ssl.pod revision 160814
159191Skris 259191Skris=pod 359191Skris 459191Skris=head1 NAME 559191Skris 659191SkrisSSL - OpenSSL SSL/TLS library 759191Skris 859191Skris=head1 SYNOPSIS 959191Skris 1059191Skris=head1 DESCRIPTION 1159191Skris 1259191SkrisThe OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and 1359191SkrisTransport Layer Security (TLS v1) protocols. It provides a rich API which is 1459191Skrisdocumented here. 1559191Skris 1672613SkrisAt first the library must be initialized; see 1772613SkrisL<SSL_library_init(3)|SSL_library_init(3)>. 1859191Skris 1972613SkrisThen an B<SSL_CTX> object is created as a framework to establish 2072613SkrisTLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>). 2172613SkrisVarious options regarding certificates, algorithms etc. can be set 2272613Skrisin this object. 2359191Skris 2472613SkrisWhen a network connection has been created, it can be assigned to an 2572613SkrisB<SSL> object. After the B<SSL> object has been created using 2672613SkrisL<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or 2772613SkrisL<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network 2872613Skrisconnection with the object. 2959191Skris 3072613SkrisThen the TLS/SSL handshake is performed using 3172613SkrisL<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)> 3272613Skrisrespectively. 3372613SkrisL<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used 3472613Skristo read and write data on the TLS/SSL connection. 3572613SkrisL<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the 3672613SkrisTLS/SSL connection. 3759191Skris 3859191Skris=head1 DATA STRUCTURES 3959191Skris 4059191SkrisCurrently the OpenSSL B<ssl> library functions deals with the following data 4159191Skrisstructures: 4259191Skris 4359191Skris=over 4 4459191Skris 4559191Skris=item B<SSL_METHOD> (SSL Method) 4659191Skris 4759191SkrisThat's a dispatch structure describing the internal B<ssl> library 4859191Skrismethods/functions which implement the various protocol versions (SSLv1, SSLv2 4959191Skrisand TLSv1). It's needed to create an B<SSL_CTX>. 5059191Skris 5159191Skris=item B<SSL_CIPHER> (SSL Cipher) 5259191Skris 5359191SkrisThis structure holds the algorithm information for a particular cipher which 5459191Skrisare a core part of the SSL/TLS protocol. The available ciphers are configured 5559191Skrison a B<SSL_CTX> basis and the actually used ones are then part of the 5659191SkrisB<SSL_SESSION>. 5759191Skris 5859191Skris=item B<SSL_CTX> (SSL Context) 5959191Skris 6059191SkrisThat's the global context structure which is created by a server or client 6159191Skrisonce per program life-time and which holds mainly default values for the 6259191SkrisB<SSL> structures which are later created for the connections. 6359191Skris 6459191Skris=item B<SSL_SESSION> (SSL Session) 6559191Skris 6668651SkrisThis is a structure containing the current TLS/SSL session details for a 6759191Skrisconnection: B<SSL_CIPHER>s, client and server certificates, keys, etc. 6859191Skris 6959191Skris=item B<SSL> (SSL Connection) 7059191Skris 7159191SkrisThat's the main SSL/TLS structure which is created by a server or client per 7259191Skrisestablished connection. This actually is the core structure in the SSL API. 7359191SkrisUnder run-time the application usually deals with this structure which has 7459191Skrislinks to mostly all other structures. 