Update POD

waterkip · timlegge · commit bfe1d0ee9bae · 2020-06-11T00:08:22.000Z
Signed-off-by: Wesley Schwengle &lt;wesley@opndev.io&gt;
diff --git a/Verify.pm b/Verify.pm
@@ -103,22 +103,30 @@ Crypt::OpenSSL::Verify - OpenSSL Verify certificate verification in XS.
   use Crypt::OpenSSL::X509;
 
   my $ca = Crypt::OpenSSL::Verify->new(
-                CAfile => 't/cacert.pem',
-                CApath => '/etc/ssl/certs',     # Optional
-                noCAfile => 1,                  # Optional
-                noCApath => 0                   # Optional
-                );
-
-  OR
+      't/cacert.pem', # or undef
+      {
+          CApath   => '/etc/ssl/certs',    # Optional
+          noCAfile => 1,                   # Optional
+          noCApath => 0                    # Optional
+      }
+  );
 
   # Backward compatible with Crypt::OpenSSL:VerifyX509
   my $ca = Crypt::OpenSSL::Verify->new('t/cacert.pem');
 
-  AND
+  # Using the defaults of your OS:
+  my $ca = Crypt::OpenSSL::Verify->new();
+
+  # and later on..
 
   my $cert = Crypt::OpenSSL::X509->new(...);
   $ca->verify($cert);
 
+
+The object created is similar to running the following command with the
+C<openssl verify> command line tool: C<< openssl verify [ -CApath /path/to/certs ]
+[ -noCApath ] [ -noCAfile ] [ -CAfile /path/to/file ] cert.pem >>
+
 =head1 DESCRIPTION
 
 Given a CA certificate and another untrusted certificate, will show
@@ -134,30 +142,28 @@ need to verify that the signing certificate is valid.
 
 Constructor. Returns an OpenSSL Verify instance, set up with the given CA.
 
-Arguments:
-
- * CAfile => $cafile_path       - path to a file containing the CA certificate
- * CApath => $ca_path           - path to a directory containg hashed CA Certificates
- * noCAfile => 0 or 1           - Default CAfile should not be loaded if TRUE
- * noCApath => 0 or 1           - Default CApath should not be loaded if TRUE
- * strict_certs => 0 or 1       - Do not override any OpenSSL verify errors
+    my $ca = Crypt::OpenSSL::Verify->new(
+        't/cacert.pem',   # or undef
+        {
+            # Path to a directory containg hashed CA Certificates
+            CApath => $ca_path,
 
-   (
-       CAfile => $cafile_path
-       CApath => '/etc/ssl/certs',     # Optional
-       noCAfile => 1,                  # Optional
-       noCApath => 0,                  # Optional
-       strict_certs => 1               # Default (Optional)
-   );
+            # Default CAfile should not be loaded if TRUE, defaults to FALSE
+            noCAfile => 0,
 
-=head2  new('t/cacert.pem');
+            # Default CApath should not be loaded if TRUE, defaults to FALSE
+            noCApath => 0,
 
-Constructor. Returns an OpenSSL Verify instance, set up with the given CA.
-             Backward compatible with Crypt::OpenSSL:VerifyX509
+            # Do not override any OpenSSL verify errors if FALSE, defaults to TRUE
+            strict_certs => 1,
+        }
+    );
 
-Arguments:
+    # Backward compatible with Crypt::OpenSSL:VerifyX509
+    my $ca = Crypt::OpenSSL::Verify->new('t/cacert.pem', {strict_certs => 0 });
 
- * $cafile_path                 - path to a file containing the CA certificate
+    # Using the defaults of your OS:
+    my $ca = Crypt::OpenSSL::Verify->new();
 
 =head2 new_from_x509($catext)
 
@@ -211,24 +217,35 @@ Arguements:
 
 =head1 AUTHOR
 
-Timothy Legge <timlegge@gmail.com>
-Wesley Schwengle <waterkip>
+=over
+
+=item Timothy Legge <timlegge@gmail.com>
+
+=item Wesley Schwengle <waterkip@cpan.org>
+
+=back
 
 =head1 COPYRIGHT
 
 The following copyright notice applies to all the files provided in
 this distribution, including binary files, unless explicitly noted
 otherwise.
 
-Copyright 2020 Timothy Legge
-Copyright 2020 Wesley Schwengle
+=over
+
+=item Copyright 2020 Timothy Legge
+
+=item Copyright 2020 Wesley Schwengle
+
+=back
 
 Based on the Original Crypt::OpenSSL::VerifyX509 by
 
-Copyright 2010 Chris Andrews <chrisandrews@venda.com>
+=over
+
+=item Copyright 2010 Chris Andrews <chrisandrews@venda.com>
 
-Most of the current module is based on the OpenSSL verify.c app and is
-therefore under Copyright 1999-2020, OpenSSL Software Foundation.
+=back
 
 =head1 LICENCE
 
diff --git a/Verify.xs b/Verify.xs
@@ -101,13 +101,16 @@ and returns it to OpenSSL
 
 =over
 
-=item ok
-    * ok - the result of the certificate verification in OpenSSL
-            ok = 1, !ok = 0
+=item * ok
+
+    The result of the certificate verification in OpenSSL ok = 1, !ok =
+    0
+
+=item * ctx
+
+    Pointer to the X509_Store_CTX that OpenSSL includes the error codes
+    in
 
-=item ctx
-    * ctx - Pointer to the X509_Store_CTX that OpenSSL includes the
-            error codes in
 =back
 
 =cut
@@ -224,7 +227,7 @@ void register_verify_cb(fn)
         else
             SvSetSV(callback, fn);
 
-=head new
+=head1 new
 
 Constructs the object ready to verify the certificates.
 It also sets the callback function.
@@ -405,7 +408,9 @@ int ctx_error_code(ctx)
 The actual verify function that calls OpenSSL to verify the x509 Cert that
 has been passed in as a parameter against the store that was setup in _new()
 
-=over Parameters
+=head3 Parameters
+
+=over
 
 =item self - self object
 
