1 files changed, 158 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3 b/src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3
new file mode 100644
index 0000000000..05a36a4f79
--- /dev/null
+++ b/src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3
@@ -0,0 +1,158 @@
+.\" $OpenBSD: X509_VERIFY_PARAM_new.3,v 1.1 2021/10/18 14:46:37 schwarze Exp $
+.\"
+.\" Copyright (c) 2018, 2021 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: October 18 2021 $
+.Dt X509_VERIFY_PARAM_NEW 3
+.Os
+.Sh NAME
+.Nm X509_VERIFY_PARAM_new ,
+.Nm X509_VERIFY_PARAM_free ,
+.Nm X509_VERIFY_PARAM_add0_table ,
+.Nm X509_VERIFY_PARAM_lookup ,
+.Nm X509_VERIFY_PARAM_get_count ,
+.Nm X509_VERIFY_PARAM_get0 ,
+.Nm X509_VERIFY_PARAM_table_cleanup
+.Nd X509 verification parameter object
+.Sh SYNOPSIS
+.In openssl/x509_vfy.h
+.Ft X509_VERIFY_PARAM *
+.Fo X509_VERIFY_PARAM_new
+.Fa void
+.Fc
+.Ft void
+.Fo X509_VERIFY_PARAM_free
+.Fa "X509_VERIFY_PARAM *param"
+.Fc
+.Ft int
+.Fo X509_VERIFY_PARAM_add0_table
+.Fa "X509_VERIFY_PARAM *param"
+.Fc
+.Ft const X509_VERIFY_PARAM *
+.Fo X509_VERIFY_PARAM_lookup
+.Fa "const char *name"
+.Fc
+.Ft int
+.Fo X509_VERIFY_PARAM_get_count
+.Fa void
+.Fc
+.Ft const X509_VERIFY_PARAM *
+.Fo X509_VERIFY_PARAM_get0
+.Fa "int id"
+.Fc
+.Ft void
+.Fo X509_VERIFY_PARAM_table_cleanup
+.Fa void
+.Fc
+.Sh DESCRIPTION
+.Fn X509_VERIFY_PARAM_new
+allocates and initializes an empty
+.Vt X509_VERIFY_PARAM
+object.
+.Pp
+.Fn X509_VERIFY_PARAM_free
+clears all data contained in
+.Fa param
+and releases all memory used by it.
+If
+.Fa param
+is a
+.Dv NULL
+pointer, no action occurs.
+.Pp
+.Fn X509_VERIFY_PARAM_add0_table
+adds
+.Fa param
+to a static list of
+.Vt X509_VERIFY_PARAM
+objects maintained by the library.
+This function is extremely dangerous because contrary to the name
+of the function, if the list already contains an object that happens
+to have the same name, that old object is not only silently removed
+from the list, but also silently freed, which may silently invalidate
+various pointers existing elsewhere in the program.
+.Pp
+.Fn X509_VERIFY_PARAM_lookup
+searches this list for an object of the given
+.Fa name .
+If no match is found, the predefined objects built-in to the library
+are also inspected.
+.Pp
+.Fn X509_VERIFY_PARAM_get_count
+returns the sum of the number of objects on this list and the number
+of predefined objects built-in to the library.
+Note that this is not necessarily the total number of
+.Vt X509_VERIFY_PARAM
+objects existing in the program because there may be additional such
+objects that were never added to the list.
+.Pp
+.Fn X509_VERIFY_PARAM_get0
+accesses predefined and user-defined objects using
+.Fa id
+as an index, useful for looping over objects without knowing their names.
+An argument less than the number of predefined objects selects
+one of the predefined objects; a higher argument selects an object
+from the list.
+.Pp
+.Fn X509_VERIFY_PARAM_table_cleanup
+deletes all objects from this list.
+It is extremely dangerous because it also invalidates all data that
+was contained in all objects that were on the list and because it
+frees all these objects, which may invalidate various pointers
+existing elsewhere in the program.
+.Sh RETURN VALUES
+.Fn X509_VERIFY_PARAM_new
+returns a pointer to the new object, or
+.Dv NULL
+on allocation failure.
