| ssl.3 (206048) | ssl.3 (215698) |
|---|---|
| 1.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.37 | 1.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07) |
| 2.\" 3.\" Standard preamble: 4.\" ======================================================================== | 2.\" 3.\" Standard preamble: 4.\" ======================================================================== |
| 5.de Sh \" Subsection heading 6.br 7.if t .Sp 8.ne 5 9.PP 10\fB\\$1\fR 11.PP 12.. | |
| 13.de Sp \" Vertical space (when we can't use .PP) 14.if t .sp .5v 15.if n .sp 16.. 17.de Vb \" Begin verbatim text 18.ft CW 19.nf 20.ne \\$1 21.. 22.de Ve \" End verbatim text 23.ft R 24.fi 25.. 26.\" Set up some character translations and predefined strings. \*(-- will 27.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left | 5.de Sp \" Vertical space (when we can't use .PP) 6.if t .sp .5v 7.if n .sp 8.. 9.de Vb \" Begin verbatim text 10.ft CW 11.nf 12.ne \\$1 13.. 14.de Ve \" End verbatim text 15.ft R 16.fi 17.. 18.\" Set up some character translations and predefined strings. \*(-- will 19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left |
| 28.\" double quote, and \*(R" will give a right double quote. | will give a 29.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to 30.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' 31.\" expand to `' in nroff, nothing in troff, for use with C<>. 32.tr \(*W-|\(bv\*(Tr | 20.\" double quote, and \*(R" will give a right double quote. \*(C+ will 21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and 22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, 23.\" nothing in troff, for use with C<>. 24.tr \(*W- |
| 33.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' 34.ie n \{\ 35. ds -- \(*W- 36. ds PI pi 37. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch 38. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch 39. ds L" "" 40. ds R" "" 41. ds C` "" 42. ds C' "" 43'br\} 44.el\{\ 45. ds -- \|\(em\| 46. ds PI \(*p 47. ds L" `` 48. ds R" '' 49'br\} 50.\" | 25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' 26.ie n \{\ 27. ds -- \(*W- 28. ds PI pi 29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch 30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch 31. ds L" "" 32. ds R" "" 33. ds C` "" 34. ds C' "" 35'br\} 36.el\{\ 37. ds -- \|\(em\| 38. ds PI \(*p 39. ds L" `` 40. ds R" '' 41'br\} 42.\" |
| 43.\" Escape single quotes in literal strings from groff's Unicode transform. 44.ie \n(.g .ds Aq \(aq 45.el .ds Aq ' 46.\" |
|
| 51.\" If the F register is turned on, we'll generate index entries on stderr for | 47.\" If the F register is turned on, we'll generate index entries on stderr for |
| 52.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index | 48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index |
| 53.\" entries marked with X<> in POD. Of course, you'll have to process the 54.\" output yourself in some meaningful fashion. | 49.\" entries marked with X<> in POD. Of course, you'll have to process the 50.\" output yourself in some meaningful fashion. |
| 55.if \nF \{\ | 51.ie \nF \{\ |
| 56. de IX 57. tm Index:\\$1\t\\n%\t"\\$2" 58.. 59. nr % 0 60. rr F 61.\} | 52. de IX 53. tm Index:\\$1\t\\n%\t"\\$2" 54.. 55. nr % 0 56. rr F 57.\} |
| 58.el \{\ 59. de IX 60.. 61.\} |
|
| 62.\" | 62.\" |
| 63.\" For nroff, turn off justification. Always turn off hyphenation; it makes 64.\" way too many mistakes in technical documents. 65.hy 0 66.if n .na 67.\" | |
| 68.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 69.\" Fear. Run. Save yourself. No user-serviceable parts. 70. \" fudge factors for nroff and troff 71.if n \{\ 72. ds #H 0 73. ds #V .8m 74. ds #F .3m 75. ds #[ \f1 --- 48 unchanged lines hidden (view full) --- 124. ds Th \o'LP' 125. ds ae ae 126. ds Ae AE 127.\} 128.rm #[ #] #H #V #F C 129.\" ======================================================================== 130.\" 131.IX Title "ssl 3" | 63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 64.\" Fear. Run. Save yourself. No user-serviceable parts. 65. \" fudge factors for nroff and troff 66.if n \{\ 67. ds #H 0 68. ds #V .8m 69. ds #F .3m 70. ds #[ \f1 --- 48 unchanged lines hidden (view full) --- 119. ds Th \o'LP' 120. ds ae ae 121. ds Ae AE 122.\} 123.rm #[ #] #H #V #F C 124.\" ======================================================================== 125.\" 126.IX Title "ssl 3" |
