From: tb Date: Wed, 27 Jan 2021 17:57:40 +0000 (+0000) Subject: Merge SSL_set_hostflags documentation from OpenSSL 1.1.1i and X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=83fe41ff15a132722194f69702ab6775652de941;p=openbsd Merge SSL_set_hostflags documentation from OpenSSL 1.1.1i and add HISTORY section. This is currently ignored input next to SSL_get0_peername() and will be unignored once the symbols are made publicly visible in libssl. --- diff --git a/lib/libssl/man/SSL_set1_host.3 b/lib/libssl/man/SSL_set1_host.3 index bc54e30161e..ba8b0564ddc 100644 --- a/lib/libssl/man/SSL_set1_host.3 +++ b/lib/libssl/man/SSL_set1_host.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: SSL_set1_host.3,v 1.2 2020/09/22 16:31:37 schwarze Exp $ +.\" $OpenBSD: SSL_set1_host.3,v 1.3 2021/01/27 17:57:40 tb Exp $ .\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200 .\" .\" This file was written by Viktor Dukhovni @@ -48,12 +48,13 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: September 22 2020 $ +.Dd $Mdocdate: January 27 2021 $ .Dt SSL_SET1_HOST 3 .Os .Sh NAME .Nm SSL_set1_host .ig \" won't make Ox 6.8 but will appear in 6.9 +.Nm SSL_set_hostflags .Nm SSL_get0_peername .. .Nd SSL server verification parameters @@ -65,6 +66,11 @@ .Fa "const char *hostname" .Fc .ig +.Ft void +.Fo SSL_set_hostflags +.Fa "SSL *ssl" +.Fa "unsigned int flags" +.Fc .Ft const char * .Fo SSL_get0_peername .Fa "SSL *ssl" @@ -92,6 +98,15 @@ with set to 0. .Pp .ig +.Fn SSL_set_hostflags +sets the flags that will be passed to +.Xr X509_check_host 3 +when name checks are applicable, +by default the flags value is 0. +See +.Xr X509_check_host 3 +for the list of available flags and their meaning. +.Pp .Fn SSL_get0_peername returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. @@ -158,11 +173,13 @@ This function first appeared in OpenSSL 1.1.0 and has been available since .Ox 6.5 . .ig -Both functions first appeared in OpenSSL 1.1.0. +All three functions first appeared in OpenSSL 1.1.0. .Fn SSL_set1_host has been available since .Ox 6.5 , and +.Fn SSL_set_hostflags +and .Fn SSL_get0_peername since .Ox 6.9 .