diff options
Diffstat (limited to 'src/lib/libcrypto/man/X509_LOOKUP_new.3')
| -rw-r--r-- | src/lib/libcrypto/man/X509_LOOKUP_new.3 | 47 |
1 files changed, 12 insertions, 35 deletions
diff --git a/src/lib/libcrypto/man/X509_LOOKUP_new.3 b/src/lib/libcrypto/man/X509_LOOKUP_new.3 index e4cd68a40a..f368cbb606 100644 --- a/src/lib/libcrypto/man/X509_LOOKUP_new.3 +++ b/src/lib/libcrypto/man/X509_LOOKUP_new.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: X509_LOOKUP_new.3,v 1.8 2021/11/12 11:41:50 schwarze Exp $ | 1 | .\" $OpenBSD: X509_LOOKUP_new.3,v 1.9 2021/11/12 14:05:28 schwarze Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> | 3 | .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -286,16 +286,13 @@ set to | |||
| 286 | .Dv NULL . | 286 | .Dv NULL . |
| 287 | .El | 287 | .El |
| 288 | .Pp | 288 | .Pp |
| 289 | With LibreSSL, | ||
| 289 | .Fn X509_LOOKUP_ctrl | 290 | .Fn X509_LOOKUP_ctrl |
| 290 | always ignores the | 291 | always ignores the |
| 291 | .Fa ret | 292 | .Fa ret |
| 292 | argument when the built-in | 293 | argument. |
| 293 | .Vt X509_LOOKUP_METHOD | ||
| 294 | objects are used. | ||
| 295 | .Pp | 294 | .Pp |
| 296 | When using built-in | 295 | With LibreSSL, |
| 297 | .Vt X509_LOOKUP_METHOD | ||
| 298 | objects, | ||
| 299 | .Fn X509_LOOKUP_by_subject | 296 | .Fn X509_LOOKUP_by_subject |
| 300 | is only useful if | 297 | is only useful if |
| 301 | .Fa lookup | 298 | .Fa lookup |
| @@ -336,9 +333,7 @@ In case of success, the first match is returned in the | |||
| 336 | .Pf * Fa object | 333 | .Pf * Fa object |
| 337 | provided by the caller, overwriting any previous content. | 334 | provided by the caller, overwriting any previous content. |
| 338 | .Pp | 335 | .Pp |
| 339 | Unless an application program manually constructs its own | 336 | With LibreSSL, |
| 340 | .Vt X509_LOOKUP_METHOD | ||
| 341 | object containing its own callback functions, | ||
| 342 | .Fn X509_LOOKUP_init , | 337 | .Fn X509_LOOKUP_init , |
| 343 | .Fn X509_LOOKUP_shutdown , | 338 | .Fn X509_LOOKUP_shutdown , |
| 344 | .Fn X509_LOOKUP_by_issuer_serial , | 339 | .Fn X509_LOOKUP_by_issuer_serial , |
| @@ -346,15 +341,6 @@ object containing its own callback functions, | |||
| 346 | and | 341 | and |
| 347 | .Fn X509_LOOKUP_by_alias | 342 | .Fn X509_LOOKUP_by_alias |
| 348 | have no effect. | 343 | have no effect. |
| 349 | .Fn X509_LOOKUP_init | ||
| 350 | is supposed to be called after | ||
| 351 | .Fn X509_LOOKUP_new | ||
| 352 | and before using the | ||
| 353 | .Fa lookup | ||
| 354 | object, | ||
| 355 | .Fn X509_LOOKUP_shutdown | ||
| 356 | after using it and before | ||
| 357 | .Fn X509_LOOKUP_free . | ||
| 358 | .Sh RETURN VALUES | 344 | .Sh RETURN VALUES |
| 359 | .Fn X509_LOOKUP_new | 345 | .Fn X509_LOOKUP_new |
| 360 | returns the new object or | 346 | returns the new object or |
| @@ -363,11 +349,8 @@ if memory allocation fails. | |||
| 363 | .Pp | 349 | .Pp |
| 364 | .Fn X509_LOOKUP_ctrl | 350 | .Fn X509_LOOKUP_ctrl |
| 365 | returns 1 for success or 0 for failure. | 351 | returns 1 for success or 0 for failure. |
| 366 | If | 352 | With library implementations other than LibreSSL, |
| 367 | .Fa lookup | 353 | it might also return \-1 for internal errors. |
| 368 | uses a user-defined | ||
| 369 | .Vt X509_LOOKUP_METHOD | ||
| 370 | object, it might also return \-1 for internal errors. | ||
| 371 | .Pp | 354 | .Pp |
| 372 | .Fn X509_LOOKUP_by_subject | 355 | .Fn X509_LOOKUP_by_subject |
| 373 | returns 1 for success or 0 for failure. | 356 | returns 1 for success or 0 for failure. |
| @@ -388,27 +371,21 @@ is neither | |||
| 388 | nor | 371 | nor |
| 389 | .Dv X509_LU_CRL , | 372 | .Dv X509_LU_CRL , |
| 390 | if no match is found, or if memory allocation fails. | 373 | if no match is found, or if memory allocation fails. |
| 391 | If | 374 | With library implementations other than LibreSSL, |
| 392 | .Fa lookup | 375 | it might also return negative values for internal errors. |
| 393 | uses a user-defined | ||
| 394 | .Vt X509_LOOKUP_METHOD | ||
| 395 | object, it might also return negative values for internal errors. | ||
| 396 | .Pp | 376 | .Pp |
| 397 | .Fn X509_LOOKUP_init | 377 | .Fn X509_LOOKUP_init |
| 398 | and | 378 | and |
| 399 | .Fn X509_LOOKUP_shutdown | 379 | .Fn X509_LOOKUP_shutdown |
| 400 | are supposed to return 1 for success and 0 for failure. | 380 | are supposed to return 1 for success and 0 for failure. |
| 401 | When using the built-in | 381 | With LibreSSL, they always return 1. |
| 402 | .Vt X509_LOOKUP_METHOD | ||
| 403 | objects, they always return 1. | ||
| 404 | .Pp | 382 | .Pp |
| 383 | With LibreSSL, | ||
| 405 | .Fn X509_LOOKUP_by_issuer_serial , | 384 | .Fn X509_LOOKUP_by_issuer_serial , |
| 406 | .Fn X509_LOOKUP_by_fingerprint , | 385 | .Fn X509_LOOKUP_by_fingerprint , |
| 407 | and | 386 | and |
| 408 | .Fn X509_LOOKUP_by_alias | 387 | .Fn X509_LOOKUP_by_alias |
| 409 | always return 0 when using the built-in | 388 | always return 0. |
| 410 | .Vt X509_LOOKUP_METHOD | ||
| 411 | objects. | ||
| 412 | .Pp | 389 | .Pp |
| 413 | .Fn X509_get_default_cert_dir | 390 | .Fn X509_get_default_cert_dir |
| 414 | returns a pointer to the constant string | 391 | returns a pointer to the constant string |