From b543445e1ffc690c5c115276fc15e42e164ced46 Mon Sep 17 00:00:00 2001 From: schwarze Date: Wed, 21 Jul 2021 15:03:45 +0000 Subject: [PATCH] Document X509_STORE_CTX_get_chain(3). It is deprecated, but it is still called by various application programs, so let's better mention it. --- lib/libcrypto/man/X509_STORE_CTX_get_error.3 | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/lib/libcrypto/man/X509_STORE_CTX_get_error.3 b/lib/libcrypto/man/X509_STORE_CTX_get_error.3 index 181c676b580..3294658ac68 100644 --- a/lib/libcrypto/man/X509_STORE_CTX_get_error.3 +++ b/lib/libcrypto/man/X509_STORE_CTX_get_error.3 @@ -1,9 +1,9 @@ -.\" $OpenBSD: X509_STORE_CTX_get_error.3,v 1.13 2019/08/25 15:39:10 schwarze Exp $ +.\" $OpenBSD: X509_STORE_CTX_get_error.3,v 1.14 2021/07/21 15:03:45 schwarze Exp $ .\" full merge up to: .\" OpenSSL crypto/X509_STORE_CTX_get_error f0e0fd51 Apr 14 23:59:26 2016 -0400 .\" selective merge up to: -.\" OpenSSL man3/X509_STORE_CTX_get_error bb00b040 Aug 5 14:14:54 2019 +0200 -.\" OpenSSL man3/X509_STORE_CTX_new 7643a172 Apr 21 13:35:51 2017 +0200 +.\" OpenSSL man3/X509_STORE_CTX_get_error 24a535ea Sep 22 13:14:20 2020 +0100 +.\" OpenSSL man3/X509_STORE_CTX_new 24a535ea Sep 22 13:14:20 2020 +0100 .\" .\" This file was written by Dr. Stephen Henson . .\" Copyright (c) 2009, 2013, 2015, 2016 The OpenSSL Project. @@ -53,7 +53,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 25 2019 $ +.Dd $Mdocdate: July 21 2021 $ .Dt X509_STORE_CTX_GET_ERROR 3 .Os .Sh NAME @@ -63,6 +63,7 @@ .Nm X509_STORE_CTX_get_current_cert , .Nm X509_STORE_CTX_get0_cert , .Nm X509_STORE_CTX_get0_chain , +.Nm X509_STORE_CTX_get_chain , .Nm X509_STORE_CTX_get1_chain , .Nm X509_verify_cert_error_string .Nd get or set certificate verification status information @@ -94,6 +95,10 @@ .Fa "X509_STORE_CTX *ctx" .Fc .Ft STACK_OF(X509) * +.Fo X509_STORE_CTX_get_chain +.Fa "X509_STORE_CTX *ctx" +.Fc +.Ft STACK_OF(X509) * .Fo X509_STORE_CTX_get1_chain .Fa "X509_STORE_CTX *ctx" .Fc @@ -145,6 +150,9 @@ was successful. If the call to .Xr X509_verify_cert 3 was not successful, the returned chain may be incomplete or invalid. +.Fn X509_STORE_CTX_get_chain +is a deprecated alias of +.Fn X509_STORE_CTX_get0_chain . .Fn X509_STORE_CTX_get1_chain returns a deep copy of the same chain which persists even after the .Fa ctx @@ -191,7 +199,8 @@ if no certificate is relevant to the error. retrieves an internal pointer to the certificate being verified by .Fa ctx . .Pp -.Fn X509_STORE_CTX_get0_chain +.Fn X509_STORE_CTX_get0_chain , +.Fn X509_STORE_CTX_get_chain , and .Fn X509_STORE_CTX_get1_chain return a pointer to a stack of certificates or @@ -380,6 +389,7 @@ This will never be returned unless explicitly set by an application. .Fn X509_STORE_CTX_set_error , .Fn X509_STORE_CTX_get_error_depth , .Fn X509_STORE_CTX_get_current_cert , +.Fn X509_STORE_CTX_get_chain , and .Fn X509_verify_cert_error_string first appeared in SSLeay 0.8.0 and have been available since -- 2.20.1