Update copyright year

[openssl.git] / doc / man3 / SSL_CTX_set1_verify_cert_store.pod

diff --git a/doc/man3/SSL_CTX_set1_verify_cert_store.pod b/doc/man3/SSL_CTX_set1_verify_cert_store.pod
index bfe8b70af902266517aa656a36701792b9fad2f1..19ea92a905f2abd3f29ed2e2c47edaa5f240b78b 100644 (file)
--- a/doc/man3/SSL_CTX_set1_verify_cert_store.pod
+++ b/doc/man3/SSL_CTX_set1_verify_cert_store.pod
@@ -5,7 +5,9 @@
 SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store,
 SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store,
 SSL_set0_verify_cert_store, SSL_set1_verify_cert_store,
-SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate
+SSL_set0_chain_cert_store, SSL_set1_chain_cert_store,
+SSL_CTX_get0_verify_cert_store, SSL_CTX_get0_chain_cert_store,
+SSL_get0_verify_cert_store, SSL_get0_chain_cert_store - set certificate
 verification or chain store
 
 =head1 SYNOPSIS
@@ -16,11 +18,15 @@ verification or chain store
  int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
  int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
  int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_get0_verify_cert_store(SSL_CTX *ctx, X509_STORE **st);
+ int SSL_CTX_get0_chain_cert_store(SSL_CTX *ctx, X509_STORE **st);
 
  int SSL_set0_verify_cert_store(SSL *ctx, X509_STORE *st);
  int SSL_set1_verify_cert_store(SSL *ctx, X509_STORE *st);
  int SSL_set0_chain_cert_store(SSL *ctx, X509_STORE *st);
  int SSL_set1_chain_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_get0_verify_cert_store(SSL *ctx, X509_STORE **st);
+ int SSL_get0_chain_cert_store(SSL *ctx, X509_STORE **st);
 
 =head1 DESCRIPTION
 
@@ -34,6 +40,11 @@ SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(),
 SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar
 except they apply to SSL structure B<ssl>.
 
+SSL_CTX_get0_verify_chain_store(), SSL_get0_verify_chain_store(),
+SSL_CTX_get0_chain_cert_store() and SSL_get0_chain_cert_store() retrieve the
+objects previously set via the above calls. A pointer to the object (or NULL if
+no such object has been set) is written to B<*st>.
+
 All these functions are implemented as macros. Those containing a B<1>
 increment the reference count of the supplied store so it must
 be freed at some point after the operation. Those containing a B<0> do
@@ -52,6 +63,9 @@ the server's certificate chain and a SSL/TLS server will use it to verify
 any client certificate chain.
 
 The chain store is used to build the certificate chain.
+Details of the chain building and checking process are described in
+L<openssl-verification-options(1)/Certification Path Building> and
+L<openssl-verification-options(1)/Certification Path Validation>.
 
 If the mode B<SSL_MODE_NO_AUTO_CHAIN> is set or a certificate chain is
 configured already (for example using the functions such as
@@ -72,6 +86,7 @@ All these functions return 1 for success and 0 for failure.
 
 =head1 SEE ALSO
 
+L<ssl(7)>,
 L<SSL_CTX_add_extra_chain_cert(3)>
 L<SSL_CTX_set0_chain(3)>
 L<SSL_CTX_set1_chain(3)>
@@ -86,13 +101,13 @@ L<SSL_build_cert_chain(3)>
 
 =head1 HISTORY
 
-These functions were first added to OpenSSL 1.0.2.
+These functions were added in OpenSSL 1.0.2.
 
 =head1 COPYRIGHT
 
-Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2013-2022 The OpenSSL Project Authors. All Rights Reserved.
 
-Licensed under the OpenSSL license (the "License").  You may not use
+Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
 in the file LICENSE in the source distribution or at
 L<https://www.openssl.org/source/license.html>.