suzanne.soy/man-pages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gh-pages
man-pages/man7/ssl.7ssl.html
Suzanne Soy 4c89183f2b Added man pages from my system
2021-03-31 01:06:50 +01:00

1145 lines
46 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of SSL</TITLE>
</HEAD><BODY>
<H1>SSL</H1>
Section: OpenSSL (7SSL)<BR>Updated: 2021-03-22<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>
ssl - OpenSSL SSL/TLS library
<A NAME="lbAC">&nbsp;</A>
<H2>SYNOPSIS</H2>
See the individual manual pages for details.
<A NAME="lbAD">&nbsp;</A>
<H2>DESCRIPTION</H2>
The OpenSSL <B>ssl</B> library implements the Secure Sockets Layer (<FONT SIZE="-1">SSL</FONT> v2/v3) and
Transport Layer Security (<FONT SIZE="-1">TLS</FONT> v1) protocols. It provides a rich <FONT SIZE="-1">API</FONT> which is
documented here.
<P>
An <B></B><FONT SIZE="-1"><B>SSL_CTX</B></FONT><B></B> object is created as a framework to establish
<FONT SIZE="-1">TLS/SSL</FONT> enabled connections (see <B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_new">SSL_CTX_new</A></B>(3)).
Various options regarding certificates, algorithms etc. can be set
in this object.
<P>
When a network connection has been created, it can be assigned to an
<B></B><FONT SIZE="-1"><B>SSL</B></FONT><B></B> object. After the <B></B><FONT SIZE="-1"><B>SSL</B></FONT><B></B> object has been created using
<B><A HREF="/cgi-bin/man/man2html?3+SSL_new">SSL_new</A></B>(3), <B><A HREF="/cgi-bin/man/man2html?3+SSL_set_fd">SSL_set_fd</A></B>(3) or
<B><A HREF="/cgi-bin/man/man2html?3+SSL_set_bio">SSL_set_bio</A></B>(3) can be used to associate the network
connection with the object.
<P>
When the <FONT SIZE="-1">TLS/SSL</FONT> handshake is performed using
<B><A HREF="/cgi-bin/man/man2html?3+SSL_accept">SSL_accept</A></B>(3) or <B><A HREF="/cgi-bin/man/man2html?3+SSL_connect">SSL_connect</A></B>(3)
respectively.
<B><A HREF="/cgi-bin/man/man2html?3+SSL_read_ex">SSL_read_ex</A></B>(3), <B><A HREF="/cgi-bin/man/man2html?3+SSL_read">SSL_read</A></B>(3), <B><A HREF="/cgi-bin/man/man2html?3+SSL_write_ex">SSL_write_ex</A></B>(3) and <B><A HREF="/cgi-bin/man/man2html?3+SSL_write">SSL_write</A></B>(3) are
used to read and write data on the <FONT SIZE="-1">TLS/SSL</FONT> connection.
<B><A HREF="/cgi-bin/man/man2html?3+SSL_shutdown">SSL_shutdown</A></B>(3) can be used to shut down the
<FONT SIZE="-1">TLS/SSL</FONT> connection.
<A NAME="lbAE">&nbsp;</A>
<H2>DATA STRUCTURES</H2>
Currently the OpenSSL <B>ssl</B> library functions deals with the following data
structures:
<DL COMPACT>
<DT id="1"><B></B><FONT SIZE="-1"><B>SSL_METHOD</B></FONT><B></B> (<FONT SIZE="-1">SSL</FONT> Method)<DD>
This is a dispatch structure describing the internal <B>ssl</B> library
methods/functions which implement the various protocol versions (SSLv3
TLSv1, ...). It's needed to create an <B></B><FONT SIZE="-1"><B>SSL_CTX</B></FONT><B></B>.
<DT id="2"><B></B><FONT SIZE="-1"><B>SSL_CIPHER</B></FONT><B></B> (<FONT SIZE="-1">SSL</FONT> Cipher)<DD>
This structure holds the algorithm information for a particular cipher which
are a core part of the <FONT SIZE="-1">SSL/TLS</FONT> protocol. The available ciphers are configured
on a <B></B><FONT SIZE="-1"><B>SSL_CTX</B></FONT><B></B> basis and the actual ones used are then part of the
<B></B><FONT SIZE="-1"><B>SSL_SESSION</B></FONT><B></B>.
<DT id="3"><B></B><FONT SIZE="-1"><B>SSL_CTX</B></FONT><B></B> (<FONT SIZE="-1">SSL</FONT> Context)<DD>
This is the global context structure which is created by a server or client
once per program life-time and which holds mainly default values for the
<B></B><FONT SIZE="-1"><B>SSL</B></FONT><B></B> structures which are later created for the connections.
<DT id="4"><B></B><FONT SIZE="-1"><B>SSL_SESSION</B></FONT><B></B> (<FONT SIZE="-1">SSL</FONT> Session)<DD>
This is a structure containing the current <FONT SIZE="-1">TLS/SSL</FONT> session details for a
connection: <B></B><FONT SIZE="-1"><B>SSL_CIPHER</B></FONT><B></B>s, client and server certificates, keys, etc.
<DT id="5"><B></B><FONT SIZE="-1"><B>SSL</B></FONT><B></B> (<FONT SIZE="-1">SSL</FONT> Connection)<DD>
This is the main <FONT SIZE="-1">SSL/TLS</FONT> structure which is created by a server or client per
established connection. This actually is the core structure in the <FONT SIZE="-1">SSL API.</FONT>
At run-time the application usually deals with this structure which has
links to mostly all other structures.
</DL>
<A NAME="lbAF">&nbsp;</A>
<H2>HEADER FILES</H2>
Currently the OpenSSL <B>ssl</B> library provides the following C header files
containing the prototypes for the data structures and functions:
<DL COMPACT>
<DT id="6"><B>ssl.h</B><DD>
This is the common header file for the <FONT SIZE="-1">SSL/TLS API.</FONT> Include it into your
program to make the <FONT SIZE="-1">API</FONT> of the <B>ssl</B> library available. It internally
includes both more private <FONT SIZE="-1">SSL</FONT> headers and headers from the <B>crypto</B> library.
Whenever you need hard-core details on the internals of the <FONT SIZE="-1">SSL API,</FONT> look
inside this header file.
<DT id="7"><B>ssl2.h</B><DD>
Unused. Present for backwards compatibility only.
<DT id="8"><B>ssl3.h</B><DD>
This is the sub header file dealing with the SSLv3 protocol only.
<I>Usually you don't have to include it explicitly because
it's already included by ssl.h</I>.
<DT id="9"><B>tls1.h</B><DD>
This is the sub header file dealing with the TLSv1 protocol only.
<I>Usually you don't have to include it explicitly because
it's already included by ssl.h</I>.
</DL>
<A NAME="lbAG">&nbsp;</A>
<H2>API FUNCTIONS</H2>
Currently the OpenSSL <B>ssl</B> library exports 214 <FONT SIZE="-1">API</FONT> functions.
They are documented in the following:
<A NAME="lbAH">&nbsp;</A>
<H3>Dealing with Protocol Methods</H3>
Here we document the various <FONT SIZE="-1">API</FONT> functions which deal with the <FONT SIZE="-1">SSL/TLS</FONT>
protocol methods defined in <B></B><FONT SIZE="-1"><B>SSL_METHOD</B></FONT><B></B> structures.
<DL COMPACT>
<DT id="10">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLS_method</B>(void);<DD>
Constructor for the <I>version-flexible</I> <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients,
servers or both.
See <B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_new">SSL_CTX_new</A></B>(3) for details.
<DT id="11">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLS_client_method</B>(void);<DD>
Constructor for the <I>version-flexible</I> <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients.
Must be used to support the TLSv1.3 protocol.
<DT id="12">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLS_server_method</B>(void);<DD>
Constructor for the <I>version-flexible</I> <FONT SIZE="-1">SSL_METHOD</FONT> structure for servers.
Must be used to support the TLSv1.3 protocol.
<DT id="13">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLSv1_2_method</B>(void);<DD>
Constructor for the TLSv1.2 <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients, servers or both.
<DT id="14">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLSv1_2_client_method</B>(void);<DD>
Constructor for the TLSv1.2 <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients.
<DT id="15">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLSv1_2_server_method</B>(void);<DD>
Constructor for the TLSv1.2 <FONT SIZE="-1">SSL_METHOD</FONT> structure for servers.
<DT id="16">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLSv1_1_method</B>(void);<DD>
Constructor for the TLSv1.1 <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients, servers or both.
<DT id="17">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLSv1_1_client_method</B>(void);<DD>
Constructor for the TLSv1.1 <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients.
<DT id="18">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLSv1_1_server_method</B>(void);<DD>
Constructor for the TLSv1.1 <FONT SIZE="-1">SSL_METHOD</FONT> structure for servers.
<DT id="19">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLSv1_method</B>(void);<DD>
Constructor for the TLSv1 <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients, servers or both.
<DT id="20">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLSv1_client_method</B>(void);<DD>
Constructor for the TLSv1 <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients.
<DT id="21">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>TLSv1_server_method</B>(void);<DD>
Constructor for the TLSv1 <FONT SIZE="-1">SSL_METHOD</FONT> structure for servers.
<DT id="22">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>SSLv3_method</B>(void);<DD>
Constructor for the SSLv3 <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients, servers or both.
<DT id="23">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>SSLv3_client_method</B>(void);<DD>
Constructor for the SSLv3 <FONT SIZE="-1">SSL_METHOD</FONT> structure for clients.
<DT id="24">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>SSLv3_server_method</B>(void);<DD>
Constructor for the SSLv3 <FONT SIZE="-1">SSL_METHOD</FONT> structure for servers.
</DL>
<A NAME="lbAI">&nbsp;</A>
<H3>Dealing with Ciphers</H3>
Here we document the various <FONT SIZE="-1">API</FONT> functions which deal with the <FONT SIZE="-1">SSL/TLS</FONT>
ciphers defined in <B></B><FONT SIZE="-1"><B>SSL_CIPHER</B></FONT><B></B> structures.
<DL COMPACT>
<DT id="25">char *<B>SSL_CIPHER_description</B>(<FONT SIZE="-1">SSL_CIPHER</FONT> *cipher, char *buf, int len);<DD>
Write a string to <I>buf</I> (with a maximum size of <I>len</I>) containing a human
readable description of <I>cipher</I>. Returns <I>buf</I>.
<DT id="26">int <B>SSL_CIPHER_get_bits</B>(<FONT SIZE="-1">SSL_CIPHER</FONT> *cipher, int *alg_bits);<DD>
Determine the number of bits in <I>cipher</I>. Because of export crippled ciphers
there are two bits: The bits the algorithm supports in general (stored to
<I>alg_bits</I>) and the bits which are actually used (the return value).
<DT id="27">const char *<B>SSL_CIPHER_get_name</B>(<FONT SIZE="-1">SSL_CIPHER</FONT> *cipher);<DD>
Return the internal name of <I>cipher</I> as a string. These are the various
strings defined by the <I>SSL3_TXT_xxx</I> and <I>TLS1_TXT_xxx</I>
definitions in the header files.
<DT id="28">const char *<B>SSL_CIPHER_get_version</B>(<FONT SIZE="-1">SSL_CIPHER</FONT> *cipher);<DD>
Returns a string like &quot;<TT>&quot;SSLv3&quot;</TT>`` or ''<TT>&quot;TLSv1.2&quot;</TT>&quot; which indicates the
<FONT SIZE="-1">SSL/TLS</FONT> protocol version to which <I>cipher</I> belongs (i.e. where it was defined
in the specification the first time).
</DL>
<A NAME="lbAJ">&nbsp;</A>
<H3>Dealing with Protocol Contexts</H3>
Here we document the various <FONT SIZE="-1">API</FONT> functions which deal with the <FONT SIZE="-1">SSL/TLS</FONT>
protocol context defined in the <B></B><FONT SIZE="-1"><B>SSL_CTX</B></FONT><B></B> structure.
