]>
Commit | Line | Data |
---|---|---|
238d692c RP |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | SSL_CTX_set_default_ctlog_list_file, SSL_CTX_set_ctlog_list_file - | |
6 | load a Certificate Transparency log list from a file | |
7 | ||
8 | =head1 SYNOPSIS | |
9 | ||
10 | #include <openssl/ssl.h> | |
11 | ||
12 | int SSL_CTX_set_default_ctlog_list_file(SSL_CTX *ctx); | |
13 | int SSL_CTX_set_ctlog_list_file(SSL_CTX *ctx, const char *path); | |
14 | ||
15 | =head1 DESCRIPTION | |
16 | ||
17 | SSL_CTX_set_default_ctlog_list_file() loads a list of Certificate Transparency | |
18 | (CT) logs from the default file location, "ct_log_list.cnf", found in the | |
19 | directory where OpenSSL is installed. | |
20 | ||
21 | SSL_CTX_set_ctlog_list_file() loads a list of CT logs from a given path. | |
22 | ||
23 | The expected format of the log list file is: | |
24 | ||
25 | enabled_logs=foo,bar | |
26 | ||
27 | [foo] | |
28 | description = Log 1 | |
29 | key = <base64-encoded public key here> | |
30 | ||
31 | [bar] | |
32 | description = Log 2 | |
33 | key = <base64-encoded public key here> | |
34 | ||
35 | =head1 NOTES | |
36 | ||
37 | These functions will not clear the existing CT log list - it will be appended | |
38 | to. | |
39 | ||
238d692c RP |
40 | If an error occurs whilst parsing a particular log entry in the file, that log |
41 | entry will be skipped. | |
42 | ||
43 | =head1 RETURN VALUES | |
44 | ||
45 | SSL_CTX_set_default_ctlog_list_file() and SSL_CTX_set_ctlog_list_file() | |
46 | return 1 if the log list is successfully loaded, and 0 if an error occurs. In | |
47 | the case of an error, the log list may have been partially loaded. | |
48 | ||
49 | =head1 SEE ALSO | |
50 | ||
51 | L<ssl(3)>, | |
43341433 | 52 | L<ssl_ct_validation_cb(3)> |
238d692c RP |
53 | |
54 | =cut |