mirror of
https://github.com/openssl/openssl.git
synced 2024-12-27 06:21:43 +08:00
29f178bddf
The new client has become an independent libcrpyto module in crypto/http/ and * can handle any types of requests and responses (ASN.1-encoded and plain) * does not include potentially busy loops when waiting for responses but * makes use of a new timeout mechanism integrated with socket-based BIO * supports the use of HTTP proxies and TLS, including HTTPS over proxies * supports HTTP redirection via codes 301 and 302 for GET requests * returns more useful diagnostics in various error situations Also adapts - and strongly simplifies - hitherto uses of HTTP in crypto/ocsp/, crypto/x509/x_all.c, apps/lib/apps.c, and apps/{ocsp,s_client,s_server}.c Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/10667)
64 lines
1.9 KiB
Plaintext
64 lines
1.9 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
X509_load_http,
|
|
X509_http_nbio,
|
|
X509_CRL_load_http,
|
|
X509_CRL_http_nbio
|
|
- certificate and CRL loading functions
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/x509.h>
|
|
|
|
X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
|
|
X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
|
|
|
|
#define X509_http_nbio(url)
|
|
#define X509_CRL_http_nbio(url)
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
X509_load_http() and X509_CRL_load_http() loads a certificate or a CRL,
|
|
respectively, in ASN.1 format using HTTP from the given B<url>.
|
|
|
|
If B<bio> is given and B<rbio> is NULL then this BIO is used instead of an
|
|
interal one for connecting, writing the request, and reading the response.
|
|
If both B<bio> and B<rbio> are given (which may be memory BIOs, for instance)
|
|
then no explicit connection is attempted,
|
|
B<bio> is used for writing the request, and B<rbio> for reading the response.
|
|
|
|
If the B<timeout> parameter is > 0 this indicates the maximum number of seconds
|
|
to wait until the transfer is complete.
|
|
A value of 0 enables waiting indefinitely,
|
|
while a value < 0 immediately leads to a timeout condition.
|
|
|
|
X509_http_nbio() and X509_CRL_http_nbio() are macros for backward compatibility
|
|
that have the same effect as the functions above but with infinite timeout
|
|
and without the possiblity to specify custom BIOs.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
On success the function yield the loaded value, else NULL.
|
|
Error conditions include connection/transfer timeout, parse errors, etc.
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<OSSL_HTTP_get_asn1(3)>
|
|
|
|
=head1 HISTORY
|
|
|
|
X509_load_http() and X509_CRL_load_http() were added in OpenSSL 3.0.
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|