Merge pull request wolfSSL#7567 from embhorn/gh7564

Fix doc for wolfSSL_CTX_EnableOCSP
jefferyq2 · Jun 9, 2024 · 07fb939 · 07fb939
1 parent f7202c3
commit 07fb939
Showing 1 changed file with 24 additions and 10 deletions.
diff --git a/doc/dox_comments/header_files/ssl.h b/doc/dox_comments/header_files/ssl.h
@@ -10197,7 +10197,7 @@ int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
  \sa wolfSSL_CertManagerSetOCSPOverrideURL
  \sa wolfSSL_CertManagerCheckOCSP
  \sa wolfSSL_CertManagerEnableOCSPStapling
- \sa wolfSSL_ENableOCSP
+ \sa wolfSSL_EnableOCSP
  \sa wolfSSL_DisableOCSP
  \sa wolfSSL_SetOCSP_Cb
 */
@@ -10356,7 +10356,13 @@ int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor);
 int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb);
 
 /*!
- \brief This function enables OCSP certificate verification.
+ \brief This function enables OCSP certificate verification. The value of
+ options if formed by or’ing one or more of the following options:
+ WOLFSSL_OCSP_URL_OVERRIDE - use the override URL instead of the URL in
+ certificates. The override URL is specified using the
+ wolfSSL_CTX_SetOCSP_OverrideURL() function.
+ WOLFSSL_OCSP_CHECKALL - Set all OCSP checks on
+ WOLFSSL_OCSP_NO_NONCE - Set nonce option for creating OCSP requests
 
  \return SSL_SUCCESS returned if the function and subroutines executes
  without errors.
@@ -10611,10 +10617,13 @@ int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb);
  \brief This function sets options to configure behavior of OCSP
  functionality in wolfSSL. The value of options if formed by or’ing
  one or more of the following options:
- WOLFSSL_OCSP_ENABLE - enable OCSP lookups WOLFSSL_OCSP_URL_OVERRIDE -
- use the override URL instead of the URL in certificates. The override URL
- is specified using the wolfSSL_CTX_SetOCSP_OverrideURL() function. This
- function only sets the OCSP options when wolfSSL has been compiled with
+ WOLFSSL_OCSP_URL_OVERRIDE - use the override URL instead of the URL in
+ certificates. The override URL is specified using the
+ wolfSSL_CTX_SetOCSP_OverrideURL() function.
+ WOLFSSL_OCSP_CHECKALL - Set all OCSP checks on
+ WOLFSSL_OCSP_NO_NONCE - Set nonce option for creating OCSP requests
+
+ This function only sets the OCSP options when wolfSSL has been compiled with
  OCSP support (--enable-ocsp, #define HAVE_OCSP).
 
  \return SSL_SUCCESS is returned upon success.
@@ -10627,12 +10636,17 @@ int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb);
 
  _Example_
  \code
- WOLFSSL_CTX* ctx = 0;
- ...
- wolfSSL_CTX_OCSP_set_options(ctx, WOLFSSL_OCSP_ENABLE);
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
+ int options; // initialize to option constant
+ …
+ int ret = wolfSSL_CTX_EnableOCSP(ctx, options);
+ if(ret != SSL_SUCCESS){
+ // OCSP is not enabled
+ }
  \endcode
 
- \sa wolfSSL_CTX_OCSP_set_override_url
+ \sa wolfSSL_CertManagerEnableOCSP
+ \sa wolfSSL_EnableOCSP
 */
 int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX* ctx, int options);