All Manuals > LispWorks® User Guide and Reference Manual > 32 The COMM Package

set-ssl-ctx-options Function

Summary

Sets the options in a SSL_CTX. This should only be called when using the :openssl implementation.

Package

comm

Signature

set-ssl-ctx-options ssl-ctx &key microsoft_sess_id_bug netscape_challenge_bug netscape_reuse_cipher_change_bug sslref2_reuse_cert_type_bug microsoft_big_sslv3_buffer msie_sslv2_rsa_padding ssleay_080_client_dh_bug tls_d5_bug tls_block_padding_bug dont_insert_empty_fragments all no_session_resumption_on_renegotiation single_dh_use ephemeral_rsa cipher_server_preference tls_rollback_bug no_sslv2 no_sslv3 no_tlsv1 pkcs1_check_1 pkcs1_check_2 netscape_ca_dn_bug netscape_demo_cipher_change_bug

Arguments
ssl-ctx
A foreign pointer.
microsoft_sess_id_bug
A boolean.
netscape_challenge_bug
A boolean.
netscape_reuse_cipher_change_bug
A boolean.
sslref2_reuse_cert_type_bug
A boolean.
microsoft_big_sslv3_buffer
A boolean.
msie_sslv2_rsa_padding
A boolean.
ssleay_080_client_dh_bug
A boolean.
tls_d5_bug
A boolean.
tls_block_padding_bug
A boolean.
dont_insert_empty_fragments
A boolean.
all
A boolean.
no_session_resumption_on_renegotiation
A boolean.
single_dh_use
A boolean.
ephemeral_rsa
A boolean.
cipher_server_preference
A boolean.
tls_rollback_bug
A boolean.
no_sslv2
A boolean.
no_sslv3
A boolean.
no_tlsv1
A boolean.
pkcs1_check_1
A boolean.
pkcs1_check_2
A boolean.
netscape_ca_dn_bug
A boolean.
netscape_demo_cipher_change_bug
A boolean.
Description

The function set-ssl-ctx-options sets the options in a SSL_CTX.

ssl-ctx can be either a foreign pointer of type ssl-ctx-pointer or a foreign pointer of type ssl-pointer.

The options are stored as a integer, made by using logior to combine bits for each non-nil value of the keyword arguments microsoft_sess_id_bug, netscape_challenge_bug, netscape_reuse_cipher_change_bug, sslref2_reuse_cert_type_bug, microsoft_big_sslv3_buffer, msie_sslv2_rsa_padding, ssleay_080_client_dh_bug, tls_d5_bug, tls_block_padding_bug, dont_insert_empty_fragments, all, no_session_resumption_on_renegotiation, single_dh_use, ephemeral_rsa, cipher_server_preference, tls_rollback_bug, no_sslv2, no_sslv3, no_tlsv1, pkcs1_check_1, pkcs1_check_2, netscape_ca_dn_bug and netscape_demo_cipher_change_bug. The bit used for each non-nil value of keyword keyword is the value of SSL_OP_keyword. The meaning of the options is specified in the OpenSSL manual page for SSL_set_options.

See also

ssl-ctx-pointer
ssl-pointer
25 TCP and UDP socket communication and SSL


LispWorks® User Guide and Reference Manual - 01 Dec 2021 19:30:26