/openssl/doc/man3/ |
H A D | DSA_get0_pqg.pod | 45 If the parameters have not yet been set then B<*p>, B<*q> and B<*g> will be set 48 should not be freed directly. 53 and therefore the values that have been passed in should not be freed directly 58 private key will be stored in B<*priv_key>. Either may be NULL if they have not 61 private key values. This memory should not be freed directly. 68 object, and therefore they should not be freed directly after this function has 89 in the call and may therefore I<not> be passed to DSA_set0_key(). If 118 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_get_default_timeout.pod | 21 after which it will not be accepted for session reuse. If the timeout 22 value was not explicitly set using 45 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_set_verify_result.pod | 22 the verification result of the B<ssl> object. It does not become part of the 30 SSL_set_verify_result() does not provide a return value. 42 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | OSSL_sleep.pod | 16 thread for (at least) I<millis> milliseconds. The delay is not guaranteed; 27 OSSL_sleep() does not return any value. 37 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | X509_PUBKEY_new.pod | 72 in the B<EVP_PKEY> structure I<pkey>. If I<*x> is not NULL any existing 108 If I<penc> is not NULL the encoding of the public key itself is set 112 so they must not be freed after the call. 118 parameters is not required it can be set to NULL. All of the 119 retrieved pointers are internal and must not be freed after the 129 In many cases applications will not call the B<X509_PUBKEY> functions 138 X509_PUBKEY_free() does not return a value. 150 X509_PUBKEY_set0_public_key() does not return a value. 175 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | BIO_ctrl.pod | 50 These functions are not normally called directly, various macros 107 BIO_eof() returns 1 if EOF has been reached, 0 if not, or negative values for failure. 144 The return values of BIO_pending() and BIO_wpending() may not reliably 147 internal buffers but it is not possible to determine this in a 148 portably way. For other types of BIO they may not be supported. 150 Filter BIOs if they do not internally handle a particular BIO_ctrl() 159 Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() 165 particular a return value of 0 can be returned if an operation is not 166 supported, if an error occurred, if EOF has not been reached and in 184 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | OCSP_resp_find_status.pod | 95 signed I<bs>. The OCSP protocol does not require that this certificate 139 criteria including potential delegation. If this does not succeed and the 140 B<OCSP_NOEXPLICIT> flag is not set the function checks for explicit 154 or -1 on error, such as when I<id> was not found. 170 or 0 if not found or on error. 175 values and the current time + I<sec> is not before I<thisupd> and, 176 if I<maxsec> >= 0, the current time - I<maxsec> is not past I<nextupd>. 179 OCSP_basic_verify() returns 1 on success, 0 on verification not successful, 191 OCSP_check_validity(). Some responders do not set the B<nextUpdate> field, this 199 parameters can be set to NULL if their value is not required. [all …]
|
H A D | OSSL_CMP_ITAV_new_caCerts.pod | 83 is not NULL. 90 If I<newWithOld> is not NULL, it assigns to I<*newWithOld> the internal pointer 92 If I<oldWithNew> is not NULL, it assigns to I<*oldWithNew> the internal pointer 95 is present or the respective sub-field is not included. 127 If I<keySpec> is not NULL, it is assigned NULL 128 if the structure is not present in I<itav> or the keySpec field is absent. 152 I<*thisUpdate> is assigned only if the I<thisUpdate> argument is not NULL. 154 I<*thisUpdate> can also be NULL if the field is not present. 163 It is an error if the infoType of I<itav> is not B<crlStatusList>. 172 It is an error if the infoType of I<itav> is not B<crls>. [all …]
|
H A D | BIO_s_datagram.pod | 98 Despite its name, this function does not cause the underlying socket to become 109 APIs which do not specify peer addresses (for example, send(3) and recv(3) or 114 socket is not connected and will attempt to use the socket using an OS APIs 117 This control does not affect the operation of L<BIO_sendmmsg(3)> or 146 This does not affect the operation of L<BIO_sendmmsg(3)>. 147 L<BIO_recvmmsg(3)> does not affect the value set by BIO_dgram_set_peer(). 180 The value returned is not fully reliable because datagram overheads can be 196 This is not supported on all platforms and depends on OS support being 211 not include the size of layer 3 or layer 4 protocol headers. 232 L<BIO_recvmmsg(3)> is not affected by this control. [all …]
|
H A D | BIO_s_dgram_pair.pod | 76 This BIO does not support sending or receiving zero-length datagrams. Passing a 79 L<BIO_eof(3)> returns 1 only if the given BIO datagram pair BIO is not currently 83 large a datagram the next call to L<BIO_write(3)> can accept. If there is not 100 halves of the pair. The value does not affect the operation of the BIO datagram 171 L<BIO_sendmmsg(3)>) and the peer has not advertised the 176 destination address when receiving, and local address support has not been 181 does not return 1 (meaning that the peer has not advertised both the 188 that half of the BIO datagram pair. However, these capability flags do not 201 if no-truncate mode is not enabled or not supported on a given BIO. 207 operation is not supported. [all …]
|
H A D | X509_VERIFY_PARAM_set_flags.pod | 132 The default security level is -1, or "not set". 146 name checks are not performed on the peer certificate. If B<name> 168 issuer certificates will not be applied to the subject DN. 184 identifiers. When wildcard matching is not disabled, or when a 189 associated B<param> argument is freed. Applications must not free 227 or NULL if the respective value has not been set or on error. 286 determine certificate status. If not set deltas are ignored. 296 the signature are not treated as fatal errors. 332 is used to specify a verification time, the check is not suppressed. 351 they are set or not. Flags is still Ored though. [all …]
|
