summaryrefslogtreecommitdiff
path: root/lib/libcrypto/man/PROXY_POLICY_new.3
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2023-04-30 19:40:24 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2023-04-30 19:40:24 +0000
commitc6e47bc4ae19bf46d361c6c098eca3408bfa9410 (patch)
treec44aa85cb6bfe19a81d6797781c3e35606cd09d9 /lib/libcrypto/man/PROXY_POLICY_new.3
parent11e51fddd26734b8de4064eeba7c90eaffe9cb38 (diff)
Remove most documentation pertaining to proxy certificates.
Update EXFLAG_PROXY and X509_V_FLAG_ALLOW_PROXY_CERTS documentation since we need to keep them for the time being.
Diffstat (limited to 'lib/libcrypto/man/PROXY_POLICY_new.3')
-rw-r--r--lib/libcrypto/man/PROXY_POLICY_new.397
1 files changed, 0 insertions, 97 deletions
diff --git a/lib/libcrypto/man/PROXY_POLICY_new.3 b/lib/libcrypto/man/PROXY_POLICY_new.3
deleted file mode 100644
index c23a620177e..00000000000
--- a/lib/libcrypto/man/PROXY_POLICY_new.3
+++ /dev/null
@@ -1,97 +0,0 @@
-.\" $OpenBSD: PROXY_POLICY_new.3,v 1.6 2021/10/27 11:24:47 schwarze Exp $
-.\"
-.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.Dd $Mdocdate: October 27 2021 $
-.Dt PROXY_POLICY_NEW 3
-.Os
-.Sh NAME
-.Nm PROXY_POLICY_new ,
-.Nm PROXY_POLICY_free ,
-.Nm PROXY_CERT_INFO_EXTENSION_new ,
-.Nm PROXY_CERT_INFO_EXTENSION_free
-.Nd X.509 proxy certificate extension
-.Sh SYNOPSIS
-.In openssl/x509v3.h
-.Ft PROXY_POLICY *
-.Fn PROXY_POLICY_new void
-.Ft void
-.Fn PROXY_POLICY_free "PROXY_POLICY *pp"
-.Ft PROXY_CERT_INFO_EXTENSION *
-.Fn PROXY_CERT_INFO_EXTENSION_new void
-.Ft void
-.Fn PROXY_CERT_INFO_EXTENSION_free "PROXY_CERT_INFO_EXTENSION *pcie"
-.Sh DESCRIPTION
-If a given non-CA certificate grants any privileges, using that
-certificate to issue a proxy certificate and handing that proxy
-certificate over to another person, organization, or service allows
-the bearer of the proxy certificate to exercise some or all of the
-privileges on behalf of the subject of the original certificate.
-.Pp
-.Fn PROXY_POLICY_new
-allocates and initializes an empty
-.Vt PROXY_POLICY
-object, representing an ASN.1
-.Vt ProxyPolicy
-structure defined in RFC 3820 section 3.8.
-It defines which privileges are to be delegated.
-.Fn PROXY_POLICY_free
-frees
-.Fa pp .
-.Pp
-.Fn PROXY_CERT_INFO_EXTENSION_new
-allocates and initializes an empty
-.Vt PROXY_CERT_INFO_EXTENSION
-object, representing an ASN.1
-.Vt ProxyCertInfo
-structure defined in RFC 3820 section 3.8.
-It can contain a
-.Vt PROXY_POLICY
-object, and it can additionally restrict the maximum depth of the
-path of proxy certificates that can be signed by this proxy
-certificate.
-.Fn PROXY_CERT_INFO_EXTENSION_free
-frees
-.Fa pcie .
-.Pp
-If a non-CA certificate contains a
-.Vt PROXY_CERT_INFO_EXTENSION ,
-it is a proxy certificate; otherwise, it is an end entity certificate.
-.Sh RETURN VALUES
-.Fn PROXY_POLICY_new
-and
-.Fn PROXY_CERT_INFO_EXTENSION_new
-return the new
-.Vt PROXY_POLICY
-or
-.Vt PROXY_CERT_INFO_EXTENSION
-object, respectively, or
-.Dv NULL
-if an error occurs.
-.Sh SEE ALSO
-.Xr BASIC_CONSTRAINTS_new 3 ,
-.Xr d2i_PROXY_POLICY 3 ,
-.Xr EXTENDED_KEY_USAGE_new 3 ,
-.Xr POLICYINFO_new 3 ,
-.Xr X509_EXTENSION_new 3 ,
-.Xr X509_get_extension_flags 3 ,
-.Xr X509_new 3
-.Sh STANDARDS
-RFC 3820: Internet X.509 Public Key Infrastructure (PKI) Proxy
-Certificate Profile
-.Sh HISTORY
-These functions first appeared in OpenSSL 0.9.7g
-and have been available since
-.Ox 3.8 .