Extend -show_chain option to verify to show more info

[openssl.git] / doc / crypto / X509_STORE_CTX_new.pod

diff --git a/doc/crypto/X509_STORE_CTX_new.pod b/doc/crypto/X509_STORE_CTX_new.pod
index 7c154572ec5446bd8b7fee779c1ad3a11f3d825d..f8907d7ebb40d4f8421d31a00414a2943efe4770 100644 (file)
--- a/doc/crypto/X509_STORE_CTX_new.pod
+++ b/doc/crypto/X509_STORE_CTX_new.pod
@@ -25,6 +25,8 @@ X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_
  void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
  int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
 
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
 =head1 DESCRIPTION
 
 These functions initialise an B<X509_STORE_CTX> structure for subsequent use
@@ -76,6 +78,9 @@ X509_STORE_CTX_set_default() looks up and sets the default verification
 method to B<name>. This uses the function X509_VERIFY_PARAM_lookup() to
 find an appropriate set of parameters from B<name>.
 
+X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates
+that were used in building the chain following a call to X509_verify_cert().
+
 =head1 NOTES
 
 The certificates and CRLs in a store are used internally and should B<not>
@@ -116,6 +121,9 @@ values.
 
 X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.
 
+X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates
+used.
+
 =head1 SEE ALSO
 
 L<X509_verify_cert(3)|X509_verify_cert(3)>
@@ -124,5 +132,6 @@ L<X509_VERIFY_PARAM_set_flags(3)|X509_VERIFY_PARAM_set_flags(3)>
 =head1 HISTORY
 
 X509_STORE_CTX_set0_crls() was first added to OpenSSL 1.0.0
+X509_STORE_CTX_get_num_untrusted() was first added to OpenSSL 1.1.0
 
 =cut