Current Path : /usr/opt/openssl11/share/doc/openssl/html/man3/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
Current File : //usr/opt/openssl11/share/doc/openssl/html/man3/OCSP_REQ_CTX_set1_req.html |
<?xml version="1.0" ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>OCSP_sendreq_new</title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <link rev="made" href="mailto:root@hsxx.drive.ne.jp" /> </head> <body style="background-color: white"> <!-- INDEX BEGIN --> <div name="index"> <p><a name="__index__"></a></p> <ul> <li><a href="#name">NAME</a></li> <li><a href="#synopsis">SYNOPSIS</a></li> <li><a href="#description">DESCRIPTION</a></li> <li><a href="#return_values">RETURN VALUES</a></li> <li><a href="#notes">NOTES</a></li> <li><a href="#see_also">SEE ALSO</a></li> <li><a href="#copyright">COPYRIGHT</a></li> </ul> <hr name="index" /> </div> <!-- INDEX END --> <p> </p> <hr /> <h1><a name="name">NAME</a></h1> <p>OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio, OCSP_REQ_CTX_i2d - OCSP responder query functions</p> <p> </p> <hr /> <h1><a name="synopsis">SYNOPSIS</a></h1> <pre> #include <openssl/ocsp.h></pre> <pre> OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req, int maxline);</pre> <pre> int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);</pre> <pre> void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);</pre> <pre> void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);</pre> <pre> int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx, const char *name, const char *value);</pre> <pre> int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);</pre> <pre> OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req);</pre> <pre> int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const char *content_type, const ASN1_ITEM *it, ASN1_VALUE *req);</pre> <p> </p> <hr /> <h1><a name="description">DESCRIPTION</a></h1> <p>The function <code>OCSP_sendreq_new()</code> returns an <strong>OCSP_CTX</strong> structure using the responder <strong>io</strong>, the URL path <strong>path</strong>, the OCSP request <strong>req</strong> and with a response header maximum line length of <strong>maxline</strong>. If <strong>maxline</strong> is zero a default value of 4k is used. The OCSP request <strong>req</strong> may be set to <strong>NULL</strong> and provided later if required.</p> <p><code>OCSP_sendreq_nbio()</code> performs nonblocking I/O on the OCSP request context <strong>rctx</strong>. When the operation is complete it returns the response in <strong>*presp</strong>.</p> <p><code>OCSP_REQ_CTX_free()</code> frees up the OCSP context <strong>rctx</strong>.</p> <p><code>OCSP_set_max_response_length()</code> sets the maximum response length for <strong>rctx</strong> to <strong>len</strong>. If the response exceeds this length an error occurs. If not set a default value of 100k is used.</p> <p>OCSP_REQ_CTX_add1_header() adds header <strong>name</strong> with value <strong>value</strong> to the context <strong>rctx</strong>. It can be called more than once to add multiple headers. It <strong>MUST</strong> be called before any calls to <code>OCSP_sendreq_nbio()</code>. The <strong>req</strong> parameter in the initial to <code>OCSP_sendreq_new()</code> call MUST be set to <strong>NULL</strong> if additional headers are set.</p> <p>OCSP_REQ_CTX_set1_req() sets the OCSP request in <strong>rctx</strong> to <strong>req</strong>. This function should be called after any calls to OCSP_REQ_CTX_add1_header(). OCSP_REQ_CTX_set1_req(rctx, req) is equivalent to the following:</p> <pre> OCSP_REQ_CTX_i2d(rctx, "application/ocsp-request", ASN1_ITEM_rptr(OCSP_REQUEST), (ASN1_VALUE *)req)</pre> <p>OCSP_REQ_CTX_i2d() sets the request context <strong>rctx</strong> to have the request <strong>req</strong>, which has the ASN.1 type <strong>it</strong>. The <strong>content_type</strong>, if not NULL, will be included in the HTTP request. The function should be called after all other headers have already been added.</p> <p><code>OCSP_sendreq_bio()</code> performs an OCSP request using the responder <strong>io</strong>, the URL path <strong>path</strong>, and the OCSP request <strong>req</strong> with a response header maximum line length 4k. It waits indefinitely on a response.</p> <p> </p> <hr /> <h1><a name="return_values">RETURN VALUES</a></h1> <p><code>OCSP_sendreq_new()</code> returns a valid <strong>OCSP_REQ_CTX</strong> structure or <strong>NULL</strong> if an error occurred.</p> <p><code>OCSP_sendreq_nbio()</code> returns <strong>1</strong> if the operation was completed successfully, <strong>-1</strong> if the operation should be retried and <strong>0</strong> if an error occurred.</p> <p>OCSP_REQ_CTX_add1_header(), OCSP_REQ_CTX_set1_req(), and OCSP_REQ_CTX_i2d() return <strong>1</strong> for success and <strong>0</strong> for failure.</p> <p><code>OCSP_sendreq_bio()</code> returns the <strong>OCSP_RESPONSE</strong> structure sent by the responder or <strong>NULL</strong> if an error occurred.</p> <p><code>OCSP_REQ_CTX_free()</code> and <code>OCSP_set_max_response_length()</code> do not return values.</p> <p> </p> <hr /> <h1><a name="notes">NOTES</a></h1> <p>These functions only perform a minimal HTTP query to a responder. If an application wishes to support more advanced features it should use an alternative more complete HTTP library.</p> <p>Currently only HTTP POST queries to responders are supported.</p> <p>The arguments to <code>OCSP_sendreq_new()</code> correspond to the components of the URL. For example if the responder URL is <strong><a href="http://ocsp.com/ocspreq">http://ocsp.com/ocspreq</a></strong> the BIO <strong>io</strong> should be connected to host <strong>ocsp.com</strong> on port 80 and <strong>path</strong> should be set to <strong>"/ocspreq"</strong></p> <p>The headers added with OCSP_REQ_CTX_add1_header() are of the form "<strong>name</strong>: <strong>value</strong>" or just "<strong>name</strong>" if <strong>value</strong> is <strong>NULL</strong>. So to add a Host header for <strong>ocsp.com</strong> you would call:</p> <pre> OCSP_REQ_CTX_add1_header(ctx, "Host", "ocsp.com");</pre> <p>If <code>OCSP_sendreq_nbio()</code> indicates an operation should be retried the corresponding BIO can be examined to determine which operation (read or write) should be retried and appropriate action taken (for example a <code>select()</code> call on the underlying socket).</p> <p><code>OCSP_sendreq_bio()</code> does not support retries and so cannot handle nonblocking I/O efficiently. It is retained for compatibility and its use in new applications is not recommended.</p> <p> </p> <hr /> <h1><a name="see_also">SEE ALSO</a></h1> <p><em>crypto(7)</em>, <em>OCSP_cert_to_id(3)</em>, <em>OCSP_request_add1_nonce(3)</em>, <em>OCSP_REQUEST_new(3)</em>, <em>OCSP_resp_find_status(3)</em>, <em>OCSP_response_status(3)</em></p> <p> </p> <hr /> <h1><a name="copyright">COPYRIGHT</a></h1> <p>Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.</p> <p>Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p> </body> </html>