/openssl/doc/man3/ |
H A D | X509_check_purpose.pod | 47 =item E<32>0 if the certificate was not created to perform the purpose represented by I<id> 57 =item E<32>0 not a CA or does not have the purpose represented by I<id> 62 New versions will not return this value. May be a CA 75 Licensed under the Apache License 2.0 (the "License"). You may not use this
|
H A D | OBJ_nid2obj.pod | 93 I<ln> may be NULL, but not all at once. 98 The returned pointer is an internal pointer which B<must not> be freed. 106 that do not require a digest, NID_undef is a valid I<dig_id>. 130 Objects which are not in the table have the NID value NID_undef. 132 Objects do not need to be in the internal tables to be processed, 136 Some objects are used to represent algorithms which do not have a 146 These functions were not thread safe in OpenSSL 3.0 and before. 163 not NULL and I<buf_len> is big enough, otherwise the total string length. 164 Note that this does not count the trailing NUL character. 193 and should not be used. [all …]
|
H A D | BIO_s_socket.pod | 21 BIO_puts() is supported but BIO_gets() is not. 34 platforms sockets are not file descriptors and use distinct I/O routines, 35 Windows is one such platform. Any code mixing the two will not work on 49 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_SESSION_get0_id_context.pod | 25 B<*len> if B<len> is not NULL. 28 should not be released. 32 is given by B<sid_ctx_len> which must not exceed SSL_MAX_SID_CTX_LENGTH bytes. 51 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | X509_REQ_get_extensions.pod | 26 which must not be NULL, using the default B<NID_ext_req>. 27 This function must not be called more than once on the same I<req>. 31 This function must not be called more than once with the same I<req> and I<nid>. 45 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | X509_get0_uids.pod | 21 identifiers of certificate B<x> or NULL if the fields are not present. 24 attribute certificate B<x> or NULL if the field is not present. 33 X509_get0_uids() does not return a value. 68 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | X509_get0_notBefore.pod | 41 returned is an internal pointer which must not be freed up after 51 parameter I<tm> is not transferred by these functions so it must 56 returned is an internal pointer which must not be freed up after 61 parameter B<tm> is not transferred by these functions so it must 66 returned is an internal pointer which must not be freed up after 72 I<tm> is not transferred by these functions so it must be freed up after the 125 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_CTX_set_cipher_list.pod | 31 B<ssl> objects created from B<ctx>. This function does not impact TLSv1.3 74 usable and not depend on details of the library configuration (ciphers compiled 75 in). Thus no syntax checking takes place. Items that are not recognized, because 76 the corresponding ciphers are not compiled in or because they are mistyped, 95 When these conditions are not met for any cipher in the list (e.g. a 97 of 512 bits and the server is not configured to use temporary RSA 128 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | OSSL_HTTP_REQ_CTX.pod | 77 The I<rbio> is not free'd, I<wbio> will be free'd if I<free_wbio> is set. 102 If the I<content_type> argument is not NULL, 130 i.e., an error occurs in case the server does not grant it. 162 This memory BIO does not support streaming. 175 The returned BIO pointer must not be freed by the caller. 188 given by I<rctx> is still alive, i.e., has not been closed. 209 request URL do not match. 252 do not return values. 263 The returned BIO must not be freed by the caller. 266 or 0 if not available or an error occurred. [all …]
|
H A D | SSL_read_early_data.pod | 64 to send data from the server to the client when the client has not yet completed 76 authentication messages have not yet been received, i.e. the client is 81 or not by calling L<SSL_is_init_finished(3)>. 105 the server, but the total number of bytes written must not exceed the value 194 connection attempt. By default the server does not accept early data; a 267 containing the ClientHello. This means the early data is not actually 292 the same early data was not replayed across multiple connections. As a 299 if a client does not send any early data. 308 does not exist then the resumption is not allowed and a full handshake will 332 early data or not. See SSL_CTX_set_allow_early_data_cb() above for details. [all …]