7559191Skris 7659191Skris=back 7759191Skris 7872613Skris 7972613Skris=head1 HEADER FILES 8072613Skris 8172613SkrisCurrently the OpenSSL B<ssl> library provides the following C header files 8272613Skriscontaining the prototypes for the data structures and and functions: 8372613Skris 8472613Skris=over 4 8572613Skris 8672613Skris=item B<ssl.h> 8772613Skris 8872613SkrisThat's the common header file for the SSL/TLS API. Include it into your 8972613Skrisprogram to make the API of the B<ssl> library available. It internally 9072613Skrisincludes both more private SSL headers and headers from the B<crypto> library. 9172613SkrisWhenever you need hard-core details on the internals of the SSL API, look 9272613Skrisinside this header file. 9372613Skris 9472613Skris=item B<ssl2.h> 9572613Skris 9672613SkrisThat's the sub header file dealing with the SSLv2 protocol only. 9772613SkrisI<Usually you don't have to include it explicitly because 9872613Skrisit's already included by ssl.h>. 9972613Skris 10072613Skris=item B<ssl3.h> 10172613Skris 10272613SkrisThat's the sub header file dealing with the SSLv3 protocol only. 10372613SkrisI<Usually you don't have to include it explicitly because 10472613Skrisit's already included by ssl.h>. 10572613Skris 10672613Skris=item B<ssl23.h> 10772613Skris 10872613SkrisThat's the sub header file dealing with the combined use of the SSLv2 and 10972613SkrisSSLv3 protocols. 11072613SkrisI<Usually you don't have to include it explicitly because 11172613Skrisit's already included by ssl.h>. 11272613Skris 11372613Skris=item B<tls1.h> 11472613Skris 11572613SkrisThat's the sub header file dealing with the TLSv1 protocol only. 11672613SkrisI<Usually you don't have to include it explicitly because 11772613Skrisit's already included by ssl.h>. 11872613Skris 11972613Skris=back 12072613Skris 12159191Skris=head1 API FUNCTIONS 12259191Skris 12359191SkrisCurrently the OpenSSL B<ssl> library exports 214 API functions. 12459191SkrisThey are documented in the following: 12559191Skris 12659191Skris=head2 DEALING WITH PROTOCOL METHODS 12759191Skris 12859191SkrisHere we document the various API functions which deal with the SSL/TLS 12959191Skrisprotocol methods defined in B<SSL_METHOD> structures. 13059191Skris 13159191Skris=over 4 13259191Skris 13359191Skris=item SSL_METHOD *B<SSLv2_client_method>(void); 13459191Skris 13559191SkrisConstructor for the SSLv2 SSL_METHOD structure for a dedicated client. 13659191Skris 13759191Skris=item SSL_METHOD *B<SSLv2_server_method>(void); 13859191Skris 13959191SkrisConstructor for the SSLv2 SSL_METHOD structure for a dedicated server. 14059191Skris 14159191Skris=item SSL_METHOD *B<SSLv2_method>(void); 14259191Skris 14359191SkrisConstructor for the SSLv2 SSL_METHOD structure for combined client and server. 14459191Skris 14559191Skris=item SSL_METHOD *B<SSLv3_client_method>(void); 14659191Skris 14759191SkrisConstructor for the SSLv3 SSL_METHOD structure for a dedicated client. 14859191Skris 14959191Skris=item SSL_METHOD *B<SSLv3_server_method>(void); 15059191Skris 15159191SkrisConstructor for the SSLv3 SSL_METHOD structure for a dedicated server. 15259191Skris 15359191Skris=item SSL_METHOD *B<SSLv3_method>(void); 15459191Skris 15559191SkrisConstructor for the SSLv3 SSL_METHOD structure for combined client and server. 15659191Skris 15759191Skris=item SSL_METHOD *B<TLSv1_client_method>(void); 15859191Skris 15959191SkrisConstructor for the TLSv1 SSL_METHOD structure for a dedicated client. 