diff options
| author | tb <> | 2022-12-01 05:33:55 +0000 |
|---|---|---|
| committer | tb <> | 2022-12-01 05:33:55 +0000 |
| commit | f416f6aa9cd97f7a0e135e3983f377e9c20a8d6c (patch) | |
| tree | c6052b1d86a6d068e9d6ad55d805ba457d390578 /src | |
| parent | cb84e03cd665c1f9830ae2354e8139a10b81ec47 (diff) | |
| download | openbsd-f416f6aa9cd97f7a0e135e3983f377e9c20a8d6c.tar.gz openbsd-f416f6aa9cd97f7a0e135e3983f377e9c20a8d6c.tar.bz2 openbsd-f416f6aa9cd97f7a0e135e3983f377e9c20a8d6c.zip | |
Mark the X509_V_FLAG_CB_ISSUER_CHECK flag as deprecated
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 b/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 index 7a39050c4f..08961eb4d3 100644 --- a/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 +++ b/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: X509_VERIFY_PARAM_set_flags.3,v 1.26 2022/07/13 21:17:03 schwarze Exp $ | 1 | .\" $OpenBSD: X509_VERIFY_PARAM_set_flags.3,v 1.27 2022/12/01 05:33:55 tb Exp $ |
| 2 | .\" full merge up to: OpenSSL d33def66 Feb 9 14:17:13 2016 -0500 | 2 | .\" full merge up to: OpenSSL d33def66 Feb 9 14:17:13 2016 -0500 |
| 3 | .\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 | 3 | .\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 |
| 4 | .\" | 4 | .\" |
| @@ -68,7 +68,7 @@ | |||
| 68 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 68 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 69 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 69 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
| 70 | .\" | 70 | .\" |
| 71 | .Dd $Mdocdate: July 13 2022 $ | 71 | .Dd $Mdocdate: December 1 2022 $ |
| 72 | .Dt X509_VERIFY_PARAM_SET_FLAGS 3 | 72 | .Dt X509_VERIFY_PARAM_SET_FLAGS 3 |
| 73 | .Os | 73 | .Os |
| 74 | .Sh NAME | 74 | .Sh NAME |
| @@ -590,16 +590,10 @@ A side effect of not checking the root CA signature is that disabled or | |||
| 590 | unsupported message digests on the root CA are not treated as fatal | 590 | unsupported message digests on the root CA are not treated as fatal |
| 591 | errors. | 591 | errors. |
| 592 | .Pp | 592 | .Pp |
| 593 | The | 593 | The deprecated |
| 594 | .Dv X509_V_FLAG_CB_ISSUER_CHECK | 594 | .Dv X509_V_FLAG_CB_ISSUER_CHECK |
| 595 | flag enables debugging of certificate issuer checks. | 595 | flag used to enable debugging of certificate issuer checks. |
| 596 | It is | 596 | It is provided for binary backwards compatibility and has no effect. |
| 597 | .Sy not | ||
| 598 | needed unless you are logging certificate verification. | ||
| 599 | If this flag is set then additional status codes will be sent to the | ||
| 600 | verification callback and it | ||
| 601 | .Sy must | ||
| 602 | be prepared to handle such cases without assuming they are hard errors. | ||
| 603 | .Pp | 597 | .Pp |
| 604 | When | 598 | When |
| 605 | .Dv X509_V_FLAG_TRUSTED_FIRST | 599 | .Dv X509_V_FLAG_TRUSTED_FIRST |