mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

add note about retrieving error stack

Browse Source 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21220)
This commit is contained in:
Vladimír Kotal 2023-06-16 11:22:24 +02:00 committed by Pauli
parent 1a27cc3626
commit a7c54dde51
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/man3/SSL_get_verify_result.pod
View File

@ -22,6 +22,13 @@ of a certificate can fail because of many reasons at the same time. Only
the last verification error that occurred during the processing is available
from SSL_get_verify_result().
Sometimes there can be a sequence of errors leading to the verification
failure as reported by SSL_get_verify_result().
To get the errors, it is necessary to setup a verify callback via
L<SSL_CTX_set_verify(3)> or L<SSL_set_verify(3)> and retrieve the errors
from the error stack there, because once L<SSL_connect(3)> returns,
these errors may no longer be available.
The verification result is part of the established session and is restored
when a session is reused.