5 files changed, 167 insertions, 8 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index f910d81c22..0216f12ab6 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.178 2021/07/11 19:03:45 schwarze Exp $
+# $OpenBSD: Makefile,v 1.179 2021/07/12 11:47:01 schwarze Exp $
 .include <bsd.own.mk>
@@ -324,6 +324,7 @@ MAN=	\
        X509_sign.3 \
        X509_signature_dump.3 \
        X509_verify_cert.3 \
+        X509V3_EXT_print.3 \
        X509v3_get_ext_by_NID.3 \
        crypto.3 \
        d2i_ASN1_NULL.3 \
diff --git a/src/lib/libcrypto/man/X509V3_EXT_print.3 b/src/lib/libcrypto/man/X509V3_EXT_print.3
new file mode 100644
index 0000000000..d9063e4881
--- /dev/null
+++ b/src/lib/libcrypto/man/X509V3_EXT_print.3
@@ -0,0 +1,155 @@
+.\" $OpenBSD: X509V3_EXT_print.3,v 1.1 2021/07/12 11:47:01 schwarze Exp $
+.\"
+.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: July 12 2021 $
+.Dt X509V3_EXT_PRINT 3
+.Os
+.Sh NAME
+.Nm X509V3_EXT_print
+.Nd pretty-print an X.509 extension
+.Sh SYNOPSIS
+.In openssl/x509v3.h
+.Ft int
+.Fo X509V3_EXT_print
+.Fa "BIO *bio"
+.Fa "X509_EXTENSION *ext"
+.Fa "unsigned long flags"
+.Fa "int indent"
+.Fc
+.Sh DESCRIPTION
+.Fn X509V3_EXT_print
+decodes
+.Fa ext
+and prints the data contained in it to
+.Fa bio
+in a human-readable format with a left margin of
+.Fa indent
+space characters.
+The details of both the decoding and the printing depend on the type of
+.Fa ext .
+.Pp
+For most extension types, the decoding is done in the same way
+as it would be done by the appropriate public API function, for example:
+.Pp
+.Bl -tag -width NID_authority_key_identifier -compact
+.It Sy extension type
+.Sy decoding function
+.It Dv NID_subject_key_identifier
+.Xr d2i_ASN1_OCTET_STRING 3
+.It Dv NID_key_usage
+.Xr d2i_ASN1_BIT_STRING 3
+.It Dv NID_crl_number
+.Xr d2i_ASN1_INTEGER 3
+.It Dv NID_crl_reason
+.Xr d2i_ASN1_ENUMERATED 3
+.It Dv NID_invalidity_date
+.Xr d2i_ASN1_GENERALIZEDTIME 3
+.It Dv NID_subject_alt_name
+.Xr d2i_GENERAL_NAMES 3
+.It Dv NID_hold_instruction_code
+.Xr d2i_ASN1_OBJECT 3
+.It Dv NID_id_pkix_OCSP_noCheck
+.Xr d2i_ASN1_NULL 3
+.It Dv NID_authority_key_identifier
+.Xr d2i_AUTHORITY_KEYID 3
+.It Dv NID_certificate_policies
+.Xr d2i_CERTIFICATEPOLICIES 3
+.It Dv NID_id_pkix_OCSP_CrlID
+.Xr d2i_OCSP_CRLID 3
+.It Dv NID_id_pkix_OCSP_Nonce
+non-public function built into the library
+.El
+.Pp
+For some types, the printing is performed
+by a dedicated non-public function built into the library.
+For some other types, the printing function is a public API function,
+but none of these printing functions are documented yet.
+.Pp
+If
+.Fa ext
+is of an unknown extension type or if decoding fails
+while using the decoding function for the relevant type,
+the action taken depends on the
+.Fa flags
+argument:
+.Bl -bullet
+.It
+If the bit
+.Dv X509V3_EXT_PARSE_UNKNOWN
+is set,
+.Xr ASN1_parse_dump 3
+is called on the BER-encoded data of the extension, passing \-1 for the
+.Fa dump
+argument.
+Thus, some information about the encoding of the extension gets printed
+and some about its decoded content, falling back to
+.Xr BIO_dump_indent 3
+for the decoded content unless a dedicated printing method is known
+for the respective data type(s).
+Note that even if an extension type is unknown, the data type used
+by the unknown extension, or, if that data type is constructed, of
+the values contained in it, may still be known, which may allow
+printing the content of even an unknown extension in a structured
+or partially structured form.
