On Mon, Jun 21, 2021 at 11:26:41PM +0000, Klemens Nanni wrote: > > Thanks. tls_config_add_*_file also load files into memory, but given > this patch I think their usage of "add" in the manual is enough to infer > that files will also be loaded and added, so no need to change those as > well, I think. > > This should be the complete diff. > > Feedback? OK? > > > Index: man/tls_load_file.3 > =================================================================== > RCS file: /cvs/src/lib/libtls/man/tls_load_file.3,v > retrieving revision 1.11 > diff -u -p -r1.11 tls_load_file.3 > --- man/tls_load_file.3 29 Nov 2018 14:24:23 -0000 1.11 > +++ man/tls_load_file.3 21 Jun 2021 23:24:58 -0000 > @@ -217,8 +217,7 @@ call, ensuring that the memory contents > returns the path of the file that contains the default root certificates. > .Pp > .Fn tls_config_set_ca_file > -sets the filename used to load a file > -containing the root certificates. > +loads a file containing the root certificates. > .Pp > .Fn tls_config_set_ca_path > sets the path (directory) which should be searched for root > @@ -228,41 +227,39 @@ certificates. > sets the root certificates directly from memory. > .Pp > .Fn tls_config_set_cert_file > -sets file from which the public certificate will be read. > +loads a file containing the public certificate. > .Pp > .Fn tls_config_set_cert_mem > sets the public certificate directly from memory. > .Pp > .Fn tls_config_set_crl_file > -sets the filename used to load a file containing the > -Certificate Revocation List (CRL). > +loads a file containing the Certificate Revocation List (CRL). > .Pp > .Fn tls_config_set_crl_mem > sets the CRL directly from memory. > .Pp > .Fn tls_config_set_key_file > -sets the file from which the private key will be read. > +loads a file containing the private key. > .Pp > .Fn tls_config_set_key_mem > directly sets the private key from memory. > .Pp > .Fn tls_config_set_ocsp_staple_file > -sets a DER-encoded OCSP response to be stapled during the TLS handshake from > -the specified file. > +loads a file containing a DER-encoded OCSP response to be stapled during the > TLS handshake. > .Pp > .Fn tls_config_set_ocsp_staple_mem > sets a DER-encoded OCSP response to be stapled during the TLS handshake from > memory. > .Pp > .Fn tls_config_set_keypair_file > -sets the files from which the public certificate, and private key will be > read. > +loads two files from which the public certificate, and private key will be > read.
this is a weird place for a comma. i would remove it. jmc > .Pp > .Fn tls_config_set_keypair_mem > directly sets the public certificate, and private key from memory. > .Pp > .Fn tls_config_set_keypair_ocsp_file > -sets the files from which the public certificate, private key, and > DER-encoded > -OCSP staple will be read. > +loads three files containing the public certificate, private key, and > DER-encoded > +OCSP staple. > .Pp > .Fn tls_config_set_keypair_ocsp_mem > directly sets the public certificate, private key, and DER-encoded OCSP > staple >
