| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
X509_STORE_CTX_set_verify(3) and X509_STORE_CTX_get_verify(3).
Document them.
In the next bump, tb@ will also provide X509_STORE_CTX_verify_fn(3)
and X509_STORE_set_verify(3) and restore X509_STORE_set_verify_func(3)
to working order. For efficiency of documentation work, already
document those three, too, but keep the text temporariy .if'ed out
until they become available.
Delete X509_STORE_set_verify_func(3) from X509_STORE_set_verify_cb_func(3)
because it was misplaced in that page: it is not related to the
verification callback.
tb@ agrees with the general direction.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
1. Fix the order of functions to match the order they occur in
application code, making the text significantly easier to follow.
2. Do not use the same argument placeholder *sk for several different
things; call the arguments *trusted, *untrusted, and *crls as
appropriate.
3. Avoid using the word "initialised" for two different concepts
in the same manual page; it was sometimes intended to mean "fill
with zeros" and sometimes "replace the zeros with useful data".
4. Generally, make the text more precise, more straightforward,
and shorter (-84 +65 lines of mdoc code).
|
| |
|
|
|
|
|
|
|
| |
of X509_STORE_CTX_new(3) because i'm about to document five additional
functions of this kind and the page X509_STORE_CTX_new(3) is growing
unwieldy.
No text change yet, except that i added an introductory sentence
to the beginning of the DESCRIPTION of the new page.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL documents it in X509_STORE_CTX_get_error(3), but it is
misplaced there. It has nothing to do with accessing status or
error information but merely retrieves a pointer to the certificate
that the users wants to validate. It is a companion function to
X509_STORE_CTX_init(3), X509_STORE_CTX_set_cert(3),
X509_STORE_CTX_get0_store(3), and X509_STORE_CTX_get0_untrusted(3).
While here:
1. Clarify how the new, init, verify, cleanup, and free calls interact,
and who owns the memory involved, because this is all really confusing
from the user perspective.
2. Clarify how X509_STORE_CTX_init(3), X509_STORE_CTX_set_cert(3), and
X509_STORE_CTX_set_chain(3) partially override each other.
3. Move X509_STORE_CTX_set0_untrusted(3) to the proper place because
it is the same as X509_STORE_CTX_set_chain(3).
4. Add a few missing words and improve some wordings.
|
| |
|
|
|
|
|
| |
verification param flags of a context. While this function is marked as
likely to be deprecated in OpenSSL it seems that this may not happen.
This is why we decided to still document it.
OK and input from ingo@ tb@
|
| |
|
|
|
|
|
|
|
|
|
| |
group pages, and these link on to all their second-level subpages.
Only a handful of second-level pages have third-level subpages.
So all crypto pages can now be reached from the www.libressl.org
frontpage via at most four clicks, in most cases three clicks.
Also link back from leaf pages to their respective group pages
and add a couple of additional links between related pages.
Triggered by a question from deraadt@.
OK jmc@ tb@
|
| |
|
|
| |
on the web, so fix up SSLeay HISTORY accordingly
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
X509_STORE_get0_objects(3). Merge the documenteation from OpenSSL,
heavily tweaked by me. While here, document six additional public
functions closely related to X509_STORE_set1_param(3) that OpenSSL
lacks documentation for. No Copyright-worthy amount of text remains
in X509_STORE_set1_param.3, so switch to my Copyright and license.
|
| |
|
|
|
|
| |
X509_STORE_up_ref(3). X509_STORE_new(3) and X509_STORE_free(3)
have already been available earlier. Import the documentation from
OpenSSL, adding some precision.
|
| |
|
|
|
| |
X509_STORE_CTX_get0_store(3). It is undocumented in OpenSSL,
so write some documentation from scratch.
|
| |
|
|
|
|
|
|
|
|
| |
X509_STORE_CTX_get0_chain(3). Adapt the documentation.
It is absurd that OpenSSL documents the two almost identical functions
X509_STORE_CTX_get0_chain(3) and X509_STORE_CTX_get1_chain(3) in
two different manual pages, with quite different wordings, and without
even referencing each other. It is very obvious that they have
lost their way in their own mire of functions.
|
| |
|
|
|
|
| |
X509_STORE_CTX_set0_untrusted(3), X509_STORE_CTX_set0_trusted_stack(3),
X509_STORE_CTX_get0_untrusted(3), and X509_STORE_CTX_get0_cert(3).
Merge the related documentation from OpenSSL.
|
| | |
|
| |
|
|
|
|
|
|
| |
fixing a dead link reported by jmc@.
Only about half of X509_VERIFY_PARAM is documented so far,
and the extensible lookup table feels like one of the more
arcane features and probably not the next thing to document.
|
| |
|
|
| |
Mention that X509_STORE_CTX_free(3) accepts NULL.
|
| | |
|
| | |
|
| |
|
