779 lines
40 KiB
Groff
779 lines
40 KiB
Groff
.\" $NetBSD: ssl.3,v 1.6 2001/04/12 10:45:51 itojun Exp $
|
|
.\"
|
|
.\" Automatically generated by Pod::Man version 1.02
|
|
.\" Thu Apr 12 19:27:36 2001
|
|
.\"
|
|
.\" Standard preamble:
|
|
.\" ======================================================================
|
|
.de Sh \" Subsection heading
|
|
.br
|
|
.if t .Sp
|
|
.ne 5
|
|
.PP
|
|
\fB\\$1\fR
|
|
.PP
|
|
..
|
|
.de Sp \" Vertical space (when we can't use .PP)
|
|
.if t .sp .5v
|
|
.if n .sp
|
|
..
|
|
.de Ip \" List item
|
|
.br
|
|
.ie \\n(.$>=3 .ne \\$3
|
|
.el .ne 3
|
|
.IP "\\$1" \\$2
|
|
..
|
|
.de Vb \" Begin verbatim text
|
|
.ft CW
|
|
.nf
|
|
.ne \\$1
|
|
..
|
|
.de Ve \" End verbatim text
|
|
.ft R
|
|
|
|
.fi
|
|
..
|
|
.\" Set up some character translations and predefined strings. \*(-- will
|
|
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
|
.\" double quote, and \*(R" will give a right double quote. | will give a
|
|
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
|
|
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
|
|
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
|
|
.tr \(*W-|\(bv\*(Tr
|
|
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
|
.ie n \{\
|
|
. ds -- \(*W-
|
|
. ds PI pi
|
|
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
|
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
|
. ds L" ""
|
|
. ds R" ""
|
|
. ds C` `
|
|
. ds C' '
|
|
'br\}
|
|
.el\{\
|
|
. ds -- \|\(em\|
|
|
. ds PI \(*p
|
|
. ds L" ``
|
|
. ds R" ''
|
|
'br\}
|
|
.\"
|
|
.\" If the F register is turned on, we'll generate index entries on stderr
|
|
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
|
|
.\" index entries marked with X<> in POD. Of course, you'll have to process
|
|
.\" the output yourself in some meaningful fashion.
|
|
.if \nF \{\
|
|
. de IX
|
|
. tm Index:\\$1\t\\n%\t"\\$2"
|
|
. .
|
|
. nr % 0
|
|
. rr F
|
|
.\}
|
|
.\"
|
|
.\" For nroff, turn off justification. Always turn off hyphenation; it
|
|
.\" makes way too many mistakes in technical documents.
|
|
.hy 0
|
|
.if n .na
|
|
.\"
|
|
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
|
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
|
.bd B 3
|
|
. \" fudge factors for nroff and troff
|
|
.if n \{\
|
|
. ds #H 0
|
|
. ds #V .8m
|
|
. ds #F .3m
|
|
. ds #[ \f1
|
|
. ds #] \fP
|
|
.\}
|
|
.if t \{\
|
|
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
|
. ds #V .6m
|
|
. ds #F 0
|
|
. ds #[ \&
|
|
. ds #] \&
|
|
.\}
|
|
. \" simple accents for nroff and troff
|
|
.if n \{\
|
|
. ds ' \&
|
|
. ds ` \&
|
|
. ds ^ \&
|
|
. ds , \&
|
|
. ds ~ ~
|
|
. ds /
|
|
.\}
|
|
.if t \{\
|
|
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
|
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
|
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
|
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
|
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
|
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
|
.\}
|
|
. \" troff and (daisy-wheel) nroff accents
|
|
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
|
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
|
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
|
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
|
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
|
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
|
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
|
.ds ae a\h'-(\w'a'u*4/10)'e
|
|
.ds Ae A\h'-(\w'A'u*4/10)'E
|
|
. \" corrections for vroff
|
|
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
|
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
|
. \" for low resolution devices (crt and lpr)
|
|
.if \n(.H>23 .if \n(.V>19 \
|
|
\{\
|
|
. ds : e
|
|
. ds 8 ss
|
|
. ds o a
|
|
. ds d- d\h'-1'\(ga
|
|
. ds D- D\h'-1'\(hy
|
|
. ds th \o'bp'
|
|
. ds Th \o'LP'
|
|
. ds ae ae
|
|
. ds Ae AE
|
|
.\}
|
|
.rm #[ #] #H #V #F C
|
|
.\" ======================================================================
|
|
.\"
|
|
.IX Title "ssl 3"
|
|
.TH ssl 3 "0.9.6a" "2001-04-12" "OpenSSL"
|
|
.UC
|
|
.SH "NAME"
|
|
\&\s-1SSL\s0 \- OpenSSL \s-1SSL/TLS\s0 library
|
|
.SH "LIBRARY"
|
|
libcrypto, -lcrypto
|
|
.SH "SYNOPSIS"
|
|
.IX Header "SYNOPSIS"
|
|
.SH "DESCRIPTION"
|
|
.IX Header "DESCRIPTION"
|
|
The OpenSSL \fBssl\fR library implements the Secure Sockets Layer (\s-1SSL\s0 v2/v3) and
|
|
Transport Layer Security (\s-1TLS\s0 v1) protocols. It provides a rich \s-1API\s0 which is
|
|
documented here.
|
|
.PP
|
|
At first the library must be initialized; see
|
|
SSL_library_init(3).
|
|
.PP
|
|
Then an \fB\s-1SSL_CTX\s0\fR object is created as a framework to establish
|
|
\&\s-1TLS/SSL\s0 enabled connections (see SSL_CTX_new(3)).
|
|
Various options regarding certificates, algorithms etc. can be set
|
|
in this object.
|
|
.PP
|
|
When a network connection has been created, it can be assigned to an
|
|
\&\fB\s-1SSL\s0\fR object. After the \fB\s-1SSL\s0\fR object has been created using
|
|
SSL_new(3), SSL_set_fd(3) or
|
|
SSL_set_bio(3) can be used to associate the network
|
|
connection with the object.
|
|
.PP
|
|
Then the \s-1TLS/SSL\s0 handshake is performed using
|
|
SSL_accept(3) or SSL_connect(3)
|
|
respectively.
|
|
SSL_read(3) and SSL_write(3) are used
|
|
to read and write data on the \s-1TLS/SSL\s0 connection.
|
|
SSL_shutdown(3) can be used to shut down the
|
|
\&\s-1TLS/SSL\s0 connection.
