summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>2020-08-13 13:52:29 +0200
committerDr. David von Oheimb <David.von.Oheimb@siemens.com>2020-08-27 20:08:44 +0200
commit77a9bb83d7d785acddef83ac8d627719f74760cd (patch)
tree6a07a13ff251277f63b761c4e6ceb0d35af7a461 /doc
parentAdd OCSP_PARTIAL_CHAIN to OCSP_basic_verify() (diff)
downloadopenssl-77a9bb83d7d785acddef83ac8d627719f74760cd.tar.xz
openssl-77a9bb83d7d785acddef83ac8d627719f74760cd.zip
X509_add_certs(): Add to doc some warning notes on memory management
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12643)
Diffstat (limited to 'doc')
-rw-r--r--doc/man3/X509_add_cert.pod12
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/man3/X509_add_cert.pod b/doc/man3/X509_add_cert.pod
index 292559e52c..1512d81701 100644
--- a/doc/man3/X509_add_cert.pod
+++ b/doc/man3/X509_add_cert.pod
@@ -19,6 +19,9 @@ X509_add_cert() adds a certificate I<cert> to the given list I<sk>.
X509_add_certs() adds a list of certificate I<certs> to the given list I<sk>.
The I<certs> argument may be NULL, which implies no effect.
+It does not modify the list I<certs> but
+in case the B<X509_ADD_FLAG_UP_REF> flag (described below) is set
+the reference counters of those of its members added to I<sk> are increased.
Both these functions have a I<flags> parameter,
which is used to control details of the operation.
@@ -42,6 +45,15 @@ which is determined using L<X509_self_signed(3)>, are ignored.
Both functions return 1 for success and 0 for failure.
+=head1 NOTES
+
+If X509_add_certs() is used with the flags B<X509_ADD_FLAG_NO_DUP> or
+B<X509_ADD_FLAG_NO_SS> it is advisable to use also B<X509_ADD_FLAG_UP_REF>
+because otherwise likely not for all members of the I<certs> list
+the ownership is transferred to the list of certificates I<sk>.
+
+Care should also be taken in case the I<certs> argument equals I<sk>.
+
=head1 SEE ALSO
L<X509_cmp(3)>