+.It
+If the bit
+.Dv X509V3_EXT_DUMP_UNKNOWN
+is set,
+.Xr BIO_dump_indent 3
+is called on the BER-encoded data of the extension without decoding
+it first, which is usually less readable than the above but poses
+a smaller risk of omitting or misrepresenting parts of the information.
+.It
+If the bit
+.Dv X509V3_EXT_ERROR_UNKNOWN
+is set, only the fixed string
+.Qq "<Not Supported>"
+is printed for an unknown type or only the fixed string
+.Qq "<Parse Error>"
+if the parsing functions fails,
+but printing is considered as successful anyway.
+.It
+If more than one of these three bits is set, or if a bit in
+.Dv X509V3_EXT_UNKNOWN_MASK
+is set that is not listed above, nothing is printed, but printing
+is considered as successful anyway.
+.It
+If none of the bits in
+.Dv X509V3_EXT_UNKNOWN_MASK
+are set, nothing is printed and printing is considered as failed.
+.El
+.Sh RETURN VALUES
+.Fn X509V3_EXT_print
+returns 0 if failure was both detected and considered relevant.
+Otherwise, 1 is returned, and in general the user cannot tell whether
+failure simply went undetected, whether the function detected failure
+but regarded it as irrelevant, or whether printing did indeed
+succeed.
+.Sh SEE ALSO
+.Xr BIO_new 3 ,
+.Xr X509_EXTENSION_new 3 ,
+.Xr X509_get0_extensions 3 ,
+.Xr X509_get_ext 3
+.Sh HISTORY
+.Fn X509V3_EXT_print
+first appeared in OpenSSL 0.9.2 and has been available since
+.Ox 2.6 .
+.Sh BUGS
+.Fn X509V3_EXT_print
+lacks error handling throughout.
+When a write operation fails, it will usually ignore the fact that
+information was omitted from the output and report success to the
+caller anyway.
diff --git a/src/lib/libcrypto/man/X509V3_get_d2i.3 b/src/lib/libcrypto/man/X509V3_get_d2i.3
index 13f1eda35d..8a4f4dfb06 100644
--- a/src/lib/libcrypto/man/X509V3_get_d2i.3
+++ b/src/lib/libcrypto/man/X509V3_get_d2i.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509V3_get_d2i.3,v 1.17 2019/08/22 15:15:35 schwarze Exp $
+.\" $OpenBSD: X509V3_get_d2i.3,v 1.18 2021/07/12 11:47:01 schwarze Exp $
 .\" full merge up to: OpenSSL ff7fbfd5 Nov 2 11:52:01 2015 +0000
 .\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 22 2019 $
+.Dd $Mdocdate: July 12 2021 $
 .Dt X509V3_GET_D2I 3
 .Os
 .Sh NAME
@@ -416,7 +416,8 @@ if no extensions are present.
 .Xr X509_get_subject_name 3 ,
 .Xr X509_get_version 3 ,
 .Xr X509_new 3 ,
-.Xr X509_REVOKED_new 3
+.Xr X509_REVOKED_new 3 ,
+.Xr X509V3_EXT_print 3
 .Sh HISTORY
 .Fn X509V3_EXT_d2i
 first appeared in OpenSSL 0.9.2b.
diff --git a/src/lib/libcrypto/man/X509_EXTENSION_set_object.3 b/src/lib/libcrypto/man/X509_EXTENSION_set_object.3
index 95bbebfa25..36b48f61ac 100644
--- a/src/lib/libcrypto/man/X509_EXTENSION_set_object.3
+++ b/src/lib/libcrypto/man/X509_EXTENSION_set_object.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: X509_EXTENSION_set_object.3,v 1.10 2019/06/06 01:06:59 schwarze Exp $
+.\"     $OpenBSD: X509_EXTENSION_set_object.3,v 1.11 2021/07/12 11:47:01 schwarze Exp $
 .\"     OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400
 .\"
 .\" This file is a derived work.
@@ -65,7 +65,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 6 2019 $
+.Dd $Mdocdate: July 12 2021 $
 .Dt X509_EXTENSION_SET_OBJECT 3
 .Os
 .Sh NAME
@@ -287,6 +287,7 @@ pointer.
