-.\" $OpenBSD: SSL_set1_host.3,v 1.3 2021/01/27 17:57:40 tb Exp $
+.\" $OpenBSD: SSL_set1_host.3,v 1.4 2021/03/31 16:56:46 tb Exp $
.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200
.\"
.\" This file was written by Viktor Dukhovni <viktor@openssl.org>
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: January 27 2021 $
+.Dd $Mdocdate: March 31 2021 $
.Dt SSL_SET1_HOST 3
.Os
.Sh NAME
-.Nm SSL_set1_host
-.ig \" won't make Ox 6.8 but will appear in 6.9
-.Nm SSL_set_hostflags
+.Nm SSL_set1_host ,
+.Nm SSL_set_hostflags ,
.Nm SSL_get0_peername
-..
.Nd SSL server verification parameters
.Sh SYNOPSIS
.In openssl/ssl.h
.Fa "SSL *ssl"
.Fa "const char *hostname"
.Fc
-.ig
.Ft void
.Fo SSL_set_hostflags
.Fa "SSL *ssl"
.Fo SSL_get0_peername
.Fa "SSL *ssl"
.Fc
-..
.Sh DESCRIPTION
.Fn SSL_set1_host
configures a server hostname check in the
.Fa flags
set to 0.
.Pp
-.ig
.Fn SSL_set_hostflags
sets the flags that will be passed to
.Xr X509_check_host 3
Applications must not free the return value.
.Pp
SSL clients are advised to use these functions in preference to
-..
-SSL clients are advised to use this function in preference to
explicitly calling
.Xr X509_check_host 3 .
.Sh RETURN VALUES
.Fn SSL_set1_host
returns 1 for success or 0 for failure.
-.ig
.Pp
.Fn SSL_get0_peername
returns the matched peername or
/* Name checks were in scope and matched the peername */
}
.Ed
-..
.Sh SEE ALSO
.Xr ssl 3 ,
.Xr SSL_CTX_set_verify 3 ,
.Xr X509_check_host 3 ,
.Xr X509_VERIFY_PARAM_set1_host 3
.Sh HISTORY
-This function first appeared in OpenSSL 1.1.0
-and has been available since
-.Ox 6.5 .
-.ig
All three functions first appeared in OpenSSL 1.1.0.
.Fn SSL_set1_host
has been available since
.Fn SSL_get0_peername
since
.Ox 6.9 .
-..
projects / openbsd / commitdiff