ssl.pod (68651) | ssl.pod (72613) |
---|---|
1 2=pod 3 4=head1 NAME 5 6SSL - OpenSSL SSL/TLS library 7 8=head1 SYNOPSIS 9 10=head1 DESCRIPTION 11 12The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and 13Transport Layer Security (TLS v1) protocols. It provides a rich API which is 14documented here. 15 | 1 2=pod 3 4=head1 NAME 5 6SSL - OpenSSL SSL/TLS library 7 8=head1 SYNOPSIS 9 10=head1 DESCRIPTION 11 12The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and 13Transport Layer Security (TLS v1) protocols. It provides a rich API which is 14documented here. 15 |
16=head1 HEADER FILES | 16At first the library must be initialized; see 17L<SSL_library_init(3)|SSL_library_init(3)>. |
17 | 18 |
18Currently the OpenSSL B<ssl> library provides the following C header files 19containing the prototypes for the data structures and and functions: | 19Then an B<SSL_CTX> object is created as a framework to establish 20TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>). 21Various options regarding certificates, algorithms etc. can be set 22in this object. |
20 | 23 |
21=over 4 | 24When a network connection has been created, it can be assigned to an 25B<SSL> object. After the B<SSL> object has been created using 26L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or 27L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network 28connection with the object. |
22 | 29 |
23=item B<ssl.h> | 30Then the TLS/SSL handshake is performed using 31L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)> 32respectively. 33L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used 34to read and write data on the TLS/SSL connection. 35L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the 36TLS/SSL connection. |
24 | 37 |
25That's the common header file for the SSL/TLS API. Include it into your 26program to make the API of the B<ssl> library available. It internally 27includes both more private SSL headers and headers from the B<crypto> library. 28Whenever you need hard-core details on the internals of the SSL API, look 29inside this header file. 30 31=item B<ssl2.h> 32 33That's the sub header file dealing with the SSLv2 protocol only. 34I<Usually you don't have to include it explicitly because 35it's already included by ssl.h>. 36 37=item B<ssl3.h> 38 39That's the sub header file dealing with the SSLv3 protocol only. 40I<Usually you don't have to include it explicitly because 41it's already included by ssl.h>. 42 43=item B<ssl23.h> 44 45That's the sub header file dealing with the combined use of the SSLv2 and 46SSLv3 protocols. 47I<Usually you don't have to include it explicitly because 48it's already included by ssl.h>. 49 50=item B<tls1.h> 51 52That's the sub header file dealing with the TLSv1 protocol only. 53I<Usually you don't have to include it explicitly because 54it's already included by ssl.h>. 55 56=back 57 | |
58=head1 DATA STRUCTURES 59 60Currently the OpenSSL B<ssl> library functions deals with the following data 61structures: 62 63=over 4 64 65=item B<SSL_METHOD> (SSL Method) --- 24 unchanged lines hidden (view full) --- 90 91That's the main SSL/TLS structure which is created by a server or client per 92established connection. This actually is the core structure in the SSL API. 93Under run-time the application usually deals with this structure which has 94links to mostly all other structures. 95 96=back 97 | 38=head1 DATA STRUCTURES 39 40Currently the OpenSSL B<ssl> library functions deals with the following data 41structures: 42 43=over 4 44 45=item B<SSL_METHOD> (SSL Method) --- 24 unchanged lines hidden (view full) --- 70 71That's the main SSL/TLS structure which is created by a server or client per 72established connection. This actually is the core structure in the SSL API. 73Under run-time the application usually deals with this structure which has 74links to mostly all other structures. 75 76=back 77 |
78 79=head1 HEADER FILES 80 81Currently the OpenSSL B<ssl> library provides the following C header files 82containing the prototypes for the data structures and and functions: 83 84=over 4 85 86=item B<ssl.h> 87 88That's the common header file for the SSL/TLS API. Include it into your 89program to make the API of the B<ssl> library available. It internally 90includes both more private SSL headers and headers from the B<crypto> library. 91Whenever you need hard-core details on the internals of the SSL API, look 92inside this header file. 93 94=item B<ssl2.h> 95 96That's the sub header file dealing with the SSLv2 protocol only. 97I<Usually you don't have to include it explicitly because 98it's already included by ssl.h>. 99 100=item B<ssl3.h> 101 102That's the sub header file dealing with the SSLv3 protocol only. 103I<Usually you don't have to include it explicitly because 104it's already included by ssl.h>. 105 106=item B<ssl23.h> 107 108That's the sub header file dealing with the combined use of the SSLv2 and 109SSLv3 protocols. 110I<Usually you don't have to include it explicitly because 111it's already included by ssl.h>. 112 113=item B<tls1.h> 114 115That's the sub header file dealing with the TLSv1 protocol only. 116I<Usually you don't have to include it explicitly because 117it's already included by ssl.h>. 118 119=back 120 |
