diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-05-20 08:11:47 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-06-13 15:13:21 +0200 |
| commit | 6d934add347c7d07fbe0e7a0ced1fdc9813ad640 (patch) | |
| tree | 7cf3bd10abe93888830f30d9cb8886156c305dbc /doc/man3 | |
| parent | 0d17c2f4bc81552202dcf359e7552f3a64ecf4f2 (diff) | |
| download | openssl-6d934add347c7d07fbe0e7a0ced1fdc9813ad640.tar.gz | |
Check expected sender not only for signature-protected CMP messages
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11998)
Diffstat (limited to 'doc/man3')
| -rw-r--r-- | doc/man3/OSSL_CMP_CTX_new.pod | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/man3/OSSL_CMP_CTX_new.pod b/doc/man3/OSSL_CMP_CTX_new.pod index b8acf692f8..f8fee277e2 100644 --- a/doc/man3/OSSL_CMP_CTX_new.pod +++ b/doc/man3/OSSL_CMP_CTX_new.pod @@ -391,7 +391,7 @@ as default value for the recipient of CMP requests and as default value for the expected sender of CMP responses. OSSL_CMP_CTX_set1_expected_sender() sets the Distinguished Name (DN) -expected in the sender field of signature-protected response messages. +expected in the sender field of CMP response messages. Defaults to the subject of the pinned server certificate B<-srvcert>, if any. This can be used to make sure that only a particular entity is accepted as CMP message signer, and attackers are not able to use arbitrary certificates |