+.Pp
+.Fn X509_VERIFY_PARAM_add0_table
+returns 1 for success or 0 for failure.
+.Pp
+.Fn X509_VERIFY_PARAM_lookup
+and
+.Fn X509_VERIFY_PARAM_get0
+return a pointer to an existing built-in or user-defined object, or
+.Dv NULL
+if no object with the given
+.Fa name
+is found, or if
+.Fa id
+is at least
+.Fn X509_VERIFY_PARAM_get_count .
+.Pp
+.Fn X509_VERIFY_PARAM_get_count
+returns a number of objects.
+.Sh SEE ALSO
+.Xr SSL_set1_param 3 ,
+.Xr X509_STORE_CTX_set0_param 3 ,
+.Xr X509_STORE_set1_param 3 ,
+.Xr X509_verify_cert 3 ,
+.Xr X509_VERIFY_PARAM_set_flags 3
+.Sh HISTORY
+.Fn X509_VERIFY_PARAM_new ,
+.Fn X509_VERIFY_PARAM_free ,
+.Fn X509_VERIFY_PARAM_add0_table ,
+.Fn X509_VERIFY_PARAM_lookup ,
+and
+.Fn X509_VERIFY_PARAM_table_cleanup
+first appeared in OpenSSL 0.9.8 and have been available since
+.Ox 4.5 .
+.Pp
+.Fn X509_VERIFY_PARAM_get_count
+and
+.Fn X509_VERIFY_PARAM_get0
+first appeared in OpenSSL 1.0.2 and have been available since
+.Ox 6.3 .

diff --git a/src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3 b/src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3 new file mode 100644 index 0000000000..05a36a4f79 --- /dev/null +++ b/src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3
@@ -0,0 +1,158 @@
	1	.\" $OpenBSD: X509_VERIFY_PARAM_new.3,v 1.1 2021/10/18 14:46:37 schwarze Exp $
	2	.\"
	3	.\" Copyright (c) 2018, 2021 Ingo Schwarze <schwarze@openbsd.org>
	4	.\"
	5	.\" Permission to use, copy, modify, and distribute this software for any
	6	.\" purpose with or without fee is hereby granted, provided that the above
	7	.\" copyright notice and this permission notice appear in all copies.
	8	.\"
	9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	16	.\"
	17	.Dd $Mdocdate: October 18 2021 $
	18	.Dt X509_VERIFY_PARAM_NEW 3
	19	.Os
	20	.Sh NAME
	21	.Nm X509_VERIFY_PARAM_new ,
	22	.Nm X509_VERIFY_PARAM_free ,
	23	.Nm X509_VERIFY_PARAM_add0_table ,
	24	.Nm X509_VERIFY_PARAM_lookup ,
	25	.Nm X509_VERIFY_PARAM_get_count ,
	26	.Nm X509_VERIFY_PARAM_get0 ,
	27	.Nm X509_VERIFY_PARAM_table_cleanup
	28	.Nd X509 verification parameter object
	29	.Sh SYNOPSIS
	30	.In openssl/x509_vfy.h
	31	.Ft X509_VERIFY_PARAM *
	32	.Fo X509_VERIFY_PARAM_new
	33	.Fa void
	34	.Fc
	35	.Ft void
	36	.Fo X509_VERIFY_PARAM_free
	37	.Fa "X509_VERIFY_PARAM *param"
	38	.Fc
	39	.Ft int
	40	.Fo X509_VERIFY_PARAM_add0_table
	41	.Fa "X509_VERIFY_PARAM *param"
	42	.Fc
	43	.Ft const X509_VERIFY_PARAM *
	44	.Fo X509_VERIFY_PARAM_lookup
	45	.Fa "const char *name"
	46	.Fc
	47	.Ft int
	48	.Fo X509_VERIFY_PARAM_get_count
	49	.Fa void
	50	.Fc
	51	.Ft const X509_VERIFY_PARAM *
	52	.Fo X509_VERIFY_PARAM_get0
	53	.Fa "int id"
	54	.Fc
	55	.Ft void
	56	.Fo X509_VERIFY_PARAM_table_cleanup
	57	.Fa void
	58	.Fc
	59	.Sh DESCRIPTION
	60	.Fn X509_VERIFY_PARAM_new
	61	allocates and initializes an empty
	62	.Vt X509_VERIFY_PARAM
	63	object.
