NetBSD/lib/libcrypto/man/ssl.3

997 lines
42 KiB
Groff
Raw Normal View History

.rn '' }`
'''
'''
.de Sh
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp
.if t .sp .5v
.if n .sp
..
.de Ip
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.de Vb
.ft CW
.nf
.ne \\$1
..
.de Ve
.ft R
.fi
..
'''
'''
''' Set up \*(-- to give an unbreakable dash;
''' string Tr holds user defined translation string.
''' Bell System Logo is used as a dummy character.
'''
.tr \(*W-|\(bv\*(Tr
.ie n \{\
.ds -- \(*W-
.ds PI pi
.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
.ds L" ""
.ds R" ""
''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
''' \*(L" and \*(R", except that they are used on ".xx" lines,
''' such as .IP and .SH, which do another additional levels of
''' double-quote interpretation
.ds M" """
.ds S" """
.ds N" """""
.ds T" """""
.ds L' '
.ds R' '
.ds M' '
.ds S' '
.ds N' '
.ds T' '
'br\}
.el\{\
.ds -- \(em\|
.tr \*(Tr
.ds L" ``
.ds R" ''
.ds M" ``
.ds S" ''
.ds N" ``
.ds T" ''
.ds L' `
.ds R' '
.ds M' `
.ds S' '
.ds N' `
.ds T' '
.ds PI \(*p
'br\}
.\" If the F register is turned on, we'll generate
.\" index entries out stderr for the following things:
.\" TH Title
.\" SH Header
.\" Sh Subsection
.\" Ip Item
.\" X<> Xref (embedded
.\" Of course, you have to process the output yourself
.\" in some meaninful fashion.
.if \nF \{
.de IX
.tm Index:\\$1\t\\n%\t"\\$2"
..
.nr % 0
.rr F
.\}
.TH ssl 3 "0.9.5a" "22/Jul/2000" "OpenSSL"
.UC
.if n .hy 0
.if n .na
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.de CQ \" put $1 in typewriter font
.ft CW
'if n "\c
'if t \\&\\$1\c
'if n \\&\\$1\c
'if n \&"
\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
'.ft R
..
.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
. \" AM - accent mark definitions
.bd B 3
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds ? ?
. ds ! !
. ds /
. ds q
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.ds oe o\h'-(\w'o'u*4/10)'e
.ds Oe O\h'-(\w'O'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds v \h'-1'\o'\(aa\(ga'
. ds _ \h'-1'^
. ds . \h'-1'.
. ds 3 3
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
. ds oe oe
. ds Oe OE
.\}
.rm #[ #] #H #V #F C
.SH "NAME"
SSL \- OpenSSL SSL/TLS library
.SH "LIBRARY"
libcrypto, -lcrypto
.SH "SYNOPSIS"
.SH "DESCRIPTION"
The OpenSSL \fBssl\fR library implements the Secure Sockets Layer (SSL v2/v3) and
Transport Layer Security (TLS v1) protocols. It provides a rich API which is
documented here.
.SH "HEADER FILES"
Currently the OpenSSL \fBssl\fR library provides the following C header files
containing the prototypes for the data structures and and functions:
.Ip "\fBssl.h\fR" 4
That's the common header file for the \s-1SSL/TLS\s0 \s-1API\s0. Include it into your
program to make the \s-1API\s0 of the \fBssl\fR library available. It internally
includes both more private \s-1SSL\s0 headers and headers from the \fBcrypto\fR library.
Whenever you need hard-core details on the internals of the \s-1SSL\s0 \s-1API\s0, look
inside this header file.
.Ip "\fBssl2.h\fR" 4
That's the sub header file dealing with the SSLv2 protocol only.
\fIUsually you don't have to include it explicitly because
it's already included by ssl.h\fR.
.Ip "\fBssl3.h\fR" 4
That's the sub header file dealing with the SSLv3 protocol only.
\fIUsually you don't have to include it explicitly because
it's already included by ssl.h\fR.
.Ip "\fBssl23.h\fR" 4
That's the sub header file dealing with the combined use of the SSLv2 and
SSLv3 protocols.
\fIUsually you don't have to include it explicitly because
it's already included by ssl.h\fR.
.Ip "\fBtls1.h\fR" 4
That's the sub header file dealing with the TLSv1 protocol only.
\fIUsually you don't have to include it explicitly because
it's already included by ssl.h\fR.
.SH "DATA STRUCTURES"
Currently the OpenSSL \fBssl\fR library functions deals with the following data
structures:
.Ip "\fB\s-1SSL_METHOD\s0\fR (\s-1SSL\s0 Method)" 4
That's a dispatch structure describing the internal \fBssl\fR library
methods/functions which implement the various protocol versions (SSLv1, SSLv2
and TLSv1). It's needed to create an \fB\s-1SSL_CTX\s0\fR.
.Ip "\fB\s-1SSL_CIPHER\s0\fR (\s-1SSL\s0 Cipher)" 4
This structure holds the algorithm information for a particular cipher which
are a core part of the \s-1SSL/TLS\s0 protocol. The available ciphers are configured
on a \fB\s-1SSL_CTX\s0\fR basis and the actually used ones are then part of the
\fB\s-1SSL_SESSION\s0\fR.
.Ip "\fB\s-1SSL_CTX\s0\fR (\s-1SSL\s0 Context)" 4
That's the global context structure which is created by a server or client
once per program life-time and which holds mainly default values for the
\fB\s-1SSL\s0\fR structures which are later created for the connections.
.Ip "\fB\s-1SSL_SESSION\s0\fR (\s-1SSL\s0 Session)" 4
This is a structure containing the current \s-1SSL\s0 session details for a
connection: \fB\s-1SSL_CIPHER\s0\fRs, client and server certificates, keys, etc.
.Ip "\fB\s-1SSL\s0\fR (\s-1SSL\s0 Connection)" 4
That's the main \s-1SSL/TLS\s0 structure which is created by a server or client per
established connection. This actually is the core structure in the \s-1SSL\s0 \s-1API\s0.
Under run-time the application usually deals with this structure which has
links to mostly all other structures.
.SH "API FUNCTIONS"
Currently the OpenSSL \fBssl\fR library exports 214 API functions.
They are documented in the following:
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1METHODS\s0"
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
protocol methods defined in \fB\s-1SSL_METHOD\s0\fR structures.
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv2_client_method\fR(void);" 4
Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for a dedicated client.
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv2_server_method\fR(void);" 4
Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for a dedicated server.
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv2_method\fR(void);" 4
Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for combined client and server.
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv3_client_method\fR(void);" 4
Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for a dedicated client.
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv3_server_method\fR(void);" 4
Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for a dedicated server.
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv3_method\fR(void);" 4
Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for combined client and server.
.Ip "\s-1SSL_METHOD\s0 *\fBTLSv1_client_method\fR(void);" 4
Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated client.
.Ip "\s-1SSL_METHOD\s0 *\fBTLSv1_server_method\fR(void);" 4
Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated server.
.Ip "\s-1SSL_METHOD\s0 *\fBTLSv1_method\fR(void);" 4
Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for combined client and server.
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1CIPHERS\s0"
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
ciphers defined in \fB\s-1SSL_CIPHER\s0\fR structures.
.Ip "char *\fBSSL_CIPHER_description\fR(\s-1SSL_CIPHER\s0 *cipher, char *buf, int len);" 4
Write a string to \fIbuf\fR (with a maximum size of \fIlen\fR) containing a human
readable description of \fIcipher\fR. Returns \fIbuf\fR.
.Ip "int \fBSSL_CIPHER_get_bits\fR(\s-1SSL_CIPHER\s0 *cipher, int *alg_bits);" 4
Determine the number of bits in \fIcipher\fR. Because of export crippled ciphers
there are two bits: The bits the algorithm supports in general (stored to
\fIalg_bits\fR) and the bits which are actually used (the return value).
.Ip "char *\fBSSL_CIPHER_get_name\fR(\s-1SSL_CIPHER\s0 *cipher);" 4
Return the internal name of \fIcipher\fR as a string. These are the various
strings defined by the \fISSL2_TXT_xxx\fR, \fISSL3_TXT_xxx\fR and \fITLS1_TXT_xxx\fR
definitions in the header files.
.Ip "char *\fBSSL_CIPHER_get_version\fR(\s-1SSL_CIPHER\s0 *cipher);" 4
Returns a string like \*(L"\f(CWTLSv1/SSLv3\fR\*(R" or \*(L"\f(CWSSLv2\fR\*(R" which indicates the
\s-1SSL/TLS\s0 protocol version to which \fIcipher\fR belongs (i.e. where it was defined
in the specification the first time).
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1CONTEXTS\s0"
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
protocol context defined in the \fB\s-1SSL_CTX\s0\fR structure.
.Ip "int \fBSSL_CTX_add_client_CA\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4
.Ip "long \fBSSL_CTX_add_extra_chain_cert\fR(\s-1SSL_CTX\s0 *ctx, X509 *x509);" 4
.Ip "int \fBSSL_CTX_add_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);" 4
.Ip "int \fBSSL_CTX_check_private_key\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "long \fBSSL_CTX_ctrl\fR(\s-1SSL_CTX\s0 *ctx, int cmd, long larg, char *parg);" 4
.Ip "void \fBSSL_CTX_flush_sessions\fR(\s-1SSL_CTX\s0 *s, long t);" 4
.Ip "void \fBSSL_CTX_free\fR(\s-1SSL_CTX\s0 *a);" 4
.Ip "char *\fBSSL_CTX_get_app_data\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "X509_STORE *\fBSSL_CTX_get_cert_store\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "\s-1STACK\s0 *\fBSSL_CTX_get_client_CA_list\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int (*\fBSSL_CTX_get_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey);" 4
.Ip "char *\fBSSL_CTX_get_ex_data\fR(\s-1SSL_CTX\s0 *s, int idx);" 4
.Ip "int \fBSSL_CTX_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4
.Ip "void (*\fBSSL_CTX_get_info_callback\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, int cb, int ret);" 4
.Ip "int \fBSSL_CTX_get_quiet_shutdown\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_get_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "long \fBSSL_CTX_get_timeout\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int (*\fBSSL_CTX_get_verify_callback\fR(\s-1SSL_CTX\s0 *ctx))(int ok, X509_STORE_CTX *ctx);" 4
.Ip "int \fBSSL_CTX_get_verify_mode\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_load_verify_locations\fR(\s-1SSL_CTX\s0 *ctx, char *CAfile, char *CApath);" 4
.Ip "long \fBSSL_CTX_need_tmp_RSA\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "\s-1SSL_CTX\s0 *\fBSSL_CTX_new\fR(\s-1SSL_METHOD\s0 *meth);" 4
.Ip "int \fBSSL_CTX_remove_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);" 4
.Ip "int \fBSSL_CTX_sess_accept\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_accept_good\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_accept_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_cache_full\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_cb_hits\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_connect\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_connect_good\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_connect_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_get_cache_size\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "\s-1SSL_SESSION\s0 *(*\fBSSL_CTX_sess_get_get_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy);" 4
.Ip "int (*\fBSSL_CTX_sess_get_new_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess);" 4
.Ip "void (*\fBSSL_CTX_sess_get_remove_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess);" 4
