Replumbing: Add include/openssl/core.h, initially with core types

[openssl.git] / doc / man3 / SSL_CTX_set_verify.pod

diff --git a/doc/man3/SSL_CTX_set_verify.pod b/doc/man3/SSL_CTX_set_verify.pod
index 173f006eb65a4b0c2f3deb32930bcce9ba1c2598..7c151a5f69a52d1aeacfa3c04c395dd561ab8517 100644 (file)
--- a/doc/man3/SSL_CTX_set_verify.pod
+++ b/doc/man3/SSL_CTX_set_verify.pod
@@ -7,7 +7,8 @@ SSL_CTX_set_verify, SSL_set_verify,
 SSL_CTX_set_verify_depth, SSL_set_verify_depth,
 SSL_verify_cb,
 SSL_verify_client_post_handshake,
-SSL_set_post_handshake_auth
+SSL_set_post_handshake_auth,
+SSL_CTX_set_post_handshake_auth
 - set peer certificate verification parameters
 
 =head1 SYNOPSIS
@@ -24,6 +25,7 @@ SSL_set_post_handshake_auth
  void SSL_set_verify_depth(SSL *ssl, int depth);
 
  int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
  void SSL_set_post_handshake_auth(SSL *ssl, int val);
 
 =head1 DESCRIPTION
@@ -48,12 +50,12 @@ verification that shall be allowed for B<ctx>.
 SSL_set_verify_depth() sets the maximum B<depth> for the certificate chain
 verification that shall be allowed for B<ssl>.
 
-SSL_set_post_handshake_auth() enables the Post-Handshake Authentication
-extension to be added to the ClientHello such that post-handshake authentication
-can be requested by the server. If B<val> is 0 then the extension is not sent,
-otherwise it is. By default the extension is not sent. A certificate callback
-will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is
-provided at initialization.
+SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the
+Post-Handshake Authentication extension to be added to the ClientHello such that
+post-handshake authentication can be requested by the server. If B<val> is 0
+then the extension is not sent, otherwise it is. By default the extension is not
+sent. A certificate callback will need to be set via
+SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.
 
 SSL_verify_client_post_handshake() causes a CertificateRequest message to be
 sent by a server on the given B<ssl> connection. The SSL_VERIFY_PEER flag must
@@ -184,7 +186,7 @@ Its return value is identical to B<preverify_ok>, so that any verification
 failure will lead to a termination of the TLS/SSL handshake with an
 alert message, if SSL_VERIFY_PEER is set.
 
-After calling SSL_force_post_handshake_auth(), the client will need to add a
+After calling SSL_set_post_handshake_auth(), the client will need to add a
 certificate or certificate callback to its configuration before it can
 successfully authenticate. This must be called before SSL_connect().
 
@@ -348,7 +350,7 @@ and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.
 
 Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
 
-Licensed under the OpenSSL license (the "License").  You may not use
+Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
 in the file LICENSE in the source distribution or at
 L<https://www.openssl.org/source/license.html>.