[thirdparty/openssl.git] / doc / man3 / OCSP_sendreq_new.pod

=pod

=head1 NAME

OCSP_sendreq_new,
OCSP_sendreq_nbio,
OCSP_sendreq_bio,
OCSP_REQ_CTX_i2d,
OCSP_REQ_CTX_add1_header,
OCSP_REQ_CTX_free,
OCSP_set_max_response_length,
OCSP_REQ_CTX_set1_req
- OCSP responder query functions

=head1 SYNOPSIS

 #include <openssl/ocsp.h>

 OSSL_HTTP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path,
                                     const OCSP_REQUEST *req, int maxline);

 int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx);

 OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req);

Deprecated since OpenSSL 3.0, can be hidden entirely by defining
B<OPENSSL_API_COMPAT> with a suitable version value, see
L<openssl_user_macros(7)>:

 int OCSP_REQ_CTX_i2d(OCSP_REQ_CT *rctx, const ASN1_ITEM *it, ASN1_VALUE *req);
 int OCSP_REQ_CTX_add1_header(OCSP_REQ_CT *rctx,
                              const char *name, const char *value);
 void OCSP_REQ_CTX_free(OSSL_HTTP_REQ_CTX *rctx);
 void OCSP_set_max_response_length(OCSP_REQ_CT *rctx,
                                   unsigned long len);
 int OCSP_REQ_CTX_set1_req(OSSL_HTTP_REQ_CTX *rctx, const OCSP_REQUEST *req);

=head1 DESCRIPTION

These functions perform an OCSP POST request / response transfer over HTTP,
using the HTTP request functions described in L<OSSL_HTTP_REQ_CTX(3)>.

The function OCSP_sendreq_new() builds a complete B<OSSL_HTTP_REQ_CTX>
structure using connection B<BIO> I<io>, the URL path I<path>, the OCSP
request I<req>, and with a response header maximum line length of I<maxline>.
If I<maxline> is zero a default value of 4k is used.
The I<req> may be set to NULL and provided later using OCSP_REQ_CTX_set1_req()
or L<OSSL_HTTP_REQ_CTX_i2d(3)> .

The I<io> and I<path> arguments to OCSP_sendreq_new() correspond to the
components of the URL.
For example if the responder URL is C<http://example.com/ocspreq> the BIO
I<io> should be connected to host C<example.com> on port 80 and I<path>
should be set to C</ocspreq>.

OCSP_sendreq_nbio() performs I/O on the OCSP request context I<rctx>.
When the operation is complete it assigns the response, a pointer to a
B<OCSP_RESPONSE> structure, in I<*presp>.

OCSP_sendreq_bio() is the same as a call to OCSP_sendreq_new() followed by
OCSP_sendreq_nbio() and then OCSP_REQ_CTX_free() in a single call, with a
response header maximum line length 4k. It waits indefinitely on a response.
It does not support setting a timeout or adding headers and is retained
for compatibility; use OCSP_sendreq_nbio() instead.

OCSP_REQ_CTX_i2d(rctx, it, req) is equivalent to the following:

  OSSL_HTTP_REQ_CTX_i2d(rctx, "application/ocsp-request", it, req)

OCSP_REQ_CTX_set1_req(rctx, req) is equivalent to the following:

 OSSL_HTTP_REQ_CTX_i2d(rctx, "application/ocsp-request",
                       ASN1_ITEM_rptr(OCSP_REQUEST), (ASN1_VALUE *)req)

The other deprecated type and functions have been superseded by the
following equivalents:
B<OCSP_REQ_CTX> by L<OSSL_HTTP_REQ_CTX(3)>,
OCSP_REQ_CTX_add1_header() by L<OSSL_HTTP_REQ_CTX_add1_header(3)>,
OCSP_REQ_CTX_free() by L<OSSL_HTTP_REQ_CTX_free(3)>, and
OCSP_set_max_response_length() by
L<OSSL_HTTP_REQ_CTX_set_max_response_length(3)>.

=head1 RETURN VALUES

OCSP_sendreq_new() returns a valid B<OSSL_HTTP_REQ_CTX> structure or NULL
if an error occurred.

OCSP_sendreq_nbio(), OCSP_REQ_CTX_i2d(), and OCSP_REQ_CTX_set1_req()
return 1 for success and 0 for failure.

