ag/cpython-source-deps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Import OpenSSL 1.1.0f

Browse Source
This commit is contained in:
Steve Dower
2017-09-07 16:27:43 -07:00
committed by Steve Dower
parent ccd3ab4aff
commit f4b81cb7c9
3340 changed files with 325158 additions and 557542 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
doc/ssl/SSL_CTX_set_cert_cb.pod
View File

@@ -15,10 +15,10 @@ SSL_CTX_set_cert_cb, SSL_set_cert_cb - handle certificate callback function
=head1 DESCRIPTION
SSL_CTX_set_cert_cb() and SSL_set_cert_cb() sets the B<cert_cb()> callback,
SSL_CTX_set_cert_cb() and SSL_set_cert_cb() sets the cert_cb() callback,
B<arg> value is pointer which is passed to the application callback.
When B<cert_cb()> is NULL, no callback function is used.
When cert_cb() is NULL, no callback function is used.
cert_cb() is the application defined callback. It is called before a
certificate will be used by a client or server. The callback can then inspect
@@ -27,7 +27,7 @@ the callback is successful it B<MUST> return 1 even if no certificates have
been set. A zero is returned on error which will abort the handshake with a
fatal internal error alert. A negative return value will suspend the handshake
and the handshake function will return immediately.
L<SSL_get_error(3)|SSL_get_error(3)> will return SSL_ERROR_WANT_X509_LOOKUP to
L<SSL_get_error(3)> will return SSL_ERROR_WANT_X509_LOOKUP to
indicate, that the handshake was suspended. The next call to the handshake
function will again lead to the call of cert_cb(). It is the job of the
cert_cb() to store information about the state of the last call,
@@ -43,7 +43,7 @@ SSL_add1_chain_cert().
It might also call SSL_certs_clear() to delete any certificates associated
with the B<SSL> object.
The certificate callback functionality supercedes the (largely broken)
The certificate callback functionality supersedes the (largely broken)
functionality provided by the old client certificate callback interface.
It is B<always> called even is a certificate is already set so the callback
can modify or delete the existing certificate.
@@ -60,9 +60,18 @@ support it will B<not> be used.
=head1 SEE ALSO
L<ssl(3)|ssl(3)>, L<SSL_use_certificate(3)|SSL_use_certificate(3)>,
L<SSL_add1_chain_cert(3)|SSL_add1_chain_cert(3)>,
L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
L<ssl(3)>, L<SSL_use_certificate(3)>,
L<SSL_add1_chain_cert(3)>,
L<SSL_get_client_CA_list(3)>,
L<SSL_clear(3)>, L<SSL_free(3)>
=head1 COPYRIGHT
Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut