diff options
Diffstat (limited to 'src/lib/libcrypto/man/X509_check_host.3')
| -rw-r--r-- | src/lib/libcrypto/man/X509_check_host.3 | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/lib/libcrypto/man/X509_check_host.3 b/src/lib/libcrypto/man/X509_check_host.3 index a2c91af1ad..dbc56c0d21 100644 --- a/src/lib/libcrypto/man/X509_check_host.3 +++ b/src/lib/libcrypto/man/X509_check_host.3 | |||
| @@ -1,5 +1,6 @@ | |||
| 1 | .\" $OpenBSD: X509_check_host.3,v 1.5 2019/08/23 12:23:39 schwarze Exp $ | 1 | .\" $OpenBSD: X509_check_host.3,v 1.6 2020/09/17 08:04:22 schwarze Exp $ |
| 2 | .\" full merge up to: OpenSSL 6738bf14 Feb 13 12:51:29 2018 +0000 | 2 | .\" full merge up to: OpenSSL a09e4d24 Jun 12 01:56:31 2014 -0400 |
| 3 | .\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200 | ||
| 3 | .\" | 4 | .\" |
| 4 | .\" This file was written by Florian Weimer <fweimer@redhat.com> and | 5 | .\" This file was written by Florian Weimer <fweimer@redhat.com> and |
| 5 | .\" Viktor Dukhovni <openssl-users@dukhovni.org>. | 6 | .\" Viktor Dukhovni <openssl-users@dukhovni.org>. |
| @@ -50,7 +51,7 @@ | |||
| 50 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 51 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 51 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 52 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
| 52 | .\" | 53 | .\" |
| 53 | .Dd $Mdocdate: August 23 2019 $ | 54 | .Dd $Mdocdate: September 17 2020 $ |
| 54 | .Dt X509_CHECK_HOST 3 | 55 | .Dt X509_CHECK_HOST 3 |
| 55 | .Os | 56 | .Os |
| 56 | .Sh NAME | 57 | .Sh NAME |
| @@ -91,13 +92,13 @@ | |||
| 91 | .Fc | 92 | .Fc |
| 92 | .Sh DESCRIPTION | 93 | .Sh DESCRIPTION |
| 93 | The certificate matching functions are used to check whether a | 94 | The certificate matching functions are used to check whether a |
| 94 | certificate matches a given host name, email address, or IP address. | 95 | certificate matches a given hostname, email address, or IP address. |
| 95 | The validity of the certificate and its trust level has to be checked by | 96 | The validity of the certificate and its trust level has to be checked by |
| 96 | other means. | 97 | other means. |
| 97 | .Pp | 98 | .Pp |
| 98 | .Fn X509_check_host | 99 | .Fn X509_check_host |
| 99 | checks if the certificate Subject Alternative Name (SAN) or Subject | 100 | checks if the certificate Subject Alternative Name (SAN) or Subject |
| 100 | CommonName (CN) matches the specified host name, which must be encoded | 101 | CommonName (CN) matches the specified hostname, which must be encoded |
| 101 | in the preferred name syntax described in section 3.5 of RFC 1034. | 102 | in the preferred name syntax described in section 3.5 of RFC 1034. |
| 102 | By default, wildcards are supported and they match only in the | 103 | By default, wildcards are supported and they match only in the |
| 103 | left-most label; they may match part of that label with an | 104 | left-most label; they may match part of that label with an |
| @@ -234,9 +235,11 @@ returns -2 if the provided | |||
| 234 | .Fa name | 235 | .Fa name |
| 235 | contains embedded NUL bytes. | 236 | contains embedded NUL bytes. |
| 236 | .Sh SEE ALSO | 237 | .Sh SEE ALSO |
| 238 | .Xr SSL_set1_host 3 , | ||
| 237 | .Xr X509_EXTENSION_new 3 , | 239 | .Xr X509_EXTENSION_new 3 , |
| 238 | .Xr X509_get1_email 3 , | 240 | .Xr X509_get1_email 3 , |
| 239 | .Xr X509_new 3 | 241 | .Xr X509_new 3 , |
| 242 | .Xr X509_VERIFY_PARAM_set1_host 3 | ||
| 240 | .Sh HISTORY | 243 | .Sh HISTORY |
| 241 | These functions first appeared in OpenSSL 1.0.2 | 244 | These functions first appeared in OpenSSL 1.0.2 |
| 242 | and have been available since | 245 | and have been available since |