forked from cory/tildefriends
915 lines
51 KiB
Groff
915 lines
51 KiB
Groff
|
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
|
||
|
.\"
|
||
|
.\" Standard preamble:
|
||
|
.\" ========================================================================
|
||
|
.de Sp \" Vertical space (when we can't use .PP)
|
||
|
.if t .sp .5v
|
||
|
.if n .sp
|
||
|
..
|
||
|
.de Vb \" Begin verbatim text
|
||
|
.ft CW
|
||
|
.nf
|
||
|
.ne \\$1
|
||
|
..
|
||
|
.de Ve \" End verbatim text
|
||
|
.ft R
|
||
|
.fi
|
||
|
..
|
||
|
.\" Set up some character translations and predefined strings. \*(-- will
|
||
|
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
||
|
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
|
||
|
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
|
||
|
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
|
||
|
.\" nothing in troff, for use with C<>.
|
||
|
.tr \(*W-
|
||
|
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
||
|
.ie n \{\
|
||
|
. ds -- \(*W-
|
||
|
. ds PI pi
|
||
|
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
||
|
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
||
|
. ds L" ""
|
||
|
. ds R" ""
|
||
|
. ds C` ""
|
||
|
. ds C' ""
|
||
|
'br\}
|
||
|
.el\{\
|
||
|
. ds -- \|\(em\|
|
||
|
. ds PI \(*p
|
||
|
. ds L" ``
|
||
|
. ds R" ''
|
||
|
. ds C`
|
||
|
. ds C'
|
||
|
'br\}
|
||
|
.\"
|
||
|
.\" Escape single quotes in literal strings from groff's Unicode transform.
|
||
|
.ie \n(.g .ds Aq \(aq
|
||
|
.el .ds Aq '
|
||
|
.\"
|
||
|
.\" If the F register is >0, we'll generate index entries on stderr for
|
||
|
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
|
||
|
.\" entries marked with X<> in POD. Of course, you'll have to process the
|
||
|
.\" output yourself in some meaningful fashion.
|
||
|
.\"
|
||
|
.\" Avoid warning from groff about undefined register 'F'.
|
||
|
.de IX
|
||
|
..
|
||
|
.nr rF 0
|
||
|
.if \n(.g .if rF .nr rF 1
|
||
|
.if (\n(rF:(\n(.g==0)) \{\
|
||
|
. if \nF \{\
|
||
|
. de IX
|
||
|
. tm Index:\\$1\t\\n%\t"\\$2"
|
||
|
..
|
||
|
. if !\nF==2 \{\
|
||
|
. nr % 0
|
||
|
. nr F 2
|
||
|
. \}
|
||
|
. \}
|
||
|
.\}
|
||
|
.rr rF
|
||
|
.\"
|
||
|
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||
|
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||
|
. \" fudge factors for nroff and troff
|
||
|
.if n \{\
|
||
|
. ds #H 0
|
||
|
. ds #V .8m
|
||
|
. ds #F .3m
|
||
|
. ds #[ \f1
|
||
|
. ds #] \fP
|
||
|
.\}
|
||
|
.if t \{\
|
||
|
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
||
|
. ds #V .6m
|
||
|
. ds #F 0
|
||
|
. ds #[ \&
|
||
|
. ds #] \&
|
||
|
.\}
|
||
|
. \" simple accents for nroff and troff
|
||
|
.if n \{\
|
||
|
. ds ' \&
|
||
|
. ds ` \&
|
||
|
. ds ^ \&
|
||
|
. ds , \&
|
||
|
. ds ~ ~
|
||
|
. ds /
|
||
|
.\}
|
||
|
.if t \{\
|
||
|
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
||
|
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
||
|
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
||
|
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
||
|
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
||
|
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
||
|
.\}
|
||
|
. \" troff and (daisy-wheel) nroff accents
|
||
|
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
||
|
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
||
|
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
||
|
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
||
|
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
||
|
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
||
|
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
||
|
.ds ae a\h'-(\w'a'u*4/10)'e
|
||
|
.ds Ae A\h'-(\w'A'u*4/10)'E
|
||
|
. \" corrections for vroff
|
||
|
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
||
|
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
||
|
. \" for low resolution devices (crt and lpr)
|
||
|
.if \n(.H>23 .if \n(.V>19 \
|
||
|
\{\
|
||
|
. ds : e
|
||
|
. ds 8 ss
|
||
|
. ds o a
|
||
|
. ds d- d\h'-1'\(ga
|
||
|
. ds D- D\h'-1'\(hy
|
||
|
. ds th \o'bp'
|
||
|
. ds Th \o'LP'
|
||
|
. ds ae ae
|
||
|
. ds Ae AE
|
||
|
.\}
|
||
|
.rm #[ #] #H #V #F C
|
||
|
.\" ========================================================================
|
||
|
.\"
|
||
|
.IX Title "SSL 7"
|
||
|
.TH SSL 7 "2020-04-21" "1.1.1g" "OpenSSL"
|
||
|
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
||
|
.\" way too many mistakes in technical documents.
|
||
|
.if n .ad l
|
||
|
.nh
|
||
|
.SH "NAME"
|
||
|
ssl \- OpenSSL SSL/TLS library
|
||
|
.SH "SYNOPSIS"
|
||
|
.IX Header "SYNOPSIS"
|
||
|
See the individual manual pages for details.
|
||
|
.SH "DESCRIPTION"
|
||
|
.IX Header "DESCRIPTION"
|
||
|
The OpenSSL \fBssl\fR library implements the Secure Sockets Layer (\s-1SSL\s0 v2/v3) and
|
||
|
Transport Layer Security (\s-1TLS\s0 v1) protocols. It provides a rich \s-1API\s0 which is
|
||
|
documented here.
|
||
|
.PP
|
||
|
An \fB\s-1SSL_CTX\s0\fR object is created as a framework to establish
|
||
|
\&\s-1TLS/SSL\s0 enabled connections (see \fBSSL_CTX_new\fR\|(3)).
|
||
|
Various options regarding certificates, algorithms etc. can be set
|
||
|
in this object.
|
||
|
.PP
|
||
|
When a network connection has been created, it can be assigned to an
|
||
|
\&\fB\s-1SSL\s0\fR object. After the \fB\s-1SSL\s0\fR object has been created using
|
||
|
\&\fBSSL_new\fR\|(3), \fBSSL_set_fd\fR\|(3) or
|
||
|
\&\fBSSL_set_bio\fR\|(3) can be used to associate the network
|
||
|
connection with the object.
|
||
|
.PP
|
||
|
When the \s-1TLS/SSL\s0 handshake is performed using
|
||
|
\&\fBSSL_accept\fR\|(3) or \fBSSL_connect\fR\|(3)
|
||
|
respectively.
|
||
|
\&\fBSSL_read_ex\fR\|(3), \fBSSL_read\fR\|(3), \fBSSL_write_ex\fR\|(3) and \fBSSL_write\fR\|(3) are
|
||
|
used to read and write data on the \s-1TLS/SSL\s0 connection.
|
||
|
\&\fBSSL_shutdown\fR\|(3) can be used to shut down the
|
||
|
\&\s-1TLS/SSL\s0 connection.
|
||
|
.SH "DATA STRUCTURES"
|
||
|
.IX Header "DATA STRUCTURES"
|
||
|
Currently the OpenSSL \fBssl\fR library functions deals with the following data
|
||
|
structures:
|
||
|
.IP "\fB\s-1SSL_METHOD\s0\fR (\s-1SSL\s0 Method)" 4
|
||
|
.IX Item "SSL_METHOD (SSL Method)"
|
||
|
This is a dispatch structure describing the internal \fBssl\fR library
|
||
|
methods/functions which implement the various protocol versions (SSLv3
|
||
|
TLSv1, ...). It's needed to create an \fB\s-1SSL_CTX\s0\fR.
