diff options
author | marha <marha@users.sourceforge.net> | 2010-03-29 17:08:02 +0000 |
---|---|---|
committer | marha <marha@users.sourceforge.net> | 2010-03-29 17:08:02 +0000 |
commit | 15272ab4ed1e6250412fccd48200ed9eae59608f (patch) | |
tree | a5996ea67966a778a16565f19dfc2e7c7f49b376 /openssl/doc/crypto/X509_verify_cert.pod | |
parent | 3827301b2ea5a45ac009c3bf9f08586ff40b8506 (diff) | |
download | vcxsrv-15272ab4ed1e6250412fccd48200ed9eae59608f.tar.gz vcxsrv-15272ab4ed1e6250412fccd48200ed9eae59608f.tar.bz2 vcxsrv-15272ab4ed1e6250412fccd48200ed9eae59608f.zip |
Updated to openssl 1.0.0
Diffstat (limited to 'openssl/doc/crypto/X509_verify_cert.pod')
-rw-r--r-- | openssl/doc/crypto/X509_verify_cert.pod | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/openssl/doc/crypto/X509_verify_cert.pod b/openssl/doc/crypto/X509_verify_cert.pod new file mode 100644 index 000000000..5253bdcd7 --- /dev/null +++ b/openssl/doc/crypto/X509_verify_cert.pod @@ -0,0 +1,53 @@ +=pod + +=head1 NAME + +X509_verify_cert - discover and verify X509 certificte chain + +=head1 SYNOPSIS + + #include <openssl/x509.h> + + int X509_verify_cert(X509_STORE_CTX *ctx); + +=head1 DESCRIPTION + +The X509_verify_cert() function attempts to discover and validate a +certificate chain based on parameters in B<ctx>. A complete description of +the process is contained in the L<verify(1)|verify(1)> manual page. + +=head1 RETURN VALUES + +If a complete chain can be built and validated this function returns 1, +otherwise it return zero, in exceptional circumstances it can also +return a negative code. + +If the function fails additional error information can be obtained by +examining B<ctx> using, for example X509_STORE_CTX_get_error(). + +=head1 NOTES + +Applications rarely call this function directly but it is used by +OpenSSL internally for certificate validation, in both the S/MIME and +SSL/TLS code. + +The negative return value from X509_verify_cert() can only occur if no +certificate is set in B<ctx> (due to a programming error) or if a retry +operation is requested during internal lookups (which never happens with +standard lookup methods). It is however recommended that application check +for <= 0 return value on error. + +=head1 BUGS + +This function uses the header B<x509.h> as opposed to most chain verification +functiosn which use B<x509_vfy.h>. + +=head1 SEE ALSO + +L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)> + +=head1 HISTORY + +X509_verify_cert() is available in all versions of SSLeay and OpenSSL. + +=cut |