|
|
.SH "DATA STRUCTURES"
|
|
.IX Header "DATA STRUCTURES"
|
|
Currently the OpenSSL \fBssl\fR library functions deals with the following data
|
|
structures:
|
|
.Ip "\fB\s-1SSL_METHOD\s0\fR (\s-1SSL\s0 Method)" 4
|
|
.IX Item "SSL_METHOD (SSL Method)"
|
|
That's a dispatch structure describing the internal \fBssl\fR library
|
|
methods/functions which implement the various protocol versions (SSLv1, SSLv2
|
|
and TLSv1). It's needed to create an \fB\s-1SSL_CTX\s0\fR.
|
|
.Ip "\fB\s-1SSL_CIPHER\s0\fR (\s-1SSL\s0 Cipher)" 4
|
|
.IX Item "SSL_CIPHER (SSL Cipher)"
|
|
This structure holds the algorithm information for a particular cipher which
|
|
are a core part of the \s-1SSL/TLS\s0 protocol. The available ciphers are configured
|
|
on a \fB\s-1SSL_CTX\s0\fR basis and the actually used ones are then part of the
|
|
\&\fB\s-1SSL_SESSION\s0\fR.
|
|
.Ip "\fB\s-1SSL_CTX\s0\fR (\s-1SSL\s0 Context)" 4
|
|
.IX Item "SSL_CTX (SSL Context)"
|
|
That's the global context structure which is created by a server or client
|
|
once per program life-time and which holds mainly default values for the
|
|
\&\fB\s-1SSL\s0\fR structures which are later created for the connections.
|
|
.Ip "\fB\s-1SSL_SESSION\s0\fR (\s-1SSL\s0 Session)" 4
|
|
.IX Item "SSL_SESSION (SSL Session)"
|
|
This is a structure containing the current \s-1TLS/SSL\s0 session details for a
|
|
connection: \fB\s-1SSL_CIPHER\s0\fRs, client and server certificates, keys, etc.
|
|
.Ip "\fB\s-1SSL\s0\fR (\s-1SSL\s0 Connection)" 4
|
|
.IX Item "SSL (SSL Connection)"
|
|
That's the main \s-1SSL/TLS\s0 structure which is created by a server or client per
|
|
established connection. This actually is the core structure in the \s-1SSL\s0 \s-1API\s0.
|
|
Under run-time the application usually deals with this structure which has
|
|
links to mostly all other structures.
|
|
.SH "HEADER FILES"
|
|
.IX Header "HEADER FILES"
|
|
Currently the OpenSSL \fBssl\fR library provides the following C header files
|
|
containing the prototypes for the data structures and and functions:
|
|
.Ip "\fBssl.h\fR" 4
|
|
.IX Item "ssl.h"
|
|
That's the common header file for the \s-1SSL/TLS\s0 \s-1API\s0. Include it into your
|
|
program to make the \s-1API\s0 of the \fBssl\fR library available. It internally
|
|
includes both more private \s-1SSL\s0 headers and headers from the \fBcrypto\fR library.
|
|
Whenever you need hard-core details on the internals of the \s-1SSL\s0 \s-1API\s0, look
|
|
inside this header file.
|
|
.Ip "\fBssl2.h\fR" 4
|
|
.IX Item "ssl2.h"
|
|
That's the sub header file dealing with the SSLv2 protocol only.
|
|
\&\fIUsually you don't have to include it explicitly because
|
|
it's already included by ssl.h\fR.
|
|
.Ip "\fBssl3.h\fR" 4
|
|
.IX Item "ssl3.h"
|
|
That's the sub header file dealing with the SSLv3 protocol only.
|
|
\&\fIUsually you don't have to include it explicitly because
|
|
it's already included by ssl.h\fR.
|
|
.Ip "\fBssl23.h\fR" 4
|
|
.IX Item "ssl23.h"
|
|
That's the sub header file dealing with the combined use of the SSLv2 and
|
|
SSLv3 protocols.
|
|
\&\fIUsually you don't have to include it explicitly because
|
|
it's already included by ssl.h\fR.
|
|
.Ip "\fBtls1.h\fR" 4
|
|
.IX Item "tls1.h"
|
|
That's the sub header file dealing with the TLSv1 protocol only.
|
|
\&\fIUsually you don't have to include it explicitly because
|
|
it's already included by ssl.h\fR.
|
|
.SH "API FUNCTIONS"
|
|
.IX Header "API FUNCTIONS"
|
|
Currently the OpenSSL \fBssl\fR library exports 214 \s-1API\s0 functions.
|
|
They are documented in the following:
|
|
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1METHODS\s0"
|
|
.IX Subsection "DEALING WITH PROTOCOL METHODS"
|
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
|
protocol methods defined in \fB\s-1SSL_METHOD\s0\fR structures.
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv2_client_method\fR(void);" 4
|
|
.IX Item "SSL_METHOD *SSLv2_client_method(void);"
|
|
Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for a dedicated client.
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv2_server_method\fR(void);" 4
|
|
.IX Item "SSL_METHOD *SSLv2_server_method(void);"
|
|
Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for a dedicated server.
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv2_method\fR(void);" 4
|
|
.IX Item "SSL_METHOD *SSLv2_method(void);"
|
|
Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for combined client and server.
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv3_client_method\fR(void);" 4
|
|
.IX Item "SSL_METHOD *SSLv3_client_method(void);"
|
|
Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for a dedicated client.
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv3_server_method\fR(void);" 4
|
|
.IX Item "SSL_METHOD *SSLv3_server_method(void);"
|
|
Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for a dedicated server.
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBSSLv3_method\fR(void);" 4
|
|
.IX Item "SSL_METHOD *SSLv3_method(void);"
|
|
Constructor for the SSLv3 \s-1SSL_METHOD\s0 structure for combined client and server.
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBTLSv1_client_method\fR(void);" 4
|
|
.IX Item "SSL_METHOD *TLSv1_client_method(void);"
|
|
Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated client.
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBTLSv1_server_method\fR(void);" 4
|
|
.IX Item "SSL_METHOD *TLSv1_server_method(void);"
|
|
Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated server.
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBTLSv1_method\fR(void);" 4
|
|
.IX Item "SSL_METHOD *TLSv1_method(void);"
|
|
Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for combined client and server.
|
|
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1CIPHERS\s0"
|
|
.IX Subsection "DEALING WITH CIPHERS"
|
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
|
ciphers defined in \fB\s-1SSL_CIPHER\s0\fR structures.
|
|
.Ip "char *\fBSSL_CIPHER_description\fR(\s-1SSL_CIPHER\s0 *cipher, char *buf, int len);" 4
|
|
.IX Item "char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len);"
|
|
Write a string to \fIbuf\fR (with a maximum size of \fIlen\fR) containing a human
|
|
readable description of \fIcipher\fR. Returns \fIbuf\fR.
|
|
.Ip "int \fBSSL_CIPHER_get_bits\fR(\s-1SSL_CIPHER\s0 *cipher, int *alg_bits);" 4
|
|
.IX Item "int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);"
|
|
Determine the number of bits in \fIcipher\fR. Because of export crippled ciphers
|
|
there are two bits: The bits the algorithm supports in general (stored to
|
|
\&\fIalg_bits\fR) and the bits which are actually used (the return value).
|
|
.Ip "const char *\fBSSL_CIPHER_get_name\fR(\s-1SSL_CIPHER\s0 *cipher);" 4
|
|
.IX Item "const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);"
|
|
Return the internal name of \fIcipher\fR as a string. These are the various
|
|
strings defined by the \fISSL2_TXT_xxx\fR, \fISSL3_TXT_xxx\fR and \fITLS1_TXT_xxx\fR
|
|
definitions in the header files.
|
|
.Ip "char *\fBSSL_CIPHER_get_version\fR(\s-1SSL_CIPHER\s0 *cipher);" 4
|
|
.IX Item "char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);"
|
|
Returns a string like "\f(CW\*(C`TLSv1/SSLv3\*(C'\fR\*(L" or \*(R"\f(CW\*(C`SSLv2\*(C'\fR" which indicates the
|
|
\&\s-1SSL/TLS\s0 protocol version to which \fIcipher\fR belongs (i.e. where it was defined
|
|
in the specification the first time).
|
|
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1CONTEXTS\s0"
|
|
.IX Subsection "DEALING WITH PROTOCOL CONTEXTS"
|
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
|
protocol context defined in the \fB\s-1SSL_CTX\s0\fR structure.
|
|
.Ip "int \fBSSL_CTX_add_client_CA\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4
|
|
.IX Item "int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);"
|
|
.Ip "long \fBSSL_CTX_add_extra_chain_cert\fR(\s-1SSL_CTX\s0 *ctx, X509 *x509);" 4
|
|
.IX Item "long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);"
|
|
.Ip "int \fBSSL_CTX_add_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);" 4
|
|
.IX Item "int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);"
|
|
.Ip "int \fBSSL_CTX_check_private_key\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_check_private_key(SSL_CTX *ctx);"
|
|
.Ip "long \fBSSL_CTX_ctrl\fR(\s-1SSL_CTX\s0 *ctx, int cmd, long larg, char *parg);" 4
|
|
.IX Item "long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg);"
|
|
.Ip "void \fBSSL_CTX_flush_sessions\fR(\s-1SSL_CTX\s0 *s, long t);" 4
|
|
.IX Item "void SSL_CTX_flush_sessions(SSL_CTX *s, long t);"
|
|
.Ip "void \fBSSL_CTX_free\fR(\s-1SSL_CTX\s0 *a);" 4
|
|
.IX Item "void SSL_CTX_free(SSL_CTX *a);"
|
|
.Ip "char *\fBSSL_CTX_get_app_data\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "char *SSL_CTX_get_app_data(SSL_CTX *ctx);"
|
|
.Ip "X509_STORE *\fBSSL_CTX_get_cert_store\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);"
|
|
.Ip "\s-1STACK\s0 *\fBSSL_CTX_get_client_CA_list\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "STACK *SSL_CTX_get_client_CA_list(SSL_CTX *ctx);"
|
|
.Ip "int (*\fBSSL_CTX_get_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey);" 4
|
|
.IX Item "int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);"
|
|
.Ip "char *\fBSSL_CTX_get_ex_data\fR(\s-1SSL_CTX\s0 *s, int idx);" 4
|
|
.IX Item "char *SSL_CTX_get_ex_data(SSL_CTX *s, int idx);"
|
|
.Ip "int \fBSSL_CTX_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4
|
|
.IX Item "int SSL_CTX_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))"
|
|
.Ip "void (*\fBSSL_CTX_get_info_callback\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, int cb, int ret);" 4
|
|
.IX Item "void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);"
|
|
.Ip "int \fBSSL_CTX_get_quiet_shutdown\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_get_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_get_session_cache_mode(SSL_CTX *ctx);"
|
|
.Ip "long \fBSSL_CTX_get_timeout\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "long SSL_CTX_get_timeout(SSL_CTX *ctx);"
|
|
.Ip "int (*\fBSSL_CTX_get_verify_callback\fR(\s-1SSL_CTX\s0 *ctx))(int ok, X509_STORE_CTX *ctx);" 4
|
|
.IX Item "int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_get_verify_mode\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_get_verify_mode(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_load_verify_locations\fR(\s-1SSL_CTX\s0 *ctx, char *CAfile, char *CApath);" 4
|
|
.IX Item "int SSL_CTX_load_verify_locations(SSL_CTX *ctx, char *CAfile, char *CApath);"
|
|
.Ip "long \fBSSL_CTX_need_tmp_RSA\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "long SSL_CTX_need_tmp_RSA(SSL_CTX *ctx);"
|
|
.Ip "\s-1SSL_CTX\s0 *\fBSSL_CTX_new\fR(\s-1SSL_METHOD\s0 *meth);" 4
|
|
.IX Item "SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);"
|
|
.Ip "int \fBSSL_CTX_remove_session\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *c);" 4
|
|
.IX Item "int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);"
|
|
.Ip "int \fBSSL_CTX_sess_accept\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_accept(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_accept_good\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_accept_good(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_accept_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_cache_full\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_cache_full(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_cb_hits\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_cb_hits(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_connect\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_connect(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_connect_good\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_connect_good(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_connect_renegotiate\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_get_cache_size\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);"