|
||
|
.IP "\fB\s-1SSL_CIPHER\s0\fR (\s-1SSL\s0 Cipher)" 4
|
||
|
.IX Item "SSL_CIPHER (SSL Cipher)"
|
||
|
This structure holds the algorithm information for a particular cipher which
|
||
|
are a core part of the \s-1SSL/TLS\s0 protocol. The available ciphers are configured
|
||
|
on a \fB\s-1SSL_CTX\s0\fR basis and the actual ones used are then part of the
|
||
|
\&\fB\s-1SSL_SESSION\s0\fR.
|
||
|
.IP "\fB\s-1SSL_CTX\s0\fR (\s-1SSL\s0 Context)" 4
|
||
|
.IX Item "SSL_CTX (SSL Context)"
|
||
|
This is the global context structure which is created by a server or client
|
||
|
once per program life-time and which holds mainly default values for the
|
||
|
\&\fB\s-1SSL\s0\fR structures which are later created for the connections.
|
||
|
.IP "\fB\s-1SSL_SESSION\s0\fR (\s-1SSL\s0 Session)" 4
|
||
|
.IX Item "SSL_SESSION (SSL Session)"
|
||
|
This is a structure containing the current \s-1TLS/SSL\s0 session details for a
|
||
|
connection: \fB\s-1SSL_CIPHER\s0\fRs, client and server certificates, keys, etc.
|
||
|
.IP "\fB\s-1SSL\s0\fR (\s-1SSL\s0 Connection)" 4
|
||
|
.IX Item "SSL (SSL Connection)"
|
||
|
This is the main \s-1SSL/TLS\s0 structure which is created by a server or client per
|
||
|
established connection. This actually is the core structure in the \s-1SSL API.\s0
|
||
|
At run-time the application usually deals with this structure which has
|
||
|
links to mostly all other structures.
|
||
|
.SH "HEADER FILES"
|
||
|
.IX Header "HEADER FILES"
|
||
|
Currently the OpenSSL \fBssl\fR library provides the following C header files
|
||
|
containing the prototypes for the data structures and functions:
|
||
|
.IP "\fBssl.h\fR" 4
|
||
|
.IX Item "ssl.h"
|
||
|
This is the common header file for the \s-1SSL/TLS API.\s0 Include it into your
|
||
|
program to make the \s-1API\s0 of the \fBssl\fR library available. It internally
|
||
|
includes both more private \s-1SSL\s0 headers and headers from the \fBcrypto\fR library.
|
||
|
Whenever you need hard-core details on the internals of the \s-1SSL API,\s0 look
|
||
|
inside this header file.
|
||
|
.IP "\fBssl2.h\fR" 4
|
||
|
.IX Item "ssl2.h"
|
||
|
Unused. Present for backwards compatibility only.
|
||
|
.IP "\fBssl3.h\fR" 4
|
||
|
.IX Item "ssl3.h"
|
||
|
This is the sub header file dealing with the SSLv3 protocol only.
|
||
|
\&\fIUsually you don't have to include it explicitly because
|
||
|
it's already included by ssl.h\fR.
|
||
|
.IP "\fBtls1.h\fR" 4
|
||
|
.IX Item "tls1.h"
|
||
|
This is the sub header file dealing with the TLSv1 protocol only.
|
||
|
\&\fIUsually you don't have to include it explicitly because
|
||
|
it's already included by ssl.h\fR.
|
||
|
.SH "API FUNCTIONS"
|
||
|
.IX Header "API FUNCTIONS"
|
||
|
Currently the OpenSSL \fBssl\fR library exports 214 \s-1API\s0 functions.
|
||
|
They are documented in the following:
|
||
|
.SS "Dealing with Protocol Methods"
|
||
|
.IX Subsection "Dealing with Protocol Methods"
|
||
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
||
|
protocol methods defined in \fB\s-1SSL_METHOD\s0\fR structures.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLS_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLS_method(void);"
|
||
|
Constructor for the \fIversion-flexible\fR \s-1SSL_METHOD\s0 structure for clients,
|
||
|
servers or both.
|
||
|
See \fBSSL_CTX_new\fR\|(3) for details.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLS_client_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLS_client_method(void);"
|
||
|
Constructor for the \fIversion-flexible\fR \s-1SSL_METHOD\s0 structure for clients.
|
||
|
Must be used to support the TLSv1.3 protocol.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLS_server_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLS_server_method(void);"
|
||
|
Constructor for the \fIversion-flexible\fR \s-1SSL_METHOD\s0 structure for servers.
|
||
|
Must be used to support the TLSv1.3 protocol.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLSv1_2_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLSv1_2_method(void);"
|
||
|
Constructor for the TLSv1.2 \s-1SSL_METHOD\s0 structure for clients, servers or both.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLSv1_2_client_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLSv1_2_client_method(void);"
|
||
|
Constructor for the TLSv1.2 \s-1SSL_METHOD\s0 structure for clients.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLSv1_2_server_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLSv1_2_server_method(void);"
|
||
|
Constructor for the TLSv1.2 \s-1SSL_METHOD\s0 structure for servers.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLSv1_1_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLSv1_1_method(void);"
|
||
|
Constructor for the TLSv1.1 \s-1SSL_METHOD\s0 structure for clients, servers or both.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLSv1_1_client_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLSv1_1_client_method(void);"
|
||
|
Constructor for the TLSv1.1 \s-1SSL_METHOD\s0 structure for clients.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLSv1_1_server_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLSv1_1_server_method(void);"
|
||
|
Constructor for the TLSv1.1 \s-1SSL_METHOD\s0 structure for servers.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLSv1_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLSv1_method(void);"
|
||
|
Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for clients, servers or both.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLSv1_client_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLSv1_client_method(void);"
|
||
|
Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for clients.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBTLSv1_server_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *TLSv1_server_method(void);"
|
||
|
Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for servers.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBSSLv3_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *SSLv3_method(void);"
|
||
|
Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for clients, servers or both.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBSSLv3_client_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *SSLv3_client_method(void);"
|
||
|
Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for clients.
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBSSLv3_server_method\fR(void);" 4
|
||
|
.IX Item "const SSL_METHOD *SSLv3_server_method(void);"
|
||
|
Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for servers.
|
||
|
.SS "Dealing with Ciphers"
|
||
|
.IX Subsection "Dealing with Ciphers"
|
||
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
||
|
ciphers defined in \fB\s-1SSL_CIPHER\s0\fR structures.
|
||
|
.IP "char *\fBSSL_CIPHER_description\fR(\s-1SSL_CIPHER\s0 *cipher, char *buf, int len);" 4
|
||
|
.IX Item "char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len);"
|
||
|
Write a string to \fIbuf\fR (with a maximum size of \fIlen\fR) containing a human
|
||
|
readable description of \fIcipher\fR. Returns \fIbuf\fR.
|
||
|
.IP "int \fBSSL_CIPHER_get_bits\fR(\s-1SSL_CIPHER\s0 *cipher, int *alg_bits);" 4
|
||
|
.IX Item "int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);"
|
||
|
Determine the number of bits in \fIcipher\fR. Because of export crippled ciphers
|
||
|
there are two bits: The bits the algorithm supports in general (stored to
|
||
|
\&\fIalg_bits\fR) and the bits which are actually used (the return value).
|
||
|
.IP "const char *\fBSSL_CIPHER_get_name\fR(\s-1SSL_CIPHER\s0 *cipher);" 4
|
||
|
.IX Item "const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);"
|
||
|
Return the internal name of \fIcipher\fR as a string. These are the various
|
||
|
strings defined by the \fISSL3_TXT_xxx\fR and \fITLS1_TXT_xxx\fR
|
||
|
definitions in the header files.