|
H A D | SMIME_read_CMS.pod | 31 in binary format and is not translated to canonical form. 38 If B<*bcont> is not NULL then the message is clear text signed. B<*bcont> can 44 To support future functionality if B<bcont> is not NULL B<*bcont> should be 55 handle most S/MIME messages more complex compound formats may not work. 58 and will not handle the case where it is in binary format or uses quoted 87 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | EVP_PKEY_set1_RSA.pod | 71 alternative non-standard NIDs is now rare so B<EVP_PKEY_RSA2> et al are not 95 key is not of the correct type. The returned key must be freed after use. 105 key is not of the correct type. The reference count of the returned key is 106 B<not> incremented and so the key must not be freed after use. These functions 112 legacy key or NULL if the key is not legacy. 114 Note that if an EVP_PKEY was not constructed using one of the deprecated 135 If I<engine> does not include an B<EVP_PKEY_METHOD> for I<pkey> an 156 Updates to these keys will not be reflected back in the provider side key. The 158 EVP_PKEY_get1_EC_KEY() functions were not changed to have a "const" return type 177 EVP_PKEY_get_base_id() and will not care about the actual type: [all …]
|
H A D | SSL_write.pod | 62 Setting this flag does not cause a stream's send part to be concluded if not all 67 A call to SSL_write_ex2() fails if a flag is passed which is not supported or 77 If necessary, a write function will negotiate a TLS/SSL session, if not already 92 when the underlying BIO could not satisfy the needs of the function to continue 114 this processing is performed regularly. If an application is not using thread 129 You should not call SSL_write() with num=0, it will return an error. 139 not all the requested bytes have been written yet (if 145 retryable or not. 158 The write operation was not successful, because either the connection was 180 The write operation was not successful, because either the connection was [all …]
|
H A D | EVP_PKEY_CTX_ctrl.pod | 311 If not specified 65537 is used. 318 RSA key generation to I<primes>. If not specified 2 is used. 375 by the library and should not be freed by the caller. 409 parameter generation to B<nbits>. If not specified, 2048 is used. 430 since it is not part of a persisted key. 455 parameter generation. If not specified 2 is used. 489 since it is not part of a persisted key. 543 should not be freed by the caller. 567 by the library and should not be freed by the caller. 634 should not free the original memory pointed to by I<ukm>. [all …]
|
H A D | OSSL_LIB_CTX.pod | 59 In addition providers that are not loaded in the parent library context can be 61 library context. Providers loaded independently in this way will not be mirrored 62 in the parent library context and will not be affected if the parent library 70 reference count. L<OSSL_PROVIDER_unload(3)> must not be called for a provider in 71 the child library context that did not have an earlier L<OSSL_PROVIDER_load(3)> 81 B<OSSL_provider_init> function the currently initialising provider is not yet 82 available in the application's library context and therefore will similarly not 90 from a configuration. This function must not be called concurrently from 112 in the mean time. This means that the calling thread must not free the 119 and so applications should not typically call this function. [all …]
|
H A D | OSSL_HTTP_transfer.pod | 55 OSSL_HTTP_open() initiates an HTTP session using the I<bio> argument if not 76 If TLS is not used this defaults to the environment variable C<http_proxy> 112 or NULL to indicate failure, in which case it should not modify the BIO. 138 The optional callback function argument I<arg> is not consumed, 139 so must be freed by the caller when not needed any more. 178 If the I<expected_content_type> argument is not NULL, 198 If I<keep_alive> is 0 the connection is not kept open 202 i.e., an error occurs in case the server does not grant it. 209 is not NULL the latter pointer is used to provide any new location that 216 and for not exceeding any given maximum response length. [all …]
|
