diff options
| author | schwarze <> | 2021-11-11 12:06:25 +0000 |
|---|---|---|
| committer | schwarze <> | 2021-11-11 12:06:25 +0000 |
| commit | c906ed58432bf579a36e1a659309e4dd7aed7fdc (patch) | |
| tree | 0ce00e455e049eadd3dbcd466a99e1b54d3c6bcf /src/lib | |
| parent | 4f619109be6e68f276a18eef66df948237b264f9 (diff) | |
| download | openbsd-c906ed58432bf579a36e1a659309e4dd7aed7fdc.tar.gz openbsd-c906ed58432bf579a36e1a659309e4dd7aed7fdc.tar.bz2 openbsd-c906ed58432bf579a36e1a659309e4dd7aed7fdc.zip | |
new manual page X509_policy_tree_get0_policies(3),
also documenting X509_policy_tree_get0_user_policies(3)
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/man/Makefile | 3 | ||||
| -rw-r--r-- | src/lib/libcrypto/man/X509_policy_check.3 | 5 | ||||
| -rw-r--r-- | src/lib/libcrypto/man/X509_policy_tree_get0_policies.3 | 101 | ||||
| -rw-r--r-- | src/lib/libcrypto/man/X509_policy_tree_level_count.3 | 7 |
4 files changed, 110 insertions, 6 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index 6e8753b379..4a22484ea3 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: Makefile,v 1.210 2021/11/09 16:23:04 schwarze Exp $ | 1 | # $OpenBSD: Makefile,v 1.211 2021/11/11 12:06:25 schwarze Exp $ |
| 2 | 2 | ||
| 3 | .include <bsd.own.mk> | 3 | .include <bsd.own.mk> |
| 4 | 4 | ||
| @@ -352,6 +352,7 @@ MAN= \ | |||
| 352 | X509_new.3 \ | 352 | X509_new.3 \ |
| 353 | X509_ocspid_print.3 \ | 353 | X509_ocspid_print.3 \ |
| 354 | X509_policy_check.3 \ | 354 | X509_policy_check.3 \ |
| 355 | X509_policy_tree_get0_policies.3 \ | ||
| 355 | X509_policy_tree_level_count.3 \ | 356 | X509_policy_tree_level_count.3 \ |
| 356 | X509_print_ex.3 \ | 357 | X509_print_ex.3 \ |
| 357 | X509_sign.3 \ | 358 | X509_sign.3 \ |
diff --git a/src/lib/libcrypto/man/X509_policy_check.3 b/src/lib/libcrypto/man/X509_policy_check.3 index e4b3be0d43..5ea774a3ef 100644 --- a/src/lib/libcrypto/man/X509_policy_check.3 +++ b/src/lib/libcrypto/man/X509_policy_check.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: X509_policy_check.3,v 1.5 2021/07/30 15:01:40 schwarze Exp $ | 1 | .\" $OpenBSD: X509_policy_check.3,v 1.6 2021/11/11 12:06:25 schwarze Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> | 3 | .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -14,7 +14,7 @@ | |||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | .\" | 16 | .\" |
| 17 | .Dd $Mdocdate: July 30 2021 $ | 17 | .Dd $Mdocdate: November 11 2021 $ |
| 18 | .Dt X509_POLICY_CHECK 3 | 18 | .Dt X509_POLICY_CHECK 3 |
| 19 | .Os | 19 | .Os |
| 20 | .Sh NAME | 20 | .Sh NAME |
| @@ -177,6 +177,7 @@ to 0. | |||
| 177 | .Xr X509_check_purpose 3 , | 177 | .Xr X509_check_purpose 3 , |
| 178 | .Xr X509_check_trust 3 , | 178 | .Xr X509_check_trust 3 , |
| 179 | .Xr X509_new 3 , | 179 | .Xr X509_new 3 , |
| 180 | .Xr X509_policy_tree_get0_policies 3 , | ||
| 180 | .Xr X509_policy_tree_level_count 3 , | 181 | .Xr X509_policy_tree_level_count 3 , |
| 181 | .Xr X509_verify_cert 3 | 182 | .Xr X509_verify_cert 3 |