.Ip "int \fBSSL_CTX_sess_hits\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_misses\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_sess_number\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "void \fBSSL_CTX_sess_set_cache_size\fR(\s-1SSL_CTX\s0 *ctx,t);" 4
.Ip "void \fBSSL_CTX_sess_set_get_cb\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *(*cb)(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy));" 4
.Ip "void \fBSSL_CTX_sess_set_new_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess));" 4
.Ip "void \fBSSL_CTX_sess_set_remove_cb\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess));" 4
.Ip "int \fBSSL_CTX_sess_timeouts\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "\s-1LHASH\s0 *\fBSSL_CTX_sessions\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "void \fBSSL_CTX_set_app_data\fR(\s-1SSL_CTX\s0 *ctx, void *arg);" 4
.Ip "void \fBSSL_CTX_set_cert_store\fR(\s-1SSL_CTX\s0 *ctx, X509_STORE *cs);" 4
.Ip "void \fBSSL_CTX_set_cert_verify_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL_CTX\s0 *), char *arg)" 4
.Ip "int \fBSSL_CTX_set_cipher_list\fR(\s-1SSL_CTX\s0 *ctx, char *str);" 4
.Ip "void \fBSSL_CTX_set_client_CA_list\fR(\s-1SSL_CTX\s0 *ctx, \s-1STACK\s0 *list);" 4
.Ip "void \fBSSL_CTX_set_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey));" 4
.Ip "void \fBSSL_CTX_set_default_passwd_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb);(void))" 4
.Ip "void \fBSSL_CTX_set_default_read_ahead\fR(\s-1SSL_CTX\s0 *ctx, int m);" 4
.Ip "int \fBSSL_CTX_set_default_verify_paths\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "int \fBSSL_CTX_set_ex_data\fR(\s-1SSL_CTX\s0 *s, int idx, char *arg);" 4
.Ip "void \fBSSL_CTX_set_info_callback\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL\s0 *ssl, int cb, int ret));" 4
.Ip "void \fBSSL_CTX_set_options\fR(\s-1SSL_CTX\s0 *ctx, unsigned long op);" 4
.Ip "void \fBSSL_CTX_set_quiet_shutdown\fR(\s-1SSL_CTX\s0 *ctx, int mode);" 4
.Ip "void \fBSSL_CTX_set_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx, int mode);" 4
.Ip "int \fBSSL_CTX_set_ssl_version\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_METHOD\s0 *meth);" 4
.Ip "void \fBSSL_CTX_set_timeout\fR(\s-1SSL_CTX\s0 *ctx, long t);" 4
.Ip "long \fBSSL_CTX_set_tmp_dh\fR(\s-1SSL_CTX\s0* ctx, \s-1DH\s0 *dh);" 4
.Ip "long \fBSSL_CTX_set_tmp_dh_callback\fR(\s-1SSL_CTX\s0 *ctx, \s-1DH\s0 *(*cb)(void));" 4
.Ip "long \fBSSL_CTX_set_tmp_rsa\fR(\s-1SSL_CTX\s0 *ctx, \s-1RSA\s0 *rsa);" 4
.Ip "SSL_CTX_set_tmp_rsa_callback" 4
\f(CWlong \fBSSL_CTX_set_tmp_rsa_callback\fR(SSL_CTX *\fBctx\fR, RSA *(*\fBcb\fR)(SSL *\fBssl\fR, int \fBexport\fR, int \fBkeylength\fR));\fR
.Sp
Sets the callback which will be called when a temporary private key is
required. The \fB\f(CWexport\fR\fR flag will be set if the reason for needing
a temp key is that an export ciphersuite is in use, in which case,
\fB\f(CWkeylength\fR\fR will contain the required keylength in bits. Generate a key of
appropriate size (using ???) and return it.
.Ip "SSL_set_tmp_rsa_callback" 4
long \fBSSL_set_tmp_rsa_callback\fR(\s-1SSL\s0 *ssl, \s-1RSA\s0 *(*cb)(\s-1SSL\s0 *ssl, int export, int keylength));
.Sp
The same as the section on \fISSL_CTX_set_tmp_rsa_callback\fR, except it operates on an \s-1SSL\s0
session instead of a context.
.Ip "void \fBSSL_CTX_set_verify\fR(\s-1SSL_CTX\s0 *ctx, int mode, int (*cb);(void))" 4
.Ip "int \fBSSL_CTX_use_PrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1EVP_PKEY\s0 *pkey);" 4
.Ip "int \fBSSL_CTX_use_PrivateKey_ASN1\fR(int type, \s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);" 4
.Ip "int \fBSSL_CTX_use_PrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4
.Ip "int \fBSSL_CTX_use_RSAPrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1RSA\s0 *rsa);" 4
.Ip "int \fBSSL_CTX_use_RSAPrivateKey_ASN1\fR(\s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);" 4
.Ip "int \fBSSL_CTX_use_RSAPrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4
.Ip "int \fBSSL_CTX_use_certificate\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4
.Ip "int \fBSSL_CTX_use_certificate_ASN1\fR(\s-1SSL_CTX\s0 *ctx, int len, unsigned char *d);" 4
.Ip "int \fBSSL_CTX_use_certificate_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1SESSIONS\s0"
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
sessions defined in the \fB\s-1SSL_SESSION\s0\fR structures.
.Ip "int \fBSSL_SESSION_cmp\fR(\s-1SSL_SESSION\s0 *a, \s-1SSL_SESSION\s0 *b);" 4
.Ip "void \fBSSL_SESSION_free\fR(\s-1SSL_SESSION\s0 *ss);" 4
.Ip "char *\fBSSL_SESSION_get_app_data\fR(\s-1SSL_SESSION\s0 *s);" 4
.Ip "char *\fBSSL_SESSION_get_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx);" 4
.Ip "int \fBSSL_SESSION_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4
.Ip "long \fBSSL_SESSION_get_time\fR(\s-1SSL_SESSION\s0 *s);" 4
.Ip "long \fBSSL_SESSION_get_timeout\fR(\s-1SSL_SESSION\s0 *s);" 4
.Ip "unsigned long \fBSSL_SESSION_hash\fR(\s-1SSL_SESSION\s0 *a);" 4
.Ip "\s-1SSL_SESSION\s0 *\fBSSL_SESSION_new\fR(void);" 4
.Ip "int \fBSSL_SESSION_print\fR(\s-1BIO\s0 *bp, \s-1SSL_SESSION\s0 *x);" 4
.Ip "int \fBSSL_SESSION_print_fp\fR(\s-1FILE\s0 *fp, \s-1SSL_SESSION\s0 *x);" 4
.Ip "void \fBSSL_SESSION_set_app_data\fR(\s-1SSL_SESSION\s0 *s, char *a);" 4
.Ip "int \fBSSL_SESSION_set_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx, char *arg);" 4
.Ip "long \fBSSL_SESSION_set_time\fR(\s-1SSL_SESSION\s0 *s, long t);" 4
.Ip "long \fBSSL_SESSION_set_timeout\fR(\s-1SSL_SESSION\s0 *s, long t);" 4
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1CONNECTIONS\s0"
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
connection defined in the \fB\s-1SSL\s0\fR structure.
