summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorschwarze <>2021-07-28 14:48:09 +0000
committerschwarze <>2021-07-28 14:48:09 +0000
commitcc1f8fec3044f91f59fbec1ffd1ab28cb3996ba0 (patch)
treea177ddf5c72c3ca89a728113016a2bc5958de766 /src/lib
parentbf5c7bff83cd29a993c4e16eec180010a8308f56 (diff)
downloadopenbsd-cc1f8fec3044f91f59fbec1ffd1ab28cb3996ba0.tar.gz
openbsd-cc1f8fec3044f91f59fbec1ffd1ab28cb3996ba0.tar.bz2
openbsd-cc1f8fec3044f91f59fbec1ffd1ab28cb3996ba0.zip
document X509_STORE_CTX_get0_policy_tree(3)
and X509_STORE_CTX_get_explicit_policy(3)
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/man/X509_STORE_CTX_get_error.345
1 files changed, 41 insertions, 4 deletions
diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3 b/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3
index 3ea3175b98..f7466c4bd9 100644
--- a/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3
+++ b/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: X509_STORE_CTX_get_error.3,v 1.16 2021/07/22 15:35:50 schwarze Exp $ 1.\" $OpenBSD: X509_STORE_CTX_get_error.3,v 1.17 2021/07/28 14:48:09 schwarze Exp $
2.\" full merge up to: 2.\" full merge up to:
3.\" OpenSSL crypto/X509_STORE_CTX_get_error f0e0fd51 Apr 14 23:59:26 2016 -0400 3.\" OpenSSL crypto/X509_STORE_CTX_get_error f0e0fd51 Apr 14 23:59:26 2016 -0400
4.\" selective merge up to: 4.\" selective merge up to:
@@ -70,7 +70,7 @@
70.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 70.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
71.\" OF THE POSSIBILITY OF SUCH DAMAGE. 71.\" OF THE POSSIBILITY OF SUCH DAMAGE.
72.\" 72.\"
73.Dd $Mdocdate: July 22 2021 $ 73.Dd $Mdocdate: July 28 2021 $
74.Dt X509_STORE_CTX_GET_ERROR 3 74.Dt X509_STORE_CTX_GET_ERROR 3
75.Os 75.Os
76.Sh NAME 76.Sh NAME
@@ -83,6 +83,8 @@
83.Nm X509_STORE_CTX_get0_chain , 83.Nm X509_STORE_CTX_get0_chain ,
84.Nm X509_STORE_CTX_get_chain , 84.Nm X509_STORE_CTX_get_chain ,
85.Nm X509_STORE_CTX_get1_chain , 85.Nm X509_STORE_CTX_get1_chain ,
86.Nm X509_STORE_CTX_get0_policy_tree ,
87.Nm X509_STORE_CTX_get_explicit_policy ,
86.Nm X509_verify_cert_error_string 88.Nm X509_verify_cert_error_string
87.Nd get or set certificate verification status information 89.Nd get or set certificate verification status information
88.Sh SYNOPSIS 90.Sh SYNOPSIS
@@ -124,15 +126,24 @@
124.Fo X509_STORE_CTX_get1_chain 126.Fo X509_STORE_CTX_get1_chain
125.Fa "X509_STORE_CTX *ctx" 127.Fa "X509_STORE_CTX *ctx"
126.Fc 128.Fc
129.Ft X509_POLICY_TREE *
130.Fo X509_STORE_CTX_get0_policy_tree
131.Fa "X509_STORE_CTX *ctx"
132.Fc
133.Ft int
134.Fo X509_STORE_CTX_get_explicit_policy
135.Fa "X509_STORE_CTX *ctx"
136.Fc
127.In openssl/x509.h 137.In openssl/x509.h
128.Ft const char * 138.Ft const char *
129.Fo X509_verify_cert_error_string 139.Fo X509_verify_cert_error_string
130.Fa "long n" 140.Fa "long n"
131.Fc 141.Fc
132.Sh DESCRIPTION 142.Sh DESCRIPTION
133These functions are typically called after 143Most of these functions are typically called after
134.Xr X509_verify_cert 3 144.Xr X509_verify_cert 3
135has indicated an error or in a verification callback to determine the 145to inspect status information related to certificate verification.
146Some may also be called in a verification callback to determine the
136nature of an error. 147nature of an error.
137.Pp 148.Pp
138.Fn X509_STORE_CTX_get_error 149.Fn X509_STORE_CTX_get_error
@@ -238,6 +249,24 @@ return a pointer to a stack of certificates or
238.Dv NULL 249.Dv NULL
239if an error occurs. 250if an error occurs.
240.Pp 251.Pp
252.Fn X509_STORE_CTX_get0_policy_tree
253returns an internal pointer to the
254.Fa valid_policy_tree
255created by
256.Xr X509_policy_check 3
257or
258.Dv NULL
259if validation failed or the resulting tree was empty.
260.Pp
261.Fn X509_STORE_CTX_get_explicit_policy
262returns the
263.Pf * Fa pexplicit_policy
264output argument of
265.Xr X509_policy_check 3 .
266If validation succeeded, it is 1 if
267.Dv X509_V_FLAG_EXPLICIT_POLICY
268was requested or 0 otherwise.
269.Pp
241.Fn X509_verify_cert_error_string 270.Fn X509_verify_cert_error_string
242returns a human readable error string for verification error 271returns a human readable error string for verification error
243.Fa n . 272.Fa n .
@@ -412,6 +441,8 @@ An application specific error.
412This will never be returned unless explicitly set by an application. 441This will never be returned unless explicitly set by an application.
413.El 442.El
414.Sh SEE ALSO 443.Sh SEE ALSO
444.Xr X509_policy_check 3 ,
445.Xr X509_policy_tree_level_count 3 ,
415.Xr X509_STORE_CTX_new 3 , 446.Xr X509_STORE_CTX_new 3 ,
416.Xr X509_up_ref 3 , 447.Xr X509_up_ref 3 ,
417.Xr X509_verify_cert 3 448.Xr X509_verify_cert 3
@@ -430,6 +461,12 @@ first appeared in SSLeay 0.8.0 and have been available since
430first appeared in OpenSSL 0.9.5 and has been available since 461first appeared in OpenSSL 0.9.5 and has been available since
431.Ox 2.7 . 462.Ox 2.7 .
432.Pp 463.Pp
464.Fn X509_STORE_CTX_get0_policy_tree
465and
466.Fn X509_STORE_CTX_get_explicit_policy
467first appeared in OpenSSL 0.9.8 and have been available since
468.Ox 4.5 .
469.Pp
433.Fn X509_STORE_CTX_get0_current_issuer 470.Fn X509_STORE_CTX_get0_current_issuer
434and 471and
435.Fn X509_STORE_CTX_get0_current_crl 472.Fn X509_STORE_CTX_get0_current_crl
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 09:30:44 +0000