<DL COMPACT>
<DT id="29">int <B>SSL_CTX_add_client_CA</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, X509 *x);<DD>
<DT id="30">long <B>SSL_CTX_add_extra_chain_cert</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, X509 *x509);<DD>
<DT id="31">int <B>SSL_CTX_add_session</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, <FONT SIZE="-1">SSL_SESSION</FONT> *c);<DD>
<DT id="32">int <B>SSL_CTX_check_private_key</B>(const <FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="33">long <B>SSL_CTX_ctrl</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int cmd, long larg, char *parg);<DD>
<DT id="34">void <B>SSL_CTX_flush_sessions</B>(<FONT SIZE="-1">SSL_CTX</FONT> *s, long t);<DD>
<DT id="35">void <B>SSL_CTX_free</B>(<FONT SIZE="-1">SSL_CTX</FONT> *a);<DD>
<DT id="36">char *<B>SSL_CTX_get_app_data</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="37">X509_STORE *<B>SSL_CTX_get_cert_store</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="38"><FONT SIZE="-1">STACK</FONT> *<B>SSL_CTX_get_ciphers</B>(const <FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="39"><FONT SIZE="-1">STACK</FONT> *<B>SSL_CTX_get_client_CA_list</B>(const <FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="40">int (*<B>SSL_CTX_get_client_cert_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx))(<FONT SIZE="-1">SSL</FONT> *ssl, X509 **x509, <FONT SIZE="-1">EVP_PKEY</FONT> **pkey);<DD>
<DT id="41">void <B>SSL_CTX_get_default_read_ahead</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="42">char *<B>SSL_CTX_get_ex_data</B>(const <FONT SIZE="-1">SSL_CTX</FONT> *s, int idx);<DD>
<DT id="43">int <B>SSL_CTX_get_ex_new_index</B>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))<DD>
<DT id="44">void (*<B>SSL_CTX_get_info_callback</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx))(<FONT SIZE="-1">SSL</FONT> *ssl, int cb, int ret);<DD>
<DT id="45">int <B>SSL_CTX_get_quiet_shutdown</B>(const <FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="46">void <B>SSL_CTX_get_read_ahead</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="47">int <B>SSL_CTX_get_session_cache_mode</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="48">long <B>SSL_CTX_get_timeout</B>(const <FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="49">int (*<B>SSL_CTX_get_verify_callback</B>(const <FONT SIZE="-1">SSL_CTX</FONT> *ctx))(int ok, X509_STORE_CTX *ctx);<DD>
<DT id="50">int <B>SSL_CTX_get_verify_mode</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="51">int <B>SSL_CTX_load_verify_locations</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, const char *CAfile, const char *CApath);<DD>
<DT id="52"><FONT SIZE="-1">SSL_CTX</FONT> *<B>SSL_CTX_new</B>(const <FONT SIZE="-1">SSL_METHOD</FONT> *meth);<DD>
<DT id="53">int SSL_CTX_up_ref(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="54">int <B>SSL_CTX_remove_session</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, <FONT SIZE="-1">SSL_SESSION</FONT> *c);<DD>
<DT id="55">int <B>SSL_CTX_sess_accept</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="56">int <B>SSL_CTX_sess_accept_good</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="57">int <B>SSL_CTX_sess_accept_renegotiate</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="58">int <B>SSL_CTX_sess_cache_full</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="59">int <B>SSL_CTX_sess_cb_hits</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="60">int <B>SSL_CTX_sess_connect</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="61">int <B>SSL_CTX_sess_connect_good</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="62">int <B>SSL_CTX_sess_connect_renegotiate</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="63">int <B>SSL_CTX_sess_get_cache_size</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="64"><FONT SIZE="-1">SSL_SESSION</FONT> *(*<B>SSL_CTX_sess_get_get_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx))(<FONT SIZE="-1">SSL</FONT> *ssl, unsigned char *data, int len, int *copy);<DD>
<DT id="65">int (*<B>SSL_CTX_sess_get_new_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx)(<FONT SIZE="-1">SSL</FONT> *ssl, <FONT SIZE="-1">SSL_SESSION</FONT> *sess);<DD>
<DT id="66">void (*<B>SSL_CTX_sess_get_remove_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx)(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, <FONT SIZE="-1">SSL_SESSION</FONT> *sess);<DD>
<DT id="67">int <B>SSL_CTX_sess_hits</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="68">int <B>SSL_CTX_sess_misses</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="69">int <B>SSL_CTX_sess_number</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="70">void <B>SSL_CTX_sess_set_cache_size</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, t);<DD>
<DT id="71">void <B>SSL_CTX_sess_set_get_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, <FONT SIZE="-1">SSL_SESSION</FONT> *(*cb)(<FONT SIZE="-1">SSL</FONT> *ssl, unsigned char *data, int len, int *copy));<DD>
<DT id="72">void <B>SSL_CTX_sess_set_new_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int (*cb)(<FONT SIZE="-1">SSL</FONT> *ssl, <FONT SIZE="-1">SSL_SESSION</FONT> *sess));<DD>
<DT id="73">void <B>SSL_CTX_sess_set_remove_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, void (*cb)(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, <FONT SIZE="-1">SSL_SESSION</FONT> *sess));<DD>
<DT id="74">int <B>SSL_CTX_sess_timeouts</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="75"><FONT SIZE="-1">LHASH</FONT> *<B>SSL_CTX_sessions</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="76">int <B>SSL_CTX_set_app_data</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, void *arg);<DD>
<DT id="77">void <B>SSL_CTX_set_cert_store</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, X509_STORE *cs);<DD>
<DT id="78">void <B>SSL_CTX_set1_cert_store</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, X509_STORE *cs);<DD>
<DT id="79">void <B>SSL_CTX_set_cert_verify_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int (*cb)(), char *arg)<DD>
<DT id="80">int <B>SSL_CTX_set_cipher_list</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, char *str);<DD>
<DT id="81">void <B>SSL_CTX_set_client_CA_list</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, <FONT SIZE="-1">STACK</FONT> *list);<DD>
<DT id="82">void <B>SSL_CTX_set_client_cert_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int (*cb)(<FONT SIZE="-1">SSL</FONT> *ssl, X509 **x509, <FONT SIZE="-1">EVP_PKEY</FONT> **pkey));<DD>
<DT id="83">int <B>SSL_CTX_set_ct_validation_callback</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, ssl_ct_validation_cb callback, void *arg);<DD>
<DT id="84">void <B>SSL_CTX_set_default_passwd_cb</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int (*cb);(void))<DD>
<DT id="85">void <B>SSL_CTX_set_default_read_ahead</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int m);<DD>
<DT id="86">int <B>SSL_CTX_set_default_verify_paths</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
Use the default paths to locate trusted <FONT SIZE="-1">CA</FONT> certificates. There is one default
directory path and one default file path. Both are set via this call.
