| SSL_CTX_set_tmp_dh_callback.pod (1.1.1.3) | SSL_CTX_set_tmp_dh_callback.pod (1.1.1.4) |
|---|---|
| 1=pod 2 3=head1 NAME 4 5SSL_CTX_set_dh_auto, SSL_set_dh_auto, SSL_CTX_set0_tmp_dh_pkey, 6SSL_set0_tmp_dh_pkey, SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, 7SSL_set_tmp_dh_callback, SSL_set_tmp_dh 8- handle DH keys for ephemeral key exchange --- 59 unchanged lines hidden (view full) --- 68consistent with the size of the negotiated symmetric cipher key. 69 70Applications may supply their own DH parameters instead of using the built-in 71values. This approach is discouraged and applications should in preference use 72the built-in parameter support described above. Applications wishing to supply 73their own DH parameters should call SSL_CTX_set0_tmp_dh_pkey() or 74SSL_set0_tmp_dh_pkey() to supply the parameters for the B<SSL_CTX> or B<SSL> 75respectively. The parameters should be supplied in the I<dhpkey> argument as | 1=pod 2 3=head1 NAME 4 5SSL_CTX_set_dh_auto, SSL_set_dh_auto, SSL_CTX_set0_tmp_dh_pkey, 6SSL_set0_tmp_dh_pkey, SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, 7SSL_set_tmp_dh_callback, SSL_set_tmp_dh 8- handle DH keys for ephemeral key exchange --- 59 unchanged lines hidden (view full) --- 68consistent with the size of the negotiated symmetric cipher key. 69 70Applications may supply their own DH parameters instead of using the built-in 71values. This approach is discouraged and applications should in preference use 72the built-in parameter support described above. Applications wishing to supply 73their own DH parameters should call SSL_CTX_set0_tmp_dh_pkey() or 74SSL_set0_tmp_dh_pkey() to supply the parameters for the B<SSL_CTX> or B<SSL> 75respectively. The parameters should be supplied in the I<dhpkey> argument as |
| 76an B | 76an B<EVP_PKEY> containing DH parameters. Ownership of the I<dhpkey> value is |
| 77passed to the B<SSL_CTX> or B<SSL> object as a result of this call, and so the | 77passed to the B<SSL_CTX> or B<SSL> object as a result of this call, and so the |
| 78caller should not free it if the function call is succesful. | 78caller should not free it if the function call is successful. |
| 79 80The deprecated macros SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do the same 81thing as SSL_CTX_set0_tmp_dh_pkey() and SSL_set0_tmp_dh_pkey() except that the 82DH parameters are supplied in a B<DH> object instead in the I<dh> argument, and 83ownership of the B<DH> object is retained by the application. Applications 84should use "auto" parameters instead, or call SSL_CTX_set0_tmp_dh_pkey() or 85SSL_set0_tmp_dh_pkey() as appropriate. 86 --- 20 unchanged lines hidden (view full) --- 107=head1 SEE ALSO 108 109L<ssl(7)>, L<SSL_CTX_set_cipher_list(3)>, 110L<SSL_CTX_set_options(3)>, 111L<openssl-ciphers(1)>, L<openssl-dhparam(1)> 112 113=head1 COPYRIGHT 114 | 79 80The deprecated macros SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do the same 81thing as SSL_CTX_set0_tmp_dh_pkey() and SSL_set0_tmp_dh_pkey() except that the 82DH parameters are supplied in a B<DH> object instead in the I<dh> argument, and 83ownership of the B<DH> object is retained by the application. Applications 84should use "auto" parameters instead, or call SSL_CTX_set0_tmp_dh_pkey() or 85SSL_set0_tmp_dh_pkey() as appropriate. 86 --- 20 unchanged lines hidden (view full) --- 107=head1 SEE ALSO 108 109L<ssl(7)>, L<SSL_CTX_set_cipher_list(3)>, 110L<SSL_CTX_set_options(3)>, 111L<openssl-ciphers(1)>, L<openssl-dhparam(1)> 112 113=head1 COPYRIGHT 114 |
| 115Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved. | 115Copyright 2001-2023 The OpenSSL Project Authors. All Rights Reserved. |
| 116 117Licensed under the Apache License 2.0 (the "License"). You may not use 118this file except in compliance with the License. You can obtain a copy 119in the file LICENSE in the source distribution or at 120L<https://www.openssl.org/source/license.html>. 121 122=cut | 116 117Licensed under the Apache License 2.0 (the "License"). You may not use 118this file except in compliance with the License. You can obtain a copy 119in the file LICENSE in the source distribution or at 120L<https://www.openssl.org/source/license.html>. 121 122=cut |