summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libcrypto/man/X509_LOOKUP_hash_dir.36
-rw-r--r--src/lib/libcrypto/man/X509_LOOKUP_new.347
-rw-r--r--src/lib/libcrypto/man/X509_STORE_get_by_subject.316
-rw-r--r--src/lib/libcrypto/man/X509_STORE_load_locations.38
4 files changed, 21 insertions, 56 deletions
diff --git a/src/lib/libcrypto/man/X509_LOOKUP_hash_dir.3 b/src/lib/libcrypto/man/X509_LOOKUP_hash_dir.3
index b1f6a17571..f6321351e1 100644
--- a/src/lib/libcrypto/man/X509_LOOKUP_hash_dir.3
+++ b/src/lib/libcrypto/man/X509_LOOKUP_hash_dir.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: X509_LOOKUP_hash_dir.3,v 1.11 2021/11/09 16:23:04 schwarze Exp $ 1.\" $OpenBSD: X509_LOOKUP_hash_dir.3,v 1.12 2021/11/12 14:05:28 schwarze Exp $
2.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 2.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
3.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 3.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
4.\" 4.\"
@@ -67,14 +67,14 @@
67.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 67.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
68.\" OF THE POSSIBILITY OF SUCH DAMAGE. 68.\" OF THE POSSIBILITY OF SUCH DAMAGE.
69.\" 69.\"
70.Dd $Mdocdate: November 9 2021 $ 70.Dd $Mdocdate: November 12 2021 $
71.Dt X509_LOOKUP_HASH_DIR 3 71.Dt X509_LOOKUP_HASH_DIR 3
72.Os 72.Os
73.Sh NAME 73.Sh NAME
74.Nm X509_LOOKUP_hash_dir , 74.Nm X509_LOOKUP_hash_dir ,
75.Nm X509_LOOKUP_file , 75.Nm X509_LOOKUP_file ,
76.Nm X509_LOOKUP_mem 76.Nm X509_LOOKUP_mem
77.Nd default certificate lookup methods 77.Nd certificate lookup methods
78.Sh SYNOPSIS 78.Sh SYNOPSIS
79.In openssl/x509_vfy.h 79.In openssl/x509_vfy.h
80.Ft X509_LOOKUP_METHOD * 80.Ft X509_LOOKUP_METHOD *
diff --git a/src/lib/libcrypto/man/X509_LOOKUP_new.3 b/src/lib/libcrypto/man/X509_LOOKUP_new.3
index e4cd68a40a..f368cbb606 100644
--- a/src/lib/libcrypto/man/X509_LOOKUP_new.3
+++ b/src/lib/libcrypto/man/X509_LOOKUP_new.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: X509_LOOKUP_new.3,v 1.8 2021/11/12 11:41:50 schwarze Exp $ 1.\" $OpenBSD: X509_LOOKUP_new.3,v 1.9 2021/11/12 14:05:28 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -286,16 +286,13 @@ set to
286.Dv NULL . 286.Dv NULL .
287.El 287.El
288.Pp 288.Pp
289With LibreSSL,
289.Fn X509_LOOKUP_ctrl 290.Fn X509_LOOKUP_ctrl
290always ignores the 291always ignores the
291.Fa ret 292.Fa ret
292argument when the built-in 293argument.
293.Vt X509_LOOKUP_METHOD
294objects are used.
295.Pp 294.Pp
296When using built-in 295With LibreSSL,
297.Vt X509_LOOKUP_METHOD
298objects,
299.Fn X509_LOOKUP_by_subject 296.Fn X509_LOOKUP_by_subject
300is only useful if 297is only useful if
301.Fa lookup 298.Fa lookup
@@ -336,9 +333,7 @@ In case of success, the first match is returned in the
336.Pf * Fa object 333.Pf * Fa object
337provided by the caller, overwriting any previous content. 334provided by the caller, overwriting any previous content.
