]>
Commit | Line | Data |
---|---|---|
797a89a1 DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
2f06c34b RS |
5 | OCSP_sendreq_new, |
6 | OCSP_sendreq_nbio, | |
2f06c34b RS |
7 | OCSP_sendreq_bio, |
8 | OCSP_REQ_CTX_i2d, | |
83b6dc8d RS |
9 | OCSP_REQ_CTX_add1_header, |
10 | OCSP_REQ_CTX_free, | |
11 | OCSP_set_max_response_length, | |
2f06c34b RS |
12 | OCSP_REQ_CTX_set1_req |
13 | - OCSP responder query functions | |
797a89a1 DSH |
14 | |
15 | =head1 SYNOPSIS | |
16 | ||
17 | #include <openssl/ocsp.h> | |
18 | ||
83b6dc8d | 19 | OSSL_HTTP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, |
c9603dfa | 20 | const OCSP_REQUEST *req, int maxline); |
797a89a1 | 21 | |
83b6dc8d | 22 | int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx); |
797a89a1 | 23 | |
29f178bd | 24 | OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req); |
797a89a1 | 25 | |
ecef17c3 RS |
26 | Deprecated since OpenSSL 3.0, can be hidden entirely by defining |
27 | B<OPENSSL_API_COMPAT> with a suitable version value, see | |
28 | L<openssl_user_macros(7)>: | |
29 | ||
c9603dfa | 30 | int OCSP_REQ_CTX_i2d(OCSP_REQ_CT *rctx, const ASN1_ITEM *it, ASN1_VALUE *req); |
83b6dc8d RS |
31 | int OCSP_REQ_CTX_add1_header(OCSP_REQ_CT *rctx, |
32 | const char *name, const char *value); | |
c9603dfa | 33 | void OCSP_REQ_CTX_free(OSSL_HTTP_REQ_CTX *rctx); |
83b6dc8d RS |
34 | void OCSP_set_max_response_length(OCSP_REQ_CT *rctx, |
35 | unsigned long len); | |
c9603dfa | 36 | int OCSP_REQ_CTX_set1_req(OSSL_HTTP_REQ_CTX *rctx, const OCSP_REQUEST *req); |
ecef17c3 | 37 | |
797a89a1 DSH |
38 | =head1 DESCRIPTION |
39 | ||
c9603dfa DDO |
40 | These functions perform an OCSP POST request / response transfer over HTTP, |
41 | using the HTTP request functions described in L<OSSL_HTTP_REQ_CTX(3)>. | |
797a89a1 | 42 | |
83b6dc8d RS |
43 | The function OCSP_sendreq_new() builds a complete B<OSSL_HTTP_REQ_CTX> |
44 | structure using connection B<BIO> I<io>, the URL path I<path>, the OCSP | |
c9603dfa DDO |
45 | request I<req>, and with a response header maximum line length of I<maxline>. |
46 | If I<maxline> is zero a default value of 4k is used. | |
47 | The I<req> may be set to NULL and provided later using OCSP_REQ_CTX_set1_req() | |
48 | or L<OSSL_HTTP_REQ_CTX_i2d(3)> . | |
797a89a1 | 49 | |
83b6dc8d RS |
50 | The I<io> and I<path> arguments to OCSP_sendreq_new() correspond to the |
51 | components of the URL. | |
52 | For example if the responder URL is C<http://example.com/ocspreq> the BIO | |
53 | I<io> should be connected to host C<example.com> on port 80 and I<path> | |
54 | should be set to C</ocspreq>. | |
797a89a1 | 55 | |
83b6dc8d RS |
56 | OCSP_sendreq_nbio() performs I/O on the OCSP request context I<rctx>. |
57 | When the operation is complete it assigns the response, a pointer to a | |
58 | B<OCSP_RESPONSE> structure, in I<*presp>. | |
