Install Now
SSL_CTX_set_domain_flags, SSL_CTX_get_domain_flags, SSL_get_domain_flags, SSL_DOMAIN_FLAG_SINGLE_THREAD,
Contents
Copyright
Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance
with the License. You can obtain a copy in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.
3.5.0 2025-06-04 SSL_CTX_SET_DOMAIN_FLAGS(3SSL)
Description
SSL_CTX_set_domain_flags() and SSL_CTX_get_domain_flags() set and get the QUIC domain flags on a SSL_CTX
using a QUIC SSL_METHOD. These flags determine the concurrency model which is used for a QUIC domain. A
detailed introduction to these concepts can be found in openssl-quic-concurrency(7).
Applications may use either one the flags here:
SSL_DOMAIN_FLAG_SINGLE_THREAD
Specifying this flag configures the Single-Threaded Concurrency Model (SCM).
SSL_DOMAIN_FLAG_MULTI_THREAD
Speciyfing this flag configures the Contentive Concurrency Model (CCM) (unless
SSL_DOMAIN_FLAG_THREAD_ASSISTED is also specified).
If OpenSSL was built without thread support, this is identical to SSL_DOMAIN_FLAG_SINGLE_THREAD.
SSL_DOMAIN_FLAG_THREAD_ASSISTED
Specifying this flag configures the Thread-Assisted Concurrency Model (TACM). It implies
SSL_DOMAIN_FLAG_MULTI_THREAD and SSL_DOMAIN_FLAG_BLOCKING.
This concurrency model is not available if OpenSSL was built without thread support, in which case
attempting to configure it will result in an error.
SSL_DOMAIN_FLAG_BLOCKING
Enable reliable support for blocking I/O calls, allocating whatever OS resources are necessary to
realise this. If this flag is specified, SSL_DOMAIN_FLAG_LEGACY_BLOCKING is ignored.
SSL_DOMAIN_FLAG_LEGACY_BLOCKING
Enables legacy blocking compatibility mode. See "Legacy Blocking Support Compatibility" in
openssl-quic-concurrency(7).
Mutually exclusive flag combinations result in an error (for example, combining
SSL_DOMAIN_FLAG_SINGLE_THREAD and SSL_DOMAIN_FLAG_MULTI_THREADED).
Because exactly one concurrency model must be chosen, the domain flags cannot be set to 0 and attempting
to do so will result in an error.
Changing these flags using SSL_CTX_set_domain_flags() has no effect on QUIC domains which have already
been created.
The default set of domain flags set on a newly created SSL_CTX may vary by OpenSSL version, chosen
SSL_METHOD, and operating environment. See openssl-quic-concurrency(7) for details. An application can
retrieve the default domain flags by calling SSL_CTX_get_domain_flags() immediately after constructing a
SSL_CTX.
SSL_get_domain_flags() retrieves the domain flags which are effective for a QUIC domain when called on
any QUIC SSL object under that domain.
History
These functions were added in @QUIC_SERVER_VERSION@.
Name
SSL_CTX_set_domain_flags, SSL_CTX_get_domain_flags, SSL_get_domain_flags, SSL_DOMAIN_FLAG_SINGLE_THREAD,
SSL_DOMAIN_FLAG_MULTI_THREAD, SSL_DOMAIN_FLAG_THREAD_ASSISTED, SSL_DOMAIN_FLAG_BLOCKING,
SSL_DOMAIN_FLAG_LEGACY_BLOCKING - control the concurrency model used by a QUIC domain
Return Values
SSL_CTX_set_domain_flags(), SSL_CTX_get_domain_flags() and SSL_get_domain_flags() return 1 on success and
0 on failure.
SSL_CTX_set_domain_flags() fails if called with a set of flags which are inconsistent or which cannot be
supported given the current environment.
SSL_CTX_set_domain_flags() and SSL_CTX_get_domain_flags() fail if called on a SSL_CTX which is not using
a QUIC SSL_METHOD.
SSL_get_domain_flags() fails if called on a non-QUIC SSL object.
See Also
SSL_new_domain(3), openssl-quic-concurrency(7)
Synopsis
#include <openssl/ssl.h>
#define SSL_DOMAIN_FLAG_SINGLE_THREAD
#define SSL_DOMAIN_FLAG_MULTI_THREAD
#define SSL_DOMAIN_FLAG_LEGACY_BLOCKING
#define SSL_DOMAIN_FLAG_BLOCKING
#define SSL_DOMAIN_FLAG_THREAD_ASSISTED
int SSL_CTX_set_domain_flags(SSL_CTX *ctx, uint64_t flags);
int SSL_CTX_get_domain_flags(SSL_CTX *ctx, uint64_t *flags);
int SSL_get_domain_flags(SSL *ssl, uint64_t *flags);
PNG Icons
Emojis
