1 2=pod 3 4=head1 NAME 5 6SSL - OpenSSL SSL/TLS library 7 8=head1 SYNOPSIS 9 10=head1 DESCRIPTION 11 12The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and 13Transport Layer Security (TLS v1) protocols. It provides a rich API which is 14documented here. 15 |
16At first the library must be initialized; see 17L<SSL_library_init(3)|SSL_library_init(3)>. |
18 |
19Then an B<SSL_CTX> object is created as a framework to establish 20TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>). 21Various options regarding certificates, algorithms etc. can be set 22in this object. |
23 |
24When a network connection has been created, it can be assigned to an 25B<SSL> object. After the B<SSL> object has been created using 26L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or 27L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network 28connection with the object. |
29 |
30Then the TLS/SSL handshake is performed using 31L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)> 32respectively. 33L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used 34to read and write data on the TLS/SSL connection. 35L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the 36TLS/SSL connection. |
37 |
38=head1 DATA STRUCTURES 39 40Currently the OpenSSL B<ssl> library functions deals with the following data 41structures: 42 43=over 4 44 45=item B<SSL_METHOD> (SSL Method) --- 24 unchanged lines hidden (view full) --- 70 71That's the main SSL/TLS structure which is created by a server or client per 72established connection. This actually is the core structure in the SSL API. 73Under run-time the application usually deals with this structure which has 74links to mostly all other structures. 75 76=back 77 |
78 79=head1 HEADER FILES 80 81Currently the OpenSSL B<ssl> library provides the following C header files 82containing the prototypes for the data structures and and functions: 83 84=over 4 85 86=item B<ssl.h> 87 88That's the common header file for the SSL/TLS API. Include it into your 89program to make the API of the B<ssl> library available. It internally 90includes both more private SSL headers and headers from the B<crypto> library. 91Whenever you need hard-core details on the internals of the SSL API, look 92inside this header file. 93 94=item B<ssl2.h> 95 96That's the sub header file dealing with the SSLv2 protocol only. 97I<Usually you don't have to include it explicitly because 98it's already included by ssl.h>. 99 100=item B<ssl3.h> 101 102That's the sub header file dealing with the SSLv3 protocol only. 103I<Usually you don't have to include it explicitly because 104it's already included by ssl.h>. 105 106=item B<ssl23.h> 107 108That's the sub header file dealing with the combined use of the SSLv2 and 109SSLv3 protocols. 110I<Usually you don't have to include it explicitly because 111it's already included by ssl.h>. 112 113=item B<tls1.h> 114 115That's the sub header file dealing with the TLSv1 protocol only. 116I<Usually you don't have to include it explicitly because 117it's already included by ssl.h>. 118 119=back 120 |
121=head1 API FUNCTIONS 122 123Currently the OpenSSL B<ssl> library exports 214 API functions. 124They are documented in the following: 125 126=head2 DEALING WITH PROTOCOL METHODS 127 128Here we document the various API functions which deal with the SSL/TLS --- 514 unchanged lines hidden (view full) --- 643=item int B<SSL_write>(SSL *ssl, char *buf, int num); 644 645=back 646 647=head1 SEE ALSO 648 649L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>, 650L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>, |
651L 652L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>, 653L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>, 654L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>, 655L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>, 656L<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>, 657L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>, 658L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 659L<SSL_CTX_new(3)|SSL_CTX_new(3)>, 660L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>, 661L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>, 662L<SSL_CTX_sessions(3)|SSL_CTX_sessions(3)>, 663L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>, 664L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>, 665L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, 666L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, 667L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>, |
668L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>, |
669L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, 670L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, 671L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, |
672L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, |
673L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, 674L<SSL_get_error(3)|SSL_get_error(3)>, 675L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>, 676L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>, 677L<SSL_get_fd(3)|SSL_get_fd(3)>, |
678L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>, 679L<SSL_get_rbio(3)|SSL_get_rbio(3)>, 680L<SSL_get_session(3)|SSL_get_session(3)>, 681L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, |
682L 683L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>, 684L<SSL_new(3)|SSL_new(3)>, |
685L<SSL_read(3)|SSL_read(3)>, L<SSL_set_bio(3)|SSL_set_bio(3)>, 686L<SSL_set_fd(3)|SSL_set_fd(3)>, L<SSL_pending(3)|SSL_pending(3)>, 687L<SSL_set_session(3)|SSL_set_session(3)>, 688L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_write(3)|SSL_write(3)>, |
689L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, 690L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>, 691L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>, 692L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)> |
693 694=head1 HISTORY 695 696The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2 697 698=cut 699 |