<DT id="87">int <B>SSL_CTX_set_default_verify_dir</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx)<DD>
Use the default directory path to locate trusted <FONT SIZE="-1">CA</FONT> certificates.
<DT id="88">int <B>SSL_CTX_set_default_verify_file</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx)<DD>
Use the file path to locate trusted <FONT SIZE="-1">CA</FONT> certificates.
<DT id="89">int <B>SSL_CTX_set_ex_data</B>(<FONT SIZE="-1">SSL_CTX</FONT> *s, int idx, char *arg);<DD>
<DT id="90">void <B>SSL_CTX_set_info_callback</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, void (*cb)(<FONT SIZE="-1">SSL</FONT> *ssl, int cb, int ret));<DD>
<DT id="91">void <B>SSL_CTX_set_msg_callback</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, <FONT SIZE="-1">SSL</FONT> *ssl, void *arg));<DD>
<DT id="92">void <B>SSL_CTX_set_msg_callback_arg</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, void *arg);<DD>
<DT id="93">unsigned long <B>SSL_CTX_clear_options</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, unsigned long op);<DD>
<DT id="94">unsigned long <B>SSL_CTX_get_options</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="95">unsigned long <B>SSL_CTX_set_options</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, unsigned long op);<DD>
<DT id="96">void <B>SSL_CTX_set_quiet_shutdown</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int mode);<DD>
<DT id="97">void <B>SSL_CTX_set_read_ahead</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int m);<DD>
<DT id="98">void <B>SSL_CTX_set_session_cache_mode</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int mode);<DD>
<DT id="99">int <B>SSL_CTX_set_ssl_version</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, const <FONT SIZE="-1">SSL_METHOD</FONT> *meth);<DD>
<DT id="100">void <B>SSL_CTX_set_timeout</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, long t);<DD>
<DT id="101">long <B>SSL_CTX_set_tmp_dh</B>(SSL_CTX* ctx, <FONT SIZE="-1">DH</FONT> *dh);<DD>
<DT id="102">long <B>SSL_CTX_set_tmp_dh_callback</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, <FONT SIZE="-1">DH</FONT> *(*cb)(void));<DD>
<DT id="103">void <B>SSL_CTX_set_verify</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int mode, int (*cb);(void))<DD>
<DT id="104">int <B>SSL_CTX_use_PrivateKey</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, <FONT SIZE="-1">EVP_PKEY</FONT> *pkey);<DD>
<DT id="105">int <B>SSL_CTX_use_PrivateKey_ASN1</B>(int type, <FONT SIZE="-1">SSL_CTX</FONT> *ctx, unsigned char *d, long len);<DD>
<DT id="106">int <B>SSL_CTX_use_PrivateKey_file</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, const char *file, int type);<DD>
<DT id="107">int <B>SSL_CTX_use_RSAPrivateKey</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, <FONT SIZE="-1">RSA</FONT> *rsa);<DD>
<DT id="108">int <B>SSL_CTX_use_RSAPrivateKey_ASN1</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, unsigned char *d, long len);<DD>
<DT id="109">int <B>SSL_CTX_use_RSAPrivateKey_file</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, const char *file, int type);<DD>
<DT id="110">int <B>SSL_CTX_use_certificate</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, X509 *x);<DD>
<DT id="111">int <B>SSL_CTX_use_certificate_ASN1</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, int len, unsigned char *d);<DD>
<DT id="112">int <B>SSL_CTX_use_certificate_file</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, const char *file, int type);<DD>
<DT id="113">int <B>SSL_CTX_use_cert_and_key</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, X509 *x, <FONT SIZE="-1">EVP_PKEY</FONT> *pkey, <FONT SIZE="-1">STACK_OF</FONT>(X509) *chain, int override);<DD>
<DT id="114">X509 *<B>SSL_CTX_get0_certificate</B>(const <FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="115"><FONT SIZE="-1">EVP_PKEY</FONT> *<B>SSL_CTX_get0_privatekey</B>(const <FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="116">void <B>SSL_CTX_set_psk_client_callback</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, unsigned int (*callback)(<FONT SIZE="-1">SSL</FONT> *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));<DD>
<DT id="117">int <B>SSL_CTX_use_psk_identity_hint</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, const char *hint);<DD>
<DT id="118">void <B>SSL_CTX_set_psk_server_callback</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx, unsigned int (*callback)(<FONT SIZE="-1">SSL</FONT> *ssl, const char *identity, unsigned char *psk, int max_psk_len));<DD>
</DL>
<A NAME="lbAK">&nbsp;</A>
<H3>Dealing with Sessions</H3>
Here we document the various <FONT SIZE="-1">API</FONT> functions which deal with the <FONT SIZE="-1">SSL/TLS</FONT>
sessions defined in the <B></B><FONT SIZE="-1"><B>SSL_SESSION</B></FONT><B></B> structures.