16059191Skris 16159191Skris=item SSL_METHOD *B<TLSv1_server_method>(void); 16259191Skris 16359191SkrisConstructor for the TLSv1 SSL_METHOD structure for a dedicated server. 16459191Skris 16559191Skris=item SSL_METHOD *B<TLSv1_method>(void); 16659191Skris 16759191SkrisConstructor for the TLSv1 SSL_METHOD structure for combined client and server. 16859191Skris 16959191Skris=back 17059191Skris 17159191Skris=head2 DEALING WITH CIPHERS 17259191Skris 17359191SkrisHere we document the various API functions which deal with the SSL/TLS 17459191Skrisciphers defined in B<SSL_CIPHER> structures. 17559191Skris 17659191Skris=over 4 17759191Skris 17859191Skris=item char *B<SSL_CIPHER_description>(SSL_CIPHER *cipher, char *buf, int len); 17959191Skris 18059191SkrisWrite a string to I<buf> (with a maximum size of I<len>) containing a human 18159191Skrisreadable description of I<cipher>. Returns I<buf>. 18259191Skris 18359191Skris=item int B<SSL_CIPHER_get_bits>(SSL_CIPHER *cipher, int *alg_bits); 18459191Skris 18559191SkrisDetermine the number of bits in I<cipher>. Because of export crippled ciphers 18659191Skristhere are two bits: The bits the algorithm supports in general (stored to 18759191SkrisI<alg_bits>) and the bits which are actually used (the return value). 18859191Skris 18968651Skris=item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher); 19059191Skris 19159191SkrisReturn the internal name of I<cipher> as a string. These are the various 19259191Skrisstrings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx> 19359191Skrisdefinitions in the header files. 19459191Skris 19559191Skris=item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher); 19659191Skris 19759191SkrisReturns a string like "C<TLSv1/SSLv3>" or "C<SSLv2>" which indicates the 19859191SkrisSSL/TLS protocol version to which I<cipher> belongs (i.e. where it was defined 19959191Skrisin the specification the first time). 20059191Skris 20159191Skris=back 20259191Skris 20359191Skris=head2 DEALING WITH PROTOCOL CONTEXTS 20459191Skris 20559191SkrisHere we document the various API functions which deal with the SSL/TLS 20659191Skrisprotocol context defined in the B<SSL_CTX> structure. 20759191Skris 20859191Skris=over 4 20959191Skris 21059191Skris=item int B<SSL_CTX_add_client_CA>(SSL_CTX *ctx, X509 *x); 21159191Skris 21259191Skris=item long B<SSL_CTX_add_extra_chain_cert>(SSL_CTX *ctx, X509 *x509); 21359191Skris 21459191Skris=item int B<SSL_CTX_add_session>(SSL_CTX *ctx, SSL_SESSION *c); 21559191Skris 216160814Ssimon=item int B<SSL_CTX_check_private_key>(const SSL_CTX *ctx); 21759191Skris 21859191Skris=item long B<SSL_CTX_ctrl>(SSL_CTX *ctx, int cmd, long larg, char *parg); 21959191Skris 22059191Skris=item void B<SSL_CTX_flush_sessions>(SSL_CTX *s, long t); 22159191Skris 22259191Skris=item void B<SSL_CTX_free>(SSL_CTX *a); 22359191Skris 22459191Skris=item char *B<SSL_CTX_get_app_data>(SSL_CTX *ctx); 22559191Skris 22659191Skris=item X509_STORE *B<SSL_CTX_get_cert_store>(SSL_CTX *ctx); 22759191Skris 228160814Ssimon=item STACK *B<SSL_CTX_get_client_CA_list>(const SSL_CTX *ctx); 22959191Skris 23059191Skris=item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey); 23159191Skris 232160814Ssimon=item char *B<SSL_CTX_get_ex_data>(const SSL_CTX *s, int idx); 23359191Skris 23459191Skris=item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) 23559191Skris 23659191Skris=item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret); 23759191Skris 238160814Ssimon=item int