Hostname validation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jan 27, 2015 at 04:18:49PM +0300, Serj wrote:

> I didn't find docs on such functions as SSL_get0_param

As I mentioned, this function should be documented, but is not yet.

> Why there is no corresponding functions as SSL_set0_param in your code?
> Where can I found documentation on functions operating with params?

The documentation for these functions is not yet written.  The way
I would set SSL verification parameters is to obtain the parameter
handle via SSL_get0_param() or where appropriate SSL_CTX_get0_param(),
and use the various X509_VERIFY_PARAM_mumble() functions to tweak
the parameter object in place.

Parameters that apply to all connections should be set at the
SSL_CTX level, when the context is created.  Specifics like
hostnames, ... should be set for each connection via the SSL
object.

> But there is no any description how SSL_CTX_set1_param works!
> Does it clear all previous flags on CTX or "ORing" with them?
> And there are no any docs on "GET" params functions!

Yes, these need (more) documentation.

-- 
	Viktor.


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux