DANE documentation typos

Reported-by: Claus Assmann

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Viktor Dukhovni 2016-01-06 13:48:16 -05:00
parent 700b4a4ae7
commit 63b658341e
2 changed files with 3 additions and 3 deletions

View File

@ -41,7 +41,7 @@ to adjust the supported digest algorithms. This must be done before
any SSL handles are created for the context. any SSL handles are created for the context.
The B<mtype> argument specifies a DANE TLSA matching type and the The B<mtype> argument specifies a DANE TLSA matching type and the
the B<md> argument specifies the associated digest algorithm handle. B<md> argument specifies the associated digest algorithm handle.
The B<ord> argument specifies a strength ordinal. Algorithms with The B<ord> argument specifies a strength ordinal. Algorithms with
a larger strength ordinal are considered more secure. Strength a larger strength ordinal are considered more secure. Strength
ordinals are used to implement RFC7671 digest algorithm agility. ordinals are used to implement RFC7671 digest algorithm agility.
@ -181,7 +181,7 @@ the lifetime of the SSL connection.
} }
ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len); ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
/* free data as approriate */ /* free data as appropriate */
if (ret < 0) if (ret < 0)
/* handle SSL library internal error */ /* handle SSL library internal error */

View File

@ -35,7 +35,7 @@ that can match the peer's certificate. Any previous names set via
SSL_set1_host() or SSL_add1_host() are retained, no change is made SSL_set1_host() or SSL_add1_host() are retained, no change is made
if B<name> is NULL or empty. When multiple names are configured, if B<name> is NULL or empty. When multiple names are configured,
the peer is considered verified when any name matches. This function the peer is considered verified when any name matches. This function
is required for DANE TLA in the presence of service name indirection is required for DANE TLSA in the presence of service name indirection
via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or
RFC7673. RFC7673.