diff options
| author | beck <> | 2015-09-12 21:00:38 +0000 |
|---|---|---|
| committer | beck <> | 2015-09-12 21:00:38 +0000 |
| commit | 597a9dc18b943498a3f42065e756e1b0a648987c (patch) | |
| tree | 926c057595ea50242eb49f4f725d0bf1a0488e65 /src/lib/libtls/tls_init.3 | |
| parent | 5295709b8306b98ea97e2540c0e4dad875421ebe (diff) | |
| download | openbsd-597a9dc18b943498a3f42065e756e1b0a648987c.tar.gz openbsd-597a9dc18b943498a3f42065e756e1b0a648987c.tar.bz2 openbsd-597a9dc18b943498a3f42065e756e1b0a648987c.zip | |
Move connection info into it's own private structure allocated and filled in
at handshake time. change accessors to return const char * to remove need
for caller to free memory.
ok jsing@
Diffstat (limited to 'src/lib/libtls/tls_init.3')
| -rw-r--r-- | src/lib/libtls/tls_init.3 | 30 |
1 files changed, 10 insertions, 20 deletions
diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index a1fe52c83c..90cbdb3f3b 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: tls_init.3,v 1.42 2015/09/11 14:22:53 jmc Exp $ | 1 | .\" $OpenBSD: tls_init.3,v 1.43 2015/09/12 21:00:38 beck Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> | 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -14,7 +14,7 @@ | |||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | .\" | 16 | .\" |
| 17 | .Dd $Mdocdate: September 11 2015 $ | 17 | .Dd $Mdocdate: September 12 2015 $ |
| 18 | .Dt TLS_INIT 3 | 18 | .Dt TLS_INIT 3 |
| 19 | .Os | 19 | .Os |
| 20 | .Sh NAME | 20 | .Sh NAME |
| @@ -121,12 +121,12 @@ | |||
| 121 | .Fn tls_peer_cert_provided "struct tls *ctx" | 121 | .Fn tls_peer_cert_provided "struct tls *ctx" |
| 122 | .Ft "int" | 122 | .Ft "int" |
| 123 | .Fn tls_peer_cert_contains_name "struct tls *ctx" "const char *name" | 123 | .Fn tls_peer_cert_contains_name "struct tls *ctx" "const char *name" |
| 124 | .Ft "int" | 124 | .Ft "const char *" |
| 125 | .Fn tls_peer_cert_issuer "struct tls *ctx" "char **issuer" | 125 | .Fn tls_peer_cert_issuer "struct tls *ctx" |
| 126 | .Ft "int" | 126 | .Ft "const char *" |
| 127 | .Fn tls_peer_cert_subject "struct tls *ctx" "char **subject" | 127 | .Fn tls_peer_cert_subject "struct tls *ctx" |
| 128 | .Ft "int" | 128 | .Ft "const char *" |
| 129 | .Fn tls_peer_cert_hash "struct tls *ctx" "char **hash" | 129 | .Fn tls_peer_cert_hash "struct tls *ctx" |
| 130 | .Ft "uint8_t *" | 130 | .Ft "uint8_t *" |
| 131 | .Fn tls_load_file "const char *file" "size_t *len" "char *password" | 131 | .Fn tls_load_file "const char *file" "size_t *len" "char *password" |
| 132 | .Ft "struct tls *" | 132 | .Ft "struct tls *" |
| @@ -386,31 +386,23 @@ can only succeed after the handshake is complete. | |||
| 386 | .Em (Server and client) | 386 | .Em (Server and client) |
| 387 | .It | 387 | .It |
| 388 | .Fn tls_peer_cert_subject | 388 | .Fn tls_peer_cert_subject |
| 389 | returns a string in | 389 | returns a string |
| 390 | .Ar subject | ||
| 391 | corresponding to the subject of the peer certificate from | 390 | corresponding to the subject of the peer certificate from |
| 392 | .Ar ctx . | 391 | .Ar ctx . |
| 393 | .Fn tls_peer_cert_subject | 392 | .Fn tls_peer_cert_subject |
| 394 | will only succeed after the handshake is complete. | 393 | will only succeed after the handshake is complete. |
| 395 | Callers must free the string returned in | ||
| 396 | .Ar subject . | ||
| 397 | .Em (Server and client) | 394 | .Em (Server and client) |
| 398 | .It | 395 | .It |
| 399 | .Fn tls_peer_cert_issuer | 396 | .Fn tls_peer_cert_issuer |
| 400 | returns a string in | 397 | returns a string |
| 401 | .Ar subject | ||
| 402 | corresponding to the issuer of the peer certificate from | 398 | corresponding to the issuer of the peer certificate from |
| 403 | .Ar ctx . | 399 | .Ar ctx . |
| 404 | .Fn tls_peer_cert_issuer | 400 | .Fn tls_peer_cert_issuer |
| 405 | will only succeed after the handshake is complete. | 401 | will only succeed after the handshake is complete. |
| 406 | Callers must free the string returned in | ||
| 407 | .Ar issuer . | ||
| 408 | .Em (Server and client) | 402 | .Em (Server and client) |
| 409 | .It | 403 | .It |
| 410 | .Fn tls_peer_cert_hash | 404 | .Fn tls_peer_cert_hash |
| 411 | returns a string | 405 | returns a string |
| 412 | in | ||
| 413 | .Ar hash | ||
| 414 | corresponding to a hash of the raw peer certificate from | 406 | corresponding to a hash of the raw peer certificate from |
| 415 | .Ar ctx | 407 | .Ar ctx |
| 416 | prefixed by a hash name followed by a colon. | 408 | prefixed by a hash name followed by a colon. |
| @@ -426,8 +418,6 @@ printf "SHA256:${h}\\n" | |||
| 426 | .Pp | 418 | .Pp |
| 427 | .Fn tls_peer_cert_subject | 419 | .Fn tls_peer_cert_subject |
| 428 | will only succeed after the handshake is complete. | 420 | will only succeed after the handshake is complete. |
| 429 | Callers must free the string returned in | ||
| 430 | .Ar hash . | ||
| 431 | .Em (Server and client) | 421 | .Em (Server and client) |
| 432 | .It | 422 | .It |
| 433 | .Fn tls_config_verify_client_opional | 423 | .Fn tls_config_verify_client_opional |