Sets the options in a SSL_CTX. This should only be called when using the :openssl implementation.
comm
set-ssl-ctx-options ssl-ctx &key microsoft_sess_id_bug netscape_challenge_bug netscape_reuse_cipher_change_bug sslref2_reuse_cert_type_bug microsoft_big_sslv3_buffer msie_sslv2_rsa_padding ssleay_080_client_dh_bug tls_d5_bug tls_block_padding_bug dont_insert_empty_fragments all no_session_resumption_on_renegotiation single_dh_use ephemeral_rsa cipher_server_preference tls_rollback_bug no_sslv2 no_sslv3 no_tlsv1 pkcs1_check_1 pkcs1_check_2 netscape_ca_dn_bug netscape_demo_cipher_change_bug
| ssl-ctx⇩ |
A foreign pointer. |
| microsoft_sess_id_bug⇩ | |
|
A boolean. | |
| netscape_challenge_bug⇩ | |
|
A boolean. | |
| netscape_reuse_cipher_change_bug⇩ | |
|
A boolean. | |
| sslref2_reuse_cert_type_bug⇩ | |
|
A boolean. | |
| microsoft_big_sslv3_buffer⇩ | |
|
A boolean. | |
| msie_sslv2_rsa_padding⇩ | |
|
A boolean. | |
| ssleay_080_client_dh_bug⇩ | |
|
A boolean. | |
| tls_d5_bug⇩ |
A boolean. |
| tls_block_padding_bug⇩ | |
|
A boolean. | |
| dont_insert_empty_fragments⇩ | |
|
A boolean. | |
| all⇩ |
A boolean. |
| no_session_resumption_on_renegotiation⇩ | |
|
A boolean. | |
| single_dh_use⇩ |
A boolean. |
| ephemeral_rsa⇩ |
A boolean. |
| cipher_server_preference⇩ | |
|
A boolean. | |
| tls_rollback_bug⇩ |
A boolean. |
| no_sslv2⇩ |
A boolean. |
| no_sslv3⇩ |
A boolean. |
| no_tlsv1⇩ |
A boolean. |
| pkcs1_check_1⇩ |
A boolean. |
| pkcs1_check_2⇩ |
A boolean. |
| netscape_ca_dn_bug⇩ |
A boolean. |
| netscape_demo_cipher_change_bug⇩ | |
|
A boolean. | |
The function set-ssl-ctx-options sets the options in a SSL_CTX.
ssl-ctx can be either a foreign pointer of type ssl-ctx-pointer or a foreign pointer of type ssl-pointer.
The options are stored as a integer, made by using logior to combine bits for each non-nil value of the keyword arguments microsoft_sess_id_bug, netscape_challenge_bug, netscape_reuse_cipher_change_bug, sslref2_reuse_cert_type_bug, microsoft_big_sslv3_buffer, msie_sslv2_rsa_padding, ssleay_080_client_dh_bug, tls_d5_bug, tls_block_padding_bug, dont_insert_empty_fragments, all, no_session_resumption_on_renegotiation, single_dh_use, ephemeral_rsa, cipher_server_preference, tls_rollback_bug, no_sslv2, no_sslv3, no_tlsv1, pkcs1_check_1, pkcs1_check_2, netscape_ca_dn_bug and netscape_demo_cipher_change_bug. The bit used for each non-nil value of keyword keyword is the value of SSL_OP_keyword. The meaning of the options is specified in the OpenSSL manual page for SSL_set_options.
ssl-ctx-pointer
ssl-pointer
25 TCP and UDP socket communication and SSL
LispWorks® User Guide and Reference Manual - 01 Dec 2021 19:30:26