<DL COMPACT>
<DT id="119">int <B>SSL_SESSION_cmp</B>(const <FONT SIZE="-1">SSL_SESSION</FONT> *a, const <FONT SIZE="-1">SSL_SESSION</FONT> *b);<DD>
<DT id="120">void <B>SSL_SESSION_free</B>(<FONT SIZE="-1">SSL_SESSION</FONT> *ss);<DD>
<DT id="121">char *<B>SSL_SESSION_get_app_data</B>(<FONT SIZE="-1">SSL_SESSION</FONT> *s);<DD>
<DT id="122">char *<B>SSL_SESSION_get_ex_data</B>(const <FONT SIZE="-1">SSL_SESSION</FONT> *s, int idx);<DD>
<DT id="123">int <B>SSL_SESSION_get_ex_new_index</B>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))<DD>
<DT id="124">long <B>SSL_SESSION_get_time</B>(const <FONT SIZE="-1">SSL_SESSION</FONT> *s);<DD>
<DT id="125">long <B>SSL_SESSION_get_timeout</B>(const <FONT SIZE="-1">SSL_SESSION</FONT> *s);<DD>
<DT id="126">unsigned long <B>SSL_SESSION_hash</B>(const <FONT SIZE="-1">SSL_SESSION</FONT> *a);<DD>
<DT id="127"><FONT SIZE="-1">SSL_SESSION</FONT> *<B>SSL_SESSION_new</B>(void);<DD>
<DT id="128">int <B>SSL_SESSION_print</B>(<FONT SIZE="-1">BIO</FONT> *bp, const <FONT SIZE="-1">SSL_SESSION</FONT> *x);<DD>
<DT id="129">int <B>SSL_SESSION_print_fp</B>(<FONT SIZE="-1">FILE</FONT> *fp, const <FONT SIZE="-1">SSL_SESSION</FONT> *x);<DD>
<DT id="130">int <B>SSL_SESSION_set_app_data</B>(<FONT SIZE="-1">SSL_SESSION</FONT> *s, char *a);<DD>
<DT id="131">int <B>SSL_SESSION_set_ex_data</B>(<FONT SIZE="-1">SSL_SESSION</FONT> *s, int idx, char *arg);<DD>
<DT id="132">long <B>SSL_SESSION_set_time</B>(<FONT SIZE="-1">SSL_SESSION</FONT> *s, long t);<DD>
<DT id="133">long <B>SSL_SESSION_set_timeout</B>(<FONT SIZE="-1">SSL_SESSION</FONT> *s, long t);<DD>
</DL>
<A NAME="lbAL">&nbsp;</A>
<H3>Dealing with Connections</H3>
Here we document the various <FONT SIZE="-1">API</FONT> functions which deal with the <FONT SIZE="-1">SSL/TLS</FONT>
connection defined in the <B></B><FONT SIZE="-1"><B>SSL</B></FONT><B></B> structure.
<DL COMPACT>
<DT id="134">int <B>SSL_accept</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="135">int <B>SSL_add_dir_cert_subjects_to_stack</B>(<FONT SIZE="-1">STACK</FONT> *stack, const char *dir);<DD>
<DT id="136">int <B>SSL_add_file_cert_subjects_to_stack</B>(<FONT SIZE="-1">STACK</FONT> *stack, const char *file);<DD>
<DT id="137">int <B>SSL_add_client_CA</B>(<FONT SIZE="-1">SSL</FONT> *ssl, X509 *x);<DD>
<DT id="138">char *<B>SSL_alert_desc_string</B>(int value);<DD>
<DT id="139">char *<B>SSL_alert_desc_string_long</B>(int value);<DD>
<DT id="140">char *<B>SSL_alert_type_string</B>(int value);<DD>
<DT id="141">char *<B>SSL_alert_type_string_long</B>(int value);<DD>
<DT id="142">int <B>SSL_check_private_key</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="143">void <B>SSL_clear</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="144">long <B>SSL_clear_num_renegotiations</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="145">int <B>SSL_connect</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="146">int <B>SSL_copy_session_id</B>(<FONT SIZE="-1">SSL</FONT> *t, const <FONT SIZE="-1">SSL</FONT> *f);<DD>
Sets the session details for <B>t</B> to be the same as in <B>f</B>. Returns 1 on
success or 0 on failure.
<DT id="147">long <B>SSL_ctrl</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int cmd, long larg, char *parg);<DD>
<DT id="148">int <B>SSL_do_handshake</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="149"><FONT SIZE="-1">SSL</FONT> *<B>SSL_dup</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<B>SSL_dup()</B> allows applications to configure an <FONT SIZE="-1">SSL</FONT> handle for use
in multiple <FONT SIZE="-1">SSL</FONT> connections, and then duplicate it prior to initiating
each connection with the duplicated handle.
Use of <B>SSL_dup()</B> avoids the need to repeat the configuration of the
handles for each connection.
<P>
For <B>SSL_dup()</B> to work, the connection <FONT SIZE="-1">MUST</FONT> be in its initial state
and <FONT SIZE="-1">MUST NOT</FONT> have not yet have started the <FONT SIZE="-1">SSL</FONT> handshake.
For connections that are not in their initial state <B>SSL_dup()</B> just
increments an internal reference count and returns the <I>same</I>
handle.
It may be possible to use <B><A HREF="/cgi-bin/man/man2html?3+SSL_clear">SSL_clear</A></B>(3) to recycle an <FONT SIZE="-1">SSL</FONT> handle
that is not in its initial state for re-use, but this is best
avoided.
Instead, save and restore the session, if desired, and construct a
fresh handle for each connection.