.Ip "int \fBSSL_accept\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_add_dir_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *dir);" 4
.Ip "int \fBSSL_add_file_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *file);" 4
.Ip "int \fBSSL_add_client_CA\fR(\s-1SSL\s0 *ssl, X509 *x);" 4
.Ip "char *\fBSSL_alert_desc_string\fR(int value);" 4
.Ip "char *\fBSSL_alert_desc_string_long\fR(int value);" 4
.Ip "char *\fBSSL_alert_type_string\fR(int value);" 4
.Ip "char *\fBSSL_alert_type_string_long\fR(int value);" 4
.Ip "int \fBSSL_check_private_key\fR(\s-1SSL\s0 *ssl);" 4
.Ip "void \fBSSL_clear\fR(\s-1SSL\s0 *ssl);" 4
.Ip "long \fBSSL_clear_num_renegotiations\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_connect\fR(\s-1SSL\s0 *ssl);" 4
.Ip "void \fBSSL_copy_session_id\fR(\s-1SSL\s0 *t, \s-1SSL\s0 *f);" 4
.Ip "long \fBSSL_ctrl\fR(\s-1SSL\s0 *ssl, int cmd, long larg, char *parg);" 4
.Ip "int \fBSSL_do_handshake\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1SSL\s0 *\fBSSL_dup\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1STACK\s0 *\fBSSL_dup_CA_list\fR(\s-1STACK\s0 *sk);" 4
.Ip "void \fBSSL_free\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1SSL_CTX\s0 *\fBSSL_get_SSL_CTX\fR(\s-1SSL\s0 *ssl);" 4
.Ip "char *\fBSSL_get_app_data\fR(\s-1SSL\s0 *ssl);" 4
.Ip "X509 *\fBSSL_get_certificate\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1SSL_CIPHER\s0 *\fBSSL_get_cipher\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_get_cipher_bits\fR(\s-1SSL\s0 *ssl, int *alg_bits);" 4
.Ip "char *\fBSSL_get_cipher_list\fR(\s-1SSL\s0 *ssl, int n);" 4
.Ip "char *\fBSSL_get_cipher_name\fR(\s-1SSL\s0 *ssl);" 4
.Ip "char *\fBSSL_get_cipher_version\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1STACK\s0 *\fBSSL_get_ciphers\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1STACK\s0 *\fBSSL_get_client_CA_list\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1SSL_CIPHER\s0 *\fBSSL_get_current_cipher\fR(\s-1SSL\s0 *ssl);" 4
.Ip "long \fBSSL_get_default_timeout\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_get_error\fR(\s-1SSL\s0 *ssl, int i);" 4
.Ip "char *\fBSSL_get_ex_data\fR(\s-1SSL\s0 *ssl, int idx);" 4
.Ip "int \fBSSL_get_ex_data_X509_STORE_CTX_idx\fR(void);" 4
.Ip "int \fBSSL_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4
.Ip "int \fBSSL_get_fd\fR(\s-1SSL\s0 *ssl);" 4
.Ip "void (*\fBSSL_get_info_callback\fR(\s-1SSL\s0 *ssl);)(void)" 4
.Ip "\s-1STACK\s0 *\fBSSL_get_peer_cert_chain\fR(\s-1SSL\s0 *ssl);" 4
.Ip "X509 *\fBSSL_get_peer_certificate\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1EVP_PKEY\s0 *\fBSSL_get_privatekey\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_get_quiet_shutdown\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1BIO\s0 *\fBSSL_get_rbio\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_get_read_ahead\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1SSL_SESSION\s0 *\fBSSL_get_session\fR(\s-1SSL\s0 *ssl);" 4
.Ip "char *\fBSSL_get_shared_ciphers\fR(\s-1SSL\s0 *ssl, char *buf, int len);" 4
.Ip "int \fBSSL_get_shutdown\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1SSL_METHOD\s0 *\fBSSL_get_ssl_method\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_get_state\fR(\s-1SSL\s0 *ssl);" 4
.Ip "long \fBSSL_get_time\fR(\s-1SSL\s0 *ssl);" 4
.Ip "long \fBSSL_get_timeout\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int (*\fBSSL_get_verify_callback\fR(\s-1SSL\s0 *ssl);)(void)" 4
.Ip "int \fBSSL_get_verify_mode\fR(\s-1SSL\s0 *ssl);" 4
.Ip "long \fBSSL_get_verify_result\fR(\s-1SSL\s0 *ssl);" 4
.Ip "char *\fBSSL_get_version\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1BIO\s0 *\fBSSL_get_wbio\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_in_accept_init\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_in_before\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_in_connect_init\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_in_init\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_is_init_finished\fR(\s-1SSL\s0 *ssl);" 4
.Ip "\s-1STACK\s0 *\fBSSL_load_client_CA_file\fR(char *file);" 4
.Ip "void \fBSSL_load_error_strings\fR(void);" 4
.Ip "\s-1SSL\s0 *\fBSSL_new\fR(\s-1SSL_CTX\s0 *ctx);" 4
.Ip "long \fBSSL_num_renegotiations\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_peek\fR(\s-1SSL\s0 *ssl, char *buf, int num);" 4
.Ip "int \fBSSL_pending\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_read\fR(\s-1SSL\s0 *ssl, char *buf, int num);" 4
.Ip "int \fBSSL_renegotiate\fR(\s-1SSL\s0 *ssl);" 4
.Ip "char *\fBSSL_rstate_string\fR(\s-1SSL\s0 *ssl);" 4
.Ip "char *\fBSSL_rstate_string_long\fR(\s-1SSL\s0 *ssl);" 4
.Ip "long \fBSSL_session_reused\fR(\s-1SSL\s0 *ssl);" 4
.Ip "void \fBSSL_set_accept_state\fR(\s-1SSL\s0 *ssl);" 4
.Ip "void \fBSSL_set_app_data\fR(\s-1SSL\s0 *ssl, char *arg);" 4
.Ip "void \fBSSL_set_bio\fR(\s-1SSL\s0 *ssl, \s-1BIO\s0 *rbio, \s-1BIO\s0 *wbio);" 4
.Ip "int \fBSSL_set_cipher_list\fR(\s-1SSL\s0 *ssl, char *str);" 4
.Ip "void \fBSSL_set_client_CA_list\fR(\s-1SSL\s0 *ssl, \s-1STACK\s0 *list);" 4
