SSL_CTX_get0_param(3) OpenSSL SSL_CTX_get0_param(3) NNAAMMEE SSL_CTX_get0_param, SSL_get0_param, SSL_CTX_set1_param, SSL_set1_param - get and set verification parameters SSYYNNOOPPSSIISS #include X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx) X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl) int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm) int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm) DDEESSCCRRIIPPTTIIOONN _S_S_L___C_T_X___g_e_t_0___p_a_r_a_m_(_) and _S_S_L___g_e_t_0___p_a_r_a_m_(_) retrieve an internal pointer to the verification parameters for ccttxx or ssssll respectively. The returned pointer must not be freed by the calling application. _S_S_L___C_T_X___s_e_t_1___p_a_r_a_m_(_) and _S_S_L___s_e_t_1___p_a_r_a_m_(_) set the verification parame- ters to vvppmm for ccttxx or ssssll. NNOOTTEESS Typically parameters are retrieved from an SSSSLL__CCTTXX or SSSSLL structure using _S_S_L___C_T_X___g_e_t_0___p_a_r_a_m_(_) or _S_S_L___g_e_t_0___p_a_r_a_m_(_) and an application modi- fies them to suit its needs: for example to add a hostname check. EEXXAAMMPPLLEE Check hostname matches "www.foo.com" in peer certificate: X509_VERIFY_PARAM *vpm = SSL_get0_param(ssl); X509_VERIFY_PARAM_set1_host(vpm, "www.foo.com", 0); RREETTUURRNN VVAALLUUEESS _S_S_L___C_T_X___g_e_t_0___p_a_r_a_m_(_) and _S_S_L___g_e_t_0___p_a_r_a_m_(_) return a pointer to an XX550099__VVEERRIIFFYY__PPAARRAAMM structure. _S_S_L___C_T_X___s_e_t_1___p_a_r_a_m_(_) and _S_S_L___s_e_t_1___p_a_r_a_m_(_) return 1 for success and 0 for failure. SSEEEE AALLSSOO _X_5_0_9___V_E_R_I_F_Y___P_A_R_A_M___s_e_t___f_l_a_g_s(3) HHIISSTTOORRYY These functions were first added to OpenSSL 1.0.2. 1.0.2u 2019-12-20 SSL_CTX_get0_param(3)