In x509.h rev. 1.37 2018/02/22 17:01:44, jsing@ provided

X509_CRL_set1_lastUpdate(3) and X509_CRL_set1_nextUpdate(3) and
in rev. 1.39 2018/02/22 17:06:42 X509_set1_notBefore(3) and
X509_set1_notAfter(3).  Document them, again from scratch
because what OpenSSL provides is slightly confusing.

diff --git a/lib/libcrypto/man/X509_get0_notBefore.3 b/lib/libcrypto/man/X509_get0_notBefore.3
index 850dd8b..3af3074 100644 (file)
--- a/lib/libcrypto/man/X509_get0_notBefore.3
+++ b/lib/libcrypto/man/X509_get0_notBefore.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_get0_notBefore.3,v 1.2 2018/02/22 17:10:00 schwarze Exp $
+.\" $OpenBSD: X509_get0_notBefore.3,v 1.3 2018/02/25 10:53:16 schwarze Exp $
 .\" content checked up to: OpenSSL 27b138e9 May 19 00:16:38 2017 +0000
 .\"
 .\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
@@ -15,17 +15,21 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: February 22 2018 $
+.Dd $Mdocdate: February 25 2018 $
 .Dt X509_GET0_NOTBEFORE 3
 .Os
 .Sh NAME
 .Nm X509_get0_notBefore ,
-.Nm X509_getm_notBefore ,
 .Nm X509_get0_notAfter ,
+.Nm X509_getm_notBefore ,
 .Nm X509_getm_notAfter ,
 .Nm X509_CRL_get0_lastUpdate ,
-.Nm X509_CRL_get0_nextUpdate
-.Nd get certificate and CRL validity dates
+.Nm X509_CRL_get0_nextUpdate ,
+.Nm X509_set1_notBefore ,
+.Nm X509_set1_notAfter ,
+.Nm X509_CRL_set1_lastUpdate ,
+.Nm X509_CRL_set1_nextUpdate
+.Nd get and set certificate and CRL validity dates
 .Sh SYNOPSIS
 .In openssl/x509.h
 .Ft const ASN1_TIME *
@@ -52,6 +56,26 @@
 .Fo X509_CRL_get0_nextUpdate
 .Fa "const X509_CRL *crl"
 .Fc
+.Ft int
+.Fo X509_set1_notBefore
+.Fa "X509 *x"
+.Fa "const ASN1_TIME *tm"
+.Fc
+.Ft int
+.Fo X509_set1_notAfter
+.Fa "X509 *x"
+.Fa "const ASN1_TIME *tm"
+.Fc
+.Ft int
+.Fo X509_CRL_set1_lastUpdate
+.Fa "X509_CRL *crl"
+.Fa "const ASN1_TIME *tm"
+.Fc
+.Ft int
+.Fo X509_CRL_set1_nextUpdate
+.Fa "X509_CRL *crl"
+.Fa "const ASN1_TIME *tm"
+.Fc
 .Sh DESCRIPTION
 .Fn X509_getm_notBefore
 and
@@ -78,11 +102,45 @@ and
 .Fa nextUpdate
 fields of
 .Fa crl .
+.Pp
+.Fn X509_set1_notBefore ,
+.Fn X509_set1_notAfter ,
+.Fn X509_CRL_set1_lastUpdate ,
+and
+.Fn X509_CRL_set1_nextUpdate
+set the
+.Fa notBefore ,
+.Fa notAfter ,
+.Fa lastUpdate ,
+or
+.Fa nextUpdate
+field of
+.Fa x
+or
+.Fa crl ,
+respectively, to a deep copy of
+.Fa tm
+and free the
+.Vt ASN1_TIME
+value that they replace.
 .Sh RETURN VALUES
-These functions return internal pointers which must not be freed
-by the application, or
+.Fn X509_get0_notBefore ,
+.Fn X509_get0_notAfter ,
+.Fn X509_getm_notBefore ,
+.Fn X509_getm_notAfter ,
+.Fn X509_CRL_get0_lastUpdate ,
+and
+.Fn X509_CRL_get0_nextUpdate
+return internal pointers which must not be freed by the application, or
 .Dv NULL
 if the requested fields are not available.
+.Pp
+.Fn X509_set1_notBefore ,
+.Fn X509_set1_notAfter ,
+.Fn X509_CRL_set1_lastUpdate ,
+and
+.Fn X509_CRL_set1_nextUpdate
+return 1 on success or 0 on failure.
 .Sh SEE ALSO
 .Xr ASN1_TIME_set 3 ,
 .Xr ASN1_TIME_set_tm 3 ,