diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2023-01-16 08:38:01 +0100 |
|---|---|---|
| committer | Dr. David von Oheimb <dev@ddvo.net> | 2023-01-23 11:00:04 +0100 |
| commit | ec6cbda0f2e435ae0efaec308dc5569c75bb759b (patch) | |
| tree | 68f98eb2e58bd87ef39c48d77b260d8d06527c04 | |
| parent | d7d1d0928af2f14e7e187fa8c78115d0d1aa28eb (diff) | |
X509_V_ERR_INVALID_PURPOSE: fix misleading text; Fix omission in X509_VERIFY_PARAM_clear_flags doc
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20052)
| -rw-r--r-- | crypto/x509/x509_txt.c | 2 | ||||
| -rw-r--r-- | doc/man3/X509_STORE_CTX_get_error.pod | 2 | ||||
| -rw-r--r-- | doc/man3/X509_VERIFY_PARAM_set_flags.pod | 1 |
3 files changed, 3 insertions, 2 deletions
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c index 0c7ae1ed79..54decf7332 100644 --- a/crypto/x509/x509_txt.c +++ b/crypto/x509/x509_txt.c @@ -74,7 +74,7 @@ const char *X509_verify_cert_error_string(long n) case X509_V_ERR_PATH_LENGTH_EXCEEDED: return "path length constraint exceeded"; case X509_V_ERR_INVALID_PURPOSE: - return "unsupported certificate purpose"; + return "unsuitable certificate purpose"; case X509_V_ERR_CERT_UNTRUSTED: return "certificate not trusted"; case X509_V_ERR_CERT_REJECTED: diff --git a/doc/man3/X509_STORE_CTX_get_error.pod b/doc/man3/X509_STORE_CTX_get_error.pod index 76fcf27b8d..8357f50568 100644 --- a/doc/man3/X509_STORE_CTX_get_error.pod +++ b/doc/man3/X509_STORE_CTX_get_error.pod @@ -229,7 +229,7 @@ consistent with the supplied purpose. The basicConstraints path-length parameter has been exceeded. -=item B<X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose> +=item B<X509_V_ERR_INVALID_PURPOSE: unsuitable certificate purpose> The target certificate cannot be used for the specified purpose. diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/doc/man3/X509_VERIFY_PARAM_set_flags.pod index 149cc00d01..51fb70b500 100644 --- a/doc/man3/X509_VERIFY_PARAM_set_flags.pod +++ b/doc/man3/X509_VERIFY_PARAM_set_flags.pod @@ -90,6 +90,7 @@ X509_VERIFY_PARAM_clear_flags() clears the flags B<flags> in B<param>. X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param> to B<purpose>. This determines the acceptable purpose of the certificate chain, for example B<X509_PURPOSE_SSL_CLIENT>. +The purpose requirement is cleared if B<purpose> is 0. X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to B<trust>. |