<DT id="150"><FONT SIZE="-1">STACK</FONT> *<B>SSL_dup_CA_list</B>(<FONT SIZE="-1">STACK</FONT> *sk);<DD>
<DT id="151">void <B>SSL_free</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="152"><FONT SIZE="-1">SSL_CTX</FONT> *<B>SSL_get_SSL_CTX</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="153">char *<B>SSL_get_app_data</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="154">X509 *<B>SSL_get_certificate</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="155">const char *<B>SSL_get_cipher</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="156">int <B>SSL_is_dtls</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="157">int <B>SSL_get_cipher_bits</B>(const <FONT SIZE="-1">SSL</FONT> *ssl, int *alg_bits);<DD>
<DT id="158">char *<B>SSL_get_cipher_list</B>(const <FONT SIZE="-1">SSL</FONT> *ssl, int n);<DD>
<DT id="159">char *<B>SSL_get_cipher_name</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="160">char *<B>SSL_get_cipher_version</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="161"><FONT SIZE="-1">STACK</FONT> *<B>SSL_get_ciphers</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="162"><FONT SIZE="-1">STACK</FONT> *<B>SSL_get_client_CA_list</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="163"><FONT SIZE="-1">SSL_CIPHER</FONT> *<B>SSL_get_current_cipher</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="164">long <B>SSL_get_default_timeout</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="165">int <B>SSL_get_error</B>(const <FONT SIZE="-1">SSL</FONT> *ssl, int i);<DD>
<DT id="166">char *<B>SSL_get_ex_data</B>(const <FONT SIZE="-1">SSL</FONT> *ssl, int idx);<DD>
<DT id="167">int <B>SSL_get_ex_data_X509_STORE_CTX_idx</B>(void);<DD>
<DT id="168">int <B>SSL_get_ex_new_index</B>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))<DD>
<DT id="169">int <B>SSL_get_fd</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="170">void (*<B>SSL_get_info_callback</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);)()<DD>
<DT id="171">int <B>SSL_get_key_update_type</B>(<FONT SIZE="-1">SSL</FONT> *s);<DD>
<DT id="172"><FONT SIZE="-1">STACK</FONT> *<B>SSL_get_peer_cert_chain</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="173">X509 *<B>SSL_get_peer_certificate</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="174">const <FONT SIZE="-1">STACK_OF</FONT>(<FONT SIZE="-1">SCT</FONT>) *<B>SSL_get0_peer_scts</B>(<FONT SIZE="-1">SSL</FONT> *s);<DD>
<DT id="175"><FONT SIZE="-1">EVP_PKEY</FONT> *<B>SSL_get_privatekey</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="176">int <B>SSL_get_quiet_shutdown</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="177"><FONT SIZE="-1">BIO</FONT> *<B>SSL_get_rbio</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="178">int <B>SSL_get_read_ahead</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="179"><FONT SIZE="-1">SSL_SESSION</FONT> *<B>SSL_get_session</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="180">char *<B>SSL_get_shared_ciphers</B>(const <FONT SIZE="-1">SSL</FONT> *ssl, char *buf, int size);<DD>
<DT id="181">int <B>SSL_get_shutdown</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="182">const <FONT SIZE="-1">SSL_METHOD</FONT> *<B>SSL_get_ssl_method</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="183">int <B>SSL_get_state</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="184">long <B>SSL_get_time</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="185">long <B>SSL_get_timeout</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="186">int (*<B>SSL_get_verify_callback</B>(const <FONT SIZE="-1">SSL</FONT> *ssl))(int, X509_STORE_CTX *)<DD>
<DT id="187">int <B>SSL_get_verify_mode</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="188">long <B>SSL_get_verify_result</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="189">char *<B>SSL_get_version</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="190"><FONT SIZE="-1">BIO</FONT> *<B>SSL_get_wbio</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="191">int <B>SSL_in_accept_init</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="192">int <B>SSL_in_before</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="193">int <B>SSL_in_connect_init</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="194">int <B>SSL_in_init</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="195">int <B>SSL_is_init_finished</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="196">int <B>SSL_key_update</B>(<FONT SIZE="-1">SSL</FONT> *s, int updatetype);<DD>
<DT id="197"><FONT SIZE="-1">STACK</FONT> *<B>SSL_load_client_CA_file</B>(const char *file);<DD>
<DT id="198"><FONT SIZE="-1">SSL</FONT> *<B>SSL_new</B>(<FONT SIZE="-1">SSL_CTX</FONT> *ctx);<DD>
<DT id="199">int SSL_up_ref(<FONT SIZE="-1">SSL</FONT> *s);<DD>
<DT id="200">long <B>SSL_num_renegotiations</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="201">int <B>SSL_peek</B>(<FONT SIZE="-1">SSL</FONT> *ssl, void *buf, int num);<DD>
<DT id="202">int <B>SSL_pending</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="203">int <B>SSL_read</B>(<FONT SIZE="-1">SSL</FONT> *ssl, void *buf, int num);<DD>
<DT id="204">int <B>SSL_renegotiate</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="205">char *<B>SSL_rstate_string</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="206">char *<B>SSL_rstate_string_long</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="207">long <B>SSL_session_reused</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="208">void <B>SSL_set_accept_state</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="209">void <B>SSL_set_app_data</B>(<FONT SIZE="-1">SSL</FONT> *ssl, char *arg);<DD>