797a89a1 | 59 | |
83b6dc8d RS |
60 | OCSP_sendreq_bio() is the same as a call to OCSP_sendreq_new() followed by |
61 | OCSP_sendreq_nbio() and then OCSP_REQ_CTX_free() in a single call, with a | |
62 | response header maximum line length 4k. It waits indefinitely on a response. | |
63 | It does not support setting a timeout or adding headers and is retained | |
64 | for compatibility; use OCSP_sendreq_nbio() instead. | |
2f06c34b | 65 | |
c9603dfa DDO |
66 | OCSP_REQ_CTX_i2d(rctx, it, req) is equivalent to the following: |
67 | ||
68 | OSSL_HTTP_REQ_CTX_i2d(rctx, "application/ocsp-request", it, req) | |
69 | ||
2f06c34b RS |
70 | OCSP_REQ_CTX_set1_req(rctx, req) is equivalent to the following: |
71 | ||
83b6dc8d RS |
72 | OSSL_HTTP_REQ_CTX_i2d(rctx, "application/ocsp-request", |
73 | ASN1_ITEM_rptr(OCSP_REQUEST), (ASN1_VALUE *)req) | |
74 | ||
75 | The other deprecated type and functions have been superseded by the | |
76 | following equivalents: | |
77 | B<OCSP_REQ_CTX> by L<OSSL_HTTP_REQ_CTX(3)>, | |
83b6dc8d RS |
78 | OCSP_REQ_CTX_add1_header() by L<OSSL_HTTP_REQ_CTX_add1_header(3)>, |
79 | OCSP_REQ_CTX_free() by L<OSSL_HTTP_REQ_CTX_free(3)>, and | |
80 | OCSP_set_max_response_length() by | |
81 | L<OSSL_HTTP_REQ_CTX_set_max_response_length(3)>. | |
ecef17c3 | 82 | |
797a89a1 DSH |
83 | =head1 RETURN VALUES |
84 | ||
83b6dc8d | 85 | OCSP_sendreq_new() returns a valid B<OSSL_HTTP_REQ_CTX> structure or NULL |
29f178bd | 86 | if an error occurred. |
797a89a1 | 87 | |
83b6dc8d RS |
88 | OCSP_sendreq_nbio(), OCSP_REQ_CTX_i2d(), and OCSP_REQ_CTX_set1_req() |
89 | return 1 for success and 0 for failure. | |
797a89a1 DSH |
90 | |
91 | OCSP_sendreq_bio() returns the B<OCSP_RESPONSE> structure sent by the | |
83b6dc8d | 92 | responder or NULL if an error occurred. |
797a89a1 DSH |
93 | |
94 | =head1 SEE ALSO | |
95 | ||
c9603dfa | 96 | L<OSSL_HTTP_REQ_CTX(3)> |
9b86974e RS |
97 | L<OCSP_cert_to_id(3)>, |
98 | L<OCSP_request_add1_nonce(3)>, | |
99 | L<OCSP_REQUEST_new(3)>, | |
b97fdb57 | 100 | L<OCSP_resp_find_status(3)>, |
9b86974e | 101 | L<OCSP_response_status(3)> |
797a89a1 | 102 | |
ecef17c3 RS |
103 | =head1 HISTORY |
104 | ||
83b6dc8d RS |
105 | B<OCSP_REQ_CTX>, |
106 | OCSP_REQ_CTX_i2d(), | |
107 | OCSP_REQ_CTX_add1_header(), | |
108 | OCSP_REQ_CTX_free(), | |
109 | OCSP_set_max_response_length(), | |
110 | and OCSP_REQ_CTX_set1_req() | |
111 | were deprecated in OpenSSL 3.0. | |
ecef17c3 | 112 | |
e2f92610 RS |
113 | =head1 COPYRIGHT |
114 | ||
83b6dc8d | 115 | Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 116 | |
4746f25a | 117 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
118 | this file except in compliance with the License. You can obtain a copy |
119 | in the file LICENSE in the source distribution or at | |
120 | L<https://www.openssl.org/source/license.html>. | |
121 | ||
122 | =cut |