From: Dr. David von Oheimb Date: Mon, 4 Jan 2021 07:50:42 +0000 (+0100) Subject: X509_STORE_CTX_new.pod and x509_vfy.h.in: rename some params for clarity, improve... X-Git-Tag: openssl-3.0.0-beta1~168 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2576b9c31c66aabd2464a2c404a15421208607eb;p=thirdparty%2Fopenssl.git X509_STORE_CTX_new.pod and x509_vfy.h.in: rename some params for clarity, improve their doc Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13735) --- diff --git a/doc/man3/X509_STORE_CTX_new.pod b/doc/man3/X509_STORE_CTX_new.pod index f2f6a01c448..bedbb2f1996 100644 --- a/doc/man3/X509_STORE_CTX_new.pod +++ b/doc/man3/X509_STORE_CTX_new.pod @@ -24,11 +24,11 @@ X509_STORE_CTX_verify_fn void X509_STORE_CTX_free(X509_STORE_CTX *ctx); int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *trust_store, - X509 *target, STACK_OF(X509) *chain); + X509 *target, STACK_OF(X509) *untrusted); void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); - void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x); + void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *target); STACK_OF(X509) *X509_STORE_CTX_get0_chain(const X509_STORE_CTX *ctx); void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain); void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk); @@ -75,9 +75,9 @@ The trusted certificate store is set to I of type B. This may be NULL because there are no trusted certificates or because they are provided simply as a list using X509_STORE_CTX_set0_trusted_stack(). The certificate to be verified is set to I, -and a list of additional certificates may be provided in I, +and a list of additional certificates may be provided in I, which will be untrusted but may be used to build the chain. -Each of the I, I and I parameters can be NULL. +Each of the I, I and I parameters can be NULL. Yet note that L and L will need a verification target. This can also be set using X509_STORE_CTX_set_cert(). @@ -87,10 +87,10 @@ this can be also set indirectly using X509_STORE_CTX_set0_untrusted(). X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of I to I. This is an alternative way of specifying trusted certificates -instead of using an B. +instead of using an B where its complexity is not needed. X509_STORE_CTX_set_cert() sets the target certificate to be verified in I -to I. +to I. X509_STORE_CTX_set0_verified_chain() sets the validated chain used by I to be I. diff --git a/include/openssl/x509_vfy.h.in b/include/openssl/x509_vfy.h.in index 126c1d658a7..27c5f08c3a4 100644 --- a/include/openssl/x509_vfy.h.in +++ b/include/openssl/x509_vfy.h.in @@ -401,8 +401,8 @@ X509_STORE_CTX *X509_STORE_CTX_new(void); int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); void X509_STORE_CTX_free(X509_STORE_CTX *ctx); -int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, - X509 *target, STACK_OF(X509) *chain); +int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *trust_store, + X509 *target, STACK_OF(X509) *untrusted); void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); @@ -601,9 +601,9 @@ X509_CRL *X509_STORE_CTX_get0_current_crl(const X509_STORE_CTX *ctx); X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(const X509_STORE_CTX *ctx); STACK_OF(X509) *X509_STORE_CTX_get0_chain(const X509_STORE_CTX *ctx); STACK_OF(X509) *X509_STORE_CTX_get1_chain(const X509_STORE_CTX *ctx); -void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x); +void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *target); void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk); -void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk); +void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk); int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,