From 37eef541594f7b807ff140229f7a4e912746d833 Mon Sep 17 00:00:00 2001
From: schwarze <>
Date: Fri, 30 Mar 2018 00:44:24 +0000
Subject: Add one short sentence each from the new OpenSSL
 X509_STORE_add_cert(3) manual page, which is below the threshold of
 originality, so there is no need to change the Copyright headers.  The rest
 of that page is less clear and less precise than what we already have in our
 various pages.

---
 src/lib/libcrypto/man/X509_STORE_load_locations.3 | 8 ++++++--
 src/lib/libcrypto/man/X509_STORE_set1_param.3     | 6 ++++--
 2 files changed, 10 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/man/X509_STORE_load_locations.3 b/src/lib/libcrypto/man/X509_STORE_load_locations.3
index a462e6b9ad..ad64bd0316 100644
--- a/src/lib/libcrypto/man/X509_STORE_load_locations.3
+++ b/src/lib/libcrypto/man/X509_STORE_load_locations.3
@@ -1,4 +1,6 @@
-.\"	$OpenBSD: X509_STORE_load_locations.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $
+.\" $OpenBSD: X509_STORE_load_locations.3,v 1.6 2018/03/30 00:44:24 schwarze Exp $
+.\" full merge up to:
+.\" OpenSSL X509_STORE_add_cert b0edda11 Mar 20 13:00:17 2018 +0000
 .\"
 .\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
 .\"
@@ -14,7 +16,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: March 27 2018 $
+.Dd $Mdocdate: March 30 2018 $
 .Dt X509_STORE_LOAD_LOCATIONS 3
 .Os
 .Sh NAME
@@ -44,6 +46,8 @@ contained in the colon-separated list
 .Fa dirs
 for looking up certificates, in addition to files and directories
 that are already configured.
+The certificates in the directores must be in hashed form, as documented in
+.Xr X509_LOOKUP_hash_dir 3 .
 Directories already in use are not added again.
 If
 .Dv NULL
diff --git a/src/lib/libcrypto/man/X509_STORE_set1_param.3 b/src/lib/libcrypto/man/X509_STORE_set1_param.3
index cba32caefb..b7b2ceab42 100644
--- a/src/lib/libcrypto/man/X509_STORE_set1_param.3
+++ b/src/lib/libcrypto/man/X509_STORE_set1_param.3
@@ -1,5 +1,6 @@
-.\" $OpenBSD: X509_STORE_set1_param.3,v 1.13 2018/03/27 17:35:50 schwarze Exp $
+.\" $OpenBSD: X509_STORE_set1_param.3,v 1.14 2018/03/30 00:44:24 schwarze Exp $
 .\" content checked up to:
+.\" OpenSSL man3/X509_STORE_add_cert b0edda11 Mar 20 13:00:17 2018 +0000
 .\" OpenSSL man3/X509_STORE_get0_param e90fc053 Jul 15 09:39:45 2017 -0400
 .\"
 .\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
@@ -16,7 +17,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: March 27 2018 $
+.Dd $Mdocdate: March 30 2018 $
 .Dt X509_STORE_SET1_PARAM 3
 .Os
 .Sh NAME
@@ -123,6 +124,7 @@ or the certificate revocation list
 to the
 .Fa store ,
 increasing its reference count by 1 in case of success.
+Untrusted objects should not be added in this way.
 .Pp
 .Fn X509_STORE_get_ex_new_index ,
 .Fn X509_STORE_set_ex_data ,
-- 
cgit v1.2.3-55-g6feb