| 132.TH ssl 3 "2010-03-24" "0.9.8n" "OpenSSL" | 127.TH ssl 3 "2010-11-16" "0.9.8p" "OpenSSL" 128.\" For nroff, turn off justification. Always turn off hyphenation; it makes 129.\" way too many mistakes in technical documents. 130.if n .ad l 131.nh |
| 133.SH "NAME" 134SSL \- OpenSSL SSL/TLS library 135.SH "SYNOPSIS" 136.IX Header "SYNOPSIS" 137.SH "DESCRIPTION" 138.IX Header "DESCRIPTION" 139The OpenSSL \fBssl\fR library implements the Secure Sockets Layer (\s-1SSL\s0 v2/v3) and 140Transport Layer Security (\s-1TLS\s0 v1) protocols. It provides a rich \s-1API\s0 which is --- 81 unchanged lines hidden (view full) --- 222.IX Item "tls1.h" 223That's the sub header file dealing with the TLSv1 protocol only. 224\&\fIUsually you don't have to include it explicitly because 225it's already included by ssl.h\fR. 226.SH "API FUNCTIONS" 227.IX Header "API FUNCTIONS" 228Currently the OpenSSL \fBssl\fR library exports 214 \s-1API\s0 functions. 229They are documented in the following: | 132.SH "NAME" 133SSL \- OpenSSL SSL/TLS library 134.SH "SYNOPSIS" 135.IX Header "SYNOPSIS" 136.SH "DESCRIPTION" 137.IX Header "DESCRIPTION" 138The OpenSSL \fBssl\fR library implements the Secure Sockets Layer (\s-1SSL\s0 v2/v3) and 139Transport Layer Security (\s-1TLS\s0 v1) protocols. It provides a rich \s-1API\s0 which is --- 81 unchanged lines hidden (view full) --- 221.IX Item "tls1.h" 222That's the sub header file dealing with the TLSv1 protocol only. 223\&\fIUsually you don't have to include it explicitly because 224it's already included by ssl.h\fR. 225.SH "API FUNCTIONS" 226.IX Header "API FUNCTIONS" 227Currently the OpenSSL \fBssl\fR library exports 214 \s-1API\s0 functions. 228They are documented in the following: |
| 230.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1METHODS\s0" | 229.SS "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1METHODS\s0" |
| 231.IX Subsection "DEALING WITH PROTOCOL METHODS" 232Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 233protocol methods defined in \fB\s-1SSL_METHOD\s0\fR structures. 234.IP "\s-1SSL_METHOD\s0 *\fBSSLv2_client_method\fR(void);" 4 235.IX Item "SSL_METHOD *SSLv2_client_method(void);" 236Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for a dedicated client. 237.IP "\s-1SSL_METHOD\s0 *\fBSSLv2_server_method\fR(void);" 4 238.IX Item "SSL_METHOD *SSLv2_server_method(void);" --- 14 unchanged lines hidden (view full) --- 253.IX Item "SSL_METHOD *TLSv1_client_method(void);" 254Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated client. 255.IP "\s-1SSL_METHOD\s0 *\fBTLSv1_server_method\fR(void);" 4 256.IX Item "SSL_METHOD *TLSv1_server_method(void);" 257Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated server. 258.IP "\s-1SSL_METHOD\s0 *\fBTLSv1_method\fR(void);" 4 259.IX Item "SSL_METHOD *TLSv1_method(void);" 260Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for combined client and server. | 230.IX Subsection "DEALING WITH PROTOCOL METHODS" 231Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 232protocol methods defined in \fB\s-1SSL_METHOD\s0\fR structures. 233.IP "\s-1SSL_METHOD\s0 *\fBSSLv2_client_method\fR(void);" 4 234.IX Item "SSL_METHOD *SSLv2_client_method(void);" 235Constructor for the SSLv2 \s-1SSL_METHOD\s0 structure for a dedicated client. 236.IP "\s-1SSL_METHOD\s0 *\fBSSLv2_server_method\fR(void);" 4 237.IX Item "SSL_METHOD *SSLv2_server_method(void);" --- 14 unchanged lines hidden (view full) --- 252.IX Item "SSL_METHOD *TLSv1_client_method(void);" 253Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated client. 254.IP "\s-1SSL_METHOD\s0 *\fBTLSv1_server_method\fR(void);" 4 255.IX Item "SSL_METHOD *TLSv1_server_method(void);" 256Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for a dedicated server. 257.IP "\s-1SSL_METHOD\s0 *\fBTLSv1_method\fR(void);" 4 258.IX Item "SSL_METHOD *TLSv1_method(void);" 259Constructor for the TLSv1 \s-1SSL_METHOD\s0 structure for combined client and server. |
