Commit f13fe0e025 for openssl.org

commit f13fe0e025f0d413ff985f4114b5e99654d4adde
Author: martin <rauch.martin@gmail.com>
Date:   Sun Dec 7 15:15:07 2025 +0100

    Add documentation for X509_V_FLAG_OCSP_RESP_CHECK and X509_V_FLAG_OCSP_RESP_CHECK_ALL

    Reviewed-by: Norbert Pocs <norbertp@openssl.org>
    Reviewed-by: Tomas Mraz <tomas@openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/29327)

diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
index 267975778b..864e242963 100644
--- a/doc/man3/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
@@ -258,6 +258,14 @@ certificate. An error occurs if a suitable CRL cannot be found.
 B<X509_V_FLAG_CRL_CHECK_ALL> expands CRL checking to the entire certificate
 chain if B<X509_V_FLAG_CRL_CHECK> has also been enabled, and is otherwise ignored.

+B<X509_V_FLAG_OCSP_RESP_CHECK> enables Online Certificate Status Protocol (OCSP)
+checking for the certificate chain leaf certificate. An error occurs if a suitable
+OCSP response cannot be found.
+
+B<X509_V_FLAG_OCSP_RESP_CHECK_ALL> expands OCSP checking to the entire certificate
+chain if B<X509_V_FLAG_OCSP_RESP_CHECK> has also been enabled, and is otherwise
+ignored.
+
 B<X509_V_FLAG_IGNORE_CRITICAL> disables critical extension checking. By default
 any unhandled critical extensions in certificates or (if checked) CRLs result
 in a fatal error. If this flag is set unhandled critical extensions are