<DT id="210">void <B>SSL_set_bio</B>(<FONT SIZE="-1">SSL</FONT> *ssl, <FONT SIZE="-1">BIO</FONT> *rbio, <FONT SIZE="-1">BIO</FONT> *wbio);<DD>
<DT id="211">int <B>SSL_set_cipher_list</B>(<FONT SIZE="-1">SSL</FONT> *ssl, char *str);<DD>
<DT id="212">void <B>SSL_set_client_CA_list</B>(<FONT SIZE="-1">SSL</FONT> *ssl, <FONT SIZE="-1">STACK</FONT> *list);<DD>
<DT id="213">void <B>SSL_set_connect_state</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="214">int <B>SSL_set_ct_validation_callback</B>(<FONT SIZE="-1">SSL</FONT> *ssl, ssl_ct_validation_cb callback, void *arg);<DD>
<DT id="215">int <B>SSL_set_ex_data</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int idx, char *arg);<DD>
<DT id="216">int <B>SSL_set_fd</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int fd);<DD>
<DT id="217">void <B>SSL_set_info_callback</B>(<FONT SIZE="-1">SSL</FONT> *ssl, void (*cb);(void))<DD>
<DT id="218">void <B>SSL_set_msg_callback</B>(<FONT SIZE="-1">SSL</FONT> *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, <FONT SIZE="-1">SSL</FONT> *ssl, void *arg));<DD>
<DT id="219">void <B>SSL_set_msg_callback_arg</B>(<FONT SIZE="-1">SSL</FONT> *ctx, void *arg);<DD>
<DT id="220">unsigned long <B>SSL_clear_options</B>(<FONT SIZE="-1">SSL</FONT> *ssl, unsigned long op);<DD>
<DT id="221">unsigned long <B>SSL_get_options</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="222">unsigned long <B>SSL_set_options</B>(<FONT SIZE="-1">SSL</FONT> *ssl, unsigned long op);<DD>
<DT id="223">void <B>SSL_set_quiet_shutdown</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int mode);<DD>
<DT id="224">void <B>SSL_set_read_ahead</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int yes);<DD>
<DT id="225">int <B>SSL_set_rfd</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int fd);<DD>
<DT id="226">int <B>SSL_set_session</B>(<FONT SIZE="-1">SSL</FONT> *ssl, <FONT SIZE="-1">SSL_SESSION</FONT> *session);<DD>
<DT id="227">void <B>SSL_set_shutdown</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int mode);<DD>
<DT id="228">int <B>SSL_set_ssl_method</B>(<FONT SIZE="-1">SSL</FONT> *ssl, const <FONT SIZE="-1">SSL_METHOD</FONT> *meth);<DD>
<DT id="229">void <B>SSL_set_time</B>(<FONT SIZE="-1">SSL</FONT> *ssl, long t);<DD>
<DT id="230">void <B>SSL_set_timeout</B>(<FONT SIZE="-1">SSL</FONT> *ssl, long t);<DD>
<DT id="231">void <B>SSL_set_verify</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int mode, int (*callback);(void))<DD>
<DT id="232">void <B>SSL_set_verify_result</B>(<FONT SIZE="-1">SSL</FONT> *ssl, long arg);<DD>
<DT id="233">int <B>SSL_set_wfd</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int fd);<DD>
<DT id="234">int <B>SSL_shutdown</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="235"><FONT SIZE="-1">OSSL_HANDSHAKE_STATE</FONT> <B>SSL_get_state</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
Returns the current handshake state.
<DT id="236">char *<B>SSL_state_string</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="237">char *<B>SSL_state_string_long</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="238">long <B>SSL_total_renegotiations</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="239">int <B>SSL_use_PrivateKey</B>(<FONT SIZE="-1">SSL</FONT> *ssl, <FONT SIZE="-1">EVP_PKEY</FONT> *pkey);<DD>
<DT id="240">int <B>SSL_use_PrivateKey_ASN1</B>(int type, <FONT SIZE="-1">SSL</FONT> *ssl, unsigned char *d, long len);<DD>
<DT id="241">int <B>SSL_use_PrivateKey_file</B>(<FONT SIZE="-1">SSL</FONT> *ssl, const char *file, int type);<DD>
<DT id="242">int <B>SSL_use_RSAPrivateKey</B>(<FONT SIZE="-1">SSL</FONT> *ssl, <FONT SIZE="-1">RSA</FONT> *rsa);<DD>
<DT id="243">int <B>SSL_use_RSAPrivateKey_ASN1</B>(<FONT SIZE="-1">SSL</FONT> *ssl, unsigned char *d, long len);<DD>
<DT id="244">int <B>SSL_use_RSAPrivateKey_file</B>(<FONT SIZE="-1">SSL</FONT> *ssl, const char *file, int type);<DD>
<DT id="245">int <B>SSL_use_certificate</B>(<FONT SIZE="-1">SSL</FONT> *ssl, X509 *x);<DD>
<DT id="246">int <B>SSL_use_certificate_ASN1</B>(<FONT SIZE="-1">SSL</FONT> *ssl, int len, unsigned char *d);<DD>
<DT id="247">int <B>SSL_use_certificate_file</B>(<FONT SIZE="-1">SSL</FONT> *ssl, const char *file, int type);<DD>
<DT id="248">int <B>SSL_use_cert_and_key</B>(<FONT SIZE="-1">SSL</FONT> *ssl, X509 *x, <FONT SIZE="-1">EVP_PKEY</FONT> *pkey, <FONT SIZE="-1">STACK_OF</FONT>(X509) *chain, int override);<DD>
<DT id="249">int <B>SSL_version</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="250">int <B>SSL_want</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="251">int <B>SSL_want_nothing</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="252">int <B>SSL_want_read</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="253">int <B>SSL_want_write</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="254">int <B>SSL_want_x509_lookup</B>(const <FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="255">int <B>SSL_write</B>(<FONT SIZE="-1">SSL</FONT> *ssl, const void *buf, int num);<DD>
<DT id="256">void <B>SSL_set_psk_client_callback</B>(<FONT SIZE="-1">SSL</FONT> *ssl, unsigned int (*callback)(<FONT SIZE="-1">SSL</FONT> *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));<DD>
<DT id="257">int <B>SSL_use_psk_identity_hint</B>(<FONT SIZE="-1">SSL</FONT> *ssl, const char *hint);<DD>
<DT id="258">void <B>SSL_set_psk_server_callback</B>(<FONT SIZE="-1">SSL</FONT> *ssl, unsigned int (*callback)(<FONT SIZE="-1">SSL</FONT> *ssl, const char *identity, unsigned char *psk, int max_psk_len));<DD>
<DT id="259">const char *<B>SSL_get_psk_identity_hint</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
<DT id="260">const char *<B>SSL_get_psk_identity</B>(<FONT SIZE="-1">SSL</FONT> *ssl);<DD>
</DL>
<A NAME="lbAM">&nbsp;</A>
<H2>RETURN VALUES</H2>
See the individual manual pages for details.