OCSP_sendreq_bio() returns the B<OCSP_RESPONSE> structure sent by the
responder or NULL if an error occurred.

=head1 SEE ALSO

L<OSSL_HTTP_REQ_CTX(3)>
L<OCSP_cert_to_id(3)>,
L<OCSP_request_add1_nonce(3)>,
L<OCSP_REQUEST_new(3)>,
L<OCSP_resp_find_status(3)>,
L<OCSP_response_status(3)>

=head1 HISTORY

B<OCSP_REQ_CTX>,
OCSP_REQ_CTX_i2d(),
OCSP_REQ_CTX_add1_header(),
OCSP_REQ_CTX_free(),
OCSP_set_max_response_length(),
and OCSP_REQ_CTX_set1_req()
were deprecated in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
797a89a1 DSH	1	=pod
	2
	3	=head1 NAME
	4
2f06c34b RS	5	OCSP_sendreq_new,
2f06c34b RS	6	OCSP_sendreq_nbio,
2f06c34b RS	7	OCSP_sendreq_bio,
2f06c34b RS	8	OCSP_REQ_CTX_i2d,
83b6dc8d RS	9	OCSP_REQ_CTX_add1_header,
	10	OCSP_REQ_CTX_free,
	11	OCSP_set_max_response_length,
2f06c34b RS	12	OCSP_REQ_CTX_set1_req
2f06c34b RS	13	- OCSP responder query functions
797a89a1 DSH	14
	15	=head1 SYNOPSIS
	16
	17	#include <openssl/ocsp.h>
	18
83b6dc8d	19	OSSL_HTTP_REQ_CTX OCSP_sendreq_new(BIO io, const char *path,
c9603dfa	20	const OCSP_REQUEST *req, int maxline);
797a89a1	21
83b6dc8d	22	int OCSP_sendreq_nbio(OCSP_RESPONSE *presp, OSSL_HTTP_REQ_CTX rctx);
797a89a1	23
29f178bd	24	OCSP_RESPONSE OCSP_sendreq_bio(BIO io, const char path, OCSP_REQUEST req);
797a89a1	25
ecef17c3 RS	26	Deprecated since OpenSSL 3.0, can be hidden entirely by defining
	27	B<OPENSSL_API_COMPAT> with a suitable version value, see
	28	L<openssl_user_macros(7)>:
	29
c9603dfa	30	int OCSP_REQ_CTX_i2d(OCSP_REQ_CT rctx, const ASN1_ITEM it, ASN1_VALUE *req);
83b6dc8d RS	31	int OCSP_REQ_CTX_add1_header(OCSP_REQ_CT *rctx,
83b6dc8d RS	32	const char name, const char value);
c9603dfa	33	void OCSP_REQ_CTX_free(OSSL_HTTP_REQ_CTX *rctx);
83b6dc8d RS	34	void OCSP_set_max_response_length(OCSP_REQ_CT *rctx,
83b6dc8d RS	35	unsigned long len);
c9603dfa	36	int OCSP_REQ_CTX_set1_req(OSSL_HTTP_REQ_CTX rctx, const OCSP_REQUEST req);
ecef17c3	37
797a89a1 DSH	38	=head1 DESCRIPTION
797a89a1 DSH	39
c9603dfa DDO	40	These functions perform an OCSP POST request / response transfer over HTTP,
c9603dfa DDO	41	using the HTTP request functions described in L<OSSL_HTTP_REQ_CTX(3)>.
797a89a1	42
83b6dc8d RS	43	The function OCSP_sendreq_new() builds a complete B<OSSL_HTTP_REQ_CTX>
83b6dc8d RS	44	structure using connection B<BIO> I<io>, the URL path I<path>, the OCSP
c9603dfa DDO	45	request I<req>, and with a response header maximum line length of I<maxline>.
	46	If I<maxline> is zero a default value of 4k is used.
	47	The I<req> may be set to NULL and provided later using OCSP_REQ_CTX_set1_req()
	48	or L<OSSL_HTTP_REQ_CTX_i2d(3)> .
797a89a1	49
83b6dc8d RS	50	The I<io> and I<path> arguments to OCSP_sendreq_new() correspond to the
	51	components of the URL.
	52	For example if the responder URL is C<http://example.com/ocspreq> the BIO
	53	I<io> should be connected to host C<example.com> on port 80 and I<path>
