-.\" $OpenBSD: X509v3_get_ext_by_NID.3,v 1.13 2021/07/12 14:54:00 schwarze Exp $
+.\" $OpenBSD: X509v3_get_ext_by_NID.3,v 1.14 2024/05/22 09:34:40 tb Exp $
.\" full merge up to: OpenSSL fd38836b Jun 20 15:25:43 2018 +0100
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: July 12 2021 $
+.Dd $Mdocdate: May 22 2024 $
.Dt X509V3_GET_EXT_BY_NID 3
.Os
.Sh NAME
The index
.Fa loc
can take any value from 0 to
-.Fn X509_get_ext_count x No - 1 .
+.Fn X509_get_ext_count x No \- 1 .
The returned extension is an internal pointer which must not be
freed up by the application.
.Pp
.Fa lastpos
or from the beginning if
.Fa lastpos
-is -1.
-If the extension is found, its index is returned; otherwise, -1 is
-returned.
+is \-1.
+If the extension is found, its index is returned; otherwise, a negative
+value is returned.
.Pp
.Fn X509v3_get_ext_by_critical
is similar to
.Fa loc .
If
.Fa loc
-is -1, the new extension is added to the end.
+is \-1, the new extension is added to the end.
If
.Pf * Fa x
is
.Em after
the
.Fa lastpos
-parameter, so it should initially be set to -1.
+parameter, so it should initially be set to \-1.
If it is set to 0, the initial extension will not be checked.
.Sh RETURN VALUES
.Fn X509v3_get_ext_count
.Fn X509v3_get_ext_by_OBJ ,
and
.Fn X509v3_get_ext_by_critical
-return the extension index or -1 if an error occurs.
+return the extension index or \-1 if an error occurs.
+In addition
+.Fn X509v3_get_ext_by_NID
+returns \-2 if
+.Xr OBJ_nid2obj 3
+fails, which happens if
+.Fa nid
+has no corresponding table object.
.Pp
.Fn X509v3_add_ext
returns a stack of extensions or
.Fn X509_add_ext
returns 1 on success or 0 on error.
.Sh SEE ALSO
+.Xr OBJ_nid2obj 3 ,
.Xr X509_CRL_new 3 ,
.Xr X509_EXTENSION_new 3 ,
.Xr X509_new 3 ,
projects / openbsd / commitdiff