DNS hostname to I<name>, clearing any previously specified hostname.
If I<name> is NULL or the empty string, the list of hostnames is cleared
and hostname checks are not performed on the peer certificate.
-If I<name> is NUL-terminated, I<namelen> may be zero,
+If I<namelen> is zero, I<name> must be NUL-terminated,
otherwise I<namelen> must be set to the length of I<name>.
When a hostname is specified,
X509_VERIFY_PARAM_get0_email() returns the expected RFC822 email address.
X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to
-I<email>. If I<email> is NUL-terminated, I<emaillen> may be zero, otherwise
+I<email>.
+If I<email> is NULL, email checking is disabled. Otherwise,
+if I<emaillen> is zero, I<email> must be NUL-terminated; if I<emaillen> is nonzero,
I<emaillen> must be set to the length of I<email>. When an email address
is specified, certificate verification automatically invokes
L<X509_check_email(3)>.
The caller is responsible for freeing it.
X509_VERIFY_PARAM_set1_ip() sets the expected IP address to I<ip>.
-The I<ip> argument is in binary format, in network byte-order and
+If I<ip> is NULL, IP address checking is disabled. Otherwise,
+the I<ip> argument must be in binary format, in network byte-order and
I<iplen> must be set to 4 for IPv4 and 16 for IPv6. When an IP
address is specified, certificate verification automatically invokes
L<X509_check_ip(3)>.
X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to
-I<ipasc>. The I<ipasc> argument is a NUL-terminal ASCII string:
+I<ipasc>. The I<ipasc> argument must be a NUL-terminated ASCII string:
dotted decimal quad for IPv4 and colon-separated hexadecimal for
IPv6. The condensed "::" notation is supported for IPv6 addresses.
projects / thirdparty / openssl.git / commitdiff
