xref: /openssl/doc/man3/X509_load_http.pod (revision e647220c) 
1=pod
2
3=head1 NAME
4
5X509_load_http,
6X509_http_nbio,
7X509_CRL_load_http,
8X509_CRL_http_nbio
9- certificate and CRL loading functions
10
11=head1 SYNOPSIS
12
13 #include <openssl/x509.h>
14
15 X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
16 X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
17
18The following macros have been deprecated since OpenSSL 3.0, and can be
19hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
20see L<openssl_user_macros(7)>:
21
22 #define X509_http_nbio(rctx, pcert)
23 #define X509_CRL_http_nbio(rctx, pcrl)
24
25=head1 DESCRIPTION
26
27X509_load_http() and X509_CRL_load_http() loads a certificate or a CRL,
28respectively, in ASN.1 format using HTTP from the given B<url>.
29
30Maximum size of the HTTP response is 100 kB for certificates and 32 MB for CRLs
31and hard coded in the functions.
32
33If B<bio> is given and B<rbio> is NULL then this BIO is used instead of an
34internal one for connecting, writing the request, and reading the response.
35If both B<bio> and B<rbio> are given (which may be memory BIOs, for instance)
36then no explicit connection is attempted,
37B<bio> is used for writing the request, and B<rbio> for reading the response.
38
39If the B<timeout> parameter is > 0 this indicates the maximum number of seconds
40to wait until the transfer is complete.
41A value of 0 enables waiting indefinitely,
42while a value < 0 immediately leads to a timeout condition.
43
44X509_http_nbio() and X509_CRL_http_nbio() are macros for backward compatibility
45that have the same effect as the functions above but with infinite timeout
46and without the possibility to specify custom BIOs.
47
48=head1 RETURN VALUES
49
50On success the function yield the loaded value, else NULL.
51Error conditions include connection/transfer timeout, parse errors, etc.
52
53=head1 SEE ALSO
54
55L<OSSL_HTTP_get(3)>
56
57=head1 HISTORY
58
59X509_load_http() and X509_CRL_load_http() were added in OpenSSL 3.0.
60X509_http_nbio() and X509_CRL_http_nbio() were deprecated in OpenSSL 3.0.
61
62=head1 COPYRIGHT
63
64Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
65
66Licensed under the Apache License 2.0 (the "License").  You may not use
67this file except in compliance with the License.  You can obtain a copy
68in the file LICENSE in the source distribution or at
69L<https://www.openssl.org/source/license.html>.
70
71=cut
72