/openssl/ssl/ |
H A D | tls13_enc.c | 473 if (which & SSL3_CC_READ) { in tls13_change_cipher_state() 492 if (((which & SSL3_CC_CLIENT) && (which & SSL3_CC_WRITE)) in tls13_change_cipher_state() 493 || ((which & SSL3_CC_SERVER) && (which & SSL3_CC_READ))) { in tls13_change_cipher_state() 494 if (which & SSL3_CC_EARLY) { in tls13_change_cipher_state() 628 if (!(which & SSL3_CC_EARLY)) { in tls13_change_cipher_state() 711 if ((which & SSL3_CC_READ) != 0) { in tls13_change_cipher_state() 731 if (!(which & SSL3_CC_APPLICATION) in tls13_change_cipher_state() 747 if (which & SSL3_CC_WRITE) in tls13_change_cipher_state() 758 if (which & SSL3_CC_WRITE) { in tls13_change_cipher_state() 777 if (which & SSL3_CC_WRITE) in tls13_change_cipher_state() [all …]
|
H A D | t1_enc.c | 153 int tls1_change_cipher_state(SSL_CONNECTION *s, int which) in tls1_change_cipher_state() argument 198 if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || in tls1_change_cipher_state() 199 (which == SSL3_CHANGE_CIPHER_SERVER_READ)) { in tls1_change_cipher_state() 229 if (which & SSL3_CC_READ) { in tls1_change_cipher_state() 342 BIO_printf(trc_out, "which = %04X, mac key:\n", which); in tls1_change_cipher_state() 394 if (which & SSL3_CC_WRITE) in tls1_change_cipher_state() 405 if (which & SSL3_CC_WRITE) { in tls1_change_cipher_state() 412 (BIO_get_ktls_recv(s->rbio) && (which & SSL3_CC_READ))) { in tls1_change_cipher_state() 429 if (BIO_set_ktls(bio, &crypto_info, which & SSL3_CC_WRITE)) { in tls1_change_cipher_state() 430 if (which & SSL3_CC_WRITE) in tls1_change_cipher_state() [all …]
|
/openssl/doc/designs/ddd/ |
H A D | README.md | 7 agreed. One significant dimension which must be considered when considering any 9 uses the APIs which exist today, as this determines the ways in which those 10 applications will be affected by any proposed changes, the extent to which they 11 will be affected, and the extent of any changes which will need to be made by 16 the usage patterns common in codebases which use OpenSSL, so that it can 18 directory seeks to maintain a set of **API usage demos** which demonstrate a 19 full spectrum of ways in which real-world applications use the OpenSSL APIs. 29 a present body of understanding of API usage patterns, which can be used to plan 42 The demos also deliberately focus on aspects of libssl usage which are likely to 58 patterns were determined and used to determine categories into which to classify [all …]
|
/openssl/doc/man7/ |
H A D | ssl.pod | 47 methods/functions which implement the various protocol versions (SSLv3 52 This structure holds the algorithm information for a particular cipher which 59 This is the global context structure which is created by a server or client 60 once per program life-time and which holds mainly default values for the 61 B<SSL> structures which are later created for the connections. 70 This is the main SSL/TLS structure which is created by a server or client per 72 At run-time the application usually deals with this structure which has
|
/openssl/doc/man3/ |
H A D | X509_add_cert.pod | 21 The I<certs> argument may be NULL, which implies no effect. 27 which is used to control details of the operation. 29 The value B<X509_ADD_FLAG_DEFAULT>, which equals 0, means no special semantics. 39 which is determined using L<X509_cmp(3)>, are ignored. 42 which is determined using L<X509_self_signed(3)>, are ignored.
|
H A D | CMS_get0_RecipientInfos.pod | 53 identifier associated with a specific CMS_RecipientInfo structure B<ri>, which 58 CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_TRANS. 62 the CMS_RecipientInfo structure B<ri>, which must be of type 66 and peer certificate B<peer> with the CMS_RecipientInfo structure B<ri>, which 70 CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_AGREE. 73 CMS_RecipientInfo structure B<ri> which must be of type CMS_RECIPINFO_KEK. Any 84 which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is 88 B<keylen> with the CMS_RecipientInfo structure B<ri>, which must be of type
|
H A D | SSL_CTX_set_session_id_context.pod | 5 SSL_CTX_set_session_id_context, SSL_set_session_id_context - set context within which session can b… 19 B<sid_ctx_len> within which a session can be reused for the B<ctx> object. 22 B<sid_ctx_len> within which a session can be reused for the B<ssl> object. 29 application), which might lead to malfunctions. Therefore, each application 30 must set its own session id context B<sid_ctx> which is used to distinguish
|
H A D | RAND_get0_primary.pod | 21 shared DRBG instances which are accessed via the RAND API: 23 The I<public> and I<private> DRBG are thread-local instances, which are used 25 The I<primary> DRBG is a global instance, which is not intended to be used 42 be NULL in which case the default OSSL_LIB_CTX is used.