| 261.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1CIPHERS\s0" | 260.SS "\s-1DEALING\s0 \s-1WITH\s0 \s-1CIPHERS\s0" |
| 262.IX Subsection "DEALING WITH CIPHERS" 263Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 264ciphers defined in \fB\s-1SSL_CIPHER\s0\fR structures. 265.IP "char *\fBSSL_CIPHER_description\fR(\s-1SSL_CIPHER\s0 *cipher, char *buf, int len);" 4 266.IX Item "char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len);" 267Write a string to \fIbuf\fR (with a maximum size of \fIlen\fR) containing a human 268readable description of \fIcipher\fR. Returns \fIbuf\fR. 269.IP "int \fBSSL_CIPHER_get_bits\fR(\s-1SSL_CIPHER\s0 *cipher, int *alg_bits);" 4 --- 6 unchanged lines hidden (view full) --- 276Return the internal name of \fIcipher\fR as a string. These are the various 277strings defined by the \fISSL2_TXT_xxx\fR, \fISSL3_TXT_xxx\fR and \fITLS1_TXT_xxx\fR 278definitions in the header files. 279.IP "char *\fBSSL_CIPHER_get_version\fR(\s-1SSL_CIPHER\s0 *cipher);" 4 280.IX Item "char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);" 281Returns a string like "\f(CW\*(C`TLSv1/SSLv3\*(C'\fR\*(L" or \*(R"\f(CW\*(C`SSLv2\*(C'\fR" which indicates the 282\&\s-1SSL/TLS\s0 protocol version to which \fIcipher\fR belongs (i.e. where it was defined 283in the specification the first time). | 261.IX Subsection "DEALING WITH CIPHERS" 262Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 263ciphers defined in \fB\s-1SSL_CIPHER\s0\fR structures. 264.IP "char *\fBSSL_CIPHER_description\fR(\s-1SSL_CIPHER\s0 *cipher, char *buf, int len);" 4 265.IX Item "char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len);" 266Write a string to \fIbuf\fR (with a maximum size of \fIlen\fR) containing a human 267readable description of \fIcipher\fR. Returns \fIbuf\fR. 268.IP "int \fBSSL_CIPHER_get_bits\fR(\s-1SSL_CIPHER\s0 *cipher, int *alg_bits);" 4 --- 6 unchanged lines hidden (view full) --- 275Return the internal name of \fIcipher\fR as a string. These are the various 276strings defined by the \fISSL2_TXT_xxx\fR, \fISSL3_TXT_xxx\fR and \fITLS1_TXT_xxx\fR 277definitions in the header files. 278.IP "char *\fBSSL_CIPHER_get_version\fR(\s-1SSL_CIPHER\s0 *cipher);" 4 279.IX Item "char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);" 280Returns a string like "\f(CW\*(C`TLSv1/SSLv3\*(C'\fR\*(L" or \*(R"\f(CW\*(C`SSLv2\*(C'\fR" which indicates the 281\&\s-1SSL/TLS\s0 protocol version to which \fIcipher\fR belongs (i.e. where it was defined 282in the specification the first time). |
| 284.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1CONTEXTS\s0" | 283.SS "\s-1DEALING\s0 \s-1WITH\s0 \s-1PROTOCOL\s0 \s-1CONTEXTS\s0" |
| 285.IX Subsection "DEALING WITH PROTOCOL CONTEXTS" 286Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 287protocol context defined in the \fB\s-1SSL_CTX\s0\fR structure. 288.IP "int \fBSSL_CTX_add_client_CA\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4 289.IX Item "int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);" 290.PD 0 291.IP "long \fBSSL_CTX_add_extra_chain_cert\fR(\s-1SSL_CTX\s0 *ctx, X509 *x509);" 4 292.IX Item "long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);" --- 156 unchanged lines hidden (view full) --- 449.IX Item "int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);" 450.IP "int \fBSSL_CTX_use_certificate\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4 451.IX Item "int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);" 452.IP "int \fBSSL_CTX_use_certificate_ASN1\fR(\s-1SSL_CTX\s0 *ctx, int len, unsigned char *d);" 4 453.IX Item "int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);" 454.IP "int \fBSSL_CTX_use_certificate_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4 455.IX Item "int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);" 456.PD | 284.IX Subsection "DEALING WITH PROTOCOL CONTEXTS" 285Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 286protocol context defined in the \fB\s-1SSL_CTX\s0\fR structure. 