.Ip "void \fBSSL_set_connect_state\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_set_ex_data\fR(\s-1SSL\s0 *ssl, int idx, char *arg);" 4
.Ip "int \fBSSL_set_fd\fR(\s-1SSL\s0 *ssl, int fd);" 4
.Ip "void \fBSSL_set_info_callback\fR(\s-1SSL\s0 *ssl, void (*cb);(void))" 4
.Ip "void \fBSSL_set_options\fR(\s-1SSL\s0 *ssl, unsigned long op);" 4
.Ip "void \fBSSL_set_quiet_shutdown\fR(\s-1SSL\s0 *ssl, int mode);" 4
.Ip "void \fBSSL_set_read_ahead\fR(\s-1SSL\s0 *ssl, int yes);" 4
.Ip "int \fBSSL_set_rfd\fR(\s-1SSL\s0 *ssl, int fd);" 4
.Ip "int \fBSSL_set_session\fR(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *session);" 4
.Ip "void \fBSSL_set_shutdown\fR(\s-1SSL\s0 *ssl, int mode);" 4
.Ip "int \fBSSL_set_ssl_method\fR(\s-1SSL\s0 *ssl, \s-1SSL_METHOD\s0 *meth);" 4
.Ip "void \fBSSL_set_time\fR(\s-1SSL\s0 *ssl, long t);" 4
.Ip "void \fBSSL_set_timeout\fR(\s-1SSL\s0 *ssl, long t);" 4
.Ip "void \fBSSL_set_verify\fR(\s-1SSL\s0 *ssl, int mode, int (*callback);(void))" 4
.Ip "void \fBSSL_set_verify_result\fR(\s-1SSL\s0 *ssl, long arg);" 4
.Ip "int \fBSSL_set_wfd\fR(\s-1SSL\s0 *ssl, int fd);" 4
.Ip "int \fBSSL_shutdown\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_state\fR(\s-1SSL\s0 *ssl);" 4
.Ip "char *\fBSSL_state_string\fR(\s-1SSL\s0 *ssl);" 4
.Ip "char *\fBSSL_state_string_long\fR(\s-1SSL\s0 *ssl);" 4
.Ip "long \fBSSL_total_renegotiations\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_use_PrivateKey\fR(\s-1SSL\s0 *ssl, \s-1EVP_PKEY\s0 *pkey);" 4
.Ip "int \fBSSL_use_PrivateKey_ASN1\fR(int type, \s-1SSL\s0 *ssl, unsigned char *d, long len);" 4
.Ip "int \fBSSL_use_PrivateKey_file\fR(\s-1SSL\s0 *ssl, char *file, int type);" 4
.Ip "int \fBSSL_use_RSAPrivateKey\fR(\s-1SSL\s0 *ssl, \s-1RSA\s0 *rsa);" 4
.Ip "int \fBSSL_use_RSAPrivateKey_ASN1\fR(\s-1SSL\s0 *ssl, unsigned char *d, long len);" 4
.Ip "int \fBSSL_use_RSAPrivateKey_file\fR(\s-1SSL\s0 *ssl, char *file, int type);" 4
.Ip "int \fBSSL_use_certificate\fR(\s-1SSL\s0 *ssl, X509 *x);" 4
.Ip "int \fBSSL_use_certificate_ASN1\fR(\s-1SSL\s0 *ssl, int len, unsigned char *d);" 4
.Ip "int \fBSSL_use_certificate_file\fR(\s-1SSL\s0 *ssl, char *file, int type);" 4
.Ip "int \fBSSL_version\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_want\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_want_nothing\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_want_read\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_want_write\fR(\s-1SSL\s0 *ssl);" 4
.Ip "int \fBSSL_want_x509_lookup\fR(s);" 4
.Ip "int \fBSSL_write\fR(\s-1SSL\s0 *ssl, char *buf, int num);" 4
.SH "SEE ALSO"
2000-10-04 10:46:13 +04:00
the \fIopenssl(1)|openssl(1)\fR manpage, the \fIcrypto(3)|crypto(3)\fR manpage,
the \fISSL_get_error(3)|SSL_get_error(3)\fR manpage
.SH "HISTORY"
2000-10-04 10:46:13 +04:00
The the \fIssl(3)|ssl(3)\fR manpage document appeared in OpenSSL 0.9.2
.rn }` ''
.IX Title "ssl 3"
.IX Name "SSL - OpenSSL SSL/TLS library"
.IX Header "NAME"
.IX Header "SYNOPSIS"
.IX Header "DESCRIPTION"
.IX Header "HEADER FILES"
.IX Item "\fBssl.h\fR"
.IX Item "\fBssl2.h\fR"
.IX Item "\fBssl3.h\fR"
.IX Item "\fBssl23.h\fR"
.IX Item "\fBtls1.h\fR"
.IX Header "DATA STRUCTURES"
.IX Item "\fB\s-1SSL_METHOD\s0\fR (\s-1SSL\s0 Method)"
.IX Item "\fB\s-1SSL_CIPHER\s0\fR (\s-1SSL\s0 Cipher)"
.IX Item "\fB\s-1SSL_CTX\s0\fR (\s-1SSL\s0 Context)"
.IX Item "\fB\s-1SSL_SESSION\s0\fR (\s-1SSL\s0 Session)"
.IX Item "\fB\s-1SSL\s0\fR (\s-1SSL\s0 Connection)"
.IX Header "API FUNCTIONS"
.IX Subsection "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1METHODS\s0"
.IX Item "\s-1SSL_METHOD\s0 *\fBSSLv2_client_method\fR(void);"
.IX Item "\s-1SSL_METHOD\s0 *\fBSSLv2_server_method\fR(void);"
.IX Item "\s-1SSL_METHOD\s0 *\fBSSLv2_method\fR(void);"
.IX Item "\s-1SSL_METHOD\s0 *\fBSSLv3_client_method\fR(void);"
.IX Item "\s-1SSL_METHOD\s0 *\fBSSLv3_server_method\fR(void);"
.IX Item "\s-1SSL_METHOD\s0 *\fBSSLv3_method\fR(void);"
.IX Item "\s-1SSL_METHOD\s0 *\fBTLSv1_client_method\fR(void);"
.IX Item "\s-1SSL_METHOD\s0 *\fBTLSv1_server_method\fR(void);"
.IX Item "\s-1SSL_METHOD\s0 *\fBTLSv1_method\fR(void);"
.IX Subsection "\s-1DEALING\s0 \s-1WITH\s0 \s-1CIPHERS\s0"
.IX Item "char *\fBSSL_CIPHER_description\fR(\s-1SSL_CIPHER\s0 *cipher, char *buf, int len);"
.IX Item "int \fBSSL_CIPHER_get_bits\fR(\s-1SSL_CIPHER\s0 *cipher, int *alg_bits);"
.IX Item "char *\fBSSL_CIPHER_get_name\fR(\s-1SSL_CIPHER\s0 *cipher);"
.IX Item "char *\fBSSL_CIPHER_get_version\fR(\s-1SSL_CIPHER\s0 *cipher);"
.IX Subsection "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1CONTEXTS\s0"
.IX Item "int \fBSSL_CTX_add_client_CA\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);"
.IX Item "long \fBSSL_CTX_add_extra_chain_cert\fR(\s-1SSL_CTX\s0 *ctx, X509 *x509);"
.IX Item "int \fBSSL_CTX_add_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);"
.IX Item "int \fBSSL_CTX_check_private_key\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "long \fBSSL_CTX_ctrl\fR(\s-1SSL_CTX\s0 *ctx, int cmd, long larg, char *parg);"
.IX Item "void \fBSSL_CTX_flush_sessions\fR(\s-1SSL_CTX\s0 *s, long t);"
