diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2005-11-12 10:59:28 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2005-11-12 10:59:28 +0000 |
commit | cff195d20e61558aee7d8345a51163101f48481d (patch) | |
tree | f8d661538225508f2e2256a421530acea06ccbba | |
parent | c0cb612b15b7d39452a7a6dd4e0b0625248c9608 (diff) | |
download | gnutls-cff195d20e61558aee7d8345a51163101f48481d.tar.gz |
some documentation updates.
-rw-r--r-- | doc/gnutls.texi | 16 | ||||
-rw-r--r-- | lib/gnutls_state.c | 2 | ||||
-rw-r--r-- | lib/gnutls_x509.c | 4 | ||||
-rw-r--r-- | src/certtool.gaa | 2 |
4 files changed, 16 insertions, 8 deletions
diff --git a/doc/gnutls.texi b/doc/gnutls.texi index 19b6f0daff..c711c6ed28 100644 --- a/doc/gnutls.texi +++ b/doc/gnutls.texi @@ -671,10 +671,18 @@ may request a certificate from the client --- using the @ref{gnutls_certificate_server_set_request} function. If a certificate is to be requested from the client during the handshake, the server will send a certificate request message that contains a -list of acceptable certificate signers. The client may then send a -certificate, signed by one of the server's acceptable signers. In -@acronym{GnuTLS} the server's acceptable signers list is constructed -using the trusted CA certificates in the credentials structure. +list of acceptable certificate signers. In @acronym{GnuTLS} the certificate +signers list is constructed using the trusted Certificate Authorities by the +server. That is the ones set using +@itemize +@item @ref{gnutls_certificate_set_x509_trust_file} +@item @ref{gnutls_certificate_set_x509_trust_mem} +@end itemize + +Sending of the names of the CAs can be controlled using +@ref{gnutls_certificate_send_x509_rdn_sequence}. The client, then, +may send a certificate, signed by one of the server's acceptable +signers. @subsection Resuming Sessions @anchor{resume} diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 774c5a2805..b8c258de9d 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -615,7 +615,7 @@ gnutls_openpgp_send_key (gnutls_session_t session, } /** - * gnutls_certificate_send_x509_rdn_sequence - This function will order gnutls to or not to send the x.509 rdn sequence + * gnutls_certificate_send_x509_rdn_sequence - This function will order gnutls to send or not the x.509 rdn sequence * @session: is a pointer to a #gnutls_session_t structure. * @status: is 0 or 1 * diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index f7e0222937..7c78a6e630 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -1466,8 +1466,8 @@ gnutls_certificate_set_x509_trust (gnutls_certificate_credentials_t res, * gnutls_certificate_verify_peers2(). * This function may be called multiple times. * - * In case of a server the CAs set here will be sent to the client if - * a certificate request is sent. This can be disabled using + * In case of a server the names of the CAs set here will be sent to the + * client if a certificate request is sent. This can be disabled using * gnutls_certificate_send_x509_rdn_sequence(). * * Returns the number of certificates processed or a negative diff --git a/src/certtool.gaa b/src/certtool.gaa index 78003ba01b..5131c49e7b 100644 --- a/src/certtool.gaa +++ b/src/certtool.gaa @@ -97,7 +97,7 @@ option (bits) INT "BITS" { $bits = $1 } "specify the number of bits for key gene option (outfile) STR "FILE" { $outfile = $1 } "Output file." #char *infile; -option (infile) STR "FILE" { $infile = $1 } "Output file." +option (infile) STR "FILE" { $infile = $1 } "Input file." #char *template; option (template) STR "FILE" { $template = $1 } "Template file to use for non interactive operation." |