338.Pp 335.Pp
339Unless an application program manually constructs its own 336With LibreSSL,
340.Vt X509_LOOKUP_METHOD
341object containing its own callback functions,
342.Fn X509_LOOKUP_init , 337.Fn X509_LOOKUP_init ,
343.Fn X509_LOOKUP_shutdown , 338.Fn X509_LOOKUP_shutdown ,
344.Fn X509_LOOKUP_by_issuer_serial , 339.Fn X509_LOOKUP_by_issuer_serial ,
@@ -346,15 +341,6 @@ object containing its own callback functions,
346and 341and
347.Fn X509_LOOKUP_by_alias 342.Fn X509_LOOKUP_by_alias
348have no effect. 343have no effect.
349.Fn X509_LOOKUP_init
350is supposed to be called after
351.Fn X509_LOOKUP_new
352and before using the
353.Fa lookup
354object,
355.Fn X509_LOOKUP_shutdown
356after using it and before
357.Fn X509_LOOKUP_free .
358.Sh RETURN VALUES 344.Sh RETURN VALUES
359.Fn X509_LOOKUP_new 345.Fn X509_LOOKUP_new
360returns the new object or 346returns the new object or
@@ -363,11 +349,8 @@ if memory allocation fails.
363.Pp 349.Pp
364.Fn X509_LOOKUP_ctrl 350.Fn X509_LOOKUP_ctrl
365returns 1 for success or 0 for failure. 351returns 1 for success or 0 for failure.
366If 352With library implementations other than LibreSSL,
367.Fa lookup 353it might also return \-1 for internal errors.
368uses a user-defined
369.Vt X509_LOOKUP_METHOD
370object, it might also return \-1 for internal errors.
371.Pp 354.Pp
372.Fn X509_LOOKUP_by_subject 355.Fn X509_LOOKUP_by_subject
373returns 1 for success or 0 for failure. 356returns 1 for success or 0 for failure.
@@ -388,27 +371,21 @@ is neither
388nor 371nor
389.Dv X509_LU_CRL , 372.Dv X509_LU_CRL ,
390if no match is found, or if memory allocation fails. 373if no match is found, or if memory allocation fails.
391If 374With library implementations other than LibreSSL,
392.Fa lookup 375it might also return negative values for internal errors.
393uses a user-defined
394.Vt X509_LOOKUP_METHOD
395object, it might also return negative values for internal errors.
396.Pp 376.Pp
397.Fn X509_LOOKUP_init 377.Fn X509_LOOKUP_init
398and 378and
399.Fn X509_LOOKUP_shutdown 379.Fn X509_LOOKUP_shutdown
400are supposed to return 1 for success and 0 for failure. 380are supposed to return 1 for success and 0 for failure.
401When using the built-in 381With LibreSSL, they always return 1.
402.Vt X509_LOOKUP_METHOD
403objects, they always return 1.
404.Pp 382.Pp
383With LibreSSL,
405.Fn X509_LOOKUP_by_issuer_serial , 384.Fn X509_LOOKUP_by_issuer_serial ,
406.Fn X509_LOOKUP_by_fingerprint , 385.Fn X509_LOOKUP_by_fingerprint ,
407and 386and
408.Fn X509_LOOKUP_by_alias 387.Fn X509_LOOKUP_by_alias
409always return 0 when using the built-in 388always return 0.
410.Vt X509_LOOKUP_METHOD
411objects.
412.Pp 389.Pp
413.Fn X509_get_default_cert_dir 390.Fn X509_get_default_cert_dir
414returns a pointer to the constant string 391returns a pointer to the constant string
diff --git a/src/lib/libcrypto/man/X509_STORE_get_by_subject.3 b/src/lib/libcrypto/man/X509_STORE_get_by_subject.3
index 797ddc1292..6c8b8f8b5e 100644
--- a/src/lib/libcrypto/man/X509_STORE_get_by_subject.3
+++ b/src/lib/libcrypto/man/X509_STORE_get_by_subject.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: X509_STORE_get_by_subject.3,v 1.2 2021/11/12 11:41:50 schwarze Exp $ 1.\" $OpenBSD: X509_STORE_get_by_subject.3,v 1.3 2021/11/12 14:05:28 schwarze Exp $
2.\" 2.\"
3.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> 3.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
4.\" 4.\"
@@ -159,12 +159,7 @@ return 1 if a match is found or 0 on failure.