|
H A D | OSSL_HTTP_REQ_CTX.pod | 63 which gets populated with the B<BIO> to write/send the request to (I<wbio>), 64 the B<BIO> to read/receive the response from (I<rbio>, which may be equal to 70 which collects the HTTP request header lines. 77 which should be 1 to indicate C<POST> or 0 to indicate C<GET>. 109 be used directly to read the response contents, which may support streaming. 116 L<OSSL_HTTP_open(3)> with the default being 0, which means no timeout. 128 even if a GET request is going to be sent, in which case I<req> must be NULL. 140 The function may need to be called again if its result is -1, which indicates 145 in addition parses the response, which must be a DER-encoded ASN.1 structure, 155 which may support streaming. [all …]
|
H A D | BIO_sendmmsg.pod | 36 and recvmmsg(2) on operating systems which provide those functions. 42 by the value stored in I<*msgs_processed>, which expresses the number of 60 flags which affect the entire invocation. No global flags are currently 66 determined. The I<peer> field should be set to point to a B<BIO_ADDR>, which 99 which is also the length of the array pointed to by I<msg>. 126 which is transient in nature. 138 the number of messages successfully processed (which need not be nonzero) to 170 Implementations of this interface which do not make system calls and thereby 190 code directly, as there are many possible error codes which can indicate a 191 transient error, many of which are system specific. [all …]
|
H A D | X509_LOOKUP_hash_dir.pod | 40 B<X509_load_crl_file>. These functions support parameter I<type>, which 43 file into memory cache of B<X509_STORE> objects which given B<ctx> 73 File format is ASCII text which contains concatenated PEM certificates 76 This method should be used by applications which work with a small 81 B<X509_LOOKUP_hash_dir> is a more advanced method, which loads 116 OpenSSL includes a L<openssl-rehash(1)> utility which creates symlinks with 124 It works with the help of URIs, which can be direct references to
|
H A D | SSL_get_SSL_CTX.pod | 5 SSL_get_SSL_CTX - get the SSL_CTX from which an SSL is created 15 SSL_get_SSL_CTX() returns a pointer to the SSL_CTX object, from which
|
H A D | BF_encrypt.pod | 40 This library implements the Blowfish cipher, which was invented and described 65 B<ivec> which needs to be passed along into the next call of the same function 74 need the parameter B<num>, which is a pointer to an integer where the current 88 8 byte long initialization vector. B<num> must point at an integer which must 92 It uses the same parameters as BF_cfb64_encrypt(), which must be initialized 100 each 32-bit chunk in host-byte order, which is little-endian on little-endian
|
H A D | OSSL_trace_set_channel.pod | 28 The trace output is divided into categories which can be 31 I<trace channel> to it, which in the simplest case is just a BIO object 32 to which the application can write the tracing output for this category. 62 data I<data>, which will simply be passed through to I<cb> whenever 79 The tracer callback must return a B<size_t>, which must be zero on 91 The callback is called from OSSL_trace_begin(), which gives the 106 The callback is called from OSSL_trace_end(), which gives the callback 213 There is also B<OSSL_TRACE_CATEGORY_ALL>, which works as a fallback 217 associated with the 'ALL' category, which is undesirable if the
|
H A D | SSL_set_fd.pod | 30 for the read channel or the write channel, which can be set independently. 50 On Windows, a socket handle is a 64-bit data type (UINT_PTR), which leads to a 55 implementation returns an index into the kernel handle table, the size of which
|
H A D | X509_LOOKUP.pod | 78 It can also be created by calling L<X509_STORE_add_lookup(3)>, which 118 X509_LOOKUP_add_dir() passes a directory specification from which 126 from which containers with certificates and CRLs are loaded on demand 134 which certificates and CRLs are immediately loaded into the associated 155 matching the criteria in the associated B<X509_STORE>, which makes it 204 B<X509_LOOKUP_METHOD> returns, which is usually 1 on success and 0 on error 213 the result of the function, which is usually 1 on success and 0 on error. 222 B<X509_LOOKUP_METHOD> returns, which is usually 1 on success and 0 in
|
