summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>2020-09-08 15:30:33 +0200
committerDr. David von Oheimb <David.von.Oheimb@siemens.com>2020-09-10 07:40:45 +0200
commitbb30bce22b1f1e0dd6e3e33f28ddb24dc5b285ab (patch)
treebdf0c2e0f5467bf39cd79732a8c6ddfb9893d04e /doc
parentbugfix in ossl_cmp_msg_protect(): set senderKID and extend extraCerts also fo... (diff)
downloadopenssl-bb30bce22b1f1e0dd6e3e33f28ddb24dc5b285ab.tar.xz
openssl-bb30bce22b1f1e0dd6e3e33f28ddb24dc5b285ab.zip
bugfix in apps/cmp.c and cmp_client.c: inconsistencies on retrieving extraCerts in code and doc
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12822)
Diffstat (limited to 'doc')
-rw-r--r--doc/man1/openssl-cmp.pod.in8
-rw-r--r--doc/man3/OSSL_CMP_CTX_new.pod10
2 files changed, 9 insertions, 9 deletions
diff --git a/doc/man1/openssl-cmp.pod.in b/doc/man1/openssl-cmp.pod.in
index 75ee82211d..9389701893 100644
--- a/doc/man1/openssl-cmp.pod.in
+++ b/doc/man1/openssl-cmp.pod.in
@@ -590,13 +590,13 @@ with a signature key."
=item B<-extracertsout> I<filename>
-The file where to save any extra certificates received in the extraCerts field
-of response messages.
+The file where to save all certificates contained in the extraCerts field
+of the last received response message (except for pollRep and PKIConf).
=item B<-cacertsout> I<filename>
-The file where to save any CA certificates received in the caPubs field of
-Initialization Response (IP) messages.
+The file where to save any CA certificates contained in the caPubs field of
+the last received certificate response (i.e., IP, CP, or KUP) message.
=back
diff --git a/doc/man3/OSSL_CMP_CTX_new.pod b/doc/man3/OSSL_CMP_CTX_new.pod
index f619a65d3f..d581556ff1 100644
--- a/doc/man3/OSSL_CMP_CTX_new.pod
+++ b/doc/man3/OSSL_CMP_CTX_new.pod
@@ -617,14 +617,14 @@ OSSL_CMP_CTX_get1_newChain() returns a pointer to a duplicate of the stack of
X.509 certificates computed by OSSL_CMP_certConf_cb() (if this function has
been called) on the last received certificate response message IP/CP/KUP.
-OSSL_CMP_CTX_get1_caPubs() returns a pointer to a duplicate of the stack of
+OSSL_CMP_CTX_get1_caPubs() returns a pointer to a duplicate of the list of
X.509 certificates received in the caPubs field of last received certificate
response message IP/CP/KUP.
-OSSL_CMP_CTX_get1_extraCertsIn() returns a pointer to a duplicate of the stack
-of X.509 certificates received in the last received nonempty extraCerts field.
-Returns an empty stack if no extraCerts have been received in the current
-transaction.
+OSSL_CMP_CTX_get1_extraCertsIn() returns a pointer to a duplicate of the list
+of X.509 certificates contained in the extraCerts field of the last received
+response message (except for pollRep and PKIConf), or
+an empty stack if no extraCerts have been received in the current transaction.
OSSL_CMP_CTX_set1_transactionID() sets the given transaction ID in the given
OSSL_CMP_CTX structure.