summaryrefslogtreecommitdiff
path: root/lib/x509
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2016-12-09 11:54:30 +0100
committerNikos Mavrogiannopoulos <nmav@redhat.com>2016-12-09 15:50:24 +0100
commit4e5d29e5584bef402752b57c9b0f822de7ff3670 (patch)
tree9f10e3785226d312e22cf369afe1455c2df750a5 /lib/x509
parent9e47ecc06e8b3ff62f624ac4185e0d074c6177d4 (diff)
downloadgnutls-4e5d29e5584bef402752b57c9b0f822de7ff3670.tar.gz
x509: better documented gnutls_trust_list_flags_t
Diffstat (limited to 'lib/x509')
-rw-r--r--lib/x509/verify-high.c8
-rw-r--r--lib/x509/verify-high2.c6
2 files changed, 8 insertions, 6 deletions
diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
index 96880e7e90..1749d49b10 100644
--- a/lib/x509/verify-high.c
+++ b/lib/x509/verify-high.c
@@ -254,7 +254,7 @@ trust_list_add_compat(gnutls_x509_trust_list_t list,
* @list: The list
* @clist: A list of CAs
* @clist_size: The length of the CA list
- * @flags: should be 0 or an or'ed sequence of %GNUTLS_TL options.
+ * @flags: flags from %gnutls_trust_list_flags_t
*
* This function will add the given certificate authorities
* to the trusted list. The list of CAs must not be deinitialized
@@ -680,7 +680,7 @@ gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t list,
* @list: The list
* @crl_list: A list of CRLs
* @crl_size: The length of the CRL list
- * @flags: if GNUTLS_TL_VERIFY_CRL is given the CRLs will be verified before being added.
+ * @flags: flags from %gnutls_trust_list_flags_t
* @verification_flags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
*
* This function will add the given certificate revocation lists
@@ -693,6 +693,8 @@ gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t list,
* and not added to the list (that assumes that gnutls_x509_trust_list_deinit()
* will be called with all=1).
*
+ * If GNUTLS_TL_VERIFY_CRL is given the CRLs will be verified before being added.
+ *
* Returns: The number of added elements is returned.
*
* Since: 3.0
@@ -929,7 +931,7 @@ int trust_list_get_issuer_by_dn(gnutls_x509_trust_list_t list,
* @list: The list
* @cert: is the certificate to find issuer for
* @issuer: Will hold the issuer if any. Should be treated as constant.
- * @flags: Use zero or %GNUTLS_TL_GET_COPY
+ * @flags: flags from %gnutls_trust_list_flags_t (%GNUTLS_TL_GET_COPY is applicable)
*
* This function will find the issuer of the given certificate.
* If the flag %GNUTLS_TL_GET_COPY is specified a copy of the issuer
diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c
index 971284b30a..fb9f9ce101 100644
--- a/lib/x509/verify-high2.c
+++ b/lib/x509/verify-high2.c
@@ -52,7 +52,7 @@
* @cas: A buffer containing a list of CAs (optional)
* @crls: A buffer containing a list of CRLs (optional)
* @type: The format of the certificates
- * @tl_flags: GNUTLS_TL_*
+ * @tl_flags: flags from %gnutls_trust_list_flags_t
* @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
*
* This function will add the given certificate authorities
@@ -286,7 +286,7 @@ int remove_pkcs11_object_url(gnutls_x509_trust_list_t list, const char *url)
* @ca_file: A file containing a list of CAs (optional)
* @crl_file: A file containing a list of CRLs (optional)
* @type: The format of the certificates
- * @tl_flags: GNUTLS_TL_*
+ * @tl_flags: flags from %gnutls_trust_list_flags_t
* @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
*
* This function will add the given certificate authorities
@@ -420,7 +420,7 @@ int load_dir_certs(const char *dirname,
* @ca_dir: A directory containing the CAs (optional)
* @crl_dir: A directory containing a list of CRLs (optional)
* @type: The format of the certificates
- * @tl_flags: GNUTLS_TL_*
+ * @tl_flags: flags from %gnutls_trust_list_flags_t
* @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
*
* This function will add the given certificate authorities