|
|
.Ip "\s-1SSL_SESSION\s0 *(*\fBSSL_CTX_sess_get_get_cb\fR(\s-1SSL_CTX\s0 *ctx))(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy);" 4
|
|
.IX Item "SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy);"
|
|
.Ip "int (*\fBSSL_CTX_sess_get_new_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess);" 4
|
|
.IX Item "int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess);"
|
|
.Ip "void (*\fBSSL_CTX_sess_get_remove_cb\fR(\s-1SSL_CTX\s0 *ctx)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess);" 4
|
|
.IX Item "void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess);"
|
|
.Ip "int \fBSSL_CTX_sess_hits\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_hits(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_misses\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_misses(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_sess_number\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_number(SSL_CTX *ctx);"
|
|
.Ip "void \fBSSL_CTX_sess_set_cache_size\fR(\s-1SSL_CTX\s0 *ctx,t);" 4
|
|
.IX Item "void SSL_CTX_sess_set_cache_size(SSL_CTX *ctx,t);"
|
|
.Ip "void \fBSSL_CTX_sess_set_get_cb\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *(*cb)(\s-1SSL\s0 *ssl, unsigned char *data, int len, int *copy));" 4
|
|
.IX Item "void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));"
|
|
.Ip "void \fBSSL_CTX_sess_set_new_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *sess));" 4
|
|
.IX Item "void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess));"
|
|
.Ip "void \fBSSL_CTX_sess_set_remove_cb\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL_CTX\s0 *ctx, \s-1SSL_SESSION\s0 *sess));" 4
|
|
.IX Item "void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess));"
|
|
.Ip "int \fBSSL_CTX_sess_timeouts\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_sess_timeouts(SSL_CTX *ctx);"
|
|
.Ip "\s-1LHASH\s0 *\fBSSL_CTX_sessions\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "LHASH *SSL_CTX_sessions(SSL_CTX *ctx);"
|
|
.Ip "void \fBSSL_CTX_set_app_data\fR(\s-1SSL_CTX\s0 *ctx, void *arg);" 4
|
|
.IX Item "void SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg);"
|
|
.Ip "void \fBSSL_CTX_set_cert_store\fR(\s-1SSL_CTX\s0 *ctx, X509_STORE *cs);" 4
|
|
.IX Item "void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *cs);"
|
|
.Ip "void \fBSSL_CTX_set_cert_verify_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL_CTX\s0 *), char *arg)" 4
|
|
.IX Item "void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(SSL_CTX *), char *arg)"
|
|
.Ip "int \fBSSL_CTX_set_cipher_list\fR(\s-1SSL_CTX\s0 *ctx, char *str);" 4
|
|
.IX Item "int SSL_CTX_set_cipher_list(SSL_CTX *ctx, char *str);"
|
|
.Ip "void \fBSSL_CTX_set_client_CA_list\fR(\s-1SSL_CTX\s0 *ctx, \s-1STACK\s0 *list);" 4
|
|
.IX Item "void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);"
|
|
.Ip "void \fBSSL_CTX_set_client_cert_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb)(\s-1SSL\s0 *ssl, X509 **x509, \s-1EVP_PKEY\s0 **pkey));" 4
|
|
.IX Item "void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));"
|
|
.Ip "void \fBSSL_CTX_set_default_passwd_cb\fR(\s-1SSL_CTX\s0 *ctx, int (*cb);(void))" 4
|
|
.IX Item "void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, int (*cb);(void))"
|
|
.Ip "void \fBSSL_CTX_set_default_read_ahead\fR(\s-1SSL_CTX\s0 *ctx, int m);" 4
|
|
.IX Item "void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m);"
|
|
.Ip "int \fBSSL_CTX_set_default_verify_paths\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);"
|
|
.Ip "int \fBSSL_CTX_set_ex_data\fR(\s-1SSL_CTX\s0 *s, int idx, char *arg);" 4
|
|
.IX Item "int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg);"
|
|
.Ip "void \fBSSL_CTX_set_info_callback\fR(\s-1SSL_CTX\s0 *ctx, void (*cb)(\s-1SSL\s0 *ssl, int cb, int ret));" 4
|
|
.IX Item "void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret));"
|
|
.Ip "void \fBSSL_CTX_set_options\fR(\s-1SSL_CTX\s0 *ctx, unsigned long op);" 4
|
|
.IX Item "void SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);"
|
|
.Ip "void \fBSSL_CTX_set_quiet_shutdown\fR(\s-1SSL_CTX\s0 *ctx, int mode);" 4
|
|
.IX Item "void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);"
|
|
.Ip "void \fBSSL_CTX_set_session_cache_mode\fR(\s-1SSL_CTX\s0 *ctx, int mode);" 4
|
|
.IX Item "void SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode);"
|
|
.Ip "int \fBSSL_CTX_set_ssl_version\fR(\s-1SSL_CTX\s0 *ctx, \s-1SSL_METHOD\s0 *meth);" 4
|
|
.IX Item "int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *meth);"
|
|
.Ip "void \fBSSL_CTX_set_timeout\fR(\s-1SSL_CTX\s0 *ctx, long t);" 4
|
|
.IX Item "void SSL_CTX_set_timeout(SSL_CTX *ctx, long t);"
|
|
.Ip "long \fBSSL_CTX_set_tmp_dh\fR(SSL_CTX* ctx, \s-1DH\s0 *dh);" 4
|
|
.IX Item "long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH *dh);"
|
|
.Ip "long \fBSSL_CTX_set_tmp_dh_callback\fR(\s-1SSL_CTX\s0 *ctx, \s-1DH\s0 *(*cb)(void));" 4
|
|
.IX Item "long SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*cb)(void));"
|
|
.Ip "long \fBSSL_CTX_set_tmp_rsa\fR(\s-1SSL_CTX\s0 *ctx, \s-1RSA\s0 *rsa);" 4
|
|
.IX Item "long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa);"
|
|
.Ip "SSL_CTX_set_tmp_rsa_callback" 4
|
|
.IX Item "SSL_CTX_set_tmp_rsa_callback"
|
|
\&\f(CW\*(C`long \f(CBSSL_CTX_set_tmp_rsa_callback\f(CW(SSL_CTX *\f(CBctx\f(CW, RSA *(*\f(CBcb\f(CW)(SSL *\f(CBssl\f(CW, int \f(CBexport\f(CW, int \f(CBkeylength\f(CW));\*(C'\fR
|
|
.Sp
|
|
Sets the callback which will be called when a temporary private key is
|
|
required. The \fB\f(CB\*(C`export\*(C'\fB\fR flag will be set if the reason for needing
|
|
a temp key is that an export ciphersuite is in use, in which case,
|
|
\&\fB\f(CB\*(C`keylength\*(C'\fB\fR will contain the required keylength in bits. Generate a key of
|
|
appropriate size (using ???) and return it.
|
|
.Ip "SSL_set_tmp_rsa_callback" 4
|
|
.IX Item "SSL_set_tmp_rsa_callback"
|
|
long \fBSSL_set_tmp_rsa_callback\fR(\s-1SSL\s0 *ssl, \s-1RSA\s0 *(*cb)(\s-1SSL\s0 *ssl, int export, int keylength));
|
|
.Sp
|
|
The same as the section on "SSL_CTX_set_tmp_rsa_callback", except it operates on an \s-1SSL\s0
|
|
session instead of a context.
