summaryrefslogtreecommitdiff
path: root/secure/lib/libcrypto/man/OCSP_resp_find_status.3
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/OCSP_resp_find_status.3')
-rw-r--r--secure/lib/libcrypto/man/OCSP_resp_find_status.394
1 files changed, 49 insertions, 45 deletions
diff --git a/secure/lib/libcrypto/man/OCSP_resp_find_status.3 b/secure/lib/libcrypto/man/OCSP_resp_find_status.3
index 8cfea7b49cbb8..d98518403f03f 100644
--- a/secure/lib/libcrypto/man/OCSP_resp_find_status.3
+++ b/secure/lib/libcrypto/man/OCSP_resp_find_status.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
+.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -54,16 +54,20 @@
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
-.if !\nF .nr F 0
-.if \nF>0 \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
+.nr rF 0
+.if \n(.g .if rF .nr rF 1
+.if (\n(rF:(\n(.g==0)) \{\
+. if \nF \{\
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
..
-. if !\nF==2 \{\
-. nr % 0
-. nr F 2
+. if !\nF==2 \{\
+. nr % 0
+. nr F 2
+. \}
. \}
.\}
+.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
@@ -129,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "OCSP_RESP_FIND_STATUS 3"
-.TH OCSP_RESP_FIND_STATUS 3 "2018-11-20" "1.1.1a" "OpenSSL"
+.TH OCSP_RESP_FIND_STATUS 3 "2019-02-26" "1.1.1b" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -182,7 +186,7 @@ OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_i
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
-\&\fIOCSP_resp_find_status()\fR searches \fBbs\fR for an \s-1OCSP\s0 response for \fBid\fR. If it is
+\&\fBOCSP_resp_find_status()\fR searches \fBbs\fR for an \s-1OCSP\s0 response for \fBid\fR. If it is
successful the fields of the response are returned in \fB*status\fR, \fB*reason\fR,
\&\fB*revtime\fR, \fB*thisupd\fR and \fB*nextupd\fR. The \fB*status\fR value will be one of
\&\fBV_OCSP_CERTSTATUS_GOOD\fR, \fBV_OCSP_CERTSTATUS_REVOKED\fR or
@@ -195,50 +199,50 @@ will be set to the revocation reason which will be one of
\&\fB\s-1OCSP_REVOKED_STATUS_CESSATIONOFOPERATION\s0\fR,
\&\fB\s-1OCSP_REVOKED_STATUS_CERTIFICATEHOLD\s0\fR or \fB\s-1OCSP_REVOKED_STATUS_REMOVEFROMCRL\s0\fR.
.PP
-\&\fIOCSP_resp_count()\fR returns the number of \fB\s-1OCSP_SINGLERESP\s0\fR structures in \fBbs\fR.
+\&\fBOCSP_resp_count()\fR returns the number of \fB\s-1OCSP_SINGLERESP\s0\fR structures in \fBbs\fR.
.PP
-\&\fIOCSP_resp_get0()\fR returns the \fB\s-1OCSP_SINGLERESP\s0\fR structure in \fBbs\fR
+\&\fBOCSP_resp_get0()\fR returns the \fB\s-1OCSP_SINGLERESP\s0\fR structure in \fBbs\fR
corresponding to index \fBidx\fR. Where \fBidx\fR runs from 0 to
OCSP_resp_count(bs) \- 1.
.PP
-\&\fIOCSP_resp_find()\fR searches \fBbs\fR for \fBid\fR and returns the index of the first
+\&\fBOCSP_resp_find()\fR searches \fBbs\fR for \fBid\fR and returns the index of the first
matching entry after \fBlast\fR or starting from the beginning if \fBlast\fR is \-1.
.PP
-\&\fIOCSP_single_get0_status()\fR extracts the fields of \fBsingle\fR in \fB*reason\fR,
+\&\fBOCSP_single_get0_status()\fR extracts the fields of \fBsingle\fR in \fB*reason\fR,
\&\fB*revtime\fR, \fB*thisupd\fR and \fB*nextupd\fR.
.PP
-\&\fIOCSP_resp_get0_produced_at()\fR extracts the \fBproducedAt\fR field from the
+\&\fBOCSP_resp_get0_produced_at()\fR extracts the \fBproducedAt\fR field from the
single response \fBbs\fR.