|
||
|
.IP "const char *\fBSSL_CIPHER_get_version\fR(\s-1SSL_CIPHER\s0 *cipher);" 4
|
||
|
.IX Item "const char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);"
|
||
|
Returns a string like "\f(CW\*(C`SSLv3\*(C'\fR\*(L" or \*(R"\f(CW\*(C`TLSv1.2\*(C'\fR" which indicates the
|
||
|
\&\s-1SSL/TLS\s0 protocol version to which \fIcipher\fR belongs (i.e. where it was defined
|
||
|
in the specification the first time).
|
||
|
.SS "Dealing with Protocol Contexts"
|
||
|
.IX Subsection "Dealing with Protocol Contexts"
|
||
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
||
|
protocol context defined in the \fB\s-1SSL_CTX\s0\fR structure.
|
||
|
.IP "int \fBSSL_CTX_add_client_CA\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4
|
||
|
.IX Item "int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);"
|
||
|
.PD 0
|
||
|
.IP "long \fBSSL_CTX_add_extra_chain_cert\fR(\s-1SSL_CTX\s0 *ctx, X509 *x509);" 4
|
||
|
.IX Item "long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);"
|
||
|
.IP "int \fBSSL_CTX_add_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);" 4
|
||
|
.IX Item "int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);"
|
||
|
.IP "int \fBSSL_CTX_check_private_key\fR(const \s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_check_private_key(const SSL_CTX *ctx);"
|
||
|
.IP "long \fBSSL_CTX_ctrl\fR(\s-1SSL_CTX\s0 *ctx, int cmd, long larg, char *parg);" 4
|
||
|
.IX Item "long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg);"
|
||
|
.IP "void \fBSSL_CTX_flush_sessions\fR(\s-1SSL_CTX\s0 *s, long t);" 4
|
||
|
.IX Item "void SSL_CTX_flush_sessions(SSL_CTX *s, long t);"
|
||
|
.IP "void \fBSSL_CTX_free\fR(\s-1SSL_CTX\s0 *a);" 4
|
||
|
.IX Item "void SSL_CTX_free(SSL_CTX *a);"
|
||
|
.IP "char *\fBSSL_CTX_get_app_data\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "char *SSL_CTX_get_app_data(SSL_CTX *ctx);"
|
||
|
.IP "X509_STORE *\fBSSL_CTX_get_cert_store\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);"
|
||
|
.IP "\s-1STACK\s0 *\fBSSL_CTX_get_ciphers\fR(const \s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "STACK *SSL_CTX_get_ciphers(const SSL_CTX *ctx);"
|
||
|
.IP "\s-1STACK\s0 *\fBSSL_CTX_get_client_CA_list\fR(const \s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "STACK *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);"
|
||
|
.IP "int (*\fBSSL_CTX_get_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey);" 4
|
||
|
.IX Item "int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);"
|
||
|
.IP "void \fBSSL_CTX_get_default_read_ahead\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "void SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);"
|
||
|
.IP "char *\fBSSL_CTX_get_ex_data\fR(const \s-1SSL_CTX\s0 *s, int idx);" 4
|
||
|
.IX Item "char *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx);"
|
||
|
.IP "int \fBSSL_CTX_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4
|
||
|
.IX Item "int SSL_CTX_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))"
|
||
|
.IP "void (*\fBSSL_CTX_get_info_callback\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, int cb, int ret);" 4
|
||
|
.IX Item "void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);"
|
||
|
.IP "int \fBSSL_CTX_get_quiet_shutdown\fR(const \s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);"
|
||
|
.IP "void \fBSSL_CTX_get_read_ahead\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "void SSL_CTX_get_read_ahead(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_get_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_get_session_cache_mode(SSL_CTX *ctx);"
|
||
|
.IP "long \fBSSL_CTX_get_timeout\fR(const \s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "long SSL_CTX_get_timeout(const SSL_CTX *ctx);"
|
||
|
.IP "int (*\fBSSL_CTX_get_verify_callback\fR(const \s-1SSL_CTX\s0 *ctx))(int ok, X509_STORE_CTX *ctx);" 4
|
||
|
.IX Item "int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_get_verify_mode\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_get_verify_mode(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_load_verify_locations\fR(\s-1SSL_CTX\s0 *ctx, const char *CAfile, const char *CApath);" 4
|
||
|
.IX Item "int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath);"
|
||
|
.IP "\s-1SSL_CTX\s0 *\fBSSL_CTX_new\fR(const \s-1SSL_METHOD\s0 *meth);" 4
|
||
|
.IX Item "SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);"
|
||
|
.IP "int SSL_CTX_up_ref(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_up_ref(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_remove_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);" 4
|
||
|
.IX Item "int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);"
|
||
|
.IP "int \fBSSL_CTX_sess_accept\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_accept(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_accept_good\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_accept_good(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_accept_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_cache_full\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_cache_full(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_cb_hits\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_cb_hits(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_connect\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_connect(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_connect_good\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_connect_good(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_connect_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_get_cache_size\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);"
|
||
|
.IP "\s-1SSL_SESSION\s0 *(*\fBSSL_CTX_sess_get_get_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy);" 4
|
||
|
.IX Item "SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy);"
|
||
|
.IP "int (*\fBSSL_CTX_sess_get_new_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess);" 4
|
||
|
.IX Item "int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess);"
|
||
|
.IP "void (*\fBSSL_CTX_sess_get_remove_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess);" 4
|
||
|
.IX Item "void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess);"
|
||
|
.IP "int \fBSSL_CTX_sess_hits\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_hits(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_misses\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_misses(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_sess_number\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_number(SSL_CTX *ctx);"
|
||
|
.IP "void \fBSSL_CTX_sess_set_cache_size\fR(\s-1SSL_CTX\s0 *ctx, t);" 4
|
||
|
.IX Item "void SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, t);"
|
||
|
.IP "void \fBSSL_CTX_sess_set_get_cb\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *(*cb)(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy));" 4
|
||
|
.IX Item "void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));"
|
||
|
.IP "void \fBSSL_CTX_sess_set_new_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess));" 4
|
||
|
.IX Item "void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess));"
|
||
|
.IP "void \fBSSL_CTX_sess_set_remove_cb\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess));" 4
|
||
|
.IX Item "void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess));"
|
||
|
.IP "int \fBSSL_CTX_sess_timeouts\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_sess_timeouts(SSL_CTX *ctx);"
|
||
|
.IP "\s-1LHASH\s0 *\fBSSL_CTX_sessions\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "LHASH *SSL_CTX_sessions(SSL_CTX *ctx);"
|
||
|
.IP "int \fBSSL_CTX_set_app_data\fR(\s-1SSL_CTX\s0 *ctx, void *arg);" 4
|
||
|
.IX Item "int SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg);"
|
||
|
.IP "void \fBSSL_CTX_set_cert_store\fR(\s-1SSL_CTX\s0 *ctx, X509_STORE *cs);" 4
|
||
|
.IX Item "void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *cs);"
|
||
|
.IP "void \fBSSL_CTX_set1_cert_store\fR(\s-1SSL_CTX\s0 *ctx, X509_STORE *cs);" 4
|
||
|
.IX Item "void SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *cs);"
|
||
|
.IP "void \fBSSL_CTX_set_cert_verify_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(), char *arg)" 4
|
||
|
.IX Item "void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(), char *arg)"
|
||
|
.IP "int \fBSSL_CTX_set_cipher_list\fR(\s-1SSL_CTX\s0 *ctx, char *str);" 4
|
||
|
.IX Item "int SSL_CTX_set_cipher_list(SSL_CTX *ctx, char *str);"
|
||
|
.IP "void \fBSSL_CTX_set_client_CA_list\fR(\s-1SSL_CTX\s0 *ctx, \s-1STACK\s0 *list);" 4
|
||
|
.IX Item "void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);"
|
||
|
.IP "void \fBSSL_CTX_set_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey));" 4
|
||
|
.IX Item "void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));"
|
||
|
.IP "int \fBSSL_CTX_set_ct_validation_callback\fR(\s-1SSL_CTX\s0 *ctx, ssl_ct_validation_cb callback, void *arg);" 4
|
||
|
.IX Item "int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx, ssl_ct_validation_cb callback, void *arg);"
|
||
|
.IP "void \fBSSL_CTX_set_default_passwd_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb);(void))" 4
|
||
|
.IX Item "void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, int (*cb);(void))"
|
||
|
.IP "void \fBSSL_CTX_set_default_read_ahead\fR(\s-1SSL_CTX\s0 *ctx, int m);" 4
|
||
|
.IX Item "void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m);"
|
||
|
.IP "int \fBSSL_CTX_set_default_verify_paths\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);"
|
||
|
.PD
|
||
|
Use the default paths to locate trusted \s-1CA\s0 certificates. There is one default
|
||
|
directory path and one default file path. Both are set via this call.