|
|
.Ip "void \fBSSL_CTX_set_verify\fR(\s-1SSL_CTX\s0 *ctx, int mode, int (*cb);(void))" 4
|
|
.IX Item "void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb);(void))"
|
|
.Ip "int \fBSSL_CTX_use_PrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1EVP_PKEY\s0 *pkey);" 4
|
|
.IX Item "int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);"
|
|
.Ip "int \fBSSL_CTX_use_PrivateKey_ASN1\fR(int type, \s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);" 4
|
|
.IX Item "int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d, long len);"
|
|
.Ip "int \fBSSL_CTX_use_PrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4
|
|
.IX Item "int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);"
|
|
.Ip "int \fBSSL_CTX_use_RSAPrivateKey\fR(\s-1SSL_CTX\s0 *ctx, \s-1RSA\s0 *rsa);" 4
|
|
.IX Item "int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);"
|
|
.Ip "int \fBSSL_CTX_use_RSAPrivateKey_ASN1\fR(\s-1SSL_CTX\s0 *ctx, unsigned char *d, long len);" 4
|
|
.IX Item "int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);"
|
|
.Ip "int \fBSSL_CTX_use_RSAPrivateKey_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4
|
|
.IX Item "int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);"
|
|
.Ip "int \fBSSL_CTX_use_certificate\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4
|
|
.IX Item "int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);"
|
|
.Ip "int \fBSSL_CTX_use_certificate_ASN1\fR(\s-1SSL_CTX\s0 *ctx, int len, unsigned char *d);" 4
|
|
.IX Item "int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);"
|
|
.Ip "int \fBSSL_CTX_use_certificate_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4
|
|
.IX Item "int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);"
|
|
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1SESSIONS\s0"
|
|
.IX Subsection "DEALING WITH SESSIONS"
|
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
|
sessions defined in the \fB\s-1SSL_SESSION\s0\fR structures.
|
|
.Ip "int \fBSSL_SESSION_cmp\fR(\s-1SSL_SESSION\s0 *a, \s-1SSL_SESSION\s0 *b);" 4
|
|
.IX Item "int SSL_SESSION_cmp(SSL_SESSION *a, SSL_SESSION *b);"
|
|
.Ip "void \fBSSL_SESSION_free\fR(\s-1SSL_SESSION\s0 *ss);" 4
|
|
.IX Item "void SSL_SESSION_free(SSL_SESSION *ss);"
|
|
.Ip "char *\fBSSL_SESSION_get_app_data\fR(\s-1SSL_SESSION\s0 *s);" 4
|
|
.IX Item "char *SSL_SESSION_get_app_data(SSL_SESSION *s);"
|
|
.Ip "char *\fBSSL_SESSION_get_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx);" 4
|
|
.IX Item "char *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx);"
|
|
.Ip "int \fBSSL_SESSION_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4
|
|
.IX Item "int SSL_SESSION_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))"
|
|
.Ip "long \fBSSL_SESSION_get_time\fR(\s-1SSL_SESSION\s0 *s);" 4
|
|
.IX Item "long SSL_SESSION_get_time(SSL_SESSION *s);"
|
|
.Ip "long \fBSSL_SESSION_get_timeout\fR(\s-1SSL_SESSION\s0 *s);" 4
|
|
.IX Item "long SSL_SESSION_get_timeout(SSL_SESSION *s);"
|
|
.Ip "unsigned long \fBSSL_SESSION_hash\fR(\s-1SSL_SESSION\s0 *a);" 4
|
|
.IX Item "unsigned long SSL_SESSION_hash(SSL_SESSION *a);"
|
|
.Ip "\s-1SSL_SESSION\s0 *\fBSSL_SESSION_new\fR(void);" 4
|
|
.IX Item "SSL_SESSION *SSL_SESSION_new(void);"
|
|
.Ip "int \fBSSL_SESSION_print\fR(\s-1BIO\s0 *bp, \s-1SSL_SESSION\s0 *x);" 4
|
|
.IX Item "int SSL_SESSION_print(BIO *bp, SSL_SESSION *x);"
|
|
.Ip "int \fBSSL_SESSION_print_fp\fR(\s-1FILE\s0 *fp, \s-1SSL_SESSION\s0 *x);" 4
|
|
.IX Item "int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x);"
|
|
.Ip "void \fBSSL_SESSION_set_app_data\fR(\s-1SSL_SESSION\s0 *s, char *a);" 4
|
|
.IX Item "void SSL_SESSION_set_app_data(SSL_SESSION *s, char *a);"
|
|
.Ip "int \fBSSL_SESSION_set_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx, char *arg);" 4
|
|
.IX Item "int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, char *arg);"
|
|
.Ip "long \fBSSL_SESSION_set_time\fR(\s-1SSL_SESSION\s0 *s, long t);" 4
|
|
.IX Item "long SSL_SESSION_set_time(SSL_SESSION *s, long t);"
|
|
.Ip "long \fBSSL_SESSION_set_timeout\fR(\s-1SSL_SESSION\s0 *s, long t);" 4
|
|
.IX Item "long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);"
|
|
.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1CONNECTIONS\s0"
|
|
.IX Subsection "DEALING WITH CONNECTIONS"
|
|
Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0
|
|
connection defined in the \fB\s-1SSL\s0\fR structure.
