| SSL_CTX_new.pod (1.1.1.4) | SSL_CTX_new.pod (1.1.1.5) |
|---|---|
| 1=pod 2 3=head1 NAME 4 5TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, 6SSL_CTX_new, SSL_CTX_new_ex, SSL_CTX_up_ref, SSLv3_method, 7SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, 8TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, --- 86 unchanged lines hidden (view full) --- 95increments the reference count for an existing B<SSL_CTX> structure. 96 97An B<SSL_CTX> object should not be changed after it is used to create any B<SSL> 98objects or from multiple threads concurrently, since the implementation does not 99provide serialization of access for these cases. 100 101=head1 NOTES 102 | 1=pod 2 3=head1 NAME 4 5TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, 6SSL_CTX_new, SSL_CTX_new_ex, SSL_CTX_up_ref, SSLv3_method, 7SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, 8TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, --- 86 unchanged lines hidden (view full) --- 95increments the reference count for an existing B<SSL_CTX> structure. 96 97An B<SSL_CTX> object should not be changed after it is used to create any B<SSL> 98objects or from multiple threads concurrently, since the implementation does not 99provide serialization of access for these cases. 100 101=head1 NOTES 102 |
| 103On session estabilishment, by default, no peer credentials verification is done. | 103On session establishment, by default, no peer credentials verification is done. |
| 104This must be explicitly requested, typically using L<SSL_CTX_set_verify(3)>. 105For verifying peer certificates many options can be set using various functions 106such as L<SSL_CTX_load_verify_locations(3)> and L<SSL_CTX_set1_param(3)>. 107The L<X509_VERIFY_PARAM_set_purpose(3)> function can be used, also in conjunction 108with L<SSL_CTX_get0_param(3)>, to set the intended purpose of the session. 109The default is B<X509_PURPOSE_SSL_SERVER> on the client side 110and B<X509_PURPOSE_SSL_CLIENT> on the server side. 111 --- 132 unchanged lines hidden (view full) --- 244and TLS_client_method() functions were added in OpenSSL 1.1.0. 245 246All version-specific methods were deprecated in OpenSSL 1.1.0. 247 248SSL_CTX_new_ex() was added in OpenSSL 3.0. 249 250=head1 COPYRIGHT 251 | 104This must be explicitly requested, typically using L<SSL_CTX_set_verify(3)>. 105For verifying peer certificates many options can be set using various functions 106such as L<SSL_CTX_load_verify_locations(3)> and L<SSL_CTX_set1_param(3)>. 107The L<X509_VERIFY_PARAM_set_purpose(3)> function can be used, also in conjunction 108with L<SSL_CTX_get0_param(3)>, to set the intended purpose of the session. 109The default is B<X509_PURPOSE_SSL_SERVER> on the client side 110and B<X509_PURPOSE_SSL_CLIENT> on the server side. 111 --- 132 unchanged lines hidden (view full) --- 244and TLS_client_method() functions were added in OpenSSL 1.1.0. 245 246All version-specific methods were deprecated in OpenSSL 1.1.0. 247 248SSL_CTX_new_ex() was added in OpenSSL 3.0. 249 250=head1 COPYRIGHT 251 |
| 252Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. | 252Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. |
| 253 254Licensed under the Apache License 2.0 (the "License"). You may not use 255this file except in compliance with the License. You can obtain a copy 256in the file LICENSE in the source distribution or at 257L<https://www.openssl.org/source/license.html>. 258 259=cut | 253 254Licensed under the Apache License 2.0 (the "License"). You may not use 255this file except in compliance with the License. You can obtain a copy 256in the file LICENSE in the source distribution or at 257L<https://www.openssl.org/source/license.html>. 258 259=cut |