|
||
|
.IP "int \fBSSL_CTX_set_default_verify_dir\fR(\s-1SSL_CTX\s0 *ctx)" 4
|
||
|
.IX Item "int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx)"
|
||
|
Use the default directory path to locate trusted \s-1CA\s0 certificates.
|
||
|
.IP "int \fBSSL_CTX_set_default_verify_file\fR(\s-1SSL_CTX\s0 *ctx)" 4
|
||
|
.IX Item "int SSL_CTX_set_default_verify_file(SSL_CTX *ctx)"
|
||
|
Use the file path to locate trusted \s-1CA\s0 certificates.
|
||
|
.IP "int \fBSSL_CTX_set_ex_data\fR(\s-1SSL_CTX\s0 *s, int idx, char *arg);" 4
|
||
|
.IX Item "int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg);"
|
||
|
.PD 0
|
||
|
.IP "void \fBSSL_CTX_set_info_callback\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL\s0 *ssl, int cb, int ret));" 4
|
||
|
.IX Item "void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret));"
|
||
|
.IP "void \fBSSL_CTX_set_msg_callback\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, \s-1SSL\s0 *ssl, void *arg));" 4
|
||
|
.IX Item "void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));"
|
||
|
.IP "void \fBSSL_CTX_set_msg_callback_arg\fR(\s-1SSL_CTX\s0 *ctx, void *arg);" 4
|
||
|
.IX Item "void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);"
|
||
|
.IP "unsigned long \fBSSL_CTX_clear_options\fR(\s-1SSL_CTX\s0 *ctx, unsigned long op);" 4
|
||
|
.IX Item "unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op);"
|
||
|
.IP "unsigned long \fBSSL_CTX_get_options\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "unsigned long SSL_CTX_get_options(SSL_CTX *ctx);"
|
||
|
.IP "unsigned long \fBSSL_CTX_set_options\fR(\s-1SSL_CTX\s0 *ctx, unsigned long op);" 4
|
||
|
.IX Item "unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);"
|
||
|
.IP "void \fBSSL_CTX_set_quiet_shutdown\fR(\s-1SSL_CTX\s0 *ctx, int mode);" 4
|
||
|
.IX Item "void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);"
|
||
|
.IP "void \fBSSL_CTX_set_read_ahead\fR(\s-1SSL_CTX\s0 *ctx, int m);" 4
|
||
|
.IX Item "void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int m);"
|
||
|
.IP "void \fBSSL_CTX_set_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx, int mode);" 4
|
||
|
.IX Item "void SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode);"
|
||
|
.IP "int \fBSSL_CTX_set_ssl_version\fR(\s-1SSL_CTX\s0 *ctx, const \s-1SSL_METHOD\s0 *meth);" 4
|
||
|
.IX Item "int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);"
|
||
|
.IP "void \fBSSL_CTX_set_timeout\fR(\s-1SSL_CTX\s0 *ctx, long t);" 4
|
||
|
.IX Item "void SSL_CTX_set_timeout(SSL_CTX *ctx, long t);"
|
||
|
.IP "long \fBSSL_CTX_set_tmp_dh\fR(SSL_CTX* ctx, \s-1DH\s0 *dh);" 4
|
||
|
.IX Item "long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH *dh);"
|
||
|
.IP "long \fBSSL_CTX_set_tmp_dh_callback\fR(\s-1SSL_CTX\s0 *ctx, \s-1DH\s0 *(*cb)(void));" 4
|
||
|
.IX Item "long SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*cb)(void));"
|
||
|
.IP "void \fBSSL_CTX_set_verify\fR(\s-1SSL_CTX\s0 *ctx, int mode, int (*cb);(void))" 4
|
||
|
.IX Item "void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb);(void))"
|
||
|
.IP "int \fBSSL_CTX_use_PrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1EVP_PKEY\s0 *pkey);" 4
|
||
|
.IX Item "int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);"
|
||
|
.IP "int \fBSSL_CTX_use_PrivateKey_ASN1\fR(int type, \s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);" 4
|
||
|
.IX Item "int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d, long len);"
|
||
|
.IP "int \fBSSL_CTX_use_PrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, const char *file, int type);" 4
|
||
|
.IX Item "int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);"
|
||
|
.IP "int \fBSSL_CTX_use_RSAPrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1RSA\s0 *rsa);" 4
|
||
|
.IX Item "int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);"
|
||
|
.IP "int \fBSSL_CTX_use_RSAPrivateKey_ASN1\fR(\s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);" 4
|
||
|
.IX Item "int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);"
|
||
|
.IP "int \fBSSL_CTX_use_RSAPrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, const char *file, int type);" 4
|
||
|
.IX Item "int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);"
|
||
|
.IP "int \fBSSL_CTX_use_certificate\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4
|
||
|
.IX Item "int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);"
|
||
|
.IP "int \fBSSL_CTX_use_certificate_ASN1\fR(\s-1SSL_CTX\s0 *ctx, int len, unsigned char *d);" 4
|
||
|
.IX Item "int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);"
|
||
|
.IP "int \fBSSL_CTX_use_certificate_file\fR(\s-1SSL_CTX\s0 *ctx, const char *file, int type);" 4
|
||
|
.IX Item "int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);"
|
||
|
.IP "int \fBSSL_CTX_use_cert_and_key\fR(\s-1SSL_CTX\s0 *ctx, X509 *x, \s-1EVP_PKEY\s0 *pkey, \s-1STACK_OF\s0(X509) *chain, int override);" 4
|
||
|
.IX Item "int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);"
|
||
|
.IP "X509 *\fBSSL_CTX_get0_certificate\fR(const \s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);"
|
||
|
.IP "\s-1EVP_PKEY\s0 *\fBSSL_CTX_get0_privatekey\fR(const \s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);"
|
||
|
.IP "void \fBSSL_CTX_set_psk_client_callback\fR(\s-1SSL_CTX\s0 *ctx, unsigned int (*callback)(\s-1SSL\s0 *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));" 4
|
||
|
.IX Item "void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));"
|
||
|
.IP "int \fBSSL_CTX_use_psk_identity_hint\fR(\s-1SSL_CTX\s0 *ctx, const char *hint);" 4
|
||
|
.IX Item "int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);"
|
||
|
.IP "void \fBSSL_CTX_set_psk_server_callback\fR(\s-1SSL_CTX\s0 *ctx, unsigned int (*callback)(\s-1SSL\s0 *ssl, const char *identity, unsigned char *psk, int max_psk_len));" 4
|
||
|
.IX Item "void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));"
|
||
|
.PD
|
||
|
.SS "Dealing with Sessions"
|
||
|
.IX Subsection "Dealing with Sessions"
|
||
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
||
|
sessions defined in the \fB\s-1SSL_SESSION\s0\fR structures.
