diff options
author | Theo Buehler <tb@cvs.openbsd.org> | 2023-04-30 19:40:24 +0000 |
---|---|---|
committer | Theo Buehler <tb@cvs.openbsd.org> | 2023-04-30 19:40:24 +0000 |
commit | c6e47bc4ae19bf46d361c6c098eca3408bfa9410 (patch) | |
tree | c44aa85cb6bfe19a81d6797781c3e35606cd09d9 /lib/libcrypto/man/PROXY_POLICY_new.3 | |
parent | 11e51fddd26734b8de4064eeba7c90eaffe9cb38 (diff) |
Remove most documentation pertaining to proxy certificates.
Update EXFLAG_PROXY and X509_V_FLAG_ALLOW_PROXY_CERTS documentation since
we need to keep them for the time being.
Diffstat (limited to 'lib/libcrypto/man/PROXY_POLICY_new.3')
-rw-r--r-- | lib/libcrypto/man/PROXY_POLICY_new.3 | 97 |
1 files changed, 0 insertions, 97 deletions
diff --git a/lib/libcrypto/man/PROXY_POLICY_new.3 b/lib/libcrypto/man/PROXY_POLICY_new.3 deleted file mode 100644 index c23a620177e..00000000000 --- a/lib/libcrypto/man/PROXY_POLICY_new.3 +++ /dev/null @@ -1,97 +0,0 @@ -.\" $OpenBSD: PROXY_POLICY_new.3,v 1.6 2021/10/27 11:24:47 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 27 2021 $ -.Dt PROXY_POLICY_NEW 3 -.Os -.Sh NAME -.Nm PROXY_POLICY_new , -.Nm PROXY_POLICY_free , -.Nm PROXY_CERT_INFO_EXTENSION_new , -.Nm PROXY_CERT_INFO_EXTENSION_free -.Nd X.509 proxy certificate extension -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft PROXY_POLICY * -.Fn PROXY_POLICY_new void -.Ft void -.Fn PROXY_POLICY_free "PROXY_POLICY *pp" -.Ft PROXY_CERT_INFO_EXTENSION * -.Fn PROXY_CERT_INFO_EXTENSION_new void -.Ft void -.Fn PROXY_CERT_INFO_EXTENSION_free "PROXY_CERT_INFO_EXTENSION *pcie" -.Sh DESCRIPTION -If a given non-CA certificate grants any privileges, using that -certificate to issue a proxy certificate and handing that proxy -certificate over to another person, organization, or service allows -the bearer of the proxy certificate to exercise some or all of the -privileges on behalf of the subject of the original certificate. -.Pp -.Fn PROXY_POLICY_new -allocates and initializes an empty -.Vt PROXY_POLICY -object, representing an ASN.1 -.Vt ProxyPolicy -structure defined in RFC 3820 section 3.8. -It defines which privileges are to be delegated. -.Fn PROXY_POLICY_free -frees -.Fa pp . -.Pp -.Fn PROXY_CERT_INFO_EXTENSION_new -allocates and initializes an empty -.Vt PROXY_CERT_INFO_EXTENSION -object, representing an ASN.1 -.Vt ProxyCertInfo -structure defined in RFC 3820 section 3.8. -It can contain a -.Vt PROXY_POLICY -object, and it can additionally restrict the maximum depth of the -path of proxy certificates that can be signed by this proxy -certificate. -.Fn PROXY_CERT_INFO_EXTENSION_free -frees -.Fa pcie . -.Pp -If a non-CA certificate contains a -.Vt PROXY_CERT_INFO_EXTENSION , -it is a proxy certificate; otherwise, it is an end entity certificate. -.Sh RETURN VALUES -.Fn PROXY_POLICY_new -and -.Fn PROXY_CERT_INFO_EXTENSION_new -return the new -.Vt PROXY_POLICY -or -.Vt PROXY_CERT_INFO_EXTENSION -object, respectively, or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr d2i_PROXY_POLICY 3 , -.Xr EXTENDED_KEY_USAGE_new 3 , -.Xr POLICYINFO_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_get_extension_flags 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 3820: Internet X.509 Public Key Infrastructure (PKI) Proxy -Certificate Profile -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7g -and have been available since -.Ox 3.8 . |