ITS#8753 Improve LDAP_OPT_X_TLS_PEERKEY_HASH documentation further

author Ondřej Kuzník <ondra@mistotebe.net>

Mon, 21 Feb 2022 10:21:04 +0000 (10:21 +0000)

committer Quanah Gibson-Mount <quanah@openldap.org>

Mon, 7 Mar 2022 17:36:52 +0000 (17:36 +0000)
author Ondřej Kuzník <ondra@mistotebe.net>
Mon, 21 Feb 2022 10:21:04 +0000 (10:21 +0000)
committer Quanah Gibson-Mount <quanah@openldap.org>
Mon, 7 Mar 2022 17:36:52 +0000 (17:36 +0000)
diff --git a/doc/man/man3/ldap_get_option.3 b/doc/man/man3/ldap_get_option.3

index 3b7b9dd966e761f2cf97583c20d57ab78d92301f..3477f02c61a0a0a746e0ea0da499089ef49d7259 100644 (file)
--- a/doc/man/man3/ldap_get_option.3
+++ b/doc/man/man3/ldap_get_option.3
@@ -889,7 +889,11 @@ containing the base64 encoding of the expected peer's key or in the format
  .B "<hashalg>:<peerkey hash base64 encoded>"
  where as a TLS session is established, the library will hash the peer's key
  with the provided hash algorithm and compare it with value provided and will
-only allow the session to continue if they match.
+only allow the session to continue if they match. This happens regardless of
+certificate checking strategy. The list of supported
+.B hashalg
+values depends on the crypto library used, check its documentation to get
+a list.
  .SH ERRORS
  On success, the functions return
  .BR LDAP_OPT_SUCCESS ,
author	Ondřej Kuzník <ondra@mistotebe.net>
	Mon, 21 Feb 2022 10:21:04 +0000 (10:21 +0000)
committer	Quanah Gibson-Mount <quanah@openldap.org>
	Mon, 7 Mar 2022 17:36:52 +0000 (17:36 +0000)