Update doc/man3/X509_VERIFY_PARAM_set_flags.pod

author Bob Beck <beck@obtuse.com>

Tue, 3 Feb 2026 16:44:09 +0000 (09:44 -0700)

committer Neil Horman <nhorman@openssl.org>

Tue, 24 Feb 2026 14:03:39 +0000 (09:03 -0500)
author Bob Beck <beck@obtuse.com>
Tue, 3 Feb 2026 16:44:09 +0000 (09:44 -0700)
committer Neil Horman <nhorman@openssl.org>
Tue, 24 Feb 2026 14:03:39 +0000 (09:03 -0500)
diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/doc/man3/X509_VERIFY_PARAM_set_flags.pod

index c4477e79f11002aec760a38f0cdf71310367f029..b0c1ff55cee68dc7cf0e0683219d1316af414ecf 100644 (file)
--- a/doc/man3/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
@@ -277,7 +277,9 @@ identifier that can match the peer's certificate on success.  Any
  previous names set via X509_VERIFY_PARAM_set1_ip(),
  X509_VERIFY_PARAM_add1_ip(), X509_VERIFY_PARAM_set1_ip_asc(), or
  X509_VERIFY_PARAM_add1_ip_asc() are retained. No change is made on
-failure. It is a failure if <ip> is NULL or the empty string. When
+failure.
+It is a failure if I<ip> is NULL or the value I<iplen> is neither 4 nor 16 bytes.
+When
  multiple names are configured, the peer is considered verified when
  any name matches.
author	Bob Beck <beck@obtuse.com>
	Tue, 3 Feb 2026 16:44:09 +0000 (09:44 -0700)
committer	Neil Horman <nhorman@openssl.org>
	Tue, 24 Feb 2026 14:03:39 +0000 (09:03 -0500)