mirror of
https://github.com/openssl/openssl.git
synced 2024-12-15 13:03:39 +08:00
DANE documentation typos
Reported-by: Claus Assmann Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
parent
700b4a4ae7
commit
63b658341e
@ -41,7 +41,7 @@ to adjust the supported digest algorithms. This must be done before
|
||||
any SSL handles are created for the context.
|
||||
|
||||
The B<mtype> argument specifies a DANE TLSA matching type and the
|
||||
the B<md> argument specifies the associated digest algorithm handle.
|
||||
B<md> argument specifies the associated digest algorithm handle.
|
||||
The B<ord> argument specifies a strength ordinal. Algorithms with
|
||||
a larger strength ordinal are considered more secure. Strength
|
||||
ordinals are used to implement RFC7671 digest algorithm agility.
|
||||
@ -181,7 +181,7 @@ the lifetime of the SSL connection.
|
||||
}
|
||||
|
||||
ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
|
||||
/* free data as approriate */
|
||||
/* free data as appropriate */
|
||||
|
||||
if (ret < 0)
|
||||
/* handle SSL library internal error */
|
||||
|
@ -35,7 +35,7 @@ that can match the peer's certificate. Any previous names set via
|
||||
SSL_set1_host() or SSL_add1_host() are retained, no change is made
|
||||
if B<name> is NULL or empty. When multiple names are configured,
|
||||
the peer is considered verified when any name matches. This function
|
||||
is required for DANE TLA in the presence of service name indirection
|
||||
is required for DANE TLSA in the presence of service name indirection
|
||||
via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or
|
||||
RFC7673.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user