| 182 | .Sh STANDARDS | 183 | .Sh STANDARDS |
diff --git a/src/lib/libcrypto/man/X509_policy_tree_get0_policies.3 b/src/lib/libcrypto/man/X509_policy_tree_get0_policies.3 new file mode 100644 index 0000000000..cb0715d6cb --- /dev/null +++ b/src/lib/libcrypto/man/X509_policy_tree_get0_policies.3 | |||
| @@ -0,0 +1,101 @@ | |||
| 1 | .\" $OpenBSD: X509_policy_tree_get0_policies.3,v 1.1 2021/11/11 12:06:25 schwarze Exp $ | ||
| 2 | .\" | ||
| 3 | .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> | ||
| 4 | .\" | ||
| 5 | .\" Permission to use, copy, modify, and distribute this software for any | ||
| 6 | .\" purpose with or without fee is hereby granted, provided that the above | ||
| 7 | .\" copyright notice and this permission notice appear in all copies. | ||
| 8 | .\" | ||
| 9 | .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
| 10 | .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 11 | .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
| 12 | .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 13 | .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
| 16 | .\" | ||
| 17 | .Dd $Mdocdate: November 11 2021 $ | ||
| 18 | .Dt X509_POLICY_TREE_GET0_POLICIES 3 | ||
| 19 | .Os | ||
| 20 | .Sh NAME | ||
| 21 | .Nm X509_policy_tree_get0_policies , | ||
| 22 | .Nm X509_policy_tree_get0_user_policies | ||
| 23 | .Nd retrieve arrays of policy tree nodes | ||
| 24 | .Sh SYNOPSIS | ||
| 25 | .In openssl/x509_vfy.h | ||
| 26 | .Ft STACK_OF(X509_POLICY_NODE) * | ||
| 27 | .Fn X509_policy_tree_get0_policies "const X509_POLICY_TREE *tree" | ||
| 28 | .Ft STACK_OF(X509_POLICY_NODE) * | ||
| 29 | .Fn X509_policy_tree_get0_user_policies "const X509_POLICY_TREE *tree" | ||
| 30 | .Sh DESCRIPTION | ||
| 31 | The | ||
| 32 | .Em authority set | ||
| 33 | and the | ||
| 34 | .Em user set | ||
| 35 | are arrays of nodes from a policy | ||
| 36 | .Fa tree . | ||
| 37 | .Pp | ||
| 38 | If the last level of a | ||
| 39 | .Fa tree , | ||
| 40 | or equivalently, all levels of it, contain an | ||
| 41 | .Sy anyPolicy | ||
| 42 | node, the authority set contains | ||
| 43 | only this anyPolicy node from the last level. | ||
| 44 | Unless the array of | ||
| 45 | .Fa policy_oids | ||
| 46 | passed to | ||
| 47 | .Xr X509_policy_check 3 | ||
| 48 | contained an anyPolicy object, | ||
| 49 | the user set contains one node for each of the | ||
| 50 | .Fa policy_oids ; | ||
| 51 | specifically, the first matching node that is a child of an anyPolicy node. | ||
| 52 | .Pp | ||
| 53 | If the last level of the | ||
| 54 | .Fa tree | ||
| 55 | does not contain an | ||
| 56 | .Sy anyPolicy | ||
| 57 | node, the authority set contains | ||
| 58 | all non-anyPolicy nodes that are children of anyPolicy nodes. | ||
| 59 | For each element of the | ||
| 60 | .Fa policy_oids , | ||
| 61 | the user set contains the first node from the authority set | ||
| 62 | matching it, if any. | ||
| 63 | .Pp | ||