.IX Item "void \fBSSL_CTX_free\fR(\s-1SSL_CTX\s0 *a);"
.IX Item "char *\fBSSL_CTX_get_app_data\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "X509_STORE *\fBSSL_CTX_get_cert_store\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "\s-1STACK\s0 *\fBSSL_CTX_get_client_CA_list\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int (*\fBSSL_CTX_get_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey);"
.IX Item "char *\fBSSL_CTX_get_ex_data\fR(\s-1SSL_CTX\s0 *s, int idx);"
.IX Item "int \fBSSL_CTX_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))"
.IX Item "void (*\fBSSL_CTX_get_info_callback\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, int cb, int ret);"
.IX Item "int \fBSSL_CTX_get_quiet_shutdown\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_get_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "long \fBSSL_CTX_get_timeout\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int (*\fBSSL_CTX_get_verify_callback\fR(\s-1SSL_CTX\s0 *ctx))(int ok, X509_STORE_CTX *ctx);"
.IX Item "int \fBSSL_CTX_get_verify_mode\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_load_verify_locations\fR(\s-1SSL_CTX\s0 *ctx, char *CAfile, char *CApath);"
.IX Item "long \fBSSL_CTX_need_tmp_RSA\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "\s-1SSL_CTX\s0 *\fBSSL_CTX_new\fR(\s-1SSL_METHOD\s0 *meth);"
.IX Item "int \fBSSL_CTX_remove_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);"
.IX Item "int \fBSSL_CTX_sess_accept\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_accept_good\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_accept_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_cache_full\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_cb_hits\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_connect\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_connect_good\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_connect_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_get_cache_size\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "\s-1SSL_SESSION\s0 *(*\fBSSL_CTX_sess_get_get_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy);"
.IX Item "int (*\fBSSL_CTX_sess_get_new_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess);"
.IX Item "void (*\fBSSL_CTX_sess_get_remove_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess);"
.IX Item "int \fBSSL_CTX_sess_hits\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_misses\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_sess_number\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "void \fBSSL_CTX_sess_set_cache_size\fR(\s-1SSL_CTX\s0 *ctx,t);"
.IX Item "void \fBSSL_CTX_sess_set_get_cb\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *(*cb)(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy));"
.IX Item "void \fBSSL_CTX_sess_set_new_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess));"
.IX Item "void \fBSSL_CTX_sess_set_remove_cb\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess));"
.IX Item "int \fBSSL_CTX_sess_timeouts\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "\s-1LHASH\s0 *\fBSSL_CTX_sessions\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "void \fBSSL_CTX_set_app_data\fR(\s-1SSL_CTX\s0 *ctx, void *arg);"
.IX Item "void \fBSSL_CTX_set_cert_store\fR(\s-1SSL_CTX\s0 *ctx, X509_STORE *cs);"
.IX Item "void \fBSSL_CTX_set_cert_verify_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL_CTX\s0 *), char *arg)"
.IX Item "int \fBSSL_CTX_set_cipher_list\fR(\s-1SSL_CTX\s0 *ctx, char *str);"
.IX Item "void \fBSSL_CTX_set_client_CA_list\fR(\s-1SSL_CTX\s0 *ctx, \s-1STACK\s0 *list);"
.IX Item "void \fBSSL_CTX_set_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey));"
.IX Item "void \fBSSL_CTX_set_default_passwd_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb);(void))"
.IX Item "void \fBSSL_CTX_set_default_read_ahead\fR(\s-1SSL_CTX\s0 *ctx, int m);"
.IX Item "int \fBSSL_CTX_set_default_verify_paths\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "int \fBSSL_CTX_set_ex_data\fR(\s-1SSL_CTX\s0 *s, int idx, char *arg);"
.IX Item "void \fBSSL_CTX_set_info_callback\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL\s0 *ssl, int cb, int ret));"
.IX Item "void \fBSSL_CTX_set_options\fR(\s-1SSL_CTX\s0 *ctx, unsigned long op);"
.IX Item "void \fBSSL_CTX_set_quiet_shutdown\fR(\s-1SSL_CTX\s0 *ctx, int mode);"
.IX Item "void \fBSSL_CTX_set_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx, int mode);"
.IX Item "int \fBSSL_CTX_set_ssl_version\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_METHOD\s0 *meth);"
.IX Item "void \fBSSL_CTX_set_timeout\fR(\s-1SSL_CTX\s0 *ctx, long t);"
.IX Item "long \fBSSL_CTX_set_tmp_dh\fR(\s-1SSL_CTX\s0* ctx, \s-1DH\s0 *dh);"
.IX Item "long \fBSSL_CTX_set_tmp_dh_callback\fR(\s-1SSL_CTX\s0 *ctx, \s-1DH\s0 *(*cb)(void));"
.IX Item "long \fBSSL_CTX_set_tmp_rsa\fR(\s-1SSL_CTX\s0 *ctx, \s-1RSA\s0 *rsa);"
.IX Item "SSL_CTX_set_tmp_rsa_callback"
.IX Item "SSL_set_tmp_rsa_callback"
.IX Item "void \fBSSL_CTX_set_verify\fR(\s-1SSL_CTX\s0 *ctx, int mode, int (*cb);(void))"