B<SSL_CTX_get_quiet_shutdown>(const SSL_CTX *ctx); 23959191Skris 24059191Skris=item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx); 24159191Skris 242160814Ssimon=item long B<SSL_CTX_get_timeout>(const SSL_CTX *ctx); 24359191Skris 244160814Ssimon=item int (*B<SSL_CTX_get_verify_callback>(const SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx); 24559191Skris 24659191Skris=item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx); 24759191Skris 24859191Skris=item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, char *CAfile, char *CApath); 24959191Skris 25059191Skris=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx); 25159191Skris 25259191Skris=item SSL_CTX *B<SSL_CTX_new>(SSL_METHOD *meth); 25359191Skris 25459191Skris=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c); 25559191Skris 25659191Skris=item int B<SSL_CTX_sess_accept>(SSL_CTX *ctx); 25759191Skris 25859191Skris=item int B<SSL_CTX_sess_accept_good>(SSL_CTX *ctx); 25959191Skris 26059191Skris=item int B<SSL_CTX_sess_accept_renegotiate>(SSL_CTX *ctx); 26159191Skris 26259191Skris=item int B<SSL_CTX_sess_cache_full>(SSL_CTX *ctx); 26359191Skris 26459191Skris=item int B<SSL_CTX_sess_cb_hits>(SSL_CTX *ctx); 26559191Skris 26659191Skris=item int B<SSL_CTX_sess_connect>(SSL_CTX *ctx); 26759191Skris 26859191Skris=item int B<SSL_CTX_sess_connect_good>(SSL_CTX *ctx); 26959191Skris 27059191Skris=item int B<SSL_CTX_sess_connect_renegotiate>(SSL_CTX *ctx); 27159191Skris 27259191Skris=item int B<SSL_CTX_sess_get_cache_size>(SSL_CTX *ctx); 27359191Skris 27459191Skris=item SSL_SESSION *(*B<SSL_CTX_sess_get_get_cb>(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy); 27559191Skris 27659191Skris=item int (*B<SSL_CTX_sess_get_new_cb>(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess); 27759191Skris 27859191Skris=item void (*B<SSL_CTX_sess_get_remove_cb>(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess); 27959191Skris 28059191Skris=item int B<SSL_CTX_sess_hits>(SSL_CTX *ctx); 28159191Skris 28259191Skris=item int B<SSL_CTX_sess_misses>(SSL_CTX *ctx); 28359191Skris 28459191Skris=item int B<SSL_CTX_sess_number>(SSL_CTX *ctx); 28559191Skris 28659191Skris=item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx,t); 28759191Skris 28859191Skris=item void B<SSL_CTX_sess_set_get_cb>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy)); 28959191Skris 29059191Skris=item void B<SSL_CTX_sess_set_new_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess)); 29159191Skris 29259191Skris=item void B<SSL_CTX_sess_set_remove_cb>(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess)); 29359191Skris 29459191Skris=item int B<SSL_CTX_sess_timeouts>(SSL_CTX *ctx); 29559191Skris 29659191Skris=item LHASH *B<SSL_CTX_sessions>(SSL_CTX *ctx); 29759191Skris 29859191Skris=item void B<SSL_CTX_set_app_data>(SSL_CTX *ctx, void *arg); 29959191Skris 30059191Skris=item void B<SSL_CTX_set_cert_store>(SSL_CTX *ctx, X509_STORE *cs); 30159191Skris 30289837Skris=item void B<SSL_CTX_set_cert_verify_cb>(SSL_CTX *ctx, int (*cb)(), char *arg) 30359191Skris 30459191Skris=item int B<SSL_CTX_set_cipher_list>(SSL_CTX *ctx, char *str); 30559191Skris 30659191Skris=item void B<SSL_CTX_set_client_CA_list>(SSL_CTX *ctx, STACK *list); 30759191Skris 30859191Skris=item void B<SSL_CTX_set_client_cert_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); 30959191Skris 31059191Skris=item void B<SSL_CTX_set_default_passwd_cb>(SSL_CTX *ctx, int (*cb);(void)) 