287.IP "int \fBSSL_CTX_add_client_CA\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4 288.IX Item "int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);" 289.PD 0 290.IP "long \fBSSL_CTX_add_extra_chain_cert\fR(\s-1SSL_CTX\s0 *ctx, X509 *x509);" 4 291.IX Item "long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);" --- 156 unchanged lines hidden (view full) --- 448.IX Item "int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);" 449.IP "int \fBSSL_CTX_use_certificate\fR(\s-1SSL_CTX\s0 *ctx, X509 *x);" 4 450.IX Item "int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);" 451.IP "int \fBSSL_CTX_use_certificate_ASN1\fR(\s-1SSL_CTX\s0 *ctx, int len, unsigned char *d);" 4 452.IX Item "int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);" 453.IP "int \fBSSL_CTX_use_certificate_file\fR(\s-1SSL_CTX\s0 *ctx, char *file, int type);" 4 454.IX Item "int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);" 455.PD |
| 457.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1SESSIONS\s0" | 456.SS "\s-1DEALING\s0 \s-1WITH\s0 \s-1SESSIONS\s0" |
| 458.IX Subsection "DEALING WITH SESSIONS" 459Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 460sessions defined in the \fB\s-1SSL_SESSION\s0\fR structures. 461.IP "int \fBSSL_SESSION_cmp\fR(const \s-1SSL_SESSION\s0 *a, const \s-1SSL_SESSION\s0 *b);" 4 462.IX Item "int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b);" 463.PD 0 464.IP "void \fBSSL_SESSION_free\fR(\s-1SSL_SESSION\s0 *ss);" 4 465.IX Item "void SSL_SESSION_free(SSL_SESSION *ss);" --- 19 unchanged lines hidden (view full) --- 485.IX Item "void SSL_SESSION_set_app_data(SSL_SESSION *s, char *a);" 486.IP "int \fBSSL_SESSION_set_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx, char *arg);" 4 487.IX Item "int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, char *arg);" 488.IP "long \fBSSL_SESSION_set_time\fR(\s-1SSL_SESSION\s0 *s, long t);" 4 489.IX Item "long SSL_SESSION_set_time(SSL_SESSION *s, long t);" 490.IP "long \fBSSL_SESSION_set_timeout\fR(\s-1SSL_SESSION\s0 *s, long t);" 4 491.IX Item "long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);" 492.PD | 457.IX Subsection "DEALING WITH SESSIONS" 458Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 459sessions defined in the \fB\s-1SSL_SESSION\s0\fR structures. 460.IP "int \fBSSL_SESSION_cmp\fR(const \s-1SSL_SESSION\s0 *a, const \s-1SSL_SESSION\s0 *b);" 4 461.IX Item "int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b);" 462.PD 0 463.IP "void \fBSSL_SESSION_free\fR(\s-1SSL_SESSION\s0 *ss);" 4 464.IX Item "void SSL_SESSION_free(SSL_SESSION *ss);" --- 19 unchanged lines hidden (view full) --- 484.IX Item "void SSL_SESSION_set_app_data(SSL_SESSION *s, char *a);" 485.IP "int \fBSSL_SESSION_set_ex_data\fR(\s-1SSL_SESSION\s0 *s, int idx, char *arg);" 4 486.IX Item "int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, char *arg);" 487.IP "long \fBSSL_SESSION_set_time\fR(\s-1SSL_SESSION\s0 *s, long t);" 4 488.IX Item "long SSL_SESSION_set_time(SSL_SESSION *s, long t);" 489.IP "long \fBSSL_SESSION_set_timeout\fR(\s-1SSL_SESSION\s0 *s, long t);" 4 490.IX Item "long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);" 491.PD |
| 493.Sh "\s-1DEALING\s0 \s-1WITH\s0 \s-1CONNECTIONS\s0" | 492.SS "\s-1DEALING\s0 \s-1WITH\s0 \s-1CONNECTIONS\s0" |
| 494.IX Subsection "DEALING WITH CONNECTIONS" 495Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 496connection defined in the \fB\s-1SSL\s0\fR structure. 497.IP "int \fBSSL_accept\fR(\s-1SSL\s0 *ssl);" 4 498.IX Item "int SSL_accept(SSL *ssl);" 499.PD 0 500.IP "int \fBSSL_add_dir_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *dir);" 4 501.IX Item "int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir);" --- 303 unchanged lines hidden --- | 493.IX Subsection "DEALING WITH CONNECTIONS" 494Here we document the various \s-1API\s0 functions which deal with the \s-1SSL/TLS\s0 495connection defined in the \fB\s-1SSL\s0\fR structure. 496.IP "int \fBSSL_accept\fR(\s-1SSL\s0 *ssl);" 4 497.IX Item "int SSL_accept(SSL *ssl);" 498.PD 0 499.IP "int \fBSSL_add_dir_cert_subjects_to_stack\fR(\s-1STACK\s0 *stack, const char *dir);" 4 500.IX Item "int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir);" --- 303 unchanged lines hidden --- |