summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/libcrypto/man/X509_NAME_get_index_by_NID.376
1 files changed, 72 insertions, 4 deletions
diff --git a/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 b/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
index fdf8bb1a815..0f3adbc081c 100644
--- a/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
+++ b/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
@@ -1,6 +1,55 @@
-.\" $OpenBSD: X509_NAME_get_index_by_NID.3,v 1.3 2016/12/03 13:36:03 jmc Exp $
+.\" $OpenBSD: X509_NAME_get_index_by_NID.3,v 1.4 2016/12/05 12:11:26 schwarze Exp $
+.\" OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400
.\"
-.Dd $Mdocdate: December 3 2016 $
+.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" Copyright (c) 2002, 2006, 2014, 2015, 2016 The OpenSSL Project.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in
+.\" the documentation and/or other materials provided with the
+.\" distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\" software must display the following acknowledgment:
+.\" "This product includes software developed by the OpenSSL Project
+.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\" endorse or promote products derived from this software without
+.\" prior written permission. For written permission, please contact
+.\" openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\" nor may "OpenSSL" appear in their names without prior written
+.\" permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\" acknowledgment:
+.\" "This product includes software developed by the OpenSSL Project
+.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: December 5 2016 $
.Dt X509_NAME_GET_INDEX_BY_NID 3
.Os
.Sh NAME
@@ -71,6 +120,9 @@ after
.Fa lastpos
should initially be set to -1.
If there are no more entries, -1 is returned.
+If
+.Fa nid
+is invalid (doesn't correspond to a valid OID), -2 is returned.
.Pp
.Fn X509_NAME_entry_count
returns the total number of entries in
@@ -114,6 +166,23 @@ is
then the amount of space needed in
.Fa buf
(excluding the final NUL) is returned.
+.Pp
+All relevant
+.Dv NID_*
+and
+.Dv OBJ_*
+codes can be found in the header files
+.In openssl/obj_mac.h
+and
+.In openssl/objects.h .
+.Pp
+Applications which could pass invalid NIDs to
+.Fn X509_NAME_get_index_by_NID
+should check for the return value of -2.
+Alternatively the NID validity can be determined first by checking that
+.Fn OBJ_nid2obj nid
+is not
+.Dv NULL .
.Sh RETURN VALUES
.Fn X509_NAME_get_index_by_NID
and
@@ -143,10 +212,9 @@ for (i = 0; i < X509_NAME_entry_count(nm); i++) {
.Pp
Process all commonName entries:
.Bd -literal
-int loc;
+int lastpos = -1;
X509_NAME_ENTRY *e;
-loc = -1;
for (;;) {
lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
if (lastpos == -1)