.IX Item "int \fBSSL_CTX_use_PrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1EVP_PKEY\s0 *pkey);"
.IX Item "int \fBSSL_CTX_use_PrivateKey_ASN1\fR(int type, \s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);"
.IX Item "int \fBSSL_CTX_use_PrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);"
.IX Item "int \fBSSL_CTX_use_RSAPrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1RSA\s0 *rsa);"
.IX Item "int \fBSSL_CTX_use_RSAPrivateKey_ASN1\fR(\s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);"
.IX Item "int \fBSSL_CTX_use_RSAPrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);"
.IX Item "int \fBSSL_CTX_use_certificate\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);"
.IX Item "int \fBSSL_CTX_use_certificate_ASN1\fR(\s-1SSL_CTX\s0 *ctx, int len, unsigned char *d);"
.IX Item "int \fBSSL_CTX_use_certificate_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);"
.IX Subsection "\s-1DEALING\s0 \s-1WITH\s0 \s-1SESSIONS\s0"
.IX Item "int \fBSSL_SESSION_cmp\fR(\s-1SSL_SESSION\s0 *a, \s-1SSL_SESSION\s0 *b);"
.IX Item "void \fBSSL_SESSION_free\fR(\s-1SSL_SESSION\s0 *ss);"
.IX Item "char *\fBSSL_SESSION_get_app_data\fR(\s-1SSL_SESSION\s0 *s);"
.IX Item "char *\fBSSL_SESSION_get_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx);"
.IX Item "int \fBSSL_SESSION_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))"
.IX Item "long \fBSSL_SESSION_get_time\fR(\s-1SSL_SESSION\s0 *s);"
.IX Item "long \fBSSL_SESSION_get_timeout\fR(\s-1SSL_SESSION\s0 *s);"
.IX Item "unsigned long \fBSSL_SESSION_hash\fR(\s-1SSL_SESSION\s0 *a);"
.IX Item "\s-1SSL_SESSION\s0 *\fBSSL_SESSION_new\fR(void);"
.IX Item "int \fBSSL_SESSION_print\fR(\s-1BIO\s0 *bp, \s-1SSL_SESSION\s0 *x);"
.IX Item "int \fBSSL_SESSION_print_fp\fR(\s-1FILE\s0 *fp, \s-1SSL_SESSION\s0 *x);"
.IX Item "void \fBSSL_SESSION_set_app_data\fR(\s-1SSL_SESSION\s0 *s, char *a);"
.IX Item "int \fBSSL_SESSION_set_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx, char *arg);"
.IX Item "long \fBSSL_SESSION_set_time\fR(\s-1SSL_SESSION\s0 *s, long t);"
.IX Item "long \fBSSL_SESSION_set_timeout\fR(\s-1SSL_SESSION\s0 *s, long t);"
.IX Subsection "\s-1DEALING\s0 \s-1WITH\s0 \s-1CONNECTIONS\s0"
.IX Item "int \fBSSL_accept\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_add_dir_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *dir);"
.IX Item "int \fBSSL_add_file_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *file);"
.IX Item "int \fBSSL_add_client_CA\fR(\s-1SSL\s0 *ssl, X509 *x);"
.IX Item "char *\fBSSL_alert_desc_string\fR(int value);"
.IX Item "char *\fBSSL_alert_desc_string_long\fR(int value);"
.IX Item "char *\fBSSL_alert_type_string\fR(int value);"
.IX Item "char *\fBSSL_alert_type_string_long\fR(int value);"
.IX Item "int \fBSSL_check_private_key\fR(\s-1SSL\s0 *ssl);"
.IX Item "void \fBSSL_clear\fR(\s-1SSL\s0 *ssl);"
.IX Item "long \fBSSL_clear_num_renegotiations\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_connect\fR(\s-1SSL\s0 *ssl);"
.IX Item "void \fBSSL_copy_session_id\fR(\s-1SSL\s0 *t, \s-1SSL\s0 *f);"
.IX Item "long \fBSSL_ctrl\fR(\s-1SSL\s0 *ssl, int cmd, long larg, char *parg);"
.IX Item "int \fBSSL_do_handshake\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1SSL\s0 *\fBSSL_dup\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1STACK\s0 *\fBSSL_dup_CA_list\fR(\s-1STACK\s0 *sk);"
.IX Item "void \fBSSL_free\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1SSL_CTX\s0 *\fBSSL_get_SSL_CTX\fR(\s-1SSL\s0 *ssl);"
.IX Item "char *\fBSSL_get_app_data\fR(\s-1SSL\s0 *ssl);"
.IX Item "X509 *\fBSSL_get_certificate\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1SSL_CIPHER\s0 *\fBSSL_get_cipher\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_get_cipher_bits\fR(\s-1SSL\s0 *ssl, int *alg_bits);"
.IX Item "char *\fBSSL_get_cipher_list\fR(\s-1SSL\s0 *ssl, int n);"
.IX Item "char *\fBSSL_get_cipher_name\fR(\s-1SSL\s0 *ssl);"
.IX Item "char *\fBSSL_get_cipher_version\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1STACK\s0 *\fBSSL_get_ciphers\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1STACK\s0 *\fBSSL_get_client_CA_list\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1SSL_CIPHER\s0 *\fBSSL_get_current_cipher\fR(\s-1SSL\s0 *ssl);"
.IX Item "long \fBSSL_get_default_timeout\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_get_error\fR(\s-1SSL\s0 *ssl, int i);"
.IX Item "char *\fBSSL_get_ex_data\fR(\s-1SSL\s0 *ssl, int idx);"
.IX Item "int \fBSSL_get_ex_data_X509_STORE_CTX_idx\fR(void);"
.IX Item "int \fBSSL_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))"
.IX Item "int \fBSSL_get_fd\fR(\s-1SSL\s0 *ssl);"
.IX Item "void (*\fBSSL_get_info_callback\fR(\s-1SSL\s0 *ssl);)(void)"
.IX Item "\s-1STACK\s0 *\fBSSL_get_peer_cert_chain\fR(\s-1SSL\s0 *ssl);"
.IX Item "X509 *\fBSSL_get_peer_certificate\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1EVP_PKEY\s0 *\fBSSL_get_privatekey\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_get_quiet_shutdown\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1BIO\s0 *\fBSSL_get_rbio\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_get_read_ahead\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1SSL_SESSION\s0 *\fBSSL_get_session\fR(\s-1SSL\s0 *ssl);"
