summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorschwarze <>2018-02-25 16:04:07 +0000
committerschwarze <>2018-02-25 16:04:07 +0000
commit978b7da04f79f22369639ca399efc7f74824199d (patch)
treeaf21bdca0174c768c30da4611a5d306177349e10 /src
parenta24949b79c3496c42cbbc7690f489968595b8a2d (diff)
downloadopenbsd-978b7da04f79f22369639ca399efc7f74824199d.tar.gz
openbsd-978b7da04f79f22369639ca399efc7f74824199d.tar.bz2
openbsd-978b7da04f79f22369639ca399efc7f74824199d.zip
In x509_vfy.h rev. 1.21 2018/02/22 17:11:30, jsing@ provided
X509_STORE_CTX_get0_chain(3). Adapt the documentation. It is absurd that OpenSSL documents the two almost identical functions X509_STORE_CTX_get0_chain(3) and X509_STORE_CTX_get1_chain(3) in two different manual pages, with quite different wordings, and without even referencing each other. It is very obvious that they have lost their way in their own mire of functions.
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/man/X509_STORE_CTX_get_error.340
-rw-r--r--src/lib/libcrypto/man/X509_STORE_CTX_new.36
2 files changed, 32 insertions, 14 deletions
diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3 b/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3
index 5caf4cefe4..a53824c821 100644
--- a/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3
+++ b/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3
@@ -1,6 +1,9 @@
1.\" $OpenBSD: X509_STORE_CTX_get_error.3,v 1.6 2018/02/15 11:09:34 schwarze Exp $ 1.\" $OpenBSD: X509_STORE_CTX_get_error.3,v 1.7 2018/02/25 16:04:07 schwarze Exp $
2.\" full merge up to: OpenSSL f0e0fd51 Apr 14 23:59:26 2016 -0400 2.\" full merge up to:
3.\" selective merge up to: OpenSSL 2947af32 Nov 19 00:10:05 2016 +0100 3.\" OpenSSL crypto/X509_STORE_CTX_get_error f0e0fd51 Apr 14 23:59:26 2016 -0400
4.\" selective merge up to:
5.\" OpenSSL man3/X509_STORE_CTX_get_error 2947af32 Nov 19 00:10:05 2016 +0100
6.\" OpenSSL man3/X509_STORE_CTX_new 7643a172 Apr 21 13:35:51 2017 +0200
4.\" 7.\"
5.\" This file was written by Dr. Stephen Henson <steve@openssl.org>. 8.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
6.\" Copyright (c) 2009, 2013, 2015, 2016 The OpenSSL Project. 9.\" Copyright (c) 2009, 2013, 2015, 2016 The OpenSSL Project.
@@ -50,7 +53,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 53.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 54.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 55.\"
53.Dd $Mdocdate: February 15 2018 $ 56.Dd $Mdocdate: February 25 2018 $
54.Dt X509_STORE_CTX_GET_ERROR 3 57.Dt X509_STORE_CTX_GET_ERROR 3
55.Os 58.Os
56.Sh NAME 59.Sh NAME
@@ -59,6 +62,7 @@
59.Nm X509_STORE_CTX_get_error_depth , 62.Nm X509_STORE_CTX_get_error_depth ,
60.Nm X509_STORE_CTX_get_current_cert , 63.Nm X509_STORE_CTX_get_current_cert ,
61.Nm X509_STORE_CTX_get0_cert , 64.Nm X509_STORE_CTX_get0_cert ,
65.Nm X509_STORE_CTX_get0_chain ,
62.Nm X509_STORE_CTX_get1_chain , 66.Nm X509_STORE_CTX_get1_chain ,
63.Nm X509_verify_cert_error_string 67.Nm X509_verify_cert_error_string
64.Nd get or set certificate verification status information 68.Nd get or set certificate verification status information
@@ -86,6 +90,10 @@
86.Fa "X509_STORE_CTX *ctx" 90.Fa "X509_STORE_CTX *ctx"
87.Fc 91.Fc
88.Ft STACK_OF(X509) * 92.Ft STACK_OF(X509) *
93.Fo X509_STORE_CTX_get0_chain
94.Fa "X509_STORE_CTX *ctx"
95.Fc
96.Ft STACK_OF(X509) *
89.Fo X509_STORE_CTX_get1_chain 97.Fo X509_STORE_CTX_get1_chain
90.Fa "X509_STORE_CTX *ctx" 98.Fa "X509_STORE_CTX *ctx"
91.Fc 99.Fc
@@ -128,19 +136,19 @@ which caused the error or
128.Dv NULL 136.Dv NULL
129if no certificate is relevant. 137if no certificate is relevant.
130.Pp 138.Pp
131.Fn X509_STORE_CTX_get1_chain 139.Fn X509_STORE_CTX_get0_chain
132returns a complete validate chain if a previous call to 140returns an internal pointer to a complete validate chain
141if a previous call to
133.Xr X509_verify_cert 3 142.Xr X509_verify_cert 3
134is successful. 143was successful.