H A D | SSL_CTX_set_cert_store.pod | 52 SSL_CTX_set_cert_store() does not increment the B<store>'s reference 53 count, so it should not be used to assign an X509_STORE that is owned 70 SSL_CTX_set_cert_store() does not return diagnostic output. 72 SSL_CTX_set1_cert_store() does not return diagnostic output. 86 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | BIO_get_data.pod | 28 whether initialisation has been completed for this BIO or not. A nonzero value 29 indicates that initialisation is complete, whilst zero indicates that it is not. 31 some BIOs however, initialisation may not complete until after additional steps 60 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | RAND_egd.pod | 31 If B<buf> is not B<NULL>, then the data is copied to the buffer and 32 RAND_add() is not called. 40 daemon on success, or -1 if the connection failed or the daemon did not 56 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_CTX_set_quiet_shutdown.pod | 29 It is not changed when L<SSL_clear(3)> is called. 34 These functions are not supported for QUIC SSL objects. SSL_set_quiet_shutdown() 55 SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return 71 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | X509_STORE_get0_param.pod | 24 parameters for I<xs>. The returned pointer must not be freed by the 33 returned pointer must not be freed by the calling application. If the store is 34 shared across multiple threads, it is not safe to use the result of this 70 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | OSSL_INDICATOR_set_callback.pod | 33 contain the algorithm type and operation that is not approved. 34 I<params> is not currently used. 53 fprintf(stdout, "%s %s is not approved\n", type, desc); 76 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | X509_get_extension_flags.pod | 84 processing the X509 object, so it may not be related to the processed 97 processing the X509 object, so it may not be related to the processed 132 is not present or cannot be parsed. 136 is not present or cannot be parsed. 140 B<NULL> if the extension is not present or cannot be parsed. 144 extension is not present or cannot be parsed. 160 in the B<X509> structure. If the flags returned do not provide sufficient 178 is not present. 204 Licensed under the Apache License 2.0 (the "License"). You may not use
|
H A D | SSL_CTX_load_verify_locations.pod | 66 If B<CAfile> is not NULL, it points to a file of CA certificates in PEM 79 If B<CApath> is not NULL, it points to a directory containing CA certificates 97 If B<CAstore> is not NULL, it's a URI for to a store, which may 99 Apart from the B<CAstore> not necessarily being a local file or 104 is not influenced by the contents of B<CAfile> or B<CApath> and must 111 certificate chain was not explicitly specified (see 121 error occurs, no other certificate will be searched. Make sure to not 177 Licensed under the Apache License 2.0 (the "License"). You may not use
|
/openssl/doc/designs/ |
H A D | xof.md | 25 absorb). absorb must not be called once the finalize is done unless a reset 42 Older providers that have not been updated to support this change should produce 55 squeeze code in a older provider that does not handle returning correct data for 58 separate provider function should not be necessary). 69 - New API is not required 87 - The existing function does not change, so it is not affected by logic that 122 There will be other XOF's that do not use the sponge construction such as Blake2. 158 (The consensus was that this is not required). 198 since it was assumed that it was not required for a one shot operation. 233 was not intended to be exposed since the internal format of the state B<A>
|
/openssl/doc/designs/quic-design/ |
H A D | dgram-api.md | 15 - We use a sendmmsg/recvmmsg-like API. The alternative API was not considered 23 on OSes which do not support `sendmmsg` or `sendmsg`. 28 - We do not have to expose functionality which we cannot guarantee 35 - For OSes which do not support `sendmmsg`, we emulate it using repeated 41 for adoption cannot be supported on all platforms (Win32 does not have 54 not set or cleared by `BIO_sendmmsg` or `BIO_recvmmsg`. 61 - We do not support iovecs. The motivations for this are: 75 and there is not going to be any issue depositing the ciphertext in a 167 fails if support is not available. 415 not the application. [all …]
|
H A D | quic-api.md | 141 - **Never**: Does not interact with `SSL_get_error`. 157 inapplicable to QUIC, so it is not supported. 348 not been shutdown properly is freed using this function: 372 TLS, though not to DTLS). 399 Should not require any changes. 519 write), not both. This call will not be implemented for QUIC (e.g. always 701 not affected. 937 * not also the QUIC connection object. 959 * does not have a default stream. 1253 not all OSes can provide support: [all …]
|
/openssl/doc/man7/ |
H A D | fips_module.pod | 23 Applications written to use the OpenSSL 3.0 FIPS module should not use any 54 built and linked against OpenSSL 3.0 and do not override the loading of the 122 You may not want all applications to use the FIPS module. 132 This method will not work for these cases. 139 If any applications attempt to use any algorithms that are not present, 146 If any applications use those APIs then the FIPS module will not be used. 164 This removes the disadvantage listed above that you may not want all 224 decoding keys. If you decide not to load the default provider then you 532 Triple-DES is not longer approved for encryption. 571 The following algorithms use a unique indicator and do not trigger the [all …]
|
/openssl/engines/ |
H A D | e_capi.txt | 3 # Licensed under the Apache License 2.0 (the "License"). You may not use 16 CAPI_R_ENGINE_NOT_INITIALIZED:107:engine not initialized 25 CAPI_R_FUNCTION_NOT_SUPPORTED:116:function not supported
|
/openssl/doc/man1/ |
H A D | openssl-namedisplay-options.pod | 90 not setting B<esc_msb>) may give the correct display of multibyte 92 If this option is not set, then multibyte characters larger than 0xFF 98 This option does not attempt to interpret multibyte characters in any 112 If not set, just the content octets are displayed. 118 If this option is not set, then non character string types will be displayed 128 Dump any field whose OID is not recognised by OpenSSL. 152 B<nofname> does not display the field at all. 174 Licensed under the Apache License 2.0 (the "License"). You may not use
|