|
| committer | jsing <> | 2015-09-14 16:16:38 +0000 |
| commit | 0e84a3939e912f6a384416b3af214fe8d44ff343 (patch) | |
| tree | c19ebb2220b683828ca94f71006134cbdaa38ebd /src/lib/libtls/tls_init.3 | |
| parent | 0f763b25777f63f3832ab70f6b1fccb6ee041476 (diff) | |
| download | openbsd-0e84a3939e912f6a384416b3af214fe8d44ff343.tar.gz openbsd-0e84a3939e912f6a384416b3af214fe8d44ff343.tar.bz2 openbsd-0e84a3939e912f6a384416b3af214fe8d44ff343.zip | |
Provide tls_config_insecure_noverifytime() in order to be able to disable
certificate validity checking.
ok beck@
Diffstat (limited to 'src/lib/libtls/tls_init.3')
| -rw-r--r-- | src/lib/libtls/tls_init.3 | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index feef85dcb6..12a8e4bcf7 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: tls_init.3,v 1.47 2015/09/14 15:14:55 schwarze Exp $ | 1 | .\" $OpenBSD: tls_init.3,v 1.48 2015/09/14 16:16:38 jsing Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> | 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -40,6 +40,7 @@ | |||
| 40 | .Nm tls_config_clear_keys , | 40 | .Nm tls_config_clear_keys , |
| 41 | .Nm tls_config_insecure_noverifycert , | 41 | .Nm tls_config_insecure_noverifycert , |
| 42 | .Nm tls_config_insecure_noverifyname , | 42 | .Nm tls_config_insecure_noverifyname , |
| 43 | .Nm tls_config_insecure_noverifytime , | ||
| 43 | .Nm tls_config_verify , | 44 | .Nm tls_config_verify , |
| 44 | .Nm tls_config_verify_client , | 45 | .Nm tls_config_verify_client , |
| 45 | .Nm tls_config_verify_client_optional , | 46 | .Nm tls_config_verify_client_optional , |
| @@ -114,6 +115,8 @@ | |||
| 114 | .Ft "void" | 115 | .Ft "void" |
| 115 | .Fn tls_config_insecure_noverifyname "struct tls_config *config" | 116 | .Fn tls_config_insecure_noverifyname "struct tls_config *config" |
| 116 | .Ft "void" | 117 | .Ft "void" |
| 118 | .Fn tls_config_insecure_noverifytime "struct tls_config *config" | ||
| 119 | .Ft "void" | ||
| 117 | .Fn tls_config_verify "struct tls_config *config" | 120 | .Fn tls_config_verify "struct tls_config *config" |
| 118 | .Ft "void" | 121 | .Ft "void" |
| 119 | .Fn tls_config_verify_client "struct tls_config *config" | 122 | .Fn tls_config_verify_client "struct tls_config *config" |
| @@ -365,6 +368,11 @@ disables server name verification. | |||
| 365 | Be careful when using this option. | 368 | Be careful when using this option. |
| 366 | .Em (Client) | 369 | .Em (Client) |
| 367 | .It | 370 | .It |
| 371 | .Fn tls_config_insecure_noverifytime | ||
| 372 | disables validity checking of certificate. | ||
| 373 | Be careful when using this option. | ||
| 374 | .Em (Client and server) | ||
| 375 | .It | ||
| 368 | .Fn tls_config_verify | 376 | .Fn tls_config_verify |
| 369 | reenables server name and certificate verification. | 377 | reenables server name and certificate verification. |
| 370 | .Em (Client) | 378 | .Em (Client) |