|
||
|
.IP "int \fBSSL_SESSION_cmp\fR(const \s-1SSL_SESSION\s0 *a, const \s-1SSL_SESSION\s0 *b);" 4
|
||
|
.IX Item "int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b);"
|
||
|
.PD 0
|
||
|
.IP "void \fBSSL_SESSION_free\fR(\s-1SSL_SESSION\s0 *ss);" 4
|
||
|
.IX Item "void SSL_SESSION_free(SSL_SESSION *ss);"
|
||
|
.IP "char *\fBSSL_SESSION_get_app_data\fR(\s-1SSL_SESSION\s0 *s);" 4
|
||
|
.IX Item "char *SSL_SESSION_get_app_data(SSL_SESSION *s);"
|
||
|
.IP "char *\fBSSL_SESSION_get_ex_data\fR(const \s-1SSL_SESSION\s0 *s, int idx);" 4
|
||
|
.IX Item "char *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx);"
|
||
|
.IP "int \fBSSL_SESSION_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4
|
||
|
.IX Item "int SSL_SESSION_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))"
|
||
|
.IP "long \fBSSL_SESSION_get_time\fR(const \s-1SSL_SESSION\s0 *s);" 4
|
||
|
.IX Item "long SSL_SESSION_get_time(const SSL_SESSION *s);"
|
||
|
.IP "long \fBSSL_SESSION_get_timeout\fR(const \s-1SSL_SESSION\s0 *s);" 4
|
||
|
.IX Item "long SSL_SESSION_get_timeout(const SSL_SESSION *s);"
|
||
|
.IP "unsigned long \fBSSL_SESSION_hash\fR(const \s-1SSL_SESSION\s0 *a);" 4
|
||
|
.IX Item "unsigned long SSL_SESSION_hash(const SSL_SESSION *a);"
|
||
|
.IP "\s-1SSL_SESSION\s0 *\fBSSL_SESSION_new\fR(void);" 4
|
||
|
.IX Item "SSL_SESSION *SSL_SESSION_new(void);"
|
||
|
.IP "int \fBSSL_SESSION_print\fR(\s-1BIO\s0 *bp, const \s-1SSL_SESSION\s0 *x);" 4
|
||
|
.IX Item "int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x);"
|
||
|
.IP "int \fBSSL_SESSION_print_fp\fR(\s-1FILE\s0 *fp, const \s-1SSL_SESSION\s0 *x);" 4
|
||
|
.IX Item "int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x);"
|
||
|
.IP "int \fBSSL_SESSION_set_app_data\fR(\s-1SSL_SESSION\s0 *s, char *a);" 4
|
||
|
.IX Item "int SSL_SESSION_set_app_data(SSL_SESSION *s, char *a);"
|
||
|
.IP "int \fBSSL_SESSION_set_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx, char *arg);" 4
|
||
|
.IX Item "int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, char *arg);"
|
||
|
.IP "long \fBSSL_SESSION_set_time\fR(\s-1SSL_SESSION\s0 *s, long t);" 4
|
||
|
.IX Item "long SSL_SESSION_set_time(SSL_SESSION *s, long t);"
|
||
|
.IP "long \fBSSL_SESSION_set_timeout\fR(\s-1SSL_SESSION\s0 *s, long t);" 4
|
||
|
.IX Item "long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);"
|
||
|
.PD
|
||
|
.SS "Dealing with Connections"
|
||
|
.IX Subsection "Dealing with Connections"
|
||
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
||
|
connection defined in the \fB\s-1SSL\s0\fR structure.
|
||
|
.IP "int \fBSSL_accept\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_accept(SSL *ssl);"
|
||
|
.PD 0
|
||
|
.IP "int \fBSSL_add_dir_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *dir);" 4
|
||
|
.IX Item "int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir);"
|
||
|
.IP "int \fBSSL_add_file_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *file);" 4
|
||
|
.IX Item "int SSL_add_file_cert_subjects_to_stack(STACK *stack, const char *file);"
|
||
|
.IP "int \fBSSL_add_client_CA\fR(\s-1SSL\s0 *ssl, X509 *x);" 4
|
||
|
.IX Item "int SSL_add_client_CA(SSL *ssl, X509 *x);"
|
||
|
.IP "char *\fBSSL_alert_desc_string\fR(int value);" 4
|
||
|
.IX Item "char *SSL_alert_desc_string(int value);"
|
||
|
.IP "char *\fBSSL_alert_desc_string_long\fR(int value);" 4
|
||
|
.IX Item "char *SSL_alert_desc_string_long(int value);"
|
||
|
.IP "char *\fBSSL_alert_type_string\fR(int value);" 4
|
||
|
.IX Item "char *SSL_alert_type_string(int value);"
|
||
|
.IP "char *\fBSSL_alert_type_string_long\fR(int value);" 4
|
||
|
.IX Item "char *SSL_alert_type_string_long(int value);"
|
||
|
.IP "int \fBSSL_check_private_key\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_check_private_key(const SSL *ssl);"
|
||
|
.IP "void \fBSSL_clear\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "void SSL_clear(SSL *ssl);"
|
||
|
.IP "long \fBSSL_clear_num_renegotiations\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "long SSL_clear_num_renegotiations(SSL *ssl);"
|
||
|
.IP "int \fBSSL_connect\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_connect(SSL *ssl);"
|
||
|
.IP "int \fBSSL_copy_session_id\fR(\s-1SSL\s0 *t, const \s-1SSL\s0 *f);" 4
|
||
|
.IX Item "int SSL_copy_session_id(SSL *t, const SSL *f);"
|
||
|
.PD
|
||
|
Sets the session details for \fBt\fR to be the same as in \fBf\fR. Returns 1 on
|
||
|
success or 0 on failure.
|
||
|
.IP "long \fBSSL_ctrl\fR(\s-1SSL\s0 *ssl, int cmd, long larg, char *parg);" 4
|
||
|
.IX Item "long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg);"
|
||
|
.PD 0
|
||
|
.IP "int \fBSSL_do_handshake\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_do_handshake(SSL *ssl);"
|
||
|
.IP "\s-1SSL\s0 *\fBSSL_dup\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "SSL *SSL_dup(SSL *ssl);"
|
||
|
.PD
|
||
|
\&\fBSSL_dup()\fR allows applications to configure an \s-1SSL\s0 handle for use
|
||
|
in multiple \s-1SSL\s0 connections, and then duplicate it prior to initiating
|
||
|
each connection with the duplicated handle.
|
||
|
Use of \fBSSL_dup()\fR avoids the need to repeat the configuration of the
|
||
|
handles for each connection.
|
||
|
.Sp
|
||
|
For \fBSSL_dup()\fR to work, the connection \s-1MUST\s0 be in its initial state
|
||
|
and \s-1MUST NOT\s0 have not yet have started the \s-1SSL\s0 handshake.
|
||
|
For connections that are not in their initial state \fBSSL_dup()\fR just
|
||
|
increments an internal reference count and returns the \fIsame\fR
|
||
|
handle.
|
||
|
It may be possible to use \fBSSL_clear\fR\|(3) to recycle an \s-1SSL\s0 handle
|
||
|
that is not in its initial state for re-use, but this is best
|
||
|
avoided.
|
||
|
Instead, save and restore the session, if desired, and construct a
|
||
|
fresh handle for each connection.