<A NAME="lbAN">&nbsp;</A>
<H2>SEE ALSO</H2>
<B><A HREF="/cgi-bin/man/man2html?1+openssl">openssl</A></B>(1), <B><A HREF="/cgi-bin/man/man2html?7+crypto">crypto</A></B>(7),
<B><A HREF="/cgi-bin/man/man2html?3+CRYPTO_get_ex_new_index">CRYPTO_get_ex_new_index</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_accept">SSL_accept</A></B>(3), <B><A HREF="/cgi-bin/man/man2html?3+SSL_clear">SSL_clear</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_connect">SSL_connect</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CIPHER_get_name">SSL_CIPHER_get_name</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_COMP_add_compression_method">SSL_COMP_add_compression_method</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_add_extra_chain_cert">SSL_CTX_add_extra_chain_cert</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_add_session">SSL_CTX_add_session</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_ctrl">SSL_CTX_ctrl</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_flush_sessions">SSL_CTX_flush_sessions</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_get_verify_mode">SSL_CTX_get_verify_mode</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_load_verify_locations">SSL_CTX_load_verify_locations</A></B>(3)
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_new">SSL_CTX_new</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_sess_number">SSL_CTX_sess_number</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_sess_set_cache_size">SSL_CTX_sess_set_cache_size</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_sess_set_get_cb">SSL_CTX_sess_set_get_cb</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_sessions">SSL_CTX_sessions</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_cert_store">SSL_CTX_set_cert_store</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_cert_verify_callback">SSL_CTX_set_cert_verify_callback</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_cipher_list">SSL_CTX_set_cipher_list</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_client_CA_list">SSL_CTX_set_client_CA_list</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_client_cert_cb">SSL_CTX_set_client_cert_cb</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_default_passwd_cb">SSL_CTX_set_default_passwd_cb</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_generate_session_id">SSL_CTX_set_generate_session_id</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_info_callback">SSL_CTX_set_info_callback</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_max_cert_list">SSL_CTX_set_max_cert_list</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_mode">SSL_CTX_set_mode</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_msg_callback">SSL_CTX_set_msg_callback</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_options">SSL_CTX_set_options</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_quiet_shutdown">SSL_CTX_set_quiet_shutdown</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_read_ahead">SSL_CTX_set_read_ahead</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_security_level">SSL_CTX_set_security_level</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_session_cache_mode">SSL_CTX_set_session_cache_mode</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_session_id_context">SSL_CTX_set_session_id_context</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_ssl_version">SSL_CTX_set_ssl_version</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_timeout">SSL_CTX_set_timeout</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_tmp_dh_callback">SSL_CTX_set_tmp_dh_callback</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_verify">SSL_CTX_set_verify</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_use_certificate">SSL_CTX_use_certificate</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_alert_type_string">SSL_alert_type_string</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_do_handshake">SSL_do_handshake</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_enable_ct">SSL_enable_ct</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_SSL_CTX">SSL_get_SSL_CTX</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_ciphers">SSL_get_ciphers</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_client_CA_list">SSL_get_client_CA_list</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_default_timeout">SSL_get_default_timeout</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_error">SSL_get_error</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_ex_data_X509_STORE_CTX_idx">SSL_get_ex_data_X509_STORE_CTX_idx</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_fd">SSL_get_fd</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_peer_cert_chain">SSL_get_peer_cert_chain</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_rbio">SSL_get_rbio</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_session">SSL_get_session</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_verify_result">SSL_get_verify_result</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_version">SSL_get_version</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_load_client_CA_file">SSL_load_client_CA_file</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_new">SSL_new</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_pending">SSL_pending</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_read_ex">SSL_read_ex</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_read">SSL_read</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_rstate_string">SSL_rstate_string</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_session_reused">SSL_session_reused</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_set_bio">SSL_set_bio</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_set_connect_state">SSL_set_connect_state</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_set_fd">SSL_set_fd</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_set_session">SSL_set_session</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_set_shutdown">SSL_set_shutdown</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_shutdown">SSL_shutdown</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_state_string">SSL_state_string</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_want">SSL_want</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_write_ex">SSL_write_ex</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_write">SSL_write</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_SESSION_free">SSL_SESSION_free</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_SESSION_get_time">SSL_SESSION_get_time</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+d2i_SSL_SESSION">d2i_SSL_SESSION</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_set_psk_client_callback">SSL_CTX_set_psk_client_callback</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_CTX_use_psk_identity_hint">SSL_CTX_use_psk_identity_hint</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+SSL_get_psk_identity">SSL_get_psk_identity</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+DTLSv1_listen">DTLSv1_listen</A></B>(3)
<A NAME="lbAO">&nbsp;</A>
<H2>HISTORY</H2>
<B>SSLv2_client_method</B>, <B>SSLv2_server_method</B> and <B>SSLv2_method</B> were removed
in OpenSSL 1.1.0.
<P>
The return type of <B>SSL_copy_session_id</B> was changed from void to int in
OpenSSL 1.1.0.
<A NAME="lbAP">&nbsp;</A>
<H2>COPYRIGHT</H2>
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
<P>
Licensed under the OpenSSL license (the ``License''). You may not use
this file except in compliance with the License. You can obtain a copy
in the file <FONT SIZE="-1">LICENSE</FONT> in the source distribution or at
&lt;<A HREF="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</A>&gt;.
<P>
<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT id="261"><A HREF="#lbAB">NAME</A><DD>
<DT id="262"><A HREF="#lbAC">SYNOPSIS</A><DD>
<DT id="263"><A HREF="#lbAD">DESCRIPTION</A><DD>
<DT id="264"><A HREF="#lbAE">DATA STRUCTURES</A><DD>
<DT id="265"><A HREF="#lbAF">HEADER FILES</A><DD>
<DT id="266"><A HREF="#lbAG">API FUNCTIONS</A><DD>
<DL>
<DT id="267"><A HREF="#lbAH">Dealing with Protocol Methods</A><DD>
<DT id="268"><A HREF="#lbAI">Dealing with Ciphers</A><DD>
<DT id="269"><A HREF="#lbAJ">Dealing with Protocol Contexts</A><DD>
<DT id="270"><A HREF="#lbAK">Dealing with Sessions</A><DD>
<DT id="271"><A HREF="#lbAL">Dealing with Connections</A><DD>
</DL>
<DT id="272"><A HREF="#lbAM">RETURN VALUES</A><DD>
<DT id="273"><A HREF="#lbAN">SEE ALSO</A><DD>
<DT id="274"><A HREF="#lbAO">HISTORY</A><DD>
<DT id="275"><A HREF="#lbAP">COPYRIGHT</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 00:06:10 GMT, March 31, 2021
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink