Sortix nightly manual
This manual documents Sortix nightly, a development build that has not been officially released. You can instead view this document in the latest official manual.
| X509_STORE_LOAD_LOCATIONS(3) | Library Functions Manual | X509_STORE_LOAD_LOCATIONS(3) | 
NAME
X509_STORE_load_locations,
    X509_STORE_set_default_paths,
    X509_STORE_load_mem,
    X509_STORE_add_lookup —
    configure files and directories used by a certificate
    store
SYNOPSIS
#include
    <openssl/x509_vfy.h>
int
  
  X509_STORE_load_locations(X509_STORE
    *store, const char *file, const
    char *dirs);
int
  
  X509_STORE_set_default_paths(X509_STORE
    *store);
int
  
  X509_STORE_load_mem(X509_STORE
    *store, void *buffer, int
    length);
X509_LOOKUP *
  
  X509_STORE_add_lookup(X509_STORE
    *store, const X509_LOOKUP_METHOD *method);
DESCRIPTION
X509_STORE_load_locations()
    instructs the store to use the PEM
    file and all the PEM files in the directories
    contained in the colon-separated list dirs for looking
    up certificates, in addition to files and directories that are already
    configured. The certificates in the directories must be in hashed form, as
    documented in
    X509_LOOKUP_hash_dir(3).
    Directories already in use are not added again. If
    NULL is passed for file or
    dirs, no new file or no new directories are added,
    respectively.
X509_STORE_load_locations()
    is identical to
    SSL_CTX_load_verify_locations(3)
    except that it operates directly on an X509_STORE
    object, rather than on the store used by an SSL context. See that manual
    page for more information.
X509_STORE_set_default_paths()
    is similar except that it instructs the store to use
    the default PEM file and directory (as documented in
    FILES) in addition to what is already
    configured. It ignores errors that occur while trying to load the file or to
    add the directory, but it may still fail for other reasons, for example when
    out of memory while trying to allocate the required
    X509_LOOKUP objects.
X509_STORE_set_default_paths()
    is identical to
    SSL_CTX_set_default_verify_paths(3)
    except that it operates directly on an X509_STORE
    object, rather than on the store used by an SSL context. See that manual
    page for more information.
The above functions are wrappers around X509_LOOKUP_load_file(3) and X509_LOOKUP_add_dir(3).
X509_STORE_load_mem()
    instructs the store to use the certificates contained
    in the memory buffer of the given
    length for certificate lookup. It is a wrapper around
    X509_LOOKUP_add_mem(3).
X509_STORE_add_lookup()
    checks whether the store already contains an
    X509_LOOKUP object using the given
    method; if it does, the existing object is returned
    and no other action occurs. Otherwise, a new
    X509_LOOKUP object is allocated, added, and returned.
    This function is used internally by all the functions listed above.
RETURN VALUES
X509_STORE_load_locations() returns 1 if
    all files and directories specified were successfully added. It returns 0
    for failure. That can happen if adding the file failed, if adding any of the
    directories failed, or if both arguments were
  NULL.
X509_STORE_set_default_paths() returns 0
    for some error conditions and 1 otherwise, not just for success, but also
    for various cases of failure.
X509_STORE_load_mem() returns 1 for
    success or 0 for failure. In particular, parse errors or lack of memory can
    cause failure.
X509_STORE_add_lookup() returns the
    existing or new lookup object or NULL on failure.
    This is an internal pointer that must not be freed. With LibreSSL, the only
    reason for failure is lack of memory.
FILES
- /etc/ssl/cert.pem
- default PEM file for
      X509_STORE_set_default_paths()
- /etc/ssl/certs/
- default directory for
      X509_STORE_set_default_paths()
SEE ALSO
SSL_CTX_load_verify_locations(3), X509_load_cert_file(3), X509_LOOKUP_hash_dir(3), X509_LOOKUP_new(3), X509_STORE_new(3), X509_STORE_set1_param(3), X509_STORE_set_verify_cb(3)
HISTORY
X509_STORE_load_locations(),
    X509_STORE_set_default_paths(), and
    X509_STORE_add_lookup() first appeared in SSLeay
    0.8.0 and have been available since OpenBSD 2.4.
X509_STORE_load_mem() first appeared in
    OpenBSD 5.7.
BUGS
By the time that adding a directory is found to have failed, the file and some other directories may already have been successfully loaded, so these functions may change the state of the store even when they fail.
X509_STORE_set_default_paths() clears the
    error queue, deleting even error information that was already present when
    it was called.
| Sepember 2, 2024 | Sortix 1.1.0-dev | 
