gnutls_ocsp_status_request_enable_client: documented requirements for parameters

That is, the fact that extensions and responder_id parameters must be
allocated, and are assigned to the session.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

1 files changed, 9 insertions, 3 deletions

diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c
index c7c065e5e4..a1f3521c8b 100644
--- a/lib/ext/status_request.c
+++ b/lib/ext/status_request.c
@@ -266,9 +266,15 @@ _gnutls_status_request_recv_params(gnutls_session_t session,
  *
  * This function is to be used by clients to request OCSP response
  * from the server, using the "status_request" TLS extension.  Only
- * OCSP status type is supported. A typical server has a single
- * OCSP response cached, so @responder_id and @extensions
- * should be null.
+ * OCSP status type is supported.
+ *
+ * The @responder_id array, its containing elements as well as
+ * the data of @extensions, must be allocated using gnutls_malloc(). They
+ * will be deinitialized on session cleanup.
+ *
+ * Due to the difficult semantics of the @responder_id and @extensions
+ * parameters, it is recommended to only call this function with these
+ * parameters set to %NULL.
  *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
  *   otherwise a negative error code is returned.