diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-02-02 02:51:30 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-02-02 23:12:06 +0000 |
| commit | e2f06800bce44a87596534b9f23710becf51771a (patch) | |
| tree | e3f390ae5845d6b655620c5aa7d8af54c0cceb57 /doc/ssl/SSL_CTX_add1_chain_cert.pod | |
| parent | 1180833643d7310573366b7e3d36e70c7defba9c (diff) | |
New ctrl to set current certificate.
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
(cherry picked from commit 0f78819c8ccb7c526edbe90d5b619281366ce75c)
Diffstat (limited to 'doc/ssl/SSL_CTX_add1_chain_cert.pod')
| -rw-r--r-- | doc/ssl/SSL_CTX_add1_chain_cert.pod | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/doc/ssl/SSL_CTX_add1_chain_cert.pod b/doc/ssl/SSL_CTX_add1_chain_cert.pod index a97969260d..0c977aa1a7 100644 --- a/doc/ssl/SSL_CTX_add1_chain_cert.pod +++ b/doc/ssl/SSL_CTX_add1_chain_cert.pod @@ -7,7 +7,8 @@ SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, -SSL_select_current_cert - extra chain certificate processing +SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra +chain certificate processing =head1 SYNOPSIS @@ -32,6 +33,8 @@ SSL_select_current_cert - extra chain certificate processing int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509); int SSL_select_current_cert(SSL *ssl, X509 *x509); + int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op); + int SSL_set_current_cert(SSL *ssl, long op); =head1 DESCRIPTION @@ -65,8 +68,14 @@ function such as SSL_CTX_use_certificate(). SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), -SSL_build_cert_chain() and SSL_select_current_cert() are similar except they -apply to SSL structure B<ssl>. +SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() +are similar except they apply to SSL structure B<ssl>. + +SSL_CTX_set_current_cert() changes the current certificate to a value based +on the B<op> argument. Currently B<op> can be B<SSL_CERT_SET_FIRST> to use +the first valid certificate or B<SSL_CERT_SET_NEXT> to set the next valid +certificate after the current certificate. These two operations can be +used to iterate over all certificates in an B<SSL_CTX> structure. All these functions are implemented as macros. Those containing a B<1> increment the reference count of the supplied certificate or chain so it must |