	64	.Pp
	65	.Fn X509_VERIFY_PARAM_free
	66	clears all data contained in
	67	.Fa param
	68	and releases all memory used by it.
	69	If
	70	.Fa param
	71	is a
	72	.Dv NULL
	73	pointer, no action occurs.
	74	.Pp
	75	.Fn X509_VERIFY_PARAM_add0_table
	76	adds
	77	.Fa param
	78	to a static list of
	79	.Vt X509_VERIFY_PARAM
	80	objects maintained by the library.
	81	This function is extremely dangerous because contrary to the name
	82	of the function, if the list already contains an object that happens
	83	to have the same name, that old object is not only silently removed
	84	from the list, but also silently freed, which may silently invalidate
	85	various pointers existing elsewhere in the program.
	86	.Pp
	87	.Fn X509_VERIFY_PARAM_lookup
	88	searches this list for an object of the given
	89	.Fa name .
	90	If no match is found, the predefined objects built-in to the library
	91	are also inspected.
	92	.Pp
	93	.Fn X509_VERIFY_PARAM_get_count
	94	returns the sum of the number of objects on this list and the number
	95	of predefined objects built-in to the library.
	96	Note that this is not necessarily the total number of
	97	.Vt X509_VERIFY_PARAM
	98	objects existing in the program because there may be additional such
	99	objects that were never added to the list.
	100	.Pp
	101	.Fn X509_VERIFY_PARAM_get0
	102	accesses predefined and user-defined objects using
	103	.Fa id
	104	as an index, useful for looping over objects without knowing their names.
	105	An argument less than the number of predefined objects selects
	106	one of the predefined objects; a higher argument selects an object
	107	from the list.
	108	.Pp
	109	.Fn X509_VERIFY_PARAM_table_cleanup
	110	deletes all objects from this list.
	111	It is extremely dangerous because it also invalidates all data that
	112	was contained in all objects that were on the list and because it
	113	frees all these objects, which may invalidate various pointers
	114	existing elsewhere in the program.
	115	.Sh RETURN VALUES
	116	.Fn X509_VERIFY_PARAM_new
	117	returns a pointer to the new object, or
	118	.Dv NULL
	119	on allocation failure.
	120	.Pp
	121	.Fn X509_VERIFY_PARAM_add0_table
	122	returns 1 for success or 0 for failure.
	123	.Pp
	124	.Fn X509_VERIFY_PARAM_lookup
	125	and
	126	.Fn X509_VERIFY_PARAM_get0
	127	return a pointer to an existing built-in or user-defined object, or
	128	.Dv NULL
	129	if no object with the given
	130	.Fa name
	131	is found, or if
	132	.Fa id
	133	is at least
	134	.Fn X509_VERIFY_PARAM_get_count .
	135	.Pp
	136	.Fn X509_VERIFY_PARAM_get_count
	137	returns a number of objects.
	138	.Sh SEE ALSO
	139	.Xr SSL_set1_param 3 ,
	140	.Xr X509_STORE_CTX_set0_param 3 ,
	141	.Xr X509_STORE_set1_param 3 ,
	142	.Xr X509_verify_cert 3 ,
	143	.Xr X509_VERIFY_PARAM_set_flags 3
	144	.Sh HISTORY
	145	.Fn X509_VERIFY_PARAM_new ,
	146	.Fn X509_VERIFY_PARAM_free ,
	147	.Fn X509_VERIFY_PARAM_add0_table ,
	148	.Fn X509_VERIFY_PARAM_lookup ,
	149	and
	150	.Fn X509_VERIFY_PARAM_table_cleanup
	151	first appeared in OpenSSL 0.9.8 and have been available since
	152	.Ox 4.5 .
	153	.Pp
	154	.Fn X509_VERIFY_PARAM_get_count
	155	and
	156	.Fn X509_VERIFY_PARAM_get0
	157	first appeared in OpenSSL 1.0.2 and have been available since
	158	.Ox 6.3 .