|
98=head1 API FUNCTIONS 99 100Currently the OpenSSL B<ssl> library exports 214 API functions. 101They are documented in the following: 102 103=head2 DEALING WITH PROTOCOL METHODS 104 105Here we document the various API functions which deal with the SSL/TLS --- 514 unchanged lines hidden (view full) --- 620=item int B<SSL_write>(SSL *ssl, char *buf, int num); 621 622=back 623 624=head1 SEE ALSO 625 626L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>, 627L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>, | 121=head1 API FUNCTIONS 122 123Currently the OpenSSL B<ssl> library exports 214 API functions. 124They are documented in the following: 125 126=head2 DEALING WITH PROTOCOL METHODS 127 128Here we document the various API functions which deal with the SSL/TLS --- 514 unchanged lines hidden (view full) --- 643=item int B<SSL_write>(SSL *ssl, char *buf, int num); 644 645=back 646 647=head1 SEE ALSO 648 649L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>, 650L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>, |
628L<SSL_connect(3)|SSL_connect(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>, | 651L 652L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>, 653L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>, 654L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>, 655L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>, 656L<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>, 657L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>, 658L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 659L<SSL_CTX_new(3)|SSL_CTX_new(3)>, 660L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>, 661L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>, 662L<SSL_CTX_sessions(3)|SSL_CTX_sessions(3)>, 663L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>, 664L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>, 665L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, 666L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, 667L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>, |
629L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>, | 668L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>, |
669L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, 670L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, 671L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, |
|
630L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, | 672L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, |
631L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_get_fd(3)|SSL_get_fd(3)>, | 673L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, 674L<SSL_get_error(3)|SSL_get_error(3)>, 675L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>, 676L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>, 677L<SSL_get_fd(3)|SSL_get_fd(3)>, |
632L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>, 633L<SSL_get_rbio(3)|SSL_get_rbio(3)>, 634L<SSL_get_session(3)|SSL_get_session(3)>, 635L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, | 678L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>, 679L<SSL_get_rbio(3)|SSL_get_rbio(3)>, 680L<SSL_get_session(3)|SSL_get_session(3)>, 681L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, |
636L<SSL_library_init(3)|SSL_library_init(3)>, L<SSL_new(3)|SSL_new(3)>, | 682L 683L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>, 684L<SSL_new(3)|SSL_new(3)>, |
637L<SSL_read(3)|SSL_read(3)>, L<SSL_set_bio(3)|SSL_set_bio(3)>, 638L<SSL_set_fd(3)|SSL_set_fd(3)>, L<SSL_pending(3)|SSL_pending(3)>, 639L<SSL_set_session(3)|SSL_set_session(3)>, 640L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_write(3)|SSL_write(3)>, | 685L<SSL_read(3)|SSL_read(3)>, L<SSL_set_bio(3)|SSL_set_bio(3)>, 686L<SSL_set_fd(3)|SSL_set_fd(3)>, L<SSL_pending(3)|SSL_pending(3)>, 687L<SSL_set_session(3)|SSL_set_session(3)>, 688L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_write(3)|SSL_write(3)>, |
641L | 689L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, 690L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>, 691L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>, 692L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)> |
642 643=head1 HISTORY 644 645The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2 646 647=cut 648 | 693 694=head1 HISTORY 695 696The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2 697 698=cut 699 |