| 64 | These functions are intended to be called after | ||
| 65 | .Xr X509_policy_check 3 | ||
| 66 | was called either directly or indirectly through | ||
| 67 | .Xr X509_verify_cert 3 . | ||
| 68 | .Sh RETURN VALUES | ||
| 69 | .Fn X509_policy_tree_get0_policies | ||
| 70 | returns an internal pointer to the authority set | ||
| 71 | or | ||
| 72 | .Dv NULL | ||
| 73 | if the | ||
| 74 | .Fa tree | ||
| 75 | argument is | ||
| 76 | .Dv NULL . | ||
| 77 | .Pp | ||
| 78 | .Fn X509_policy_tree_get0_user_policies | ||
| 79 | returns an internal pointer to the user set or | ||
| 80 | .Dv NULL | ||
| 81 | if the | ||
| 82 | .Fa tree | ||
| 83 | argument is | ||
| 84 | .Dv NULL | ||
| 85 | or if the array of | ||
| 86 | .Fa policy_oids | ||
| 87 | passed to | ||
| 88 | .Xr X509_policy_check 3 | ||
| 89 | was empty or contained an anyPolicy object. | ||
| 90 | .Sh SEE ALSO | ||
| 91 | .Xr STACK_OF 3 , | ||
| 92 | .Xr X509_policy_check 3 , | ||
| 93 | .Xr X509_policy_level_get0_node 3 , | ||
| 94 | .Xr X509_STORE_CTX_get0_policy_tree 3 | ||
| 95 | .Sh STANDARDS | ||
| 96 | RFC 5280: Internet X.509 Public Key Infrastructure Certificate | ||
| 97 | and Certificate Revocation List (CRL) Profile, | ||
| 98 | section 6.1: Basic Path Validation | ||
| 99 | .Sh HISTORY | ||
| 100 | These function first appeared in OpenSSL 0.9.8 and have been available since | ||
| 101 | .Ox 4.5 . | ||
diff --git a/src/lib/libcrypto/man/X509_policy_tree_level_count.3 b/src/lib/libcrypto/man/X509_policy_tree_level_count.3 index f74754c362..4b13e6a967 100644 --- a/src/lib/libcrypto/man/X509_policy_tree_level_count.3 +++ b/src/lib/libcrypto/man/X509_policy_tree_level_count.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: X509_policy_tree_level_count.3,v 1.3 2021/07/28 13:47:21 schwarze Exp $ | 1 | .\" $OpenBSD: X509_policy_tree_level_count.3,v 1.4 2021/11/11 12:06:25 schwarze Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> | 3 | .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -14,7 +14,7 @@ | |||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | .\" | 16 | .\" |
| 17 | .Dd $Mdocdate: July 28 2021 $ | 17 | .Dd $Mdocdate: November 11 2021 $ |
| 18 | .Dt X509_POLICY_TREE_LEVEL_COUNT 3 | 18 | .Dt X509_POLICY_TREE_LEVEL_COUNT 3 |
| 19 | .Os | 19 | .Os |
| 20 | .Sh NAME | 20 | .Sh NAME |
| @@ -167,7 +167,8 @@ The parent node is always located on the previous level. | |||
| 167 | .Xr POLICYQUALINFO_new 3 , | 167 | .Xr POLICYQUALINFO_new 3 , |
| 168 | .Xr STACK_OF 3 , | 168 | .Xr STACK_OF 3 , |
| 169 | .Xr X509_new 3 , | 169 | .Xr X509_new 3 , |
| 170 | .Xr X509_policy_check 3 | 170 | .Xr X509_policy_check 3 , |
| 171 | .Xr X509_policy_tree_get0_policies 3 | ||
| 171 | .Sh STANDARDS | 172 | .Sh STANDARDS |
| 172 | RFC 5280: Internet X.509 Public Key Infrastructure Certificate | 173 | RFC 5280: Internet X.509 Public Key Infrastructure Certificate |
| 173 | and Certificate Revocation List (CRL) Profile, | 174 | and Certificate Revocation List (CRL) Profile, |