Man page - tls_config_insecure_noverifyname(3)
Packages contas this manual
- tls_config_clear_keys(3)
- tls_config_set_ca_path(3)
- tls_accept_cbs(3)
- tls_peer_ocsp_cert_status(3)
- tls_accept_fds(3)
- tls_config_set_cert_mem(3)
- tls_unload_file(3)
- tls_configure(3)
- tls_config_prefer_ciphers_server(3)
- tls_config_set_keypair_ocsp_mem(3)
- tls_free(3)
- tls_connect_fds(3)
- tls_peer_cert_issuer(3)
- tls_config_free(3)
- tls_config_set_verify_depth(3)
- tls_config_set_cert_file(3)
- tls_ocsp_process_response(3)
- tls_peer_ocsp_revocation_time(3)
- tls_config_set_keypair_file(3)
- tls_config_add_keypair_ocsp_mem(3)
- tls_connect_socket(3)
- tls_config_set_ca_mem(3)
- tls_config_set_ecdhecurves(3)
- tls_config_parse_protocols(3)
- tls_config_add_ticket_key(3)
- tls_init(3)
- tls_config_verify_client_optional(3)
- tls_config_verify_client(3)
- tls_config_set_key_mem(3)
- tls_config_set_ocsp_staple_file(3)
- tls_config_set_alpn(3)
- tls_config_prefer_ciphers_client(3)
- tls_server(3)
- tls_config_set_crl_file(3)
- tls_peer_ocsp_crl_reason(3)
- tls_config_add_keypair_file(3)
- tls_conn_version(3)
- tls_config_set_ocsp_staple_mem(3)
- tls_peer_ocsp_next_update(3)
- tls_handshake(3)
- tls_read(3)
- tls_config_insecure_noverifycert(3)
- tls_config_set_protocols(3)
- tls_config_set_keypair_mem(3)
- tls_conn_cipher_strength(3)
- tls_connect(3)
- tls_peer_cert_notafter(3)
- tls_config_set_ca_file(3)
- tls_write(3)
- tls_peer_cert_hash(3)
- tls_connect_servername(3)
- tls_config_add_keypair_mem(3)
- tls_config_add_keypair_ocsp_file(3)
- tls_config_ocsp_require_stapling(3)
- tls_config_insecure_noverifyname(3)
- tls_peer_cert_subject(3)
- tls_conn_session_resumed(3)
- tls_config_set_session_fd(3)
- tls_conn_alpn_selected(3)
- tls_peer_ocsp_url(3)
- tls_close(3)
- tls_config_error(3)
- tls_conn_servername(3)
- tls_config_set_session_id(3)
- tls_config_set_ciphers(3)
- tls_config_insecure_noverifytime(3)
- tls_peer_ocsp_this_update(3)
- tls_connect_cbs(3)
- tls_conn_cipher(3)
- tls_peer_cert_notbefore(3)
- tls_peer_ocsp_response_status(3)
- tls_client(3)
- tls_peer_ocsp_result(3)
- tls_config_verify(3)
- tls_peer_cert_chain_pem(3)
- tls_config_set_crl_mem(3)
- tls_default_ca_cert_file(3)
- tls_config_new(3)
- tls_accept_socket(3)
- tls_config_set_dheparams(3)
- tls_config_set_session_lifetime(3)
- tls_config_set_keypair_ocsp_file(3)
- tls_peer_cert_contains_name(3)
- tls_load_file(3)
- tls_reset(3)
- tls_error(3)
- tls_peer_cert_provided(3)
- tls_config_set_key_file(3)
apt-get install libtls-dev
Manual
| TLS_CONFIG_VERIFY(3) | Library Functions Manual | TLS_CONFIG_VERIFY(3) |
NAME
tls_config_verify,
tls_config_insecure_noverifycert,
tls_config_insecure_noverifyname,
tls_config_insecure_noverifytime —
insecure TLS configuration
SYNOPSIS
#include
<tls.h>
void
tls_config_verify(struct
tls_config *config);
void
tls_config_insecure_noverifycert(struct
tls_config *config);
void
tls_config_insecure_noverifyname(struct
tls_config *config);
void
tls_config_insecure_noverifytime(struct
tls_config *config);
DESCRIPTION
These functions disable parts of the normal certificate verification process, resulting in insecure configurations. Be very careful when using them.
tls_config_insecure_noverifycert()
disables certificate verification and OCSP validation.
tls_config_insecure_noverifyname()
disables server name verification (client only).
tls_config_insecure_noverifytime()
disables validity checking of certificates and OCSP validation.
tls_config_verify()
reenables server name and certificate verification.
SEE ALSO
tls_client(3), tls_config_ocsp_require_stapling(3), tls_config_set_protocols(3), tls_conn_version(3), tls_connect(3), tls_handshake(3), tls_init(3)
HISTORY
tls_config_verify() appeared in
OpenBSD 5.6 and got its final name in
OpenBSD 5.7.
tls_config_insecure_noverifycert() and
tls_config_insecure_noverifyname() appeared in
OpenBSD 5.7 and
tls_config_insecure_noverifytime in
OpenBSD 5.9.
AUTHORS
Joel Sing
<jsing@openbsd.org>
Ted Unangst
<tedu@openbsd.org>
| March 2, 2017 | Debian |