|
||
|
.IP "\s-1STACK\s0 *\fBSSL_dup_CA_list\fR(\s-1STACK\s0 *sk);" 4
|
||
|
.IX Item "STACK *SSL_dup_CA_list(STACK *sk);"
|
||
|
.PD 0
|
||
|
.IP "void \fBSSL_free\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "void SSL_free(SSL *ssl);"
|
||
|
.IP "\s-1SSL_CTX\s0 *\fBSSL_get_SSL_CTX\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);"
|
||
|
.IP "char *\fBSSL_get_app_data\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "char *SSL_get_app_data(SSL *ssl);"
|
||
|
.IP "X509 *\fBSSL_get_certificate\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "X509 *SSL_get_certificate(const SSL *ssl);"
|
||
|
.IP "const char *\fBSSL_get_cipher\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "const char *SSL_get_cipher(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_is_dtls\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_is_dtls(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_get_cipher_bits\fR(const \s-1SSL\s0 *ssl, int *alg_bits);" 4
|
||
|
.IX Item "int SSL_get_cipher_bits(const SSL *ssl, int *alg_bits);"
|
||
|
.IP "char *\fBSSL_get_cipher_list\fR(const \s-1SSL\s0 *ssl, int n);" 4
|
||
|
.IX Item "char *SSL_get_cipher_list(const SSL *ssl, int n);"
|
||
|
.IP "char *\fBSSL_get_cipher_name\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "char *SSL_get_cipher_name(const SSL *ssl);"
|
||
|
.IP "char *\fBSSL_get_cipher_version\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "char *SSL_get_cipher_version(const SSL *ssl);"
|
||
|
.IP "\s-1STACK\s0 *\fBSSL_get_ciphers\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "STACK *SSL_get_ciphers(const SSL *ssl);"
|
||
|
.IP "\s-1STACK\s0 *\fBSSL_get_client_CA_list\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "STACK *SSL_get_client_CA_list(const SSL *ssl);"
|
||
|
.IP "\s-1SSL_CIPHER\s0 *\fBSSL_get_current_cipher\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);"
|
||
|
.IP "long \fBSSL_get_default_timeout\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "long SSL_get_default_timeout(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_get_error\fR(const \s-1SSL\s0 *ssl, int i);" 4
|
||
|
.IX Item "int SSL_get_error(const SSL *ssl, int i);"
|
||
|
.IP "char *\fBSSL_get_ex_data\fR(const \s-1SSL\s0 *ssl, int idx);" 4
|
||
|
.IX Item "char *SSL_get_ex_data(const SSL *ssl, int idx);"
|
||
|
.IP "int \fBSSL_get_ex_data_X509_STORE_CTX_idx\fR(void);" 4
|
||
|
.IX Item "int SSL_get_ex_data_X509_STORE_CTX_idx(void);"
|
||
|
.IP "int \fBSSL_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4
|
||
|
.IX Item "int SSL_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))"
|
||
|
.IP "int \fBSSL_get_fd\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_get_fd(const SSL *ssl);"
|
||
|
.IP "void (*\fBSSL_get_info_callback\fR(const \s-1SSL\s0 *ssl);)()" 4
|
||
|
.IX Item "void (*SSL_get_info_callback(const SSL *ssl);)()"
|
||
|
.IP "int \fBSSL_get_key_update_type\fR(\s-1SSL\s0 *s);" 4
|
||
|
.IX Item "int SSL_get_key_update_type(SSL *s);"
|
||
|
.IP "\s-1STACK\s0 *\fBSSL_get_peer_cert_chain\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "STACK *SSL_get_peer_cert_chain(const SSL *ssl);"
|
||
|
.IP "X509 *\fBSSL_get_peer_certificate\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "X509 *SSL_get_peer_certificate(const SSL *ssl);"
|
||
|
.IP "const \s-1STACK_OF\s0(\s-1SCT\s0) *\fBSSL_get0_peer_scts\fR(\s-1SSL\s0 *s);" 4
|
||
|
.IX Item "const STACK_OF(SCT) *SSL_get0_peer_scts(SSL *s);"
|
||
|
.IP "\s-1EVP_PKEY\s0 *\fBSSL_get_privatekey\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "EVP_PKEY *SSL_get_privatekey(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_get_quiet_shutdown\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_get_quiet_shutdown(const SSL *ssl);"
|
||
|
.IP "\s-1BIO\s0 *\fBSSL_get_rbio\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "BIO *SSL_get_rbio(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_get_read_ahead\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_get_read_ahead(const SSL *ssl);"
|
||
|
.IP "\s-1SSL_SESSION\s0 *\fBSSL_get_session\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "SSL_SESSION *SSL_get_session(const SSL *ssl);"
|
||
|
.IP "char *\fBSSL_get_shared_ciphers\fR(const \s-1SSL\s0 *ssl, char *buf, int size);" 4
|
||
|
.IX Item "char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int size);"
|
||
|
.IP "int \fBSSL_get_shutdown\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_get_shutdown(const SSL *ssl);"
|
||
|
.IP "const \s-1SSL_METHOD\s0 *\fBSSL_get_ssl_method\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);"
|
||
|
.IP "int \fBSSL_get_state\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_get_state(const SSL *ssl);"
|
||
|
.IP "long \fBSSL_get_time\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "long SSL_get_time(const SSL *ssl);"
|
||
|
.IP "long \fBSSL_get_timeout\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "long SSL_get_timeout(const SSL *ssl);"
|
||
|
.IP "int (*\fBSSL_get_verify_callback\fR(const \s-1SSL\s0 *ssl))(int, X509_STORE_CTX *)" 4
|
||
|
.IX Item "int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *)"
|
||
|
.IP "int \fBSSL_get_verify_mode\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_get_verify_mode(const SSL *ssl);"
|
||
|
.IP "long \fBSSL_get_verify_result\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "long SSL_get_verify_result(const SSL *ssl);"
|
||
|
.IP "char *\fBSSL_get_version\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "char *SSL_get_version(const SSL *ssl);"
|
||
|
.IP "\s-1BIO\s0 *\fBSSL_get_wbio\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "BIO *SSL_get_wbio(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_in_accept_init\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_in_accept_init(SSL *ssl);"
|
||
|
.IP "int \fBSSL_in_before\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_in_before(SSL *ssl);"
|
||
|
.IP "int \fBSSL_in_connect_init\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_in_connect_init(SSL *ssl);"
|
||
|
.IP "int \fBSSL_in_init\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_in_init(SSL *ssl);"
|
||
|
.IP "int \fBSSL_is_init_finished\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_is_init_finished(SSL *ssl);"
|
||
|
.IP "int \fBSSL_key_update\fR(\s-1SSL\s0 *s, int updatetype);" 4
|
||
|
.IX Item "int SSL_key_update(SSL *s, int updatetype);"
|
||
|
.IP "\s-1STACK\s0 *\fBSSL_load_client_CA_file\fR(const char *file);" 4
|
||
|
.IX Item "STACK *SSL_load_client_CA_file(const char *file);"
|
||
|
.IP "\s-1SSL\s0 *\fBSSL_new\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
||
|
.IX Item "SSL *SSL_new(SSL_CTX *ctx);"
|
||
|
.IP "int SSL_up_ref(\s-1SSL\s0 *s);" 4
|
||
|
.IX Item "int SSL_up_ref(SSL *s);"
|
||
|
.IP "long \fBSSL_num_renegotiations\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "long SSL_num_renegotiations(SSL *ssl);"
|
||
|
.IP "int \fBSSL_peek\fR(\s-1SSL\s0 *ssl, void *buf, int num);" 4
|
||
|
.IX Item "int SSL_peek(SSL *ssl, void *buf, int num);"
|
||
|
.IP "int \fBSSL_pending\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_pending(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_read\fR(\s-1SSL\s0 *ssl, void *buf, int num);" 4
|
||
|
.IX Item "int SSL_read(SSL *ssl, void *buf, int num);"
|
||
|
.IP "int \fBSSL_renegotiate\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_renegotiate(SSL *ssl);"
|
||
|
.IP "char *\fBSSL_rstate_string\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "char *SSL_rstate_string(SSL *ssl);"
|
||
|
.IP "char *\fBSSL_rstate_string_long\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "char *SSL_rstate_string_long(SSL *ssl);"
|
||
|
.IP "long \fBSSL_session_reused\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "long SSL_session_reused(SSL *ssl);"
|
||
|
.IP "void \fBSSL_set_accept_state\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "void SSL_set_accept_state(SSL *ssl);"
|
||
|
.IP "void \fBSSL_set_app_data\fR(\s-1SSL\s0 *ssl, char *arg);" 4
|
||
|
.IX Item "void SSL_set_app_data(SSL *ssl, char *arg);"
|
||
|
.IP "void \fBSSL_set_bio\fR(\s-1SSL\s0 *ssl, \s-1BIO\s0 *rbio, \s-1BIO\s0 *wbio);" 4
