SSL_CTX_set_options.pod - OpenGrok cross reference for /openssl/doc/man3/SSL_CTX_set

Lines Matching refs:option
57 During a handshake, the option settings of the SSL object are used. When
59 option setting is copied. Changes to B<ctx> do not affect already created
76 broken SSL implementations.  This option has no effect for connections
107 this option to enable it.
152 objects do buffer plaintext data to be sent and this option will also cause
155 This option can be set differently on individual QUIC stream objects and
195 With this option, sendfile() will use the zerocopy mode, which gives a
198 option has no effect if B<SSL_OP_ENABLE_KTLS> is not enabled.
200 This option only applies to Linux. KTLS sendfile on FreeBSD doesn't offer an
201 option to disable zerocopy and always runs in this mode.
208 this option is set or not CCS messages received from the peer will always be
209 ignored in TLSv1.3. This option is set by default. To switch it off use
217 option is enabled the peer does not need to send the close_notify alert and a
220 You should only enable this option if the protocol running over TLS
239 setting this option. This is a server-side option only. It is ignored by
245 RFC8879 certificate compression option on TLSv1.3 connections.
247 If this option is set, the certificate compression extension is ignored
253 RFC8879 certificate compression option on TLSv1.3 connections.
255 If this option is set, the certificate compression extension will not be sent
260 Do not use TLS record compression even if it is supported. This option is set by
263 above. From OpenSSL 3.2 the default security level is 2, so clearing this option
270 RFC7366 Encrypt-then-MAC option on TLS and DTLS connection.
272 If this option is set, Encrypt-then-MAC is disabled. Clients will not
278 RFC7627 Extended Master Secret option on TLS and DTLS connection.
280 If this option is set, Extended Master Secret is disabled. Clients will
296 handshake). This option is not needed for clients.
335 By default OpenSSL will use stateless tickets. The SSL_OP_NO_TICKET option will
338 sent. This is a server-side option only.
434 If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then
439 If the option B<SSL_OP_LEGACY_SERVER_CONNECT> or
442 succeeds. If neither option is set then initial connections to unpatched
445 Setting the option B<SSL_OP_LEGACY_SERVER_CONNECT> has security implications;