On Tue, Jan 27, 2015 at 04:18:49PM +0300, Serj wrote: > I didn't find docs on such functions as SSL_get0_param As I mentioned, this function should be documented, but is not yet. > Why there is no corresponding functions as SSL_set0_param in your code? > Where can I found documentation on functions operating with params? The documentation for these functions is not yet written. The way I would set SSL verification parameters is to obtain the parameter handle via SSL_get0_param() or where appropriate SSL_CTX_get0_param(), and use the various X509_VERIFY_PARAM_mumble() functions to tweak the parameter object in place. Parameters that apply to all connections should be set at the SSL_CTX level, when the context is created. Specifics like hostnames, ... should be set for each connection via the SSL object. > But there is no any description how SSL_CTX_set1_param works! > Does it clear all previous flags on CTX or "ORing" with them? > And there are no any docs on "GET" params functions! Yes, these need (more) documentation. -- Viktor.
