| /openssl/ssl/ |
| H A D | tls13_enc.c | 473 if (which & SSL3_CC_READ) { in tls13_change_cipher_state()
492 if (((which & SSL3_CC_CLIENT) && (which & SSL3_CC_WRITE)) in tls13_change_cipher_state()
493 || ((which & SSL3_CC_SERVER) && (which & SSL3_CC_READ))) { in tls13_change_cipher_state()
494 if (which & SSL3_CC_EARLY) { in tls13_change_cipher_state()
628 if (!(which & SSL3_CC_EARLY)) { in tls13_change_cipher_state()
711 if ((which & SSL3_CC_READ) != 0) { in tls13_change_cipher_state()
731 if (!(which & SSL3_CC_APPLICATION) in tls13_change_cipher_state()
747 if (which & SSL3_CC_WRITE) in tls13_change_cipher_state()
758 if (which & SSL3_CC_WRITE) { in tls13_change_cipher_state()
777 if (which & SSL3_CC_WRITE) in tls13_change_cipher_state()
[all …]
|
| H A D | t1_enc.c | 153 int tls1_change_cipher_state(SSL_CONNECTION *s, int which) in tls1_change_cipher_state() argument
198 if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || in tls1_change_cipher_state()
199 (which == SSL3_CHANGE_CIPHER_SERVER_READ)) { in tls1_change_cipher_state()
229 if (which & SSL3_CC_READ) { in tls1_change_cipher_state()
342 BIO_printf(trc_out, "which = %04X, mac key:\n", which); in tls1_change_cipher_state()
394 if (which & SSL3_CC_WRITE) in tls1_change_cipher_state()
405 if (which & SSL3_CC_WRITE) { in tls1_change_cipher_state()
412 (BIO_get_ktls_recv(s->rbio) && (which & SSL3_CC_READ))) { in tls1_change_cipher_state()
429 if (BIO_set_ktls(bio, &crypto_info, which & SSL3_CC_WRITE)) { in tls1_change_cipher_state()
430 if (which & SSL3_CC_WRITE) in tls1_change_cipher_state()
[all …]
|
| /openssl/doc/designs/ddd/ |
| H A D | README.md | 7 agreed. One significant dimension which must be considered when considering any
9 uses the APIs which exist today, as this determines the ways in which those
10 applications will be affected by any proposed changes, the extent to which they
11 will be affected, and the extent of any changes which will need to be made by
16 the usage patterns common in codebases which use OpenSSL, so that it can
18 directory seeks to maintain a set of **API usage demos** which demonstrate a
19 full spectrum of ways in which real-world applications use the OpenSSL APIs.
29 a present body of understanding of API usage patterns, which can be used to plan
42 The demos also deliberately focus on aspects of libssl usage which are likely to
58 patterns were determined and used to determine categories into which to classify
[all …]
|
| /openssl/doc/man7/ |
| H A D | ssl.pod | 47 methods/functions which implement the various protocol versions (SSLv3
52 This structure holds the algorithm information for a particular cipher which
59 This is the global context structure which is created by a server or client
60 once per program life-time and which holds mainly default values for the
61 B<SSL> structures which are later created for the connections.
70 This is the main SSL/TLS structure which is created by a server or client per
72 At run-time the application usually deals with this structure which has
|
| /openssl/doc/man3/ |
| H A D | X509_add_cert.pod | 21 The I<certs> argument may be NULL, which implies no effect.
27 which is used to control details of the operation.
29 The value B<X509_ADD_FLAG_DEFAULT>, which equals 0, means no special semantics.
39 which is determined using L<X509_cmp(3)>, are ignored.
42 which is determined using L<X509_self_signed(3)>, are ignored.
|
| H A D | CMS_get0_RecipientInfos.pod | 53 identifier associated with a specific CMS_RecipientInfo structure B<ri>, which
58 CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_TRANS.
62 the CMS_RecipientInfo structure B<ri>, which must be of type
66 and peer certificate B<peer> with the CMS_RecipientInfo structure B<ri>, which
70 CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_AGREE.
73 CMS_RecipientInfo structure B<ri> which must be of type CMS_RECIPINFO_KEK. Any
84 which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is
88 B<keylen> with the CMS_RecipientInfo structure B<ri>, which must be of type
|
| H A D | SSL_CTX_set_session_id_context.pod | 5 SSL_CTX_set_session_id_context, SSL_set_session_id_context - set context within which session can b…
19 B<sid_ctx_len> within which a session can be reused for the B<ctx> object.
22 B<sid_ctx_len> within which a session can be reused for the B<ssl> object.
29 application), which might lead to malfunctions. Therefore, each application
30 must set its own session id context B<sid_ctx> which is used to distinguish
|
| H A D | RAND_get0_primary.pod | 21 shared DRBG instances which are accessed via the RAND API:
23 The I<public> and I<private> DRBG are thread-local instances, which are used
25 The I<primary> DRBG is a global instance, which is not intended to be used
42 be NULL in which case the default OSSL_LIB_CTX is used.
|
| H A D | OSSL_HTTP_REQ_CTX.pod | 63 which gets populated with the B<BIO> to write/send the request to (I<wbio>),
64 the B<BIO> to read/receive the response from (I<rbio>, which may be equal to
70 which collects the HTTP request header lines.
77 which should be 1 to indicate C<POST> or 0 to indicate C<GET>.
109 be used directly to read the response contents, which may support streaming.
116 L<OSSL_HTTP_open(3)> with the default being 0, which means no timeout.
128 even if a GET request is going to be sent, in which case I<req> must be NULL.
140 The function may need to be called again if its result is -1, which indicates
145 in addition parses the response, which must be a DER-encoded ASN.1 structure,
155 which may support streaming.
[all …]
|
| H A D | BIO_sendmmsg.pod | 36 and recvmmsg(2) on operating systems which provide those functions.
42 by the value stored in I<*msgs_processed>, which expresses the number of
60 flags which affect the entire invocation. No global flags are currently
66 determined. The I<peer> field should be set to point to a B<BIO_ADDR>, which
99 which is also the length of the array pointed to by I<msg>.
126 which is transient in nature.
138 the number of messages successfully processed (which need not be nonzero) to
170 Implementations of this interface which do not make system calls and thereby
190 code directly, as there are many possible error codes which can indicate a
191 transient error, many of which are system specific.
[all …]
|
| H A D | X509_LOOKUP_hash_dir.pod | 40 B<X509_load_crl_file>. These functions support parameter I<type>, which
43 file into memory cache of B<X509_STORE> objects which given B<ctx>
73 File format is ASCII text which contains concatenated PEM certificates
76 This method should be used by applications which work with a small
81 B<X509_LOOKUP_hash_dir> is a more advanced method, which loads
116 OpenSSL includes a L<openssl-rehash(1)> utility which creates symlinks with
124 It works with the help of URIs, which can be direct references to
|
| H A D | SSL_get_SSL_CTX.pod | 5 SSL_get_SSL_CTX - get the SSL_CTX from which an SSL is created
15 SSL_get_SSL_CTX() returns a pointer to the SSL_CTX object, from which
|
| H A D | BF_encrypt.pod | 40 This library implements the Blowfish cipher, which was invented and described
65 B<ivec> which needs to be passed along into the next call of the same function
74 need the parameter B<num>, which is a pointer to an integer where the current
88 8 byte long initialization vector. B<num> must point at an integer which must
92 It uses the same parameters as BF_cfb64_encrypt(), which must be initialized
100 each 32-bit chunk in host-byte order, which is little-endian on little-endian
|
| H A D | OSSL_trace_set_channel.pod | 28 The trace output is divided into categories which can be
31 I<trace channel> to it, which in the simplest case is just a BIO object
32 to which the application can write the tracing output for this category.
62 data I<data>, which will simply be passed through to I<cb> whenever
79 The tracer callback must return a B<size_t>, which must be zero on
91 The callback is called from OSSL_trace_begin(), which gives the
106 The callback is called from OSSL_trace_end(), which gives the callback
213 There is also B<OSSL_TRACE_CATEGORY_ALL>, which works as a fallback
217 associated with the 'ALL' category, which is undesirable if the
|
| H A D | SSL_set_fd.pod | 30 for the read channel or the write channel, which can be set independently.
50 On Windows, a socket handle is a 64-bit data type (UINT_PTR), which leads to a
55 implementation returns an index into the kernel handle table, the size of which
|
| H A D | X509_LOOKUP.pod | 78 It can also be created by calling L<X509_STORE_add_lookup(3)>, which
118 X509_LOOKUP_add_dir() passes a directory specification from which
126 from which containers with certificates and CRLs are loaded on demand
134 which certificates and CRLs are immediately loaded into the associated
155 matching the criteria in the associated B<X509_STORE>, which makes it
204 B<X509_LOOKUP_METHOD> returns, which is usually 1 on success and 0 on error
213 the result of the function, which is usually 1 on success and 0 on error.
222 B<X509_LOOKUP_METHOD> returns, which is usually 1 on success and 0 in
|
| H A D | SSL_CTX_load_verify_locations.pod | 32 locations for B<ctx>, at which CA certificates for verification purposes
40 which CA certificates are loaded should be used. There is one default directory,
73 which can be used e.g. for descriptions of the certificates.
80 looked up by the CA subject name hash value, which must hence be available.
96 If B<CAstore> is not NULL, it's a URI for to a store, which may
102 the list of CAs of which it will accept client certificates. This list
|
| /openssl/doc/designs/quic-design/ |
| H A D | dgram-api.md | 4 We need to evolve the API surface of BIO which is relevant to BIO_dgram (and the
5 eventual BIO_dgram_mem) to support APIs which allow multiple datagrams to be
23 on OSes which do not support `sendmmsg` or `sendmsg`.
28 - We do not have to expose functionality which we cannot guarantee
32 which would pollute the environment of applications which include
169 Options which were considered
172 Options for the API surface which were considered included:
208 - We would need to include the OS headers which provide these
265 have an alternate code path which doesn't rely on them?
292 BIO_dgram which is 1 by default, which can be increased by a call to a
[all …]
|
| H A D | quic-ackm.md | 33 - an arbitrary function which returns the current time;
39 - It indicates the current deadline by which the loss detection
46 - It indicates the current deadline by which new ACK frames
62 In this document, “the caller” refers to the system which makes use of the ACK
137 /* The number of bytes in the packet which was sent. */
140 /* The time at which the packet was sent. */
226 /* The time at which the packet was received. */
355 information which should be packed into an ACK frame and transmitted.
402 This function returns the deadline at which the return value of
403 `ossl_ackm_is_ack_desired` will change to 1, or `OSSL_TIME_INFINITY`, which
[all …]
|
| /openssl/Configurations/ |
| H A D | 15-android.conf | 106 if (which("clang") =~ m|^$ndk/.*/prebuilt/([^/]+)/|) {
121 if (which("llvm-ar") =~ m|^$ndk/.*/prebuilt/([^/]+)/|) {
133 if (which("$triarch-$cc") !~ m|^$ndk|) {
141 if (which("$triarch-gcc") !~ m|^$ndk/.*/prebuilt/([^/]+)/|) {
|
| H A D | 00-base-templates.conf | 34 RANLIB => sub { which("$config{cross_compile_prefix}ranlib")
78 RANLIB => sub { which("$config{cross_compile_prefix}ranlib")
|
| /openssl/.github/ISSUE_TEMPLATE/ |
| H A D | documentation.md | 10 Please remember to tell us which OpenSSL version you are using and then
12 (e.g., in which manual page). If you are missing the documentation for a
|
| /openssl/external/perl/Text-Template-1.56/ |
| H A D | Changes | 11 - Skip/todo tests which fail under Devel::Cover (Thanks Roy Ivy)
84 Text::Template->append_text_to_output method, which Text::Template always
94 - _scrubpkg, which was responsible for eptying out temporary packages after
129 Note that the default message used to report the line number at which the
130 program fragment began; it now reports the line number at which the error
155 call; this is a function which receives each code fragment prior to
156 evaluation, and which may modify and return the fragment; the modified
159 line number of the template at which the error occurred:
177 line number of the template at which the error occurred:
187 function which receives each code fragment prior to evaluation, and which
[all …]
|
| /openssl/doc/internal/man3/ |
| H A D | ossl_method_construct.pod | 57 method creator through I<mcm> and the data in I<mcm_data> (which is
59 If I<prov> is not NULL, only that provider is considered, which is
72 B<OSSL_METHOD_CONSTRUCT_METHOD> structure, which holds the following
94 (which is the I<mcm_data> that was passed to ossl_construct_method()).
115 identification data given through I<data> (which is the I<mcm_data>
126 it possible for the subsystem constructor to keep a reference, which
|
| /openssl/crypto/x509/ |
| H A D | v3_asid.c | 154 int X509v3_asid_add_inherit(ASIdentifiers *asid, int which) in X509v3_asid_add_inherit() argument
159 switch (which) { in X509v3_asid_add_inherit()
183 int which, ASN1_INTEGER *min, ASN1_INTEGER *max) in X509v3_asid_add_id_or_range() argument
189 switch (which) { in X509v3_asid_add_id_or_range()
526 int i1 = 0, i2 = 0, i3 = 0, is_range = 0, which = 0; in v2i_ASIdentifiers() local
532 which = V3_ASID_ASNUM; in v2i_ASIdentifiers()
534 which = V3_ASID_RDI; in v2i_ASIdentifiers()
545 if (X509v3_asid_add_inherit(asid, which)) in v2i_ASIdentifiers()
603 if (!X509v3_asid_add_id_or_range(asid, which, min, max)) { in v2i_ASIdentifiers()
|