159In addition to simply not finding a match, 159In addition to simply not finding a match,
160they may also fail due to memory allocation failure in 160they may also fail due to memory allocation failure in
161.Xr X509_LOOKUP_by_subject 3 . 161.Xr X509_LOOKUP_by_subject 3 .
162If 162With library implementations other than LibreSSL,
163.Fa ctx
164contains any
165.Vt X509_LOOKUP
166object using a user-defined
167.Vt X509_LOOKUP_METHOD ,
168they might also return negative values for internal errors. 163they might also return negative values for internal errors.
169.Pp 164.Pp
170.Fn X509_STORE_CTX_get_obj_by_subject 165.Fn X509_STORE_CTX_get_obj_by_subject
@@ -194,12 +189,7 @@ already contains matching CRLs, or if memory allocation fails.
194returns 1 if a matching 189returns 1 if a matching
195.Fa issuer 190.Fa issuer
196CA certificate is found or 0 otherwise. 191CA certificate is found or 0 otherwise.
197If 192With library implementations other than LibreSSL,
198.Fa ctx
199contains any
200.Vt X509_LOOKUP
201object using a user-defined
202.Vt X509_LOOKUP_METHOD ,
203it might also return negative values for internal errors. 193it might also return negative values for internal errors.
204.Sh SEE ALSO 194.Sh SEE ALSO
205.Xr STACK_OF 3 , 195.Xr STACK_OF 3 ,
diff --git a/src/lib/libcrypto/man/X509_STORE_load_locations.3 b/src/lib/libcrypto/man/X509_STORE_load_locations.3
index 66d8950737..f38eeb6671 100644
--- a/src/lib/libcrypto/man/X509_STORE_load_locations.3
+++ b/src/lib/libcrypto/man/X509_STORE_load_locations.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: X509_STORE_load_locations.3,v 1.9 2021/11/09 16:23:04 schwarze Exp $ 1.\" $OpenBSD: X509_STORE_load_locations.3,v 1.10 2021/11/12 14:05:28 schwarze Exp $
2.\" full merge up to: 2.\" full merge up to:
3.\" OpenSSL X509_STORE_add_cert b0edda11 Mar 20 13:00:17 2018 +0000 3.\" OpenSSL X509_STORE_add_cert b0edda11 Mar 20 13:00:17 2018 +0000
4.\" 4.\"
@@ -16,7 +16,7 @@
16.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18.\" 18.\"
19.Dd $Mdocdate: November 9 2021 $ 19.Dd $Mdocdate: November 12 2021 $
20.Dt X509_STORE_LOAD_LOCATIONS 3 20.Dt X509_STORE_LOAD_LOCATIONS 3
21.Os 21.Os
22.Sh NAME 22.Sh NAME
@@ -148,9 +148,7 @@ In particular, parse errors or lack of memory can cause failure.
148returns the existing or new lookup object or 148returns the existing or new lookup object or
149.Dv NULL 149.Dv NULL
150on failure. 150on failure.
151When using the built-in 151With LibreSSL, the only reason for failure is lack of memory.
152.Vt X509_LOOKUP_METHOD
153objects, the only reason for failure is lack of memory.
154.Sh FILES 152.Sh FILES
155.Bl -tag -width Ds 153.Bl -tag -width Ds
156.It Pa /etc/ssl/cert.pem 154.It Pa /etc/ssl/cert.pem
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 23:58:30 +0000