[openssl] openssl-3.0 update

tomas at openssl.org tomas at openssl.org
Thu Jan 20 10:16:37 UTC 2022


The branch openssl-3.0 has been updated
       via  ca048994ae1431965a068b17e1f17afa2345e1f5 (commit)
      from  078439d78d1d1435f0ebaf97819daa38a8c81ad5 (commit)


- Log -----------------------------------------------------------------
commit ca048994ae1431965a068b17e1f17afa2345e1f5
Author: Tobias Nießen <tniessen at tnie.de>
Date:   Mon Jan 17 15:31:39 2022 +0000

    Clarify flags argument of X509_check_ip
    
    Because no supported flag affects the behavior of X509_check_ip, the
    flags argument currently has no effect.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17536)
    
    (cherry picked from commit 2d280fe016a98b57d488f42fd3941bcd61407c5a)

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/X509_check_host.pod | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/man3/X509_check_host.pod b/doc/man3/X509_check_host.pod
index 9002fb22e6..1edf725a51 100644
--- a/doc/man3/X509_check_host.pod
+++ b/doc/man3/X509_check_host.pod
@@ -62,7 +62,8 @@ X509_check_ip() checks if the certificate matches a specified IPv4 or
 IPv6 address.  The B<address> array is in binary format, in network
 byte order.  The length is either 4 (IPv4) or 16 (IPv6).  Only
 explicitly marked addresses in the certificates are considered; IP
-addresses stored in DNS names and Common Names are ignored.
+addresses stored in DNS names and Common Names are ignored. There are
+currently no B<flags> that would affect the behavior of this call.
 
 X509_check_ip_asc() is similar, except that the NUL-terminated
 string B<address> is first converted to the internal representation.


More information about the openssl-commits mailing list