	54	should be set to C</ocspreq>.
797a89a1	55
83b6dc8d RS	56	OCSP_sendreq_nbio() performs I/O on the OCSP request context I<rctx>.
	57	When the operation is complete it assigns the response, a pointer to a
	58	B<OCSP_RESPONSE> structure, in I<*presp>.
797a89a1	59
83b6dc8d RS	60	OCSP_sendreq_bio() is the same as a call to OCSP_sendreq_new() followed by
	61	OCSP_sendreq_nbio() and then OCSP_REQ_CTX_free() in a single call, with a
	62	response header maximum line length 4k. It waits indefinitely on a response.
	63	It does not support setting a timeout or adding headers and is retained
	64	for compatibility; use OCSP_sendreq_nbio() instead.
2f06c34b	65
c9603dfa DDO	66	OCSP_REQ_CTX_i2d(rctx, it, req) is equivalent to the following:
	67
	68	OSSL_HTTP_REQ_CTX_i2d(rctx, "application/ocsp-request", it, req)
	69
2f06c34b RS	70	OCSP_REQ_CTX_set1_req(rctx, req) is equivalent to the following:
2f06c34b RS	71
83b6dc8d RS	72	OSSL_HTTP_REQ_CTX_i2d(rctx, "application/ocsp-request",
	73	ASN1_ITEM_rptr(OCSP_REQUEST), (ASN1_VALUE *)req)
	74
	75	The other deprecated type and functions have been superseded by the
	76	following equivalents:
	77	B<OCSP_REQ_CTX> by L<OSSL_HTTP_REQ_CTX(3)>,
83b6dc8d RS	78	OCSP_REQ_CTX_add1_header() by L<OSSL_HTTP_REQ_CTX_add1_header(3)>,
	79	OCSP_REQ_CTX_free() by L<OSSL_HTTP_REQ_CTX_free(3)>, and
	80	OCSP_set_max_response_length() by
	81	L<OSSL_HTTP_REQ_CTX_set_max_response_length(3)>.
ecef17c3	82
797a89a1 DSH	83	=head1 RETURN VALUES
797a89a1 DSH	84
83b6dc8d	85	OCSP_sendreq_new() returns a valid B<OSSL_HTTP_REQ_CTX> structure or NULL
29f178bd	86	if an error occurred.
797a89a1	87
83b6dc8d RS	88	OCSP_sendreq_nbio(), OCSP_REQ_CTX_i2d(), and OCSP_REQ_CTX_set1_req()
83b6dc8d RS	89	return 1 for success and 0 for failure.
797a89a1 DSH	90
797a89a1 DSH	91	OCSP_sendreq_bio() returns the B<OCSP_RESPONSE> structure sent by the
83b6dc8d	92	responder or NULL if an error occurred.
797a89a1 DSH	93
	94	=head1 SEE ALSO
	95
c9603dfa	96	L<OSSL_HTTP_REQ_CTX(3)>
9b86974e RS	97	L<OCSP_cert_to_id(3)>,
	98	L<OCSP_request_add1_nonce(3)>,
	99	L<OCSP_REQUEST_new(3)>,
b97fdb57	100	L<OCSP_resp_find_status(3)>,
9b86974e	101	L<OCSP_response_status(3)>
797a89a1	102
ecef17c3 RS	103	=head1 HISTORY
ecef17c3 RS	104
83b6dc8d RS	105	B<OCSP_REQ_CTX>,
	106	OCSP_REQ_CTX_i2d(),
	107	OCSP_REQ_CTX_add1_header(),
	108	OCSP_REQ_CTX_free(),
	109	OCSP_set_max_response_length(),
	110	and OCSP_REQ_CTX_set1_req()
	111	were deprecated in OpenSSL 3.0.
ecef17c3	112
e2f92610 RS	113	=head1 COPYRIGHT
e2f92610 RS	114
83b6dc8d	115	Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	116
4746f25a	117	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	118	this file except in compliance with the License. You can obtain a copy
	119	in the file LICENSE in the source distribution or at
	120	L<https://www.openssl.org/source/license.html>.
	121
	122	=cut