Write new SXNET_new(3) manual page from scratch. All four functions

are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. OpenSSL documentation specifies the wrong header file. I consider the quotation from http://www-03.ibm.com/security/library/wp_pki0730.shtml fair use because (1) it is a very brief extract from a long text, (2) no other source of information is available, (3) it is quoted for the purpose of education and research, (4) republishing happens in a not-for-profit context. I'm not including the URI into the manual page because large corporate websites are notorious for changing URIs during each spring cleaning.
author: schwarze <> 2016-12-24 01:00:48 +0000
committer: schwarze <> 2016-12-24 01:00:48 +0000
commit: 1ef41217daa208a53c36a9d3bdedf17b05de6eb6 (patch)
tree: fbfc1817eabc9346662900951d7b8289fc1c0fb6 /src/lib
parent: bfd27824b943b6045fabc1f6650da87562ce625d (diff)
download: openbsd-1ef41217daa208a53c36a9d3bdedf17b05de6eb6.tar.gz
openbsd-1ef41217daa208a53c36a9d3bdedf17b05de6eb6.tar.bz2
openbsd-1ef41217daa208a53c36a9d3bdedf17b05de6eb6.zip
2 files changed, 93 insertions, 1 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index 191f3f2882..7d013ab44b 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.99 2016/12/23 23:50:04 schwarze Exp $
+# $OpenBSD: Makefile,v 1.100 2016/12/24 01:00:48 schwarze Exp $
 .include <bsd.own.mk>
@@ -186,6 +186,7 @@ MAN=	\
        SHA1.3 \
        SMIME_read_PKCS7.3 \
        SMIME_write_PKCS7.3 \
+        SXNET_new.3 \
        TS_REQ_new.3 \
        UI_new.3 \
        X509V3_get_d2i.3 \
diff --git a/src/lib/libcrypto/man/SXNET_new.3 b/src/lib/libcrypto/man/SXNET_new.3
new file mode 100644
index 0000000000..1484970113
--- /dev/null
+++ b/src/lib/libcrypto/man/SXNET_new.3
@@ -0,0 +1,91 @@
+.\"     $OpenBSD: SXNET_new.3,v 1.1 2016/12/24 01:00:48 schwarze Exp $
+.\"
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: December 24 2016 $
+.Dt SXNET_NEW 3
+.Os
+.Sh NAME
+.Nm SXNET_new ,
+.Nm SXNET_free ,
+.Nm SXNETID_new ,
+.Nm SXNETID_free
+.Nd Thawte strong extranet X.509 extension
+.Sh SYNOPSIS
+.In openssl/x509v3.h
+.Ft SXNET *
+.Fn SXNET_new void
+.Ft void
+.Fn SXNET_free "SXNET *sxnet"
+.Ft SXNETID *
+.Fn SXNETID_new void
+.Ft void
+.Fn SXNETID_free "SXNETID *sxnetid"
+.Sh DESCRIPTION
+.Fn SXNET_new
+allocates and initializes an empty
+.Vt SXNET
+object representing a non-standard proprietary Thawte strong extranet
+X.509 extension.
+.Fn SXNET_free
+frees
+.Fa sxnet .
+.Pp
+.Fn SXNETID_new
+allocates and initializes an empty
+.Vt SXNETID
+object.
+It is used inside
+.Vt SXNET .
+.Fn SXNETID_free
+frees
+.Fa sxnetid .
+.Sh RETURN VALUES
+.Fn SXNET_new
+and
+.Fn SXNETID_new
+return the new
+.Vt SXNET
+or
+.Vt SXNETID
+object, respectively, or
+.Dv NULL
+if an error occurs.
+.Sh SEE ALSO
+.Xr X509_EXTENSION_new 3 ,
+.Xr X509_new 3
+.Rs
+.%A M. Shuttleworth
+.%R The Strong Extranet: real-world personal certification
+.%Q Thawte Consulting
+.%C South Africa
+.%D 1998
+.Re
+.Sh BUGS
+This manual page does not explain what the extension actually does
+because no authoritative information was found online so far.
+.Pp
+The only hint was found in an ancient white paper "Securing IBM
+Applications with Public Key Infrastructure" on the IBM website,
+dated June 13, 2001: "Thawte also has a technology called Strong
+Extranet that allows institutions to encode customer information
+in the extensions to their customer's certificates.
+Because multiple institutions can add information, the user needs
+only one certificate, making renewal and revocation simpler, although
+the issue of modifying an extension to an existing certificate is
+not addressed."
+.Pp
+It is unclear whether that explanation is accurate, but in any case,
+it is not very specific.
author	schwarze <>	2016-12-24 01:00:48 +0000
committer	schwarze <>	2016-12-24 01:00:48 +0000
commit	1ef41217daa208a53c36a9d3bdedf17b05de6eb6 (patch)
tree	fbfc1817eabc9346662900951d7b8289fc1c0fb6 /src/lib
parent	bfd27824b943b6045fabc1f6650da87562ce625d (diff)
download	openbsd-1ef41217daa208a53c36a9d3bdedf17b05de6eb6.tar.gz openbsd-1ef41217daa208a53c36a9d3bdedf17b05de6eb6.tar.bz2 openbsd-1ef41217daa208a53c36a9d3bdedf17b05de6eb6.zip

diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index 191f3f2882..7d013ab44b 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.99 2016/12/23 23:50:04 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.100 2016/12/24 01:00:48 schwarze Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4		4
@@ -186,6 +186,7 @@ MAN= \
186	SHA1.3 \	186	SHA1.3 \
187	SMIME_read_PKCS7.3 \	187	SMIME_read_PKCS7.3 \
188	SMIME_write_PKCS7.3 \	188	SMIME_write_PKCS7.3 \
		189	SXNET_new.3 \
189	TS_REQ_new.3 \	190	TS_REQ_new.3 \
190	UI_new.3 \	191	UI_new.3 \
191	X509V3_get_d2i.3 \	192	X509V3_get_d2i.3 \


diff --git a/src/lib/libcrypto/man/SXNET_new.3 b/src/lib/libcrypto/man/SXNET_new.3 new file mode 100644 index 0000000000..1484970113 --- /dev/null +++ b/src/lib/libcrypto/man/SXNET_new.3
@@ -0,0 +1,91 @@
		1	.\" $OpenBSD: SXNET_new.3,v 1.1 2016/12/24 01:00:48 schwarze Exp $
		2	.\"
		3	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
		4	.\"
		5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: December 24 2016 $
		18	.Dt SXNET_NEW 3
		19	.Os
		20	.Sh NAME
		21	.Nm SXNET_new ,
		22	.Nm SXNET_free ,
		23	.Nm SXNETID_new ,
		24	.Nm SXNETID_free
		25	.Nd Thawte strong extranet X.509 extension
		26	.Sh SYNOPSIS
		27	.In openssl/x509v3.h
		28	.Ft SXNET *
		29	.Fn SXNET_new void
		30	.Ft void
		31	.Fn SXNET_free "SXNET *sxnet"
		32	.Ft SXNETID *
		33	.Fn SXNETID_new void
		34	.Ft void
		35	.Fn SXNETID_free "SXNETID *sxnetid"
		36	.Sh DESCRIPTION
		37	.Fn SXNET_new
		38	allocates and initializes an empty
		39	.Vt SXNET
		40	object representing a non-standard proprietary Thawte strong extranet
		41	X.509 extension.
		42	.Fn SXNET_free
		43	frees
		44	.Fa sxnet .
		45	.Pp
		46	.Fn SXNETID_new
		47	allocates and initializes an empty
		48	.Vt SXNETID
		49	object.
		50	It is used inside
		51	.Vt SXNET .
		52	.Fn SXNETID_free
		53	frees
		54	.Fa sxnetid .
		55	.Sh RETURN VALUES
		56	.Fn SXNET_new
		57	and
		58	.Fn SXNETID_new
		59	return the new
		60	.Vt SXNET
		61	or
		62	.Vt SXNETID
		63	object, respectively, or
		64	.Dv NULL
		65	if an error occurs.
		66	.Sh SEE ALSO
		67	.Xr X509_EXTENSION_new 3 ,
		68	.Xr X509_new 3
		69	.Rs
		70	.%A M. Shuttleworth
		71	.%R The Strong Extranet: real-world personal certification
		72	.%Q Thawte Consulting
		73	.%C South Africa
		74	.%D 1998
		75	.Re
		76	.Sh BUGS
		77	This manual page does not explain what the extension actually does
		78	because no authoritative information was found online so far.
		79	.Pp
		80	The only hint was found in an ancient white paper "Securing IBM
		81	Applications with Public Key Infrastructure" on the IBM website,
		82	dated June 13, 2001: "Thawte also has a technology called Strong
		83	Extranet that allows institutions to encode customer information
		84	in the extensions to their customer's certificates.
		85	Because multiple institutions can add information, the user needs
		86	only one certificate, making renewal and revocation simpler, although
		87	the issue of modifying an extension to an existing certificate is
		88	not addressed."
		89	.Pp
		90	It is unclear whether that explanation is accurate, but in any case,
		91	it is not very specific.