135If the call to 144If the call to
136.Xr X509_verify_cert 3 145.Xr X509_verify_cert 3
137is 146was not successful, the returned chain may be incomplete or invalid.
138.Sy not 147.Fn X509_STORE_CTX_get1_chain
139successful, the returned chain may be incomplete or invalid. 148returns a deep copy of the same chain which persists even after the
140The returned chain persists after the
141.Fa ctx 149.Fa ctx
142structure is freed. 150structure is freed.
143When it is no longer needed, it should be freed up using 151When it is no longer needed, it should be freed using
144.Fn sk_X509_pop_free chain X509_free . 152.Fn sk_X509_pop_free chain X509_free .
145.Pp 153.Pp
146.Fn X509_verify_cert_error_string 154.Fn X509_verify_cert_error_string
@@ -182,6 +190,13 @@ if no certificate is relevant to the error.
182retrieves an internal pointer to the certificate being verified by 190retrieves an internal pointer to the certificate being verified by
183.Fa ctx . 191.Fa ctx .
184.Pp 192.Pp
193.Fn X509_STORE_CTX_get0_chain
194and
195.Fn X509_STORE_CTX_get1_chain
196return a pointer to a stack of certificates or
197.Dv NULL
198if an error occurs.
199.Pp
185.Fn X509_verify_cert_error_string 200.Fn X509_verify_cert_error_string
186returns a human readable error string for verification error 201returns a human readable error string for verification error
187.Fa n . 202.Fa n .
@@ -356,5 +371,6 @@ An application specific error.
356This will never be returned unless explicitly set by an application. 371This will never be returned unless explicitly set by an application.
357.El 372.El
358.Sh SEE ALSO 373.Sh SEE ALSO
374.Xr X509_STORE_CTX_new 3 ,
359.Xr X509_up_ref 3 , 375.Xr X509_up_ref 3 ,
360.Xr X509_verify_cert 3 376.Xr X509_verify_cert 3
diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_new.3 b/src/lib/libcrypto/man/X509_STORE_CTX_new.3
index ca3c43ecbd..35027a7154 100644
--- a/src/lib/libcrypto/man/X509_STORE_CTX_new.3
+++ b/src/lib/libcrypto/man/X509_STORE_CTX_new.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: X509_STORE_CTX_new.3,v 1.7 2018/02/15 11:09:34 schwarze Exp $ 1.\" $OpenBSD: X509_STORE_CTX_new.3,v 1.8 2018/02/25 16:04:07 schwarze Exp $
2.\" full merge up to: OpenSSL 186bb907 Apr 13 11:05:13 2015 -0700 2.\" full merge up to: OpenSSL 186bb907 Apr 13 11:05:13 2015 -0700
3.\" selective merge up to: OpenSSL 7643a172 Apr 21 13:35:51 2017 +0200 3.\" selective merge up to: OpenSSL 7643a172 Apr 21 13:35:51 2017 +0200
4.\" 4.\"
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: February 15 2018 $ 53.Dd $Mdocdate: February 25 2018 $
54.Dt X509_STORE_CTX_NEW 3 54.Dt X509_STORE_CTX_NEW 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -61,6 +61,7 @@
61.Nm X509_STORE_CTX_set0_trusted_stack , 61.Nm X509_STORE_CTX_set0_trusted_stack ,
62.Nm X509_STORE_CTX_trusted_stack , 62.Nm X509_STORE_CTX_trusted_stack ,
63.Nm X509_STORE_CTX_set_cert , 63.Nm X509_STORE_CTX_set_cert ,
64.\" X509_STORE_CTX_get0_chain moved to X509_STORE_CTX_get_error(3)
64.Nm X509_STORE_CTX_set_chain , 65.Nm X509_STORE_CTX_set_chain ,
65.Nm X509_STORE_CTX_set0_crls , 66.Nm X509_STORE_CTX_set0_crls ,
66.Nm X509_STORE_CTX_get0_param , 67.Nm X509_STORE_CTX_get0_param ,
@@ -297,6 +298,7 @@ returns 1 for success or 0 if an error occurred.
297.Fn X509_STORE_CTX_get0_untrusted 298.Fn X509_STORE_CTX_get0_untrusted
298returns an internal pointer. 299returns an internal pointer.
299.Sh SEE ALSO 300.Sh SEE ALSO
301.Xr X509_STORE_CTX_get_error 3 ,
300.Xr X509_verify_cert 3 , 302.Xr X509_verify_cert 3 ,
301.Xr X509_VERIFY_PARAM_set_flags 3 303.Xr X509_VERIFY_PARAM_set_flags 3
302.Sh HISTORY 304.Sh HISTORY
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 09:10:34 +0000