diff options
| author | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2020-01-02 09:09:17 +0000 |
|---|---|---|
| committer | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2020-01-02 09:09:17 +0000 |
| commit | 2e11d9f47708905c25a9e51a7be80613b4df50cc (patch) | |
| tree | 288beca3249b3fbfd79d4cdf3d6b196047d18b10 /lib/libssl | |
| parent | b41db0a1e5c7ef1630d8ac2002a2bb26296fbdef (diff) | |
In ssl.h rev. 1.167 and s3_lib.c rev. 1.188, jsing@ provided
the new function SSL_CTX_get_extra_chain_certs_only(3) and changed
the semantics of the existing SSL_CTX_get_extra_chain_certs(3) API
from the former OpenSSL 1.0.1 behaviour to the new, incompatible
OpenSSL 1.0.2 behaviour. Adjust the documentation.
OK jsing@ beck@ inoguchi@
Diffstat (limited to 'lib/libssl')
| -rw-r--r-- | lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 b/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 index a6d869b335e..4c731309e45 100644 --- a/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 +++ b/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: SSL_CTX_add_extra_chain_cert.3,v 1.6 2019/04/05 18:29:43 schwarze Exp $ +.\" $OpenBSD: SSL_CTX_add_extra_chain_cert.3,v 1.7 2020/01/02 09:09:16 schwarze Exp $ .\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 .\" .\" This file was written by Lutz Jaenicke <jaenicke@openssl.org> and @@ -50,11 +50,12 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: April 5 2019 $ +.Dd $Mdocdate: January 2 2020 $ .Dt SSL_CTX_ADD_EXTRA_CHAIN_CERT 3 .Os .Sh NAME .Nm SSL_CTX_add_extra_chain_cert , +.Nm SSL_CTX_get_extra_chain_certs_only , .Nm SSL_CTX_get_extra_chain_certs , .Nm SSL_CTX_clear_extra_chain_certs .Nd add, retrieve, and clear extra chain certificates @@ -63,6 +64,8 @@ .Ft long .Fn SSL_CTX_add_extra_chain_cert "SSL_CTX *ctx" "X509 *x509" .Ft long +.Fn SSL_CTX_get_extra_chain_certs_only "SSL_CTX *ctx" "STACK_OF(X509) **certs" +.Ft long .Fn SSL_CTX_get_extra_chain_certs "SSL_CTX *ctx" "STACK_OF(X509) **certs" .Ft long .Fn SSL_CTX_clear_extra_chain_certs "SSL_CTX *ctx" @@ -74,10 +77,20 @@ to the extra chain certificates associated with .Fa ctx . Several certificates can be added one after another. .Pp -.Fn SSL_CTX_get_extra_chain_certs +.Fn SSL_CTX_get_extra_chain_certs_only retrieves an internal pointer to the stack of extra chain certificates associated with -.Fa ctx . +.Fa ctx , +or set +.Pf * Fa certs +to +.Dv NULL +if there are none. +.Pp +.Fn SSL_CTX_get_extra_chain_certs +does the same except that it retrieves an internal pointer +to the chain associated with the certificate +if there are no extra chain certificates. .Pp .Fn SSL_CTX_clear_extra_chain_certs clears all extra chain certificates associated with @@ -123,6 +136,10 @@ and .Fn SSL_CTX_clear_extra_chain_certs first appeared in OpenSSL 1.0.1 and have been available since .Ox 5.3 . +.Pp +.Fn SSL_CTX_get_extra_chain_certs_only +first appeared in OpenSSL 1.0.2 and has been available since +.Ox 6.7 . .Sh CAVEATS Certificates added with .Fn SSL_CTX_add_extra_chain_cert |