mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 06:01:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
4e46a7afa8
openssl/doc/man3/X509_load_http.pod
Dr. David von Oheimb 29f178bddf Generalize the HTTP client so far implemented mostly in crypto/ocsp/ocsp_ht.c 
The new client has become an independent libcrpyto module in crypto/http/ and
* can handle any types of requests and responses (ASN.1-encoded and plain)
* does not include potentially busy loops when waiting for responses but
* makes use of a new timeout mechanism integrated with socket-based BIO
* supports the use of HTTP proxies and TLS, including HTTPS over proxies
* supports HTTP redirection via codes 301 and 302 for GET requests
* returns more useful diagnostics in various error situations
Also adapts - and strongly simplifies - hitherto uses of HTTP in crypto/ocsp/,
crypto/x509/x_all.c, apps/lib/apps.c, and apps/{ocsp,s_client,s_server}.c

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/10667)
2020-02-10 16:49:37 +01:00

64 lines
1.9 KiB
Plaintext
Raw Blame History

=pod
=head1 NAME
X509_load_http,
X509_http_nbio,
X509_CRL_load_http,
X509_CRL_http_nbio
- certificate and CRL loading functions
=head1 SYNOPSIS
#include <openssl/x509.h>
X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
#define X509_http_nbio(url)
#define X509_CRL_http_nbio(url)
=head1 DESCRIPTION
X509_load_http() and X509_CRL_load_http() loads a certificate or a CRL,
respectively, in ASN.1 format using HTTP from the given B<url>.
If B<bio> is given and B<rbio> is NULL then this BIO is used instead of an
interal one for connecting, writing the request, and reading the response.
If both B<bio> and B<rbio> are given (which may be memory BIOs, for instance)
then no explicit connection is attempted,
B<bio> is used for writing the request, and B<rbio> for reading the response.
If the B<timeout> parameter is > 0 this indicates the maximum number of seconds
to wait until the transfer is complete.
A value of 0 enables waiting indefinitely,
while a value < 0 immediately leads to a timeout condition.
X509_http_nbio() and X509_CRL_http_nbio() are macros for backward compatibility
that have the same effect as the functions above but with infinite timeout
and without the possiblity to specify custom BIOs.
=head1 RETURN VALUES
On success the function yield the loaded value, else NULL.
Error conditions include connection/transfer timeout, parse errors, etc.
=head1 SEE ALSO
L<OSSL_HTTP_get_asn1(3)>
=head1 HISTORY
X509_load_http() and X509_CRL_load_http() were added in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut
Reference in New Issue View Git Blame Copy Permalink