.PP
-\&\fIOCSP_resp_get0_signature()\fR returns the signature from \fBbs\fR.
+\&\fBOCSP_resp_get0_signature()\fR returns the signature from \fBbs\fR.
.PP
-\&\fIOCSP_resp_get0_tbs_sigalg()\fR returns the \fBsignatureAlgorithm\fR from \fBbs\fR.
+\&\fBOCSP_resp_get0_tbs_sigalg()\fR returns the \fBsignatureAlgorithm\fR from \fBbs\fR.
.PP
-\&\fIOCSP_resp_get0_respdata()\fR returns the \fBtbsResponseData\fR from \fBbs\fR.
+\&\fBOCSP_resp_get0_respdata()\fR returns the \fBtbsResponseData\fR from \fBbs\fR.
.PP
-\&\fIOCSP_resp_get0_certs()\fR returns any certificates included in \fBbs\fR.
+\&\fBOCSP_resp_get0_certs()\fR returns any certificates included in \fBbs\fR.
.PP
-\&\fIOCSP_resp_get0_signer()\fR attempts to retrieve the certificate that directly
+\&\fBOCSP_resp_get0_signer()\fR attempts to retrieve the certificate that directly
signed \fBbs\fR. The \s-1OCSP\s0 protocol does not require that this certificate
is included in the \fBcerts\fR field of the response, so additional certificates
can be supplied in \fBextra_certs\fR if the certificates that may have
signed the response are known via some out-of-band mechanism.
.PP
-\&\fIOCSP_resp_get0_id()\fR gets the responder id of \fBbs\fR. If the responder \s-1ID\s0 is
+\&\fBOCSP_resp_get0_id()\fR gets the responder id of \fBbs\fR. If the responder \s-1ID\s0 is
a name then <*pname> is set to the name and \fB*pid\fR is set to \s-1NULL.\s0 If the
responder \s-1ID\s0 is by key \s-1ID\s0 then \fB*pid\fR is set to the key \s-1ID\s0 and \fB*pname\fR
-is set to \s-1NULL.\s0 \fIOCSP_resp_get1_id()\fR leaves ownership of \fB*pid\fR and \fB*pname\fR
+is set to \s-1NULL.\s0 \fBOCSP_resp_get1_id()\fR leaves ownership of \fB*pid\fR and \fB*pname\fR
with the caller, who is responsible for freeing them. Both functions return 1
-in case of success and 0 in case of failure. If \fIOCSP_resp_get1_id()\fR returns 0,
+in case of success and 0 in case of failure. If \fBOCSP_resp_get1_id()\fR returns 0,
no freeing of the results is necessary.
.PP
-\&\fIOCSP_check_validity()\fR checks the validity of \fBthisupd\fR and \fBnextupd\fR values
-which will be typically obtained from \fIOCSP_resp_find_status()\fR or
-\&\fIOCSP_single_get0_status()\fR. If \fBsec\fR is non-zero it indicates how many seconds
+\&\fBOCSP_check_validity()\fR checks the validity of \fBthisupd\fR and \fBnextupd\fR values
+which will be typically obtained from \fBOCSP_resp_find_status()\fR or
+\&\fBOCSP_single_get0_status()\fR. If \fBsec\fR is non-zero it indicates how many seconds
leeway should be allowed in the check. If \fBmaxsec\fR is positive it indicates
the maximum age of \fBthisupd\fR in seconds.
.PP
-\&\fIOCSP_basic_verify()\fR checks that the basic response message \fBbs\fR is correctly
+\&\fBOCSP_basic_verify()\fR checks that the basic response message \fBbs\fR is correctly
signed and that the signer certificate can be validated. It takes \fBst\fR as
the trusted store and \fBcerts\fR as a set of untrusted intermediate certificates.
The function first tries to find the signer certificate of the response
@@ -260,51 +264,51 @@ criteria including potential delegation. If this does not succeed and the
trust for \s-1OCSP\s0 signing in the root \s-1CA\s0 certificate.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
-\&\fIOCSP_resp_find_status()\fR returns 1 if \fBid\fR is found in \fBbs\fR and 0 otherwise.
+\&\fBOCSP_resp_find_status()\fR returns 1 if \fBid\fR is found in \fBbs\fR and 0 otherwise.