31159191Skris 31259191Skris=item void B<SSL_CTX_set_default_read_ahead>(SSL_CTX *ctx, int m); 31359191Skris 31459191Skris=item int B<SSL_CTX_set_default_verify_paths>(SSL_CTX *ctx); 31559191Skris 31659191Skris=item int B<SSL_CTX_set_ex_data>(SSL_CTX *s, int idx, char *arg); 31759191Skris 31859191Skris=item void B<SSL_CTX_set_info_callback>(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret)); 31959191Skris 320109998Smarkm=item void B<SSL_CTX_set_msg_callback>(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); 321109998Smarkm 322109998Smarkm=item void B<SSL_CTX_set_msg_callback_arg>(SSL_CTX *ctx, void *arg); 323109998Smarkm 32459191Skris=item void B<SSL_CTX_set_options>(SSL_CTX *ctx, unsigned long op); 32559191Skris 32659191Skris=item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode); 32759191Skris 32859191Skris=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode); 32959191Skris 33059191Skris=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, SSL_METHOD *meth); 33159191Skris 33259191Skris=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t); 33359191Skris 33459191Skris=item long B<SSL_CTX_set_tmp_dh>(SSL_CTX* ctx, DH *dh); 33559191Skris 33659191Skris=item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void)); 33759191Skris 33859191Skris=item long B<SSL_CTX_set_tmp_rsa>(SSL_CTX *ctx, RSA *rsa); 33959191Skris 34059191Skris=item SSL_CTX_set_tmp_rsa_callback 34159191Skris 34259191SkrisC<long B<SSL_CTX_set_tmp_rsa_callback>(SSL_CTX *B<ctx>, RSA *(*B<cb>)(SSL *B<ssl>, int B<export>, int B<keylength>));> 34359191Skris 34459191SkrisSets the callback which will be called when a temporary private key is 34559191Skrisrequired. The B<C<export>> flag will be set if the reason for needing 34659191Skrisa temp key is that an export ciphersuite is in use, in which case, 34759191SkrisB<C<keylength>> will contain the required keylength in bits. Generate a key of 34859191Skrisappropriate size (using ???) and return it. 34959191Skris 35059191Skris=item SSL_set_tmp_rsa_callback 35159191Skris 35259191Skrislong B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength)); 35359191Skris 354109998SmarkmThe same as B<SSL_CTX_set_tmp_rsa_callback>, except it operates on an SSL 35559191Skrissession instead of a context. 35659191Skris 35759191Skris=item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void)) 35859191Skris 35959191Skris=item int B<SSL_CTX_use_PrivateKey>(SSL_CTX *ctx, EVP_PKEY *pkey); 36059191Skris 36159191Skris=item int B<SSL_CTX_use_PrivateKey_ASN1>(int type, SSL_CTX *ctx, unsigned char *d, long len); 36259191Skris 36359191Skris=item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, char *file, int type); 36459191Skris 36559191Skris=item int B<SSL_CTX_use_RSAPrivateKey>(SSL_CTX *ctx, RSA *rsa); 36659191Skris 36759191Skris=item int B<SSL_CTX_use_RSAPrivateKey_ASN1>(SSL_CTX *ctx, unsigned char *d, long len); 36859191Skris 36959191Skris=item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, char *file, int type); 37059191Skris 37159191Skris=item int B<SSL_CTX_use_certificate>(SSL_CTX *ctx, X509 *x); 37259191Skris 37359191Skris=item int B<SSL_CTX_use_certificate_ASN1>(SSL_CTX *ctx, int len, unsigned char *d); 37459191Skris 37559191Skris=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type); 37659191Skris 37759191Skris=back 37859191Skris 37959191Skris=head2 DEALING WITH SESSIONS 38059191Skris 38159191SkrisHere we document the various API functions which deal with the SSL/TLS 38259191Skrissessions defined in the B<SSL_SESSION> structures. 