Sortix volatile manual

This manual documents Sortix volatile, a development build that has not been officially released. You can instead view this document in the latest official manual.

NAME

SSL_CTX_get0_param, SSL_get0_param, SSL_CTX_set1_param, SSL_set1_param — get and set verification parameters

SYNOPSIS

#include <openssl/ssl.h>

X509_VERIFY_PARAM *
SSL_CTX_get0_param(SSL_CTX *ctx);

X509_VERIFY_PARAM *
SSL_get0_param(SSL *ssl);

int
SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);

int
SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);

DESCRIPTION

SSL_CTX_get0_param() and SSL_get0_param() retrieve an internal pointer to the verification parameters for ctx or ssl, respectively. The returned pointer must not be freed by the calling application, but the application can modify the parameters pointed to, to suit its needs: for example to add a hostname check.

SSL_CTX_set1_param() and SSL_set1_param() set the verification parameters to vpm for ctx or ssl.

RETURN VALUES

SSL_CTX_get0_param() and SSL_get0_param() return a pointer to an X509_VERIFY_PARAM structure.

SSL_CTX_set1_param() and SSL_set1_param() return 1 for success or 0 for failure.

EXAMPLES

Check that the hostname matches www.foo.com in the peer certificate:

X509_VERIFY_PARAM *vpm = SSL_get0_param(ssl); 
X509_VERIFY_PARAM_set1_host(vpm, "www.foo.com", 0);

HISTORY

SSL_CTX_set1_param() and SSL_set1_param() first appeared in OpenSSL 1.0.0 and have been available since OpenBSD 4.9.

SSL_CTX_get0_param() and SSL_get0_param() first appeared in OpenSSL 1.0.2 and have been available since OpenBSD 6.3.