 .Xr X509_check_ca 3 ,
 .Xr X509_check_host 3 ,
 .Xr X509_check_issued 3 ,
+.Xr X509V3_EXT_print 3 ,
 .Xr X509V3_get_d2i 3 ,
 .Xr X509v3_get_ext_by_NID 3
 .Sh STANDARDS
diff --git a/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3 b/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3
index 97d54911f5..0267e185d1 100644
--- a/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3
+++ b/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509v3_get_ext_by_NID.3,v 1.11 2019/06/06 01:06:59 schwarze Exp $
+.\" $OpenBSD: X509v3_get_ext_by_NID.3,v 1.12 2021/07/12 11:47:01 schwarze Exp $
 .\" full merge up to: OpenSSL fd38836b Jun 20 15:25:43 2018 +0100
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 6 2019 $
+.Dd $Mdocdate: July 12 2021 $
 .Dt X509V3_GET_EXT_BY_NID 3
 .Os
 .Sh NAME
@@ -392,6 +392,7 @@ returns 1 on success or 0 on error.
 .Xr X509_EXTENSION_new 3 ,
 .Xr X509_new 3 ,
 .Xr X509_REVOKED_new 3 ,
+.Xr X509V3_EXT_print 3 ,
 .Xr X509V3_get_d2i 3
 .Sh HISTORY
 These functions first appeared in SSLeay 0.8.0

diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index f910d81c22..0216f12ab6 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.178 2021/07/11 19:03:45 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.179 2021/07/12 11:47:01 schwarze Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4		4
@@ -324,6 +324,7 @@ MAN= \
324	X509_sign.3 \	324	X509_sign.3 \
325	X509_signature_dump.3 \	325	X509_signature_dump.3 \
326	X509_verify_cert.3 \	326	X509_verify_cert.3 \
		327	X509V3_EXT_print.3 \
327	X509v3_get_ext_by_NID.3 \	328	X509v3_get_ext_by_NID.3 \
328	crypto.3 \	329	crypto.3 \
329	d2i_ASN1_NULL.3 \	330	d2i_ASN1_NULL.3 \


diff --git a/src/lib/libcrypto/man/X509V3_EXT_print.3 b/src/lib/libcrypto/man/X509V3_EXT_print.3 new file mode 100644 index 0000000000..d9063e4881 --- /dev/null +++ b/src/lib/libcrypto/man/X509V3_EXT_print.3
@@ -0,0 +1,155 @@
		1	.\" $OpenBSD: X509V3_EXT_print.3,v 1.1 2021/07/12 11:47:01 schwarze Exp $
		2	.\"
		3	.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
		4	.\"
		5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: July 12 2021 $
		18	.Dt X509V3_EXT_PRINT 3
		19	.Os
		20	.Sh NAME
		21	.Nm X509V3_EXT_print
		22	.Nd pretty-print an X.509 extension
		23	.Sh SYNOPSIS
		24	.In openssl/x509v3.h
		25	.Ft int
		26	.Fo X509V3_EXT_print
		27	.Fa "BIO *bio"
		28	.Fa "X509_EXTENSION *ext"
		29	.Fa "unsigned long flags"
		30	.Fa "int indent"
		31	.Fc
		32	.Sh DESCRIPTION
		33	.Fn X509V3_EXT_print
		34	decodes
		35	.Fa ext
		36	and prints the data contained in it to
		37	.Fa bio
		38	in a human-readable format with a left margin of
		39	.Fa indent
		40	space characters.
		41	The details of both the decoding and the printing depend on the type of
		42	.Fa ext .
		43	.Pp
		44	For most extension types, the decoding is done in the same way
		45	as it would be done by the appropriate public API function, for example:
		46	.Pp
		47	.Bl -tag -width NID_authority_key_identifier -compact
		48	.It Sy extension type
		49	.Sy decoding function
		50	.It Dv NID_subject_key_identifier
		51	.Xr d2i_ASN1_OCTET_STRING 3
		52	.It Dv NID_key_usage
		53	.Xr d2i_ASN1_BIT_STRING 3
		54	.It Dv NID_crl_number
		55	.Xr d2i_ASN1_INTEGER 3
		56	.It Dv NID_crl_reason
		57	.Xr d2i_ASN1_ENUMERATED 3
		58	.It Dv NID_invalidity_date
		59	.Xr d2i_ASN1_GENERALIZEDTIME 3
		60	.It Dv NID_subject_alt_name
		61	.Xr d2i_GENERAL_NAMES 3
		62	.It Dv NID_hold_instruction_code
		63	.Xr d2i_ASN1_OBJECT 3
		64	.It Dv NID_id_pkix_OCSP_noCheck
		65	.Xr d2i_ASN1_NULL 3
		66	.It Dv NID_authority_key_identifier
		67	.Xr d2i_AUTHORITY_KEYID 3
		68	.It Dv NID_certificate_policies
		69	.Xr d2i_CERTIFICATEPOLICIES 3
		70	.It Dv NID_id_pkix_OCSP_CrlID
		71	.Xr d2i_OCSP_CRLID 3
		72	.It Dv NID_id_pkix_OCSP_Nonce
		73	non-public function built into the library
		74	.El
		75	.Pp
		76	For some types, the printing is performed
		77	by a dedicated non-public function built into the library.
		78	For some other types, the printing function is a public API function,
		79	but none of these printing functions are documented yet.
		80	.Pp
		81	If
		82	.Fa ext
		83	is of an unknown extension type or if decoding fails
		84	while using the decoding function for the relevant type,
		85	the action taken depends on the
		86	.Fa flags
		87	argument:
		88	.Bl -bullet
		89	.It
		90	If the bit
		91	.Dv X509V3_EXT_PARSE_UNKNOWN
		92	is set,
		93	.Xr ASN1_parse_dump 3
		94	is called on the BER-encoded data of the extension, passing \-1 for the
		95	.Fa dump
		96	argument.
		97	Thus, some information about the encoding of the extension gets printed
		98	and some about its decoded content, falling back to
		99	.Xr BIO_dump_indent 3
		100	for the decoded content unless a dedicated printing method is known
		101	for the respective data type(s).
		102	Note that even if an extension type is unknown, the data type used
		103	by the unknown extension, or, if that data type is constructed, of
		104	the values contained in it, may still be known, which may allow
		105	printing the content of even an unknown extension in a structured
		106	or partially structured form.
		107	.It
		108	If the bit
		109	.Dv X509V3_EXT_DUMP_UNKNOWN
		110	is set,
		111	.Xr BIO_dump_indent 3
		112	is called on the BER-encoded data of the extension without decoding
		113	it first, which is usually less readable than the above but poses
		114	a smaller risk of omitting or misrepresenting parts of the information.
		115	.It
		116	If the bit
		117	.Dv X509V3_EXT_ERROR_UNKNOWN
		118	is set, only the fixed string
		119	.Qq "<Not Supported>"
		120	is printed for an unknown type or only the fixed string
		121	.Qq "<Parse Error>"
		122	if the parsing functions fails,
		123	but printing is considered as successful anyway.
		124	.It
		125	If more than one of these three bits is set, or if a bit in
		126	.Dv X509V3_EXT_UNKNOWN_MASK
		127	is set that is not listed above, nothing is printed, but printing
		128	is considered as successful anyway.
		129	.It
		130	If none of the bits in
		131	.Dv X509V3_EXT_UNKNOWN_MASK
		132	are set, nothing is printed and printing is considered as failed.
		133	.El
		134	.Sh RETURN VALUES
		135	.Fn X509V3_EXT_print
		136	returns 0 if failure was both detected and considered relevant.
		137	Otherwise, 1 is returned, and in general the user cannot tell whether
		138	failure simply went undetected, whether the function detected failure
		139	but regarded it as irrelevant, or whether printing did indeed
		140	succeed.
		141	.Sh SEE ALSO
		142	.Xr BIO_new 3 ,
		143	.Xr X509_EXTENSION_new 3 ,
		144	.Xr X509_get0_extensions 3 ,
		145	.Xr X509_get_ext 3
		146	.Sh HISTORY
		147	.Fn X509V3_EXT_print
		148	first appeared in OpenSSL 0.9.2 and has been available since
		149	.Ox 2.6 .
		150	.Sh BUGS
		151	.Fn X509V3_EXT_print
		152	lacks error handling throughout.
		153	When a write operation fails, it will usually ignore the fact that
		154	information was omitted from the output and report success to the
		155	caller anyway.


diff --git a/src/lib/libcrypto/man/X509V3_get_d2i.3 b/src/lib/libcrypto/man/X509V3_get_d2i.3 index 13f1eda35d..8a4f4dfb06 100644 --- a/src/lib/libcrypto/man/X509V3_get_d2i.3 +++ b/src/lib/libcrypto/man/X509V3_get_d2i.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: X509V3_get_d2i.3,v 1.17 2019/08/22 15:15:35 schwarze Exp $	1	.\" $OpenBSD: X509V3_get_d2i.3,v 1.18 2021/07/12 11:47:01 schwarze Exp $
2	.\" full merge up to: OpenSSL ff7fbfd5 Nov 2 11:52:01 2015 +0000	2	.\" full merge up to: OpenSSL ff7fbfd5 Nov 2 11:52:01 2015 +0000
3	.\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400	3	.\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
4	.\"	4	.\"
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: August 22 2019 $	52	.Dd $Mdocdate: July 12 2021 $
53	.Dt X509V3_GET_D2I 3	53	.Dt X509V3_GET_D2I 3
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -416,7 +416,8 @@ if no extensions are present.