.PP
-\&\fIOCSP_resp_count()\fR returns the total number of \fB\s-1OCSP_SINGLERESP\s0\fR fields in
+\&\fBOCSP_resp_count()\fR returns the total number of \fB\s-1OCSP_SINGLERESP\s0\fR fields in
\&\fBbs\fR.
.PP
-\&\fIOCSP_resp_get0()\fR returns a pointer to an \fB\s-1OCSP_SINGLERESP\s0\fR structure or
+\&\fBOCSP_resp_get0()\fR returns a pointer to an \fB\s-1OCSP_SINGLERESP\s0\fR structure or
\&\fB\s-1NULL\s0\fR if \fBidx\fR is out of range.
.PP
-\&\fIOCSP_resp_find()\fR returns the index of \fBid\fR in \fBbs\fR (which may be 0) or \-1 if
+\&\fBOCSP_resp_find()\fR returns the index of \fBid\fR in \fBbs\fR (which may be 0) or \-1 if
\&\fBid\fR was not found.
.PP
-\&\fIOCSP_single_get0_status()\fR returns the status of \fBsingle\fR or \-1 if an error
+\&\fBOCSP_single_get0_status()\fR returns the status of \fBsingle\fR or \-1 if an error
occurred.
.PP
-\&\fIOCSP_resp_get0_signer()\fR returns 1 if the signing certificate was located,
+\&\fBOCSP_resp_get0_signer()\fR returns 1 if the signing certificate was located,
or 0 on error.
.PP
-\&\fIOCSP_basic_verify()\fR returns 1 on success, 0 on error, or \-1 on fatal error such
+\&\fBOCSP_basic_verify()\fR returns 1 on success, 0 on error, or \-1 on fatal error such
as malloc failure.
.SH "NOTES"
.IX Header "NOTES"
-Applications will typically call \fIOCSP_resp_find_status()\fR using the certificate
-\&\s-1ID\s0 of interest and then check its validity using \fIOCSP_check_validity()\fR. They
+Applications will typically call \fBOCSP_resp_find_status()\fR using the certificate
+\&\s-1ID\s0 of interest and then check its validity using \fBOCSP_check_validity()\fR. They
can then take appropriate action based on the status of the certificate.
.PP
An \s-1OCSP\s0 response for a certificate contains \fBthisUpdate\fR and \fBnextUpdate\fR
fields. Normally the current time should be between these two values. To
account for clock skew the \fBmaxsec\fR field can be set to non-zero in
-\&\fIOCSP_check_validity()\fR. Some responders do not set the \fBnextUpdate\fR field, this
+\&\fBOCSP_check_validity()\fR. Some responders do not set the \fBnextUpdate\fR field, this
would otherwise mean an ancient response would be considered valid: the
-\&\fBmaxsec\fR parameter to \fIOCSP_check_validity()\fR can be used to limit the permitted
+\&\fBmaxsec\fR parameter to \fBOCSP_check_validity()\fR can be used to limit the permitted
age of responses.
.PP
The values written to \fB*revtime\fR, \fB*thisupd\fR and \fB*nextupd\fR by
-\&\fIOCSP_resp_find_status()\fR and \fIOCSP_single_get0_status()\fR are internal pointers
+\&\fBOCSP_resp_find_status()\fR and \fBOCSP_single_get0_status()\fR are internal pointers
which \fB\s-1MUST NOT\s0\fR be freed up by the calling application. Any or all of these
parameters can be set to \s-1NULL\s0 if their value is not required.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fIcrypto\fR\|(7),
-\&\fIOCSP_cert_to_id\fR\|(3),
-\&\fIOCSP_request_add1_nonce\fR\|(3),
-\&\fIOCSP_REQUEST_new\fR\|(3),
-\&\fIOCSP_response_status\fR\|(3),
-\&\fIOCSP_sendreq_new\fR\|(3)
+\&\fBcrypto\fR\|(7),
+\&\fBOCSP_cert_to_id\fR\|(3),
+\&\fBOCSP_request_add1_nonce\fR\|(3),
+\&\fBOCSP_REQUEST_new\fR\|(3),
+\&\fBOCSP_response_status\fR\|(3),
+\&\fBOCSP_sendreq_new\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2015\-2018 The OpenSSL Project Authors. All Rights Reserved.
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 22:52:15 +0000