From 86c49b31af735796dfde37aa29473a30d36367db Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Sat, 23 Jul 2016 19:31:36 +0000 Subject: This commit was manufactured by cvs2git to create tag 'OPENBSD_6_0_BASE'. --- src/lib/libssl/doc/SSL_CTX_set_cert_store.3 | 80 ----------------------------- 1 file changed, 80 deletions(-) delete mode 100644 src/lib/libssl/doc/SSL_CTX_set_cert_store.3 (limited to 'src/lib/libssl/doc/SSL_CTX_set_cert_store.3') diff --git a/src/lib/libssl/doc/SSL_CTX_set_cert_store.3 b/src/lib/libssl/doc/SSL_CTX_set_cert_store.3 deleted file mode 100644 index 8ef3c5561e..0000000000 --- a/src/lib/libssl/doc/SSL_CTX_set_cert_store.3 +++ /dev/null @@ -1,80 +0,0 @@ -.\" -.\" $OpenBSD: SSL_CTX_set_cert_store.3,v 1.2 2014/12/02 14:11:01 jmc Exp $ -.\" -.Dd $Mdocdate: December 2 2014 $ -.Dt SSL_CTX_SET_CERT_STORE 3 -.Os -.Sh NAME -.Nm SSL_CTX_set_cert_store , -.Nm SSL_CTX_get_cert_store -.Nd manipulate X509 certificate verification storage -.Sh SYNOPSIS -.In openssl/ssl.h -.Ft void -.Fn SSL_CTX_set_cert_store "SSL_CTX *ctx" "X509_STORE *store" -.Ft X509_STORE * -.Fn SSL_CTX_get_cert_store "const SSL_CTX *ctx" -.Sh DESCRIPTION -.Fn SSL_CTX_set_cert_store -setsthe verification storage of -.Fa ctx -to or replaces it with -.Fa store . -If another -.Vt X509_STORE -object is currently set in -.Fa ctx , -it will be -.Xr X509_STORE_free 3 Ns ed. -.Pp -.Fn SSL_CTX_get_cert_store -returns a pointer to the current certificate verification storage. -.Sh NOTES -In order to verify the certificates presented by the peer, trusted CA -certificates must be accessed. -These CA certificates are made available via lookup methods, handled inside the -.Vt X509_STORE . -From the -.Vt X509_STORE -the -.Vt X509_STORE_CTX -used when verifying certificates is created. -.Pp -Typically the trusted certificate store is handled indirectly via using -.Xr SSL_CTX_load_verify_locations 3 . -Using the -.Fn SSL_CTX_set_cert_store -and -.Fn SSL_CTX_get_cert_store -functions it is possible to manipulate the -.Vt X509_STORE -object beyond the -.Xr SSL_CTX_load_verify_locations 3 -call. -.Pp -Currently no detailed documentation on how to use the -.Vt X509_STORE -object is available. -Not all members of the -.Vt X509_STORE -are used when the verification takes place. -So will, for example, the -.Fn verify_callback -be overridden with the -.Fn verify_callback -set via the -.Xr SSL_CTX_set_verify 3 -family of functions. -This document must therefore be updated when documentation about the -.Vt X509_STORE -object and its handling becomes available. -.Sh RETURN VALUES -.Fn SSL_CTX_set_cert_store -does not return diagnostic output. -.Pp -.Fn SSL_CTX_get_cert_store -returns the current setting. -.Sh SEE ALSO -.Xr ssl 3 , -.Xr SSL_CTX_load_verify_locations 3 , -.Xr SSL_CTX_set_verify 3 -- cgit v1.2.3-55-g6feb