|
|
.Ip "int \fBSSL_accept\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_accept(SSL *ssl);"
|
|
.Ip "int \fBSSL_add_dir_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *dir);" 4
|
|
.IX Item "int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir);"
|
|
.Ip "int \fBSSL_add_file_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *file);" 4
|
|
.IX Item "int SSL_add_file_cert_subjects_to_stack(STACK *stack, const char *file);"
|
|
.Ip "int \fBSSL_add_client_CA\fR(\s-1SSL\s0 *ssl, X509 *x);" 4
|
|
.IX Item "int SSL_add_client_CA(SSL *ssl, X509 *x);"
|
|
.Ip "char *\fBSSL_alert_desc_string\fR(int value);" 4
|
|
.IX Item "char *SSL_alert_desc_string(int value);"
|
|
.Ip "char *\fBSSL_alert_desc_string_long\fR(int value);" 4
|
|
.IX Item "char *SSL_alert_desc_string_long(int value);"
|
|
.Ip "char *\fBSSL_alert_type_string\fR(int value);" 4
|
|
.IX Item "char *SSL_alert_type_string(int value);"
|
|
.Ip "char *\fBSSL_alert_type_string_long\fR(int value);" 4
|
|
.IX Item "char *SSL_alert_type_string_long(int value);"
|
|
.Ip "int \fBSSL_check_private_key\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_check_private_key(SSL *ssl);"
|
|
.Ip "void \fBSSL_clear\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "void SSL_clear(SSL *ssl);"
|
|
.Ip "long \fBSSL_clear_num_renegotiations\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "long SSL_clear_num_renegotiations(SSL *ssl);"
|
|
.Ip "int \fBSSL_connect\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_connect(SSL *ssl);"
|
|
.Ip "void \fBSSL_copy_session_id\fR(\s-1SSL\s0 *t, \s-1SSL\s0 *f);" 4
|
|
.IX Item "void SSL_copy_session_id(SSL *t, SSL *f);"
|
|
.Ip "long \fBSSL_ctrl\fR(\s-1SSL\s0 *ssl, int cmd, long larg, char *parg);" 4
|
|
.IX Item "long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg);"
|
|
.Ip "int \fBSSL_do_handshake\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_do_handshake(SSL *ssl);"
|
|
.Ip "\s-1SSL\s0 *\fBSSL_dup\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "SSL *SSL_dup(SSL *ssl);"
|
|
.Ip "\s-1STACK\s0 *\fBSSL_dup_CA_list\fR(\s-1STACK\s0 *sk);" 4
|
|
.IX Item "STACK *SSL_dup_CA_list(STACK *sk);"
|
|
.Ip "void \fBSSL_free\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "void SSL_free(SSL *ssl);"
|
|
.Ip "\s-1SSL_CTX\s0 *\fBSSL_get_SSL_CTX\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);"
|
|
.Ip "char *\fBSSL_get_app_data\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "char *SSL_get_app_data(SSL *ssl);"
|
|
.Ip "X509 *\fBSSL_get_certificate\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "X509 *SSL_get_certificate(SSL *ssl);"
|
|
.Ip "const char *\fBSSL_get_cipher\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "const char *SSL_get_cipher(SSL *ssl);"
|
|
.Ip "int \fBSSL_get_cipher_bits\fR(\s-1SSL\s0 *ssl, int *alg_bits);" 4
|
|
.IX Item "int SSL_get_cipher_bits(SSL *ssl, int *alg_bits);"
|
|
.Ip "char *\fBSSL_get_cipher_list\fR(\s-1SSL\s0 *ssl, int n);" 4
|
|
.IX Item "char *SSL_get_cipher_list(SSL *ssl, int n);"
|
|
.Ip "char *\fBSSL_get_cipher_name\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "char *SSL_get_cipher_name(SSL *ssl);"
|
|
.Ip "char *\fBSSL_get_cipher_version\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "char *SSL_get_cipher_version(SSL *ssl);"
|
|
.Ip "\s-1STACK\s0 *\fBSSL_get_ciphers\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "STACK *SSL_get_ciphers(SSL *ssl);"
|
|
.Ip "\s-1STACK\s0 *\fBSSL_get_client_CA_list\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "STACK *SSL_get_client_CA_list(SSL *ssl);"
|
|
.Ip "\s-1SSL_CIPHER\s0 *\fBSSL_get_current_cipher\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);"
|
|
.Ip "long \fBSSL_get_default_timeout\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "long SSL_get_default_timeout(SSL *ssl);"
|
|
.Ip "int \fBSSL_get_error\fR(\s-1SSL\s0 *ssl, int i);" 4
|
|
.IX Item "int SSL_get_error(SSL *ssl, int i);"
|
|
.Ip "char *\fBSSL_get_ex_data\fR(\s-1SSL\s0 *ssl, int idx);" 4
|
|
.IX Item "char *SSL_get_ex_data(SSL *ssl, int idx);"
|
|
.Ip "int \fBSSL_get_ex_data_X509_STORE_CTX_idx\fR(void);" 4
|
|
.IX Item "int SSL_get_ex_data_X509_STORE_CTX_idx(void);"
|
|
.Ip "int \fBSSL_get_ex_new_index\fR(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))" 4
|
|
.IX Item "int SSL_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))"
|
|
.Ip "int \fBSSL_get_fd\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_get_fd(SSL *ssl);"
|
|
.Ip "void (*\fBSSL_get_info_callback\fR(\s-1SSL\s0 *ssl);)(void)" 4
|
|
.IX Item "void (*SSL_get_info_callback(SSL *ssl);)(void)"
|
|
.Ip "\s-1STACK\s0 *\fBSSL_get_peer_cert_chain\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "STACK *SSL_get_peer_cert_chain(SSL *ssl);"
|
|
.Ip "X509 *\fBSSL_get_peer_certificate\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "X509 *SSL_get_peer_certificate(SSL *ssl);"
|
|
.Ip "\s-1EVP_PKEY\s0 *\fBSSL_get_privatekey\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "EVP_PKEY *SSL_get_privatekey(SSL *ssl);"
|
|
.Ip "int \fBSSL_get_quiet_shutdown\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_get_quiet_shutdown(SSL *ssl);"
|
|
.Ip "\s-1BIO\s0 *\fBSSL_get_rbio\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "BIO *SSL_get_rbio(SSL *ssl);"
|
|
.Ip "int \fBSSL_get_read_ahead\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_get_read_ahead(SSL *ssl);"