H A D | SSL_poll.pod | 140 This flag indicates that internal state machine processing should not be 159 event type bit in future SSL_poll() calls if it does not wish to receive 160 repeated notifications and has not caused the underlying readiness condition 175 for B<SSL_POLL_EVENT_R>), as not doing so is unlikely to be a sound design. 197 This event type may be raised even if it was not requested in I<events>; 205 This event is never raised on objects which are not connections. 214 This event is never raised on objects which are not connections. 330 not return more than one B<SSL_POLL_EVENT_F> event at once. 332 "Normal" events representing exceptional I/O conditions which do not 333 constitute a failure of the SSL_poll() mechanism itself are not considered [all …]
|
H A D | SSL_CTX_set_tlsext_status_cb.pod | 46 previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set. 51 acceptable or not. The callback will be passed as an argument the value 53 callback will not be called in the event of a handshake where session resumption 70 call to the d2i_OCSP_RESPONSE() function. If the server has not provided any 86 error; 0 if the response is not acceptable (in which case the handshake will 91 returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be 100 SSL_CTX_set_tlsext_status_type(), or -1 if not set. 122 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SRP_create_verifier.pod | 51 the verifier and (if a salt was not provided) I<*salt> will be populated with a 52 newly allocated BIGNUM containing a random salt. If I<*salt> is not NULL then 81 "*" if I<N> is not NULL, the selected group id otherwise. This value should 82 not be freed. 85 (i.e. the prime bit size) or NULL if the arguments are not valid SRP group parameters. 86 This value should not be freed. 88 SRP_get_default_gN() returns NULL if I<id> is not a valid group size, 134 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | X509_check_private_key.pod | 28 the keys match each other, and 0 if not. 36 do not check if I<pkey> itself is indeed a private key or not. 49 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_set_session_secret_cb.pod | 27 RFC4851. Therefore this callback should not be used except when implementing 32 available in I<*secret_len> and may be updated by the callback (but must not be 41 the B<SSL_SESSION> - but it does not affect the ciphersuite selected by the 52 secret. A return value of 0 indicates that the secret has not been set. On the 64 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_CTX_set_generate_session_id.pod | 37 The length of the session id is between 1 and 32 bytes. The session id is not 39 transmitted in the clear when reusing the session so it must not contain 64 If an id conflict is not resolved, the handshake will fail. 68 no confidential information is leaked this way). If the application can not 70 fill in the bytes not used to code special information with random data 74 not the external one. Since the session id is generated before the 75 handshake is completed, it is not immediately added to the cache. If 79 the external cache is not tested with SSL_has_matching_session_id() 133 Licensed under the Apache License 2.0 (the "License"). You may not use
|
/openssl/doc/man7/ |
H A D | EVP_SIGNATURE-ED25519.pod | 25 require access to the complete message (not a digest of the message). 29 not require access to the complete message; they operate on a hash of 37 instance, a nonempty context-string is not permitted. 63 If the instance name is not specified, then the default "Ed25519" or 66 If a context-string is not specified, then an empty context-string is 91 The PureEdDSA instances do not support the streaming mechanism of 96 The HashEdDSA instances do not yet support the streaming mechanisms 137 /* The input "params" is not needed if default options are acceptable. 161 Licensed under the Apache License 2.0 (the "License"). You may not use
|
/openssl/ |
H A D | NOTES-POSIX.md | 7 There are exceptions, though, for platforms that do not have a POSIX 11 types are not present (such as `ssize_t`). 13 Platforms that do have a POSIX library may still not have them accessible
|
/openssl/doc/designs/ddd/ |
H A D | WINDOWS.md | 7 In general, Windows does not provide a poll(2) call. WSAPoll(2) was introduced 17 because sockets are NT kernel handles on Windows and thus are not allocated 22 Windows does not provide anything like epoll or kqueue. For high performance 28 interface on top of polling, but it is not really possible to build a 46 - ddd-01-conn-blocking: Blocking example, use of IOCP is not applicable. 48 - ddd-02-conn-nonblocking: Socket is managed by OpenSSL, and IOCP is not 51 - ddd-03-fd-blocking: Blocking example, use of IOCP is not applicable. 78 My conclusion here is that since libssl does not support IOCP in the first
|