416	.Xr X509_get_subject_name 3 ,	416	.Xr X509_get_subject_name 3 ,
417	.Xr X509_get_version 3 ,	417	.Xr X509_get_version 3 ,
418	.Xr X509_new 3 ,	418	.Xr X509_new 3 ,
419	.Xr X509_REVOKED_new 3	419	.Xr X509_REVOKED_new 3 ,
		420	.Xr X509V3_EXT_print 3
420	.Sh HISTORY	421	.Sh HISTORY
421	.Fn X509V3_EXT_d2i	422	.Fn X509V3_EXT_d2i
422	first appeared in OpenSSL 0.9.2b.	423	first appeared in OpenSSL 0.9.2b.


diff --git a/src/lib/libcrypto/man/X509_EXTENSION_set_object.3 b/src/lib/libcrypto/man/X509_EXTENSION_set_object.3 index 95bbebfa25..36b48f61ac 100644 --- a/src/lib/libcrypto/man/X509_EXTENSION_set_object.3 +++ b/src/lib/libcrypto/man/X509_EXTENSION_set_object.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: X509_EXTENSION_set_object.3,v 1.10 2019/06/06 01:06:59 schwarze Exp $	1	.\" $OpenBSD: X509_EXTENSION_set_object.3,v 1.11 2021/07/12 11:47:01 schwarze Exp $
2	.\" OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400	2	.\" OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400
3	.\"	3	.\"
4	.\" This file is a derived work.	4	.\" This file is a derived work.
@@ -65,7 +65,7 @@
65	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	65	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
66	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	66	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
67	.\"	67	.\"
68	.Dd $Mdocdate: June 6 2019 $	68	.Dd $Mdocdate: July 12 2021 $
69	.Dt X509_EXTENSION_SET_OBJECT 3	69	.Dt X509_EXTENSION_SET_OBJECT 3
70	.Os	70	.Os
71	.Sh NAME	71	.Sh NAME
@@ -287,6 +287,7 @@ pointer.
287	.Xr X509_check_ca 3 ,	287	.Xr X509_check_ca 3 ,
288	.Xr X509_check_host 3 ,	288	.Xr X509_check_host 3 ,
289	.Xr X509_check_issued 3 ,	289	.Xr X509_check_issued 3 ,
		290	.Xr X509V3_EXT_print 3 ,
290	.Xr X509V3_get_d2i 3 ,	291	.Xr X509V3_get_d2i 3 ,
291	.Xr X509v3_get_ext_by_NID 3	292	.Xr X509v3_get_ext_by_NID 3
292	.Sh STANDARDS	293	.Sh STANDARDS


diff --git a/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3 b/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3 index 97d54911f5..0267e185d1 100644 --- a/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3 +++ b/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: X509v3_get_ext_by_NID.3,v 1.11 2019/06/06 01:06:59 schwarze Exp $	1	.\" $OpenBSD: X509v3_get_ext_by_NID.3,v 1.12 2021/07/12 11:47:01 schwarze Exp $
2	.\" full merge up to: OpenSSL fd38836b Jun 20 15:25:43 2018 +0100	2	.\" full merge up to: OpenSSL fd38836b Jun 20 15:25:43 2018 +0100
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: June 6 2019 $	51	.Dd $Mdocdate: July 12 2021 $
52	.Dt X509V3_GET_EXT_BY_NID 3	52	.Dt X509V3_GET_EXT_BY_NID 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -392,6 +392,7 @@ returns 1 on success or 0 on error.
392	.Xr X509_EXTENSION_new 3 ,	392	.Xr X509_EXTENSION_new 3 ,
393	.Xr X509_new 3 ,	393	.Xr X509_new 3 ,
394	.Xr X509_REVOKED_new 3 ,	394	.Xr X509_REVOKED_new 3 ,
		395	.Xr X509V3_EXT_print 3 ,
395	.Xr X509V3_get_d2i 3	396	.Xr X509V3_get_d2i 3
396	.Sh HISTORY	397	.Sh HISTORY
397	These functions first appeared in SSLeay 0.8.0	398	These functions first appeared in SSLeay 0.8.0