|
@@ -7599,18 +7599,49 @@ int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov,
|
|
|
WOLFSSL_METHOD method = wolfTLSv1_2_client_method();
|
|
|
WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(method);
|
|
|
…
|
|
|
- if(!wolfSSL_CTX_UnloadCAs(ctx)){
|
|
|
+ if(wolfSSL_CTX_UnloadCAs(ctx) != SSL_SUCCESS){
|
|
|
// The function did not unload CAs
|
|
|
}
|
|
|
\endcode
|
|
|
|
|
|
\sa wolfSSL_CertManagerUnloadCAs
|
|
|
\sa LockMutex
|
|
|
- \sa FreeSignerTable
|
|
|
\sa UnlockMutex
|
|
|
*/
|
|
|
int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*);
|
|
|
|
|
|
+
|
|
|
+/*!
|
|
|
+ \ingroup Setup
|
|
|
+
|
|
|
+ \brief This function unloads intermediate certificates added to the CA
|
|
|
+ signer list and frees them.
|
|
|
+
|
|
|
+ \return SSL_SUCCESS returned on successful execution of the function.
|
|
|
+ \return BAD_FUNC_ARG returned if the WOLFSSL_CTX struct is NULL or there
|
|
|
+ are otherwise unpermitted argument values passed in a subroutine.
|
|
|
+ \return BAD_STATE_E returned if the WOLFSSL_CTX has a reference count > 1.
|
|
|
+ \return BAD_MUTEX_E returned if there was a mutex error. The LockMutex()
|
|
|
+ did not return 0.
|
|
|
+
|
|
|
+ \param ctx a pointer to a WOLFSSL_CTX structure, created using
|
|
|
+ wolfSSL_CTX_new().
|
|
|
+
|
|
|
+ _Example_
|
|
|
+ \code
|
|
|
+ WOLFSSL_METHOD method = wolfTLSv1_2_client_method();
|
|
|
+ WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(method);
|
|
|
+ …
|
|
|
+ if(wolfSSL_CTX_UnloadIntermediateCerts(ctx) != NULL){
|
|
|
+ // The function did not unload CAs
|
|
|
+ }
|
|
|
+ \endcode
|
|
|
+
|
|
|
+ \sa wolfSSL_CTX_UnloadCAs
|
|
|
+ \sa wolfSSL_CertManagerUnloadIntermediateCerts
|
|
|
+*/
|
|
|
+int wolfSSL_CTX_UnloadIntermediateCerts(WOLFSSL_CTX* ctx);
|
|
|
+
|
|
|
/*!
|
|
|
\ingroup Setup
|
|
|
|
|
@@ -9551,18 +9582,45 @@ int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
|
|
|
#include <wolfssl/ssl.h>
|
|
|
|
|
|
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(protocol method);
|
|
|
- WOLFSSL_CERT_MANAGER* cm = wolfSSL_CertManagerNew();
|
|
|
+ WOLFSSL_CERT_MANAGER* cm = wolfSSL_CTX_GetCertManager(ctx);
|
|
|
...
|
|
|
- if(wolfSSL_CertManagerUnloadCAs(ctx->cm) != SSL_SUCCESS){
|
|
|
- Failure case.
|
|
|
+ if(wolfSSL_CertManagerUnloadCAs(cm) != SSL_SUCCESS){
|
|
|
+ Failure case.
|
|
|
}
|
|
|
\endcode
|
|
|
|
|
|
- \sa FreeSignerTable
|
|
|
\sa UnlockMutex
|
|
|
*/
|
|
|
int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
|
|
|
|
|
|
+/*!
|
|
|
+ \ingroup CertManager
|
|
|
+ \brief This function unloads intermediate certificates add to the CA
|
|
|
+ signer list.
|
|
|
+
|
|
|
+ \return SSL_SUCCESS returned on successful execution of the function.
|
|
|
+ \return BAD_FUNC_ARG returned if the WOLFSSL_CERT_MANAGER is NULL.
|
|
|
+ \return BAD_MUTEX_E returned if there was a mutex error.
|
|
|
+
|
|
|
+ \param cm a pointer to a WOLFSSL_CERT_MANAGER structure,
|
|
|
+ created using wolfSSL_CertManagerNew().
|
|
|
+
|
|
|
+ _Example_
|
|
|
+ \code
|
|
|
+ #include <wolfssl/ssl.h>
|
|
|
+
|
|
|
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new(protocol method);
|
|
|
+ WOLFSSL_CERT_MANAGER* cm = wolfSSL_CTX_GetCertManager(ctx);
|
|
|
+ ...
|
|
|
+ if(wolfSSL_CertManagerUnloadIntermediateCerts(cm) != SSL_SUCCESS){
|
|
|
+ Failure case.
|
|
|
+ }
|
|
|
+ \endcode
|
|
|
+
|
|
|
+ \sa UnlockMutex
|
|
|
+*/
|
|
|
+int wolfSSL_CertManagerUnloadIntermediateCerts(WOLFSSL_CERT_MANAGER* cm);
|
|
|
+
|
|
|
/*!
|
|
|
\ingroup CertManager
|
|
|
\brief The function will free the Trusted Peer linked list and unlocks
|