Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
OCSP_SENDREQ_NEW(3)		    OpenSSL		   OCSP_SENDREQ_NEW(3)

NAME
       OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free,
       OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header,
       OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio,	OCSP_REQ_CTX_i2d - OCSP
       responder query functions

SYNOPSIS
	#include <openssl/ocsp.h>

	OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io,	const char *path, OCSP_REQUEST *req,
				       int maxline);

	int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);

	void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);

	void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);

	int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
				     const char	*name, const char *value);

	int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);

	OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST	*req);

	int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const char *content_type,
			     const ASN1_ITEM *it, ASN1_VALUE *req);

DESCRIPTION
       The function OCSP_sendreq_new() returns an OCSP_CTX structure using the
       responder io, the URL path path,	the OCSP request req and with a
       response	header maximum line length of maxline. If maxline is zero a
       default value of	4k is used. The	OCSP request req may be	set to NULL
       and provided later if required.

       OCSP_sendreq_nbio() performs nonblocking	I/O on the OCSP	request
       context rctx. When the operation	is complete it returns the response in
       *presp.

       OCSP_REQ_CTX_free() frees up the	OCSP context rctx.

       OCSP_set_max_response_length() sets the maximum response	length for
       rctx to len. If the response exceeds this length	an error occurs. If
       not set a default value of 100k is used.

       OCSP_REQ_CTX_add1_header() adds header name with	value value to the
       context rctx. It	can be called more than	once to	add multiple headers.
       It MUST be called before	any calls to OCSP_sendreq_nbio(). The req
       parameter in the	initial	to OCSP_sendreq_new() call MUST	be set to NULL
       if additional headers are set.

       OCSP_REQ_CTX_set1_req() sets the	OCSP request in	rctx to	req. This
       function	should be called after any calls to
       OCSP_REQ_CTX_add1_header().  OCSP_REQ_CTX_set1_req(rctx,	req) is
       equivalent to the following:

	OCSP_REQ_CTX_i2d(rctx, "application/ocsp-request",
			       ASN1_ITEM_rptr(OCSP_REQUEST), (ASN1_VALUE *)req)

       OCSP_REQ_CTX_i2d() sets the request context rctx	to have	the request
       req, which has the ASN.1	type it.  The content_type, if not NULL, will
       be included in the HTTP request.	 The function should be	called after
       all other headers have already been added.

       OCSP_sendreq_bio() performs an OCSP request using the responder io, the
       URL path	path, and the OCSP request req with a response header maximum
       line length 4k. It waits	indefinitely on	a response.

RETURN VALUES
       OCSP_sendreq_new() returns a valid OCSP_REQ_CTX structure or NULL if an
       error occurred.

       OCSP_sendreq_nbio() returns 1 if	the operation was completed
       successfully, -1	if the operation should	be retried and 0 if an error
       occurred.

       OCSP_REQ_CTX_add1_header(), OCSP_REQ_CTX_set1_req(), and
       OCSP_REQ_CTX_i2d() return 1 for success and 0 for failure.

       OCSP_sendreq_bio() returns the OCSP_RESPONSE structure sent by the
       responder or NULL if an error occurred.

       OCSP_REQ_CTX_free() and OCSP_set_max_response_length() do not return
       values.

NOTES
       These functions only perform a minimal HTTP query to a responder. If an
       application wishes to support more advanced features it should use an
       alternative more	complete HTTP library.

       Currently only HTTP POST	queries	to responders are supported.

       The arguments to	OCSP_sendreq_new() correspond to the components	of the
       URL.  For example if the	responder URL is http://ocsp.com/ocspreq the
       BIO io should be	connected to host ocsp.com on port 80 and path should
       be set to "/ocspreq"

       The headers added with OCSP_REQ_CTX_add1_header() are of	the form
       "name: value" or	just "name" if value is	NULL. So to add	a Host header
       for ocsp.com you	would call:

	OCSP_REQ_CTX_add1_header(ctx, "Host", "ocsp.com");

       If OCSP_sendreq_nbio() indicates	an operation should be retried the
       corresponding BIO can be	examined to determine which operation (read or
       write) should be	retried	and appropriate	action taken (for example a
       select()	call on	the underlying socket).

       OCSP_sendreq_bio() does not support retries and so cannot handle
       nonblocking I/O efficiently. It is retained for compatibility and its
       use in new applications is not recommended.

SEE ALSO
       crypto(7), OCSP_cert_to_id(3), OCSP_request_add1_nonce(3),
       OCSP_REQUEST_new(3), OCSP_resp_find_status(3), OCSP_response_status(3)

COPYRIGHT
       Copyright 2015-2020 The OpenSSL Project Authors.	All Rights Reserved.

       Licensed	under the OpenSSL license (the "License").  You	may not	use
       this file except	in compliance with the License.	 You can obtain	a copy
       in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.

1.1.1o				  2022-05-03		   OCSP_SENDREQ_NEW(3)
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | NOTES | SEE ALSO | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=OCSP_sendreq_new&sektion=3&manpath=FreeBSD+13.1-RELEASE+and+Ports>

home | help