.IX Item "char *\fBSSL_get_shared_ciphers\fR(\s-1SSL\s0 *ssl, char *buf, int len);"
.IX Item "int \fBSSL_get_shutdown\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1SSL_METHOD\s0 *\fBSSL_get_ssl_method\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_get_state\fR(\s-1SSL\s0 *ssl);"
.IX Item "long \fBSSL_get_time\fR(\s-1SSL\s0 *ssl);"
.IX Item "long \fBSSL_get_timeout\fR(\s-1SSL\s0 *ssl);"
.IX Item "int (*\fBSSL_get_verify_callback\fR(\s-1SSL\s0 *ssl);)(void)"
.IX Item "int \fBSSL_get_verify_mode\fR(\s-1SSL\s0 *ssl);"
.IX Item "long \fBSSL_get_verify_result\fR(\s-1SSL\s0 *ssl);"
.IX Item "char *\fBSSL_get_version\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1BIO\s0 *\fBSSL_get_wbio\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_in_accept_init\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_in_before\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_in_connect_init\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_in_init\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_is_init_finished\fR(\s-1SSL\s0 *ssl);"
.IX Item "\s-1STACK\s0 *\fBSSL_load_client_CA_file\fR(char *file);"
.IX Item "void \fBSSL_load_error_strings\fR(void);"
.IX Item "\s-1SSL\s0 *\fBSSL_new\fR(\s-1SSL_CTX\s0 *ctx);"
.IX Item "long \fBSSL_num_renegotiations\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_peek\fR(\s-1SSL\s0 *ssl, char *buf, int num);"
.IX Item "int \fBSSL_pending\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_read\fR(\s-1SSL\s0 *ssl, char *buf, int num);"
.IX Item "int \fBSSL_renegotiate\fR(\s-1SSL\s0 *ssl);"
.IX Item "char *\fBSSL_rstate_string\fR(\s-1SSL\s0 *ssl);"
.IX Item "char *\fBSSL_rstate_string_long\fR(\s-1SSL\s0 *ssl);"
.IX Item "long \fBSSL_session_reused\fR(\s-1SSL\s0 *ssl);"
.IX Item "void \fBSSL_set_accept_state\fR(\s-1SSL\s0 *ssl);"
.IX Item "void \fBSSL_set_app_data\fR(\s-1SSL\s0 *ssl, char *arg);"
.IX Item "void \fBSSL_set_bio\fR(\s-1SSL\s0 *ssl, \s-1BIO\s0 *rbio, \s-1BIO\s0 *wbio);"
.IX Item "int \fBSSL_set_cipher_list\fR(\s-1SSL\s0 *ssl, char *str);"
.IX Item "void \fBSSL_set_client_CA_list\fR(\s-1SSL\s0 *ssl, \s-1STACK\s0 *list);"
.IX Item "void \fBSSL_set_connect_state\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_set_ex_data\fR(\s-1SSL\s0 *ssl, int idx, char *arg);"
.IX Item "int \fBSSL_set_fd\fR(\s-1SSL\s0 *ssl, int fd);"
.IX Item "void \fBSSL_set_info_callback\fR(\s-1SSL\s0 *ssl, void (*cb);(void))"
.IX Item "void \fBSSL_set_options\fR(\s-1SSL\s0 *ssl, unsigned long op);"
.IX Item "void \fBSSL_set_quiet_shutdown\fR(\s-1SSL\s0 *ssl, int mode);"
.IX Item "void \fBSSL_set_read_ahead\fR(\s-1SSL\s0 *ssl, int yes);"
.IX Item "int \fBSSL_set_rfd\fR(\s-1SSL\s0 *ssl, int fd);"
.IX Item "int \fBSSL_set_session\fR(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *session);"
.IX Item "void \fBSSL_set_shutdown\fR(\s-1SSL\s0 *ssl, int mode);"
.IX Item "int \fBSSL_set_ssl_method\fR(\s-1SSL\s0 *ssl, \s-1SSL_METHOD\s0 *meth);"
.IX Item "void \fBSSL_set_time\fR(\s-1SSL\s0 *ssl, long t);"
.IX Item "void \fBSSL_set_timeout\fR(\s-1SSL\s0 *ssl, long t);"
.IX Item "void \fBSSL_set_verify\fR(\s-1SSL\s0 *ssl, int mode, int (*callback);(void))"
.IX Item "void \fBSSL_set_verify_result\fR(\s-1SSL\s0 *ssl, long arg);"
.IX Item "int \fBSSL_set_wfd\fR(\s-1SSL\s0 *ssl, int fd);"
.IX Item "int \fBSSL_shutdown\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_state\fR(\s-1SSL\s0 *ssl);"
.IX Item "char *\fBSSL_state_string\fR(\s-1SSL\s0 *ssl);"
.IX Item "char *\fBSSL_state_string_long\fR(\s-1SSL\s0 *ssl);"
.IX Item "long \fBSSL_total_renegotiations\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_use_PrivateKey\fR(\s-1SSL\s0 *ssl, \s-1EVP_PKEY\s0 *pkey);"
.IX Item "int \fBSSL_use_PrivateKey_ASN1\fR(int type, \s-1SSL\s0 *ssl, unsigned char *d, long len);"
.IX Item "int \fBSSL_use_PrivateKey_file\fR(\s-1SSL\s0 *ssl, char *file, int type);"
.IX Item "int \fBSSL_use_RSAPrivateKey\fR(\s-1SSL\s0 *ssl, \s-1RSA\s0 *rsa);"
.IX Item "int \fBSSL_use_RSAPrivateKey_ASN1\fR(\s-1SSL\s0 *ssl, unsigned char *d, long len);"
.IX Item "int \fBSSL_use_RSAPrivateKey_file\fR(\s-1SSL\s0 *ssl, char *file, int type);"
.IX Item "int \fBSSL_use_certificate\fR(\s-1SSL\s0 *ssl, X509 *x);"
.IX Item "int \fBSSL_use_certificate_ASN1\fR(\s-1SSL\s0 *ssl, int len, unsigned char *d);"
.IX Item "int \fBSSL_use_certificate_file\fR(\s-1SSL\s0 *ssl, char *file, int type);"
.IX Item "int \fBSSL_version\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_want\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_want_nothing\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_want_read\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_want_write\fR(\s-1SSL\s0 *ssl);"
.IX Item "int \fBSSL_want_x509_lookup\fR(s);"
.IX Item "int \fBSSL_write\fR(\s-1SSL\s0 *ssl, char *buf, int num);"
.IX Header "SEE ALSO"
.IX Header "HISTORY"