H A D | SSL_CTX_load_verify_locations.pod | 32 locations for B<ctx>, at which CA certificates for verification purposes 40 which CA certificates are loaded should be used. There is one default directory, 73 which can be used e.g. for descriptions of the certificates. 80 looked up by the CA subject name hash value, which must hence be available. 96 If B<CAstore> is not NULL, it's a URI for to a store, which may 102 the list of CAs of which it will accept client certificates. This list
|
/openssl/doc/designs/quic-design/ |
H A D | dgram-api.md | 4 We need to evolve the API surface of BIO which is relevant to BIO_dgram (and the 5 eventual BIO_dgram_mem) to support APIs which allow multiple datagrams to be 23 on OSes which do not support `sendmmsg` or `sendmsg`. 28 - We do not have to expose functionality which we cannot guarantee 32 which would pollute the environment of applications which include 169 Options which were considered 172 Options for the API surface which were considered included: 208 - We would need to include the OS headers which provide these 265 have an alternate code path which doesn't rely on them? 292 BIO_dgram which is 1 by default, which can be increased by a call to a [all …]
|
H A D | quic-ackm.md | 33 - an arbitrary function which returns the current time; 39 - It indicates the current deadline by which the loss detection 46 - It indicates the current deadline by which new ACK frames 62 In this document, “the caller” refers to the system which makes use of the ACK 137 /* The number of bytes in the packet which was sent. */ 140 /* The time at which the packet was sent. */ 226 /* The time at which the packet was received. */ 355 information which should be packed into an ACK frame and transmitted. 402 This function returns the deadline at which the return value of 403 `ossl_ackm_is_ack_desired` will change to 1, or `OSSL_TIME_INFINITY`, which [all …]
|
/openssl/Configurations/ |
H A D | 15-android.conf | 106 if (which("clang") =~ m|^$ndk/.*/prebuilt/([^/]+)/|) { 121 if (which("llvm-ar") =~ m|^$ndk/.*/prebuilt/([^/]+)/|) { 133 if (which("$triarch-$cc") !~ m|^$ndk|) { 141 if (which("$triarch-gcc") !~ m|^$ndk/.*/prebuilt/([^/]+)/|) {
|
H A D | 00-base-templates.conf | 34 RANLIB => sub { which("$config{cross_compile_prefix}ranlib") 78 RANLIB => sub { which("$config{cross_compile_prefix}ranlib")
|
/openssl/.github/ISSUE_TEMPLATE/ |
H A D | documentation.md | 10 Please remember to tell us which OpenSSL version you are using and then 12 (e.g., in which manual page). If you are missing the documentation for a
|
/openssl/external/perl/Text-Template-1.56/ |
H A D | Changes | 11 - Skip/todo tests which fail under Devel::Cover (Thanks Roy Ivy) 84 Text::Template->append_text_to_output method, which Text::Template always 94 - _scrubpkg, which was responsible for eptying out temporary packages after 129 Note that the default message used to report the line number at which the 130 program fragment began; it now reports the line number at which the error 155 call; this is a function which receives each code fragment prior to 156 evaluation, and which may modify and return the fragment; the modified 159 line number of the template at which the error occurred: 177 line number of the template at which the error occurred: 187 function which receives each code fragment prior to evaluation, and which [all …]
|
/openssl/doc/internal/man3/ |
H A D | ossl_method_construct.pod | 57 method creator through I<mcm> and the data in I<mcm_data> (which is 59 If I<prov> is not NULL, only that provider is considered, which is 72 B<OSSL_METHOD_CONSTRUCT_METHOD> structure, which holds the following 94 (which is the I<mcm_data> that was passed to ossl_construct_method()). 115 identification data given through I<data> (which is the I<mcm_data> 126 it possible for the subsystem constructor to keep a reference, which
|
/openssl/crypto/x509/ |
H A D | v3_asid.c | 154 int X509v3_asid_add_inherit(ASIdentifiers *asid, int which) in X509v3_asid_add_inherit() argument 159 switch (which) { in X509v3_asid_add_inherit() 183 int which, ASN1_INTEGER *min, ASN1_INTEGER *max) in X509v3_asid_add_id_or_range() argument 189 switch (which) { in X509v3_asid_add_id_or_range() 526 int i1 = 0, i2 = 0, i3 = 0, is_range = 0, which = 0; in v2i_ASIdentifiers() local 532 which = V3_ASID_ASNUM; in v2i_ASIdentifiers() 534 which = V3_ASID_RDI; in v2i_ASIdentifiers() 545 if (X509v3_asid_add_inherit(asid, which)) in v2i_ASIdentifiers() 603 if (!X509v3_asid_add_id_or_range(asid, which, min, max)) { in v2i_ASIdentifiers()
|