|
||
|
.IX Item "void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);"
|
||
|
.IP "int \fBSSL_set_cipher_list\fR(\s-1SSL\s0 *ssl, char *str);" 4
|
||
|
.IX Item "int SSL_set_cipher_list(SSL *ssl, char *str);"
|
||
|
.IP "void \fBSSL_set_client_CA_list\fR(\s-1SSL\s0 *ssl, \s-1STACK\s0 *list);" 4
|
||
|
.IX Item "void SSL_set_client_CA_list(SSL *ssl, STACK *list);"
|
||
|
.IP "void \fBSSL_set_connect_state\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "void SSL_set_connect_state(SSL *ssl);"
|
||
|
.IP "int \fBSSL_set_ct_validation_callback\fR(\s-1SSL\s0 *ssl, ssl_ct_validation_cb callback, void *arg);" 4
|
||
|
.IX Item "int SSL_set_ct_validation_callback(SSL *ssl, ssl_ct_validation_cb callback, void *arg);"
|
||
|
.IP "int \fBSSL_set_ex_data\fR(\s-1SSL\s0 *ssl, int idx, char *arg);" 4
|
||
|
.IX Item "int SSL_set_ex_data(SSL *ssl, int idx, char *arg);"
|
||
|
.IP "int \fBSSL_set_fd\fR(\s-1SSL\s0 *ssl, int fd);" 4
|
||
|
.IX Item "int SSL_set_fd(SSL *ssl, int fd);"
|
||
|
.IP "void \fBSSL_set_info_callback\fR(\s-1SSL\s0 *ssl, void (*cb);(void))" 4
|
||
|
.IX Item "void SSL_set_info_callback(SSL *ssl, void (*cb);(void))"
|
||
|
.IP "void \fBSSL_set_msg_callback\fR(\s-1SSL\s0 *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, \s-1SSL\s0 *ssl, void *arg));" 4
|
||
|
.IX Item "void SSL_set_msg_callback(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));"
|
||
|
.IP "void \fBSSL_set_msg_callback_arg\fR(\s-1SSL\s0 *ctx, void *arg);" 4
|
||
|
.IX Item "void SSL_set_msg_callback_arg(SSL *ctx, void *arg);"
|
||
|
.IP "unsigned long \fBSSL_clear_options\fR(\s-1SSL\s0 *ssl, unsigned long op);" 4
|
||
|
.IX Item "unsigned long SSL_clear_options(SSL *ssl, unsigned long op);"
|
||
|
.IP "unsigned long \fBSSL_get_options\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "unsigned long SSL_get_options(SSL *ssl);"
|
||
|
.IP "unsigned long \fBSSL_set_options\fR(\s-1SSL\s0 *ssl, unsigned long op);" 4
|
||
|
.IX Item "unsigned long SSL_set_options(SSL *ssl, unsigned long op);"
|
||
|
.IP "void \fBSSL_set_quiet_shutdown\fR(\s-1SSL\s0 *ssl, int mode);" 4
|
||
|
.IX Item "void SSL_set_quiet_shutdown(SSL *ssl, int mode);"
|
||
|
.IP "void \fBSSL_set_read_ahead\fR(\s-1SSL\s0 *ssl, int yes);" 4
|
||
|
.IX Item "void SSL_set_read_ahead(SSL *ssl, int yes);"
|
||
|
.IP "int \fBSSL_set_rfd\fR(\s-1SSL\s0 *ssl, int fd);" 4
|
||
|
.IX Item "int SSL_set_rfd(SSL *ssl, int fd);"
|
||
|
.IP "int \fBSSL_set_session\fR(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *session);" 4
|
||
|
.IX Item "int SSL_set_session(SSL *ssl, SSL_SESSION *session);"
|
||
|
.IP "void \fBSSL_set_shutdown\fR(\s-1SSL\s0 *ssl, int mode);" 4
|
||
|
.IX Item "void SSL_set_shutdown(SSL *ssl, int mode);"
|
||
|
.IP "int \fBSSL_set_ssl_method\fR(\s-1SSL\s0 *ssl, const \s-1SSL_METHOD\s0 *meth);" 4
|
||
|
.IX Item "int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *meth);"
|
||
|
.IP "void \fBSSL_set_time\fR(\s-1SSL\s0 *ssl, long t);" 4
|
||
|
.IX Item "void SSL_set_time(SSL *ssl, long t);"
|
||
|
.IP "void \fBSSL_set_timeout\fR(\s-1SSL\s0 *ssl, long t);" 4
|
||
|
.IX Item "void SSL_set_timeout(SSL *ssl, long t);"
|
||
|
.IP "void \fBSSL_set_verify\fR(\s-1SSL\s0 *ssl, int mode, int (*callback);(void))" 4
|
||
|
.IX Item "void SSL_set_verify(SSL *ssl, int mode, int (*callback);(void))"
|
||
|
.IP "void \fBSSL_set_verify_result\fR(\s-1SSL\s0 *ssl, long arg);" 4
|
||
|
.IX Item "void SSL_set_verify_result(SSL *ssl, long arg);"
|
||
|
.IP "int \fBSSL_set_wfd\fR(\s-1SSL\s0 *ssl, int fd);" 4
|
||
|
.IX Item "int SSL_set_wfd(SSL *ssl, int fd);"
|
||
|
.IP "int \fBSSL_shutdown\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_shutdown(SSL *ssl);"
|
||
|
.IP "\s-1OSSL_HANDSHAKE_STATE\s0 \fBSSL_get_state\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);"
|
||
|
.PD
|
||
|
Returns the current handshake state.
|
||
|
.IP "char *\fBSSL_state_string\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "char *SSL_state_string(const SSL *ssl);"
|
||
|
.PD 0
|
||
|
.IP "char *\fBSSL_state_string_long\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "char *SSL_state_string_long(const SSL *ssl);"
|
||
|
.IP "long \fBSSL_total_renegotiations\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "long SSL_total_renegotiations(SSL *ssl);"
|
||
|
.IP "int \fBSSL_use_PrivateKey\fR(\s-1SSL\s0 *ssl, \s-1EVP_PKEY\s0 *pkey);" 4
|
||
|
.IX Item "int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);"
|
||
|
.IP "int \fBSSL_use_PrivateKey_ASN1\fR(int type, \s-1SSL\s0 *ssl, unsigned char *d, long len);" 4
|
||
|
.IX Item "int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len);"
|
||
|
.IP "int \fBSSL_use_PrivateKey_file\fR(\s-1SSL\s0 *ssl, const char *file, int type);" 4
|
||
|
.IX Item "int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);"
|
||
|
.IP "int \fBSSL_use_RSAPrivateKey\fR(\s-1SSL\s0 *ssl, \s-1RSA\s0 *rsa);" 4
|
||
|
.IX Item "int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);"
|
||
|
.IP "int \fBSSL_use_RSAPrivateKey_ASN1\fR(\s-1SSL\s0 *ssl, unsigned char *d, long len);" 4
|
||
|
.IX Item "int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);"
|
||
|
.IP "int \fBSSL_use_RSAPrivateKey_file\fR(\s-1SSL\s0 *ssl, const char *file, int type);" 4
|
||
|
.IX Item "int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);"
|
||
|
.IP "int \fBSSL_use_certificate\fR(\s-1SSL\s0 *ssl, X509 *x);" 4
|
||
|
.IX Item "int SSL_use_certificate(SSL *ssl, X509 *x);"
|
||
|
.IP "int \fBSSL_use_certificate_ASN1\fR(\s-1SSL\s0 *ssl, int len, unsigned char *d);" 4
|
||
|
.IX Item "int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);"
|
||
|
.IP "int \fBSSL_use_certificate_file\fR(\s-1SSL\s0 *ssl, const char *file, int type);" 4
|
||
|
.IX Item "int SSL_use_certificate_file(SSL *ssl, const char *file, int type);"
|
||
|
.IP "int \fBSSL_use_cert_and_key\fR(\s-1SSL\s0 *ssl, X509 *x, \s-1EVP_PKEY\s0 *pkey, \s-1STACK_OF\s0(X509) *chain, int override);" 4
|
||
|
.IX Item "int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);"
|
||
|
.IP "int \fBSSL_version\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_version(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_want\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_want(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_want_nothing\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_want_nothing(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_want_read\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_want_read(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_want_write\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_want_write(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_want_x509_lookup\fR(const \s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "int SSL_want_x509_lookup(const SSL *ssl);"
|
||
|
.IP "int \fBSSL_write\fR(\s-1SSL\s0 *ssl, const void *buf, int num);" 4
|
||
|
.IX Item "int SSL_write(SSL *ssl, const void *buf, int num);"
|
||
|
.IP "void \fBSSL_set_psk_client_callback\fR(\s-1SSL\s0 *ssl, unsigned int (*callback)(\s-1SSL\s0 *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));" 4
|
||
|
.IX Item "void SSL_set_psk_client_callback(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));"
|
||
|
.IP "int \fBSSL_use_psk_identity_hint\fR(\s-1SSL\s0 *ssl, const char *hint);" 4
|
||
|
.IX Item "int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);"
|
||
|
.IP "void \fBSSL_set_psk_server_callback\fR(\s-1SSL\s0 *ssl, unsigned int (*callback)(\s-1SSL\s0 *ssl, const char *identity, unsigned char *psk, int max_psk_len));" 4
|
||
|
.IX Item "void SSL_set_psk_server_callback(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));"
|
||
|
.IP "const char *\fBSSL_get_psk_identity_hint\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "const char *SSL_get_psk_identity_hint(SSL *ssl);"
|
||
|
.IP "const char *\fBSSL_get_psk_identity\fR(\s-1SSL\s0 *ssl);" 4
|
||
|
.IX Item "const char *SSL_get_psk_identity(SSL *ssl);"
|
||
|
.PD
|
||
|
.SH "RETURN VALUES"
|
||
|
.IX Header "RETURN VALUES"
|
||
|
See the individual manual pages for details.
