GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
X509_POLICY_TREE_GET0_POLICIES(3) FreeBSD Library Functions Manual X509_POLICY_TREE_GET0_POLICIES(3)

X509_policy_tree_get0_policies, X509_policy_tree_get0_user_policies
retrieve arrays of policy tree nodes

#include <openssl/x509_vfy.h>

STACK_OF(X509_POLICY_NODE) *
X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree);

STACK_OF(X509_POLICY_NODE) *
X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree);

The authority set and the user set are arrays of nodes from a policy tree.

If the last level of a tree, or equivalently, all levels of it, contain an anyPolicy node, the authority set contains only this anyPolicy node from the last level. Unless the array of policy_oids passed to X509_policy_check(3) contained an anyPolicy object, the user set contains one node for each of the policy_oids; specifically, the first matching node that is a child of an anyPolicy node.

If the last level of the tree does not contain an anyPolicy node, the authority set contains all non-anyPolicy nodes that are children of anyPolicy nodes. For each element of the policy_oids, the user set contains the first node from the authority set matching it, if any.

These functions are intended to be called after X509_policy_check(3) was called either directly or indirectly through X509_verify_cert(3).

X509_policy_tree_get0_policies() returns an internal pointer to the authority set or NULL if the tree argument is NULL.

X509_policy_tree_get0_user_policies() returns an internal pointer to the user set or NULL if the tree argument is NULL or if the array of policy_oids passed to X509_policy_check(3) was empty or contained an anyPolicy object.

STACK_OF(3), X509_policy_check(3), X509_policy_level_get0_node(3), X509_STORE_CTX_get0_policy_tree(3)

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, section 6.1: Basic Path Validation

These function first appeared in OpenSSL 0.9.8 and have been available since OpenBSD 4.5.
November 11, 2021 FreeBSD 13.1-RELEASE
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.