38359191Skris 38459191Skris=over 4 38559191Skris 386160814Ssimon=item int B<SSL_SESSION_cmp>(const SSL_SESSION *a, const SSL_SESSION *b); 38759191Skris 38859191Skris=item void B<SSL_SESSION_free>(SSL_SESSION *ss); 38959191Skris 39059191Skris=item char *B<SSL_SESSION_get_app_data>(SSL_SESSION *s); 39159191Skris 392160814Ssimon=item char *B<SSL_SESSION_get_ex_data>(const SSL_SESSION *s, int idx); 39359191Skris 39459191Skris=item int B<SSL_SESSION_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) 39559191Skris 396160814Ssimon=item long B<SSL_SESSION_get_time>(const SSL_SESSION *s); 39759191Skris 398160814Ssimon=item long B<SSL_SESSION_get_timeout>(const SSL_SESSION *s); 39959191Skris 400160814Ssimon=item unsigned long B<SSL_SESSION_hash>(const SSL_SESSION *a); 40159191Skris 40259191Skris=item SSL_SESSION *B<SSL_SESSION_new>(void); 40359191Skris 404160814Ssimon=item int B<SSL_SESSION_print>(BIO *bp, const SSL_SESSION *x); 40559191Skris 406160814Ssimon=item int B<SSL_SESSION_print_fp>(FILE *fp, const SSL_SESSION *x); 40759191Skris 40859191Skris=item void B<SSL_SESSION_set_app_data>(SSL_SESSION *s, char *a); 40959191Skris 41059191Skris=item int B<SSL_SESSION_set_ex_data>(SSL_SESSION *s, int idx, char *arg); 41159191Skris 41259191Skris=item long B<SSL_SESSION_set_time>(SSL_SESSION *s, long t); 41359191Skris 41459191Skris=item long B<SSL_SESSION_set_timeout>(SSL_SESSION *s, long t); 41559191Skris 41659191Skris=back 41759191Skris 41859191Skris=head2 DEALING WITH CONNECTIONS 41959191Skris 42059191SkrisHere we document the various API functions which deal with the SSL/TLS 42159191Skrisconnection defined in the B<SSL> structure. 42259191Skris 42359191Skris=over 4 42459191Skris 42559191Skris=item int B<SSL_accept>(SSL *ssl); 42659191Skris 42759191Skris=item int B<SSL_add_dir_cert_subjects_to_stack>(STACK *stack, const char *dir); 42859191Skris 42959191Skris=item int B<SSL_add_file_cert_subjects_to_stack>(STACK *stack, const char *file); 43059191Skris 43159191Skris=item int B<SSL_add_client_CA>(SSL *ssl, X509 *x); 43259191Skris 43359191Skris=item char *B<SSL_alert_desc_string>(int value); 43459191Skris 43559191Skris=item char *B<SSL_alert_desc_string_long>(int value); 43659191Skris 43759191Skris=item char *B<SSL_alert_type_string>(int value); 43859191Skris 43959191Skris=item char *B<SSL_alert_type_string_long>(int value); 44059191Skris 441160814Ssimon=item int B<SSL_check_private_key>(const SSL *ssl); 44259191Skris 44359191Skris=item void B<SSL_clear>(SSL *ssl); 44459191Skris 44559191Skris=item long B<SSL_clear_num_renegotiations>(SSL *ssl); 44659191Skris 44759191Skris=item int B<SSL_connect>(SSL *ssl); 44859191Skris 449160814Ssimon=item void B<SSL_copy_session_id>(SSL *t, const SSL *f); 45059191Skris 45159191Skris=item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg); 45259191Skris 45359191Skris=item int B<SSL_do_handshake>(SSL *ssl); 45459191Skris 45559191Skris=item SSL *B<SSL_dup>(SSL *ssl); 45659191Skris 45759191Skris=item STACK *B<SSL_dup_CA_list>(STACK *sk); 45859191Skris 45959191Skris=item void B<SSL_free>(SSL *ssl); 46059191Skris 461160814Ssimon=item SSL_CTX *B<SSL_get_SSL_CTX>(const SSL *ssl); 46259191Skris 46359191Skris=item char *B<SSL_get_app_data>(SSL *ssl); 46459191Skris 465160814Ssimon=item X509 *B<SSL_get_certificate>(const SSL *ssl); 46659191Skris 467160814Ssimon=item const char *B<SