summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorschwarze <>2022-11-16 14:51:08 +0000
committerschwarze <>2022-11-16 14:51:08 +0000
commit7a56e9a103002eaaf024f5de0cbbfba7ea6d480b (patch)
tree1982ae17e90407c90dbfbb830646905294f7f7b8 /src
parent9894144b1cee338d530ce65cdcaa42003e2afc3c (diff)
downloadopenbsd-7a56e9a103002eaaf024f5de0cbbfba7ea6d480b.tar.gz
openbsd-7a56e9a103002eaaf024f5de0cbbfba7ea6d480b.tar.bz2
openbsd-7a56e9a103002eaaf024f5de0cbbfba7ea6d480b.zip
document X509_STORE_CTX_verify_cb(3) and X509_STORE_get_verify_cb(3)
which tb@ provided with x509_vfy.h revisions 1.48 and 1.49
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.326
-rw-r--r--src/lib/libcrypto/man/X509_STORE_set_verify_cb_func.327
2 files changed, 40 insertions, 13 deletions
diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3 b/src/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3
index c4afb89385..9ae3d0294a 100644
--- a/src/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3
+++ b/src/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3
@@ -1,5 +1,5 @@
1.\" $OpenBSD: X509_STORE_CTX_set_verify_cb.3,v 1.8 2022/01/02 21:00:37 tb Exp $ 1.\" $OpenBSD: X509_STORE_CTX_set_verify_cb.3,v 1.9 2022/11/16 14:51:08 schwarze Exp $
2.\" full merge up to: OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 2.\" full merge up to: OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400
3.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 3.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
4.\" 4.\"
5.\" This file is a derived work. 5.\" This file is a derived work.
@@ -66,23 +66,28 @@
66.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 66.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
67.\" OF THE POSSIBILITY OF SUCH DAMAGE. 67.\" OF THE POSSIBILITY OF SUCH DAMAGE.
68.\" 68.\"
69.Dd $Mdocdate: January 2 2022 $ 69.Dd $Mdocdate: November 16 2022 $
70.Dt X509_STORE_CTX_SET_VERIFY_CB 3 70.Dt X509_STORE_CTX_SET_VERIFY_CB 3
71.Os 71.Os
72.Sh NAME 72.Sh NAME
73.Nm X509_STORE_CTX_verify_cb ,
73.Nm X509_STORE_CTX_set_verify_cb , 74.Nm X509_STORE_CTX_set_verify_cb ,
74.Nm X509_STORE_CTX_get_verify_cb 75.Nm X509_STORE_CTX_get_verify_cb
75.Nd set and retrieve verification callback 76.Nd set and retrieve verification callback
76.Sh SYNOPSIS 77.Sh SYNOPSIS
77.In openssl/x509_vfy.h 78.In openssl/x509_vfy.h
79.Ft typedef int
80.Fo (*X509_STORE_CTX_verify_cb)
81.Fa "int ok"
82.Fa "X509_STORE_CTX *ctx"
83.Fc
78.Ft void 84.Ft void
79.Fo X509_STORE_CTX_set_verify_cb 85.Fo X509_STORE_CTX_set_verify_cb
80.Fa "X509_STORE_CTX *ctx" 86.Fa "X509_STORE_CTX *ctx"
81.Fa "int (*verify_cb)(int ok, X509_STORE_CTX *ctx)" 87.Fa "X509_STORE_CTX_verify_cb verify_cb"
82.Fc 88.Fc
83.Ft int 89.Ft X509_STORE_CTX_verify_cb
84.Fo "(*X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx))" 90.Fo X509_STORE_CTX_get_verify_cb
85.Fa "int ok"
86.Fa "X509_STORE_CTX *ctx" 91.Fa "X509_STORE_CTX *ctx"
87.Fc 92.Fc
88.Sh DESCRIPTION 93.Sh DESCRIPTION
@@ -98,7 +103,7 @@ certificate verification, either by overriding error conditions or
98logging errors for debugging purposes. 103logging errors for debugging purposes.
99.Pp 104.Pp
100However, a verification callback is 105However, a verification callback is
101.Sy not 106.Em not
102essential and the default operation is often sufficient. 107essential and the default operation is often sufficient.
103.Pp 108.Pp
104The 109The
@@ -256,6 +261,7 @@ verify_callback(int ok, X509_STORE_CTX *ctx)
256.Xr X509_STORE_CTX_new 3 , 261.Xr X509_STORE_CTX_new 3 ,
257.Xr X509_STORE_CTX_set_error 3 , 262.Xr X509_STORE_CTX_set_error 3 ,
258.Xr X509_STORE_CTX_set_flags 3 , 263.Xr X509_STORE_CTX_set_flags 3 ,
264.Xr X509_STORE_CTX_set_verify 3 ,
259.Xr X509_STORE_set_verify_cb 3 , 265.Xr X509_STORE_set_verify_cb 3 ,
260.Xr X509_verify_cert 3 , 266.Xr X509_verify_cert 3 ,
261.Xr X509_VERIFY_PARAM_set_flags 3 267.Xr X509_VERIFY_PARAM_set_flags 3
@@ -267,6 +273,10 @@ first appeared in OpenSSL 0.9.6c and has been available since
267.Fn X509_STORE_CTX_get_verify_cb 273.Fn X509_STORE_CTX_get_verify_cb
268first appeared in OpenSSL 1.1.0 and has been available since 274first appeared in OpenSSL 1.1.0 and has been available since
269.Ox 7.1 . 275.Ox 7.1 .
276.Pp
277.Fn X509_STORE_CTX_verify_cb
278first appeared in OpenSSL 1.1.0 and has been available since
279.Ox 7.2 .
270.Sh CAVEATS 280.Sh CAVEATS
271In general a verification callback should 281In general a verification callback should
272.Sy NOT 282.Sy NOT
diff --git a/src/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3 b/src/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3
index f6d534bbb0..bdd5ea5044 100644
--- a/src/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3
+++ b/src/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: X509_STORE_set_verify_cb_func.3,v 1.11 2021/11/17 16:08:32 schwarze Exp $ 1.\" $OpenBSD: X509_STORE_set_verify_cb_func.3,v 1.12 2022/11/16 14:51:08 schwarze Exp $
2.\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400 2.\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400
3.\" selective merge up to: OpenSSL 315c47e0 Dec 1 14:22:16 2020 +0100 3.\" selective merge up to: OpenSSL 315c47e0 Dec 1 14:22:16 2020 +0100
4.\" 4.\"
@@ -49,24 +49,29 @@
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\" 51.\"
52.Dd $Mdocdate: November 17 2021 $ 52.Dd $Mdocdate: November 16 2022 $
53.Dt X509_STORE_SET_VERIFY_CB_FUNC 3 53.Dt X509_STORE_SET_VERIFY_CB_FUNC 3
54.Os 54.Os
55.Sh NAME 55.Sh NAME
56.Nm X509_STORE_set_verify_cb , 56.Nm X509_STORE_set_verify_cb ,
57.Nm X509_STORE_set_verify_cb_func 57.Nm X509_STORE_set_verify_cb_func ,
58.Nm X509_STORE_get_verify_cb
58.Nd set verification callback 59.Nd set verification callback
59.Sh SYNOPSIS 60.Sh SYNOPSIS
60.In openssl/x509_vfy.h 61.In openssl/x509_vfy.h
61.Ft void 62.Ft void
62.Fo X509_STORE_set_verify_cb 63.Fo X509_STORE_set_verify_cb
63.Fa "X509_STORE *st" 64.Fa "X509_STORE *st"
64.Fa "int (*verify_cb)(int ok, X509_STORE_CTX *ctx)" 65.Fa "X509_STORE_CTX_verify_cb verify_cb"
65.Fc 66.Fc
66.Ft void 67.Ft void
67.Fo X509_STORE_set_verify_cb_func 68.Fo X509_STORE_set_verify_cb_func
68.Fa "X509_STORE *st" 69.Fa "X509_STORE *st"
69.Fa "int (*verify_cb)(int ok, X509_STORE_CTX *ctx)" 70.Fa "X509_STORE_CTX_verify_cb verify_cb"
71.Fc
72.Ft X509_STORE_CTX_verify_cb
73.Fo X509_STORE_get_verify_cb
74.Fa "X509_STORE *st"
70.Fc 75.Fc
71.Sh DESCRIPTION 76.Sh DESCRIPTION
72.Fn X509_STORE_set_verify_cb 77.Fn X509_STORE_set_verify_cb
@@ -87,6 +92,14 @@ structure when it is initialized.
87This can be used to set the verification callback when the 92This can be used to set the verification callback when the
88.Vt X509_STORE_CTX 93.Vt X509_STORE_CTX
89is otherwise inaccessible (for example during S/MIME verification). 94is otherwise inaccessible (for example during S/MIME verification).
95.Sh RETURN VALUES
96.Fn X509_STORE_get_verify_cb
97returns the function pointer set with
98.Fn X509_STORE_set_verify_cb ,
99or
100.Dv NULL
101if that function was not called on
102.Fa st .
90.Sh SEE ALSO 103.Sh SEE ALSO
91.Xr X509_STORE_CTX_new 3 , 104.Xr X509_STORE_CTX_new 3 ,
92.Xr X509_STORE_CTX_set_verify 3 , 105.Xr X509_STORE_CTX_set_verify 3 ,
@@ -102,3 +115,7 @@ first appeared in SSLeay 0.8.0 and has been available since
102.Fn X509_STORE_set_verify_cb 115.Fn X509_STORE_set_verify_cb
103first appeared in OpenSSL 1.0.0 and has been available since 116first appeared in OpenSSL 1.0.0 and has been available since
104.Ox 4.9 . 117.Ox 4.9 .
118.Pp
119.Fn X509_STORE_get_verify_cb
120first appeared in OpenSSL 1.1.0 and has been available since
121.Ox 7.2 .
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 12:43:22 +0000