|
||
|
.SH "SEE ALSO"
|
||
|
.IX Header "SEE ALSO"
|
||
|
\&\fBopenssl\fR\|(1), \fBcrypto\fR\|(7),
|
||
|
\&\fBCRYPTO_get_ex_new_index\fR\|(3),
|
||
|
\&\fBSSL_accept\fR\|(3), \fBSSL_clear\fR\|(3),
|
||
|
\&\fBSSL_connect\fR\|(3),
|
||
|
\&\fBSSL_CIPHER_get_name\fR\|(3),
|
||
|
\&\fBSSL_COMP_add_compression_method\fR\|(3),
|
||
|
\&\fBSSL_CTX_add_extra_chain_cert\fR\|(3),
|
||
|
\&\fBSSL_CTX_add_session\fR\|(3),
|
||
|
\&\fBSSL_CTX_ctrl\fR\|(3),
|
||
|
\&\fBSSL_CTX_flush_sessions\fR\|(3),
|
||
|
\&\fBSSL_CTX_get_verify_mode\fR\|(3),
|
||
|
\&\fBSSL_CTX_load_verify_locations\fR\|(3)
|
||
|
\&\fBSSL_CTX_new\fR\|(3),
|
||
|
\&\fBSSL_CTX_sess_number\fR\|(3),
|
||
|
\&\fBSSL_CTX_sess_set_cache_size\fR\|(3),
|
||
|
\&\fBSSL_CTX_sess_set_get_cb\fR\|(3),
|
||
|
\&\fBSSL_CTX_sessions\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_cert_store\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_cert_verify_callback\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_cipher_list\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_client_CA_list\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_client_cert_cb\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_default_passwd_cb\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_generate_session_id\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_info_callback\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_max_cert_list\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_mode\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_msg_callback\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_options\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_quiet_shutdown\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_read_ahead\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_security_level\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_session_cache_mode\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_session_id_context\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_ssl_version\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_timeout\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_tmp_dh_callback\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_verify\fR\|(3),
|
||
|
\&\fBSSL_CTX_use_certificate\fR\|(3),
|
||
|
\&\fBSSL_alert_type_string\fR\|(3),
|
||
|
\&\fBSSL_do_handshake\fR\|(3),
|
||
|
\&\fBSSL_enable_ct\fR\|(3),
|
||
|
\&\fBSSL_get_SSL_CTX\fR\|(3),
|
||
|
\&\fBSSL_get_ciphers\fR\|(3),
|
||
|
\&\fBSSL_get_client_CA_list\fR\|(3),
|
||
|
\&\fBSSL_get_default_timeout\fR\|(3),
|
||
|
\&\fBSSL_get_error\fR\|(3),
|
||
|
\&\fBSSL_get_ex_data_X509_STORE_CTX_idx\fR\|(3),
|
||
|
\&\fBSSL_get_fd\fR\|(3),
|
||
|
\&\fBSSL_get_peer_cert_chain\fR\|(3),
|
||
|
\&\fBSSL_get_rbio\fR\|(3),
|
||
|
\&\fBSSL_get_session\fR\|(3),
|
||
|
\&\fBSSL_get_verify_result\fR\|(3),
|
||
|
\&\fBSSL_get_version\fR\|(3),
|
||
|
\&\fBSSL_load_client_CA_file\fR\|(3),
|
||
|
\&\fBSSL_new\fR\|(3),
|
||
|
\&\fBSSL_pending\fR\|(3),
|
||
|
\&\fBSSL_read_ex\fR\|(3),
|
||
|
\&\fBSSL_read\fR\|(3),
|
||
|
\&\fBSSL_rstate_string\fR\|(3),
|
||
|
\&\fBSSL_session_reused\fR\|(3),
|
||
|
\&\fBSSL_set_bio\fR\|(3),
|
||
|
\&\fBSSL_set_connect_state\fR\|(3),
|
||
|
\&\fBSSL_set_fd\fR\|(3),
|
||
|
\&\fBSSL_set_session\fR\|(3),
|
||
|
\&\fBSSL_set_shutdown\fR\|(3),
|
||
|
\&\fBSSL_shutdown\fR\|(3),
|
||
|
\&\fBSSL_state_string\fR\|(3),
|
||
|
\&\fBSSL_want\fR\|(3),
|
||
|
\&\fBSSL_write_ex\fR\|(3),
|
||
|
\&\fBSSL_write\fR\|(3),
|
||
|
\&\fBSSL_SESSION_free\fR\|(3),
|
||
|
\&\fBSSL_SESSION_get_time\fR\|(3),
|
||
|
\&\fBd2i_SSL_SESSION\fR\|(3),
|
||
|
\&\fBSSL_CTX_set_psk_client_callback\fR\|(3),
|
||
|
\&\fBSSL_CTX_use_psk_identity_hint\fR\|(3),
|
||
|
\&\fBSSL_get_psk_identity\fR\|(3),
|
||
|
\&\fBDTLSv1_listen\fR\|(3)
|
||
|
.SH "HISTORY"
|
||
|
.IX Header "HISTORY"
|
||
|
\&\fBSSLv2_client_method\fR, \fBSSLv2_server_method\fR and \fBSSLv2_method\fR were removed
|
||
|
in OpenSSL 1.1.0.
|
||
|
.PP
|
||
|
The return type of \fBSSL_copy_session_id\fR was changed from void to int in
|
||
|
OpenSSL 1.1.0.
|
||
|
.SH "COPYRIGHT"
|
||
|
.IX Header "COPYRIGHT"
|
||
|
Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||
|
.PP
|
||
|
Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
|
||
|
this file except in compliance with the License. You can obtain a copy
|
||
|
in the file \s-1LICENSE\s0 in the source distribution or at
|
||
|
<https://www.openssl.org/source/license.html>.
|