|
|
.Ip "\s-1SSL_SESSION\s0 *\fBSSL_get_session\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "SSL_SESSION *SSL_get_session(SSL *ssl);"
|
|
.Ip "char *\fBSSL_get_shared_ciphers\fR(\s-1SSL\s0 *ssl, char *buf, int len);" 4
|
|
.IX Item "char *SSL_get_shared_ciphers(SSL *ssl, char *buf, int len);"
|
|
.Ip "int \fBSSL_get_shutdown\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_get_shutdown(SSL *ssl);"
|
|
.Ip "\s-1SSL_METHOD\s0 *\fBSSL_get_ssl_method\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "SSL_METHOD *SSL_get_ssl_method(SSL *ssl);"
|
|
.Ip "int \fBSSL_get_state\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_get_state(SSL *ssl);"
|
|
.Ip "long \fBSSL_get_time\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "long SSL_get_time(SSL *ssl);"
|
|
.Ip "long \fBSSL_get_timeout\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "long SSL_get_timeout(SSL *ssl);"
|
|
.Ip "int (*\fBSSL_get_verify_callback\fR(\s-1SSL\s0 *ssl);)(void)" 4
|
|
.IX Item "int (*SSL_get_verify_callback(SSL *ssl);)(void)"
|
|
.Ip "int \fBSSL_get_verify_mode\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_get_verify_mode(SSL *ssl);"
|
|
.Ip "long \fBSSL_get_verify_result\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "long SSL_get_verify_result(SSL *ssl);"
|
|
.Ip "char *\fBSSL_get_version\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "char *SSL_get_version(SSL *ssl);"
|
|
.Ip "\s-1BIO\s0 *\fBSSL_get_wbio\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "BIO *SSL_get_wbio(SSL *ssl);"
|
|
.Ip "int \fBSSL_in_accept_init\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_in_accept_init(SSL *ssl);"
|
|
.Ip "int \fBSSL_in_before\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_in_before(SSL *ssl);"
|
|
.Ip "int \fBSSL_in_connect_init\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_in_connect_init(SSL *ssl);"
|
|
.Ip "int \fBSSL_in_init\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_in_init(SSL *ssl);"
|
|
.Ip "int \fBSSL_is_init_finished\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_is_init_finished(SSL *ssl);"
|
|
.Ip "\s-1STACK\s0 *\fBSSL_load_client_CA_file\fR(char *file);" 4
|
|
.IX Item "STACK *SSL_load_client_CA_file(char *file);"
|
|
.Ip "void \fBSSL_load_error_strings\fR(void);" 4
|
|
.IX Item "void SSL_load_error_strings(void);"
|
|
.Ip "\s-1SSL\s0 *\fBSSL_new\fR(\s-1SSL_CTX\s0 *ctx);" 4
|
|
.IX Item "SSL *SSL_new(SSL_CTX *ctx);"
|
|
.Ip "long \fBSSL_num_renegotiations\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "long SSL_num_renegotiations(SSL *ssl);"
|
|
.Ip "int \fBSSL_peek\fR(\s-1SSL\s0 *ssl, void *buf, int num);" 4
|
|
.IX Item "int SSL_peek(SSL *ssl, void *buf, int num);"
|
|
.Ip "int \fBSSL_pending\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_pending(SSL *ssl);"
|
|
.Ip "int \fBSSL_read\fR(\s-1SSL\s0 *ssl, void *buf, int num);" 4
|
|
.IX Item "int SSL_read(SSL *ssl, void *buf, int num);"
|
|
.Ip "int \fBSSL_renegotiate\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_renegotiate(SSL *ssl);"
|
|
.Ip "char *\fBSSL_rstate_string\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "char *SSL_rstate_string(SSL *ssl);"
|
|
.Ip "char *\fBSSL_rstate_string_long\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "char *SSL_rstate_string_long(SSL *ssl);"
|
|
.Ip "long \fBSSL_session_reused\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "long SSL_session_reused(SSL *ssl);"
|
|
.Ip "void \fBSSL_set_accept_state\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "void SSL_set_accept_state(SSL *ssl);"
|
|
.Ip "void \fBSSL_set_app_data\fR(\s-1SSL\s0 *ssl, char *arg);" 4
|
|
.IX Item "void SSL_set_app_data(SSL *ssl, char *arg);"
|
|
.Ip "void \fBSSL_set_bio\fR(\s-1SSL\s0 *ssl, \s-1BIO\s0 *rbio, \s-1BIO\s0 *wbio);" 4
|
|
.IX Item "void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);"
|
|
.Ip "int \fBSSL_set_cipher_list\fR(\s-1SSL\s0 *ssl, char *str);" 4
|
|
.IX Item "int SSL_set_cipher_list(SSL *ssl, char *str);"
|
|
.Ip "void \fBSSL_set_client_CA_list\fR(\s-1SSL\s0 *ssl, \s-1STACK\s0 *list);" 4
|
|
.IX Item "void SSL_set_client_CA_list(SSL *ssl, STACK *list);"
|
|
.Ip "void \fBSSL_set_connect_state\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "void SSL_set_connect_state(SSL *ssl);"
|
|
.Ip "int \fBSSL_set_ex_data\fR(\s-1SSL\s0 *ssl, int idx, char *arg);" 4
|
|
.IX Item "int SSL_set_ex_data(SSL *ssl, int idx, char *arg);"
|
|
.Ip "int \fBSSL_set_fd\fR(\s-1SSL\s0 *ssl, int fd);" 4
|
|
.IX Item "int SSL_set_fd(SSL *ssl, int fd);"
|
|
.Ip "void \fBSSL_set_info_callback\fR(\s-1SSL\s0 *ssl, void (*cb);(void))" 4
|
|
.IX Item "void SSL_set_info_callback(SSL *ssl, void (*cb);(void))"
|
|
.Ip "void \fBSSL_set_options\fR(\s-1SSL\s0 *ssl, unsigned long op);" 4
|
|
.IX Item "void SSL_set_options(SSL *ssl, unsigned long op);"
|
|
.Ip "void \fBSSL_set_quiet_shutdown\fR(\s-1SSL\s0 *ssl, int mode);" 4
|
|
.IX Item "void SSL_set_quiet_shutdown(SSL *ssl, int mode);"
|
|
.Ip "void \fBSSL_set_read_ahead\fR(\s-1SSL\s0 *ssl, int yes);" 4
|
|
.IX Item "void SSL_set_read_ahead(SSL *ssl, int yes);"
|
|
.Ip "int \fBSSL_set_rfd\fR(\s-1SSL\s0 *ssl, int fd);" 4
|
|
.IX Item "int SSL_set_rfd(SSL *ssl, int fd);"
|
|
.Ip "int \fBSSL_set_session\fR(\s-1SSL\s0 *ssl, \s-1SSL_SESSION\s0 *session);" 4
|
|
.IX Item "int SSL_set_session(SSL *ssl, SSL_SESSION *session);"
|
|
.Ip "void \fBSSL_set_shutdown\fR(\s-1SSL\s0 *ssl, int mode);" 4
|
|
.IX Item "void SSL_set_shutdown(SSL *ssl, int mode);"
|
|
.Ip "int \fBSSL_set_ssl_method\fR(\s-1SSL\s0 *ssl, \s-1SSL_METHOD\s0 *meth);" 4
|
|
.IX Item "int SSL_set_ssl_method(SSL *ssl, SSL_METHOD *meth);"
|
|
.Ip "void \fBSSL_set_time\fR(\s-1SSL\s0 *ssl, long t);" 4
|
|
.IX Item "void SSL_set_time(SSL *ssl, long t);"
|
|
.Ip "void \fBSSL_set_timeout\fR(\s-1SSL\s0 *ssl, long t);" 4
|
|
.IX Item "void SSL_set_timeout(SSL *ssl, long t);"
|
|
.Ip "void \fBSSL_set_verify\fR(\s-1SSL\s0 *ssl, int mode, int (*callback);(void))" 4
|
|
.IX Item "void SSL_set_verify(SSL *ssl, int mode, int (*callback);(void))"
|
|
.Ip "void \fBSSL_set_verify_result\fR(\s-1SSL\s0 *ssl, long arg);" 4
|
|
.IX Item "void SSL_set_verify_result(SSL *ssl, long arg);"
|
|
.Ip "int \fBSSL_set_wfd\fR(\s-1SSL\s0 *ssl, int fd);" 4
|
|
.IX Item "int SSL_set_wfd(SSL *ssl, int fd);"
|
|
.Ip "int \fBSSL_shutdown\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_shutdown(SSL *ssl);"
|
|
.Ip "int \fBSSL_state\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_state(SSL *ssl);"
|
|
.Ip "char *\fBSSL_state_string\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "char *SSL_state_string(SSL *ssl);"
|
|
.Ip "char *\fBSSL_state_string_long\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "char *SSL_state_string_long(SSL *ssl);"
|
|
.Ip "long \fBSSL_total_renegotiations\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "long SSL_total_renegotiations(SSL *ssl);"
|
|
.Ip "int \fBSSL_use_PrivateKey\fR(\s-1SSL\s0 *ssl, \s-1EVP_PKEY\s0 *pkey);" 4
|
|
.IX Item "int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);"
|
|
.Ip "int \fBSSL_use_PrivateKey_ASN1\fR(int type, \s-1SSL\s0 *ssl, unsigned char *d, long len);" 4
|
|
.IX Item "int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len);"
|
|
.Ip "int \fBSSL_use_PrivateKey_file\fR(\s-1SSL\s0 *ssl, char *file, int type);" 4
|
|
.IX Item "int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);"
|
|
.Ip "int \fBSSL_use_RSAPrivateKey\fR(\s-1SSL\s0 *ssl, \s-1RSA\s0 *rsa);" 4
|
|
.IX Item "int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);"
|
|
.Ip "int \fBSSL_use_RSAPrivateKey_ASN1\fR(\s-1SSL\s0 *ssl, unsigned char *d, long len);" 4
|
|
.IX Item "int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);"
|
|
.Ip "int \fBSSL_use_RSAPrivateKey_file\fR(\s-1SSL\s0 *ssl, char *file, int type);" 4
|
|
.IX Item "int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);"
|
|
.Ip "int \fBSSL_use_certificate\fR(\s-1SSL\s0 *ssl, X509 *x);" 4
|
|
.IX Item "int SSL_use_certificate(SSL *ssl, X509 *x);"
|
|
.Ip "int \fBSSL_use_certificate_ASN1\fR(\s-1SSL\s0 *ssl, int len, unsigned char *d);" 4
|
|
.IX Item "int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);"
|
|
.Ip "int \fBSSL_use_certificate_file\fR(\s-1SSL\s0 *ssl, char *file, int type);" 4
|
|
.IX Item "int SSL_use_certificate_file(SSL *ssl, char *file, int type);"
|
|
.Ip "int \fBSSL_version\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_version(SSL *ssl);"
|
|
.Ip "int \fBSSL_want\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_want(SSL *ssl);"
|
|
.Ip "int \fBSSL_want_nothing\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_want_nothing(SSL *ssl);"
|
|
.Ip "int \fBSSL_want_read\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_want_read(SSL *ssl);"
|
|
.Ip "int \fBSSL_want_write\fR(\s-1SSL\s0 *ssl);" 4
|
|
.IX Item "int SSL_want_write(SSL *ssl);"
|
|
.Ip "int \fBSSL_want_x509_lookup\fR(s);" 4
|
|
.IX Item "int SSL_want_x509_lookup(s);"
|
|
.Ip "int \fBSSL_write\fR(\s-1SSL\s0 *ssl, const void *buf, int num);" 4
|
|
.IX Item "int SSL_write(SSL *ssl, const void *buf, int num);"
|
|
.SH "SEE ALSO"
|
|
.IX Header "SEE ALSO"
|
|
openssl(1), crypto(3),
|
|
SSL_accept(3), SSL_clear(3),
|
|
SSL_connect(3),
|
|
SSL_CIPHER_get_name(3),
|
|
SSL_CTX_add_extra_chain_cert(3),
|
|
SSL_CTX_add_session(3),
|
|
SSL_CTX_flush_sessions(3),
|
|
SSL_CTX_get_ex_new_index(3),
|
|
SSL_CTX_get_verify_mode(3),
|
|
SSL_CTX_load_verify_locations(3)
|
|
SSL_CTX_new(3),
|
|
SSL_CTX_sess_number(3),
|
|
SSL_CTX_sess_set_cache_size(3),
|
|
SSL_CTX_sess_set_get_cb(3),
|
|
SSL_CTX_sessions(3),
|
|
SSL_CTX_set_client_CA_list(3),
|
|
SSL_CTX_set_default_passwd_cb(3),
|
|
SSL_CTX_set_mode(3),
|
|
SSL_CTX_set_options(3),
|
|
SSL_CTX_set_session_cache_mode(3),
|
|
SSL_CTX_set_session_id_context(3),
|
|
SSL_CTX_set_ssl_version(3),
|
|
SSL_CTX_set_timeout(3),
|
|
SSL_CTX_set_verify(3),
|
|
SSL_CTX_use_certificate(3),
|
|
SSL_get_ciphers(3),
|
|
SSL_get_client_CA_list(3),
|
|
SSL_get_error(3),
|
|
SSL_get_ex_data_X509_STORE_CTX_idx(3),
|
|
SSL_get_ex_new_index(3),
|
|
SSL_get_fd(3),
|
|
SSL_get_peer_cert_chain(3),
|
|
SSL_get_rbio(3),
|
|
SSL_get_session(3),
|
|
SSL_get_verify_result(3),
|
|
SSL_get_version(3),
|
|
SSL_library_init(3),
|
|
SSL_load_client_CA_file(3),
|
|
SSL_new(3),
|
|
SSL_read(3), SSL_set_bio(3),
|
|
SSL_set_connect_state(3),
|
|
SSL_set_fd(3), SSL_pending(3),
|
|
SSL_set_session(3),
|
|
SSL_set_shutdown(3),
|
|
SSL_shutdown(3), SSL_write(3),
|
|
SSL_SESSION_free(3),
|
|
SSL_SESSION_get_ex_new_index(3),
|
|
SSL_SESSION_get_time(3),
|
|
d2i_SSL_SESSION(3)
|
|
.SH "HISTORY"
|
|
.IX Header "HISTORY"
|
|
The ssl(3) document appeared in OpenSSL 0.9.2
|