Fix NETSCAPE_SPKI_get_pubkey documentation.

I got that wrong. It passes ownership to the caller. It calls X509_PUBKEY_get which bumps the refcount. Change-Id: I46b7eabcf56f68bb1f745bc2f64091640e97c0bf Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44084 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
4 years ago · 5656fec512
parent 53bbb18036
commit 5656fec512
1 changed files with 2 additions and 3 deletions
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@ -697,9 +697,8 @@ OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str,
 OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki);

 // NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an
-// |EVP_PKEY|, or NULL on error. The resulting pointer is non-owning and valid
-// until |spki| is released or mutated. The caller should take a reference with
-// |EVP_PKEY_up_ref| to extend the lifetime.
+// |EVP_PKEY|, or NULL on error. The caller takes ownership of the resulting
+// pointer and must call |EVP_PKEY_free| when done.
 OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *spki);

 // NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one