diff options
Diffstat (limited to 'src/lib/libcrypto/man/X509_check_trust.3')
| -rw-r--r-- | src/lib/libcrypto/man/X509_check_trust.3 | 45 |
1 files changed, 2 insertions, 43 deletions
diff --git a/src/lib/libcrypto/man/X509_check_trust.3 b/src/lib/libcrypto/man/X509_check_trust.3 index 0f02a1b1ef..3a4e020950 100644 --- a/src/lib/libcrypto/man/X509_check_trust.3 +++ b/src/lib/libcrypto/man/X509_check_trust.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: X509_check_trust.3,v 1.8 2023/04/30 14:49:47 tb Exp $ | 1 | .\" $OpenBSD: X509_check_trust.3,v 1.9 2024/08/17 09:16:37 tb Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> | 3 | .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -14,12 +14,11 @@ | |||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | .\" | 16 | .\" |
| 17 | .Dd $Mdocdate: April 30 2023 $ | 17 | .Dd $Mdocdate: August 17 2024 $ |
| 18 | .Dt X509_CHECK_TRUST 3 | 18 | .Dt X509_CHECK_TRUST 3 |
| 19 | .Os | 19 | .Os |
| 20 | .Sh NAME | 20 | .Sh NAME |
| 21 | .Nm X509_check_trust , | 21 | .Nm X509_check_trust , |
| 22 | .Nm X509_TRUST_set_default | ||
| 23 | .Nd check whether a certificate is trusted | 22 | .Nd check whether a certificate is trusted |
| 24 | .Sh SYNOPSIS | 23 | .Sh SYNOPSIS |
| 25 | .In openssl/x509.h | 24 | .In openssl/x509.h |
| @@ -29,12 +28,6 @@ | |||
| 29 | .Fa "int trust" | 28 | .Fa "int trust" |
| 30 | .Fa "int flags" | 29 | .Fa "int flags" |
| 31 | .Fc | 30 | .Fc |
| 32 | .Ft int | ||
| 33 | .Fo "(*X509_TRUST_set_default(int (*handler)(int, X509 *, int)))" | ||
| 34 | .Fa "int trust" | ||
| 35 | .Fa "X509 *certificate" | ||
| 36 | .Fa "int flags" | ||
| 37 | .Fc | ||
| 38 | .Sh DESCRIPTION | 31 | .Sh DESCRIPTION |
| 39 | .Fn X509_check_trust | 32 | .Fn X509_check_trust |
| 40 | checks whether the | 33 | checks whether the |
| @@ -183,27 +176,6 @@ identifiers listed above, or it may have installed additional, | |||
| 183 | user-supplied checking functions for user-defined | 176 | user-supplied checking functions for user-defined |
| 184 | .Fa trust | 177 | .Fa trust |
| 185 | identifiers not listed above. | 178 | identifiers not listed above. |
| 186 | .Pp | ||
| 187 | If the function | ||
| 188 | .Fn X509_TRUST_set_default | ||
| 189 | was called, the | ||
| 190 | .Fa handler | ||
| 191 | function passed to it is used instead of the standard algorithm, | ||
| 192 | but only in the case where the | ||
| 193 | .Fa trust | ||
| 194 | argument of | ||
| 195 | .Fn X509_check_trust | ||
| 196 | is invalid. | ||
| 197 | The compatibility step is not used in this case. | ||
| 198 | .Pp | ||
| 199 | If the return value of the first call to | ||
| 200 | .Fn X509_TRUST_set_default | ||
| 201 | is saved and passed back to | ||
| 202 | .Fn X509_TRUST_set_default | ||
| 203 | later on, the standard behaviour | ||
| 204 | of using the standard algorithm for invalid | ||
| 205 | .Fa trust | ||
| 206 | arguments is restored. | ||
| 207 | .Sh RETURN VALUES | 179 | .Sh RETURN VALUES |
| 208 | .Fn X509_check_trust | 180 | .Fn X509_check_trust |
| 209 | returns the following values: | 181 | returns the following values: |
| @@ -222,27 +194,14 @@ The | |||
| 222 | is neither trusted nor explicitly rejected, | 194 | is neither trusted nor explicitly rejected, |
| 223 | which implies that it is not trusted. | 195 | which implies that it is not trusted. |
| 224 | .El | 196 | .El |
| 225 | .Pp | ||
| 226 | .Fn X509_TRUST_set_default | ||
| 227 | returns a pointer to the handler function for invalid | ||
| 228 | .Fa trust | ||
| 229 | that was installed before the call, which may either be a pointer | ||
| 230 | to a function installed by a previous call to | ||
| 231 | .Fn X509_TRUST_set_default | ||
| 232 | or a pointer to the built-in function implementing the standard algorithm if | ||
| 233 | .Fn X509_TRUST_set_default | ||
| 234 | was never called before. | ||
| 235 | .Sh SEE ALSO | 197 | .Sh SEE ALSO |
| 236 | .Xr PEM_read_X509_AUX 3 , | 198 | .Xr PEM_read_X509_AUX 3 , |
| 237 | .Xr X509_add1_trust_object 3 , | 199 | .Xr X509_add1_trust_object 3 , |
| 238 | .Xr X509_CERT_AUX_new 3 , | 200 | .Xr X509_CERT_AUX_new 3 , |
| 239 | .Xr X509_check_purpose 3 , | 201 | .Xr X509_check_purpose 3 , |
| 240 | .Xr X509_new 3 , | 202 | .Xr X509_new 3 , |
| 241 | .Xr X509_TRUST_set 3 , | ||
| 242 | .Xr X509_VERIFY_PARAM_set_trust 3 | 203 | .Xr X509_VERIFY_PARAM_set_trust 3 |
| 243 | .Sh HISTORY | 204 | .Sh HISTORY |
| 244 | .Fn X509_check_trust | 205 | .Fn X509_check_trust |
| 245 | and | ||
| 246 | .Fn X509_TRUST_set_default | ||
| 247 | first appeared in OpenSSL 0.9.5 and has been available since | 206 | first appeared in OpenSSL 0.9.5 and has been available since |
| 248 | .Ox 2.7 . | 207 | .Ox 2.7 . |