diff options
Diffstat (limited to 'upstream/debian-unstable/man3/SSL_CTX_dane_enable.3ssl')
| -rw-r--r-- | upstream/debian-unstable/man3/SSL_CTX_dane_enable.3ssl | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/upstream/debian-unstable/man3/SSL_CTX_dane_enable.3ssl b/upstream/debian-unstable/man3/SSL_CTX_dane_enable.3ssl index b14eb2a1..41e4447b 100644 --- a/upstream/debian-unstable/man3/SSL_CTX_dane_enable.3ssl +++ b/upstream/debian-unstable/man3/SSL_CTX_dane_enable.3ssl @@ -55,7 +55,7 @@ .\" ======================================================================== .\" .IX Title "SSL_CTX_DANE_ENABLE 3SSL" -.TH SSL_CTX_DANE_ENABLE 3SSL 2024-02-03 3.1.5 OpenSSL +.TH SSL_CTX_DANE_ENABLE 3SSL 2024-04-04 3.2.2-dev OpenSSL .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -364,10 +364,13 @@ the lifetime of the SSL connection. \& int depth = SSL_get0_dane_authority(ssl, NULL, &mspki); \& if (depth >= 0) { \& (void) SSL_get0_dane_tlsa(ssl, &usage, &selector, &mtype, NULL, NULL); -\& printf("DANE TLSA %d %d %d %s at depth %d\en", usage, selector, mtype, -\& (mspki != NULL) ? "TA public key verified certificate" : -\& depth ? "matched TA certificate" : "matched EE certificate", -\& depth); +\& printf("DANE TLSA %d %d %d ", usage, selector, mtype); +\& if (SSL_get0_peer_rpk(ssl) == NULL) +\& printf("%s certificate at depth %d\en", +\& (mspki != NULL) ? "signed the peer" : +\& mdpth ? "matched the TA" : "matched the EE", mdpth); +\& else +\& printf(bio, "matched the peer raw public key\en"); \& } \& if (peername != NULL) { \& /* Name checks were in scope and matched the peername */ @@ -428,7 +431,7 @@ or unsupported parameters) disable peer authentication by calling These functions were added in OpenSSL 1.1.0. .SH COPYRIGHT .IX Header "COPYRIGHT" -Copyright 2016\-2021 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016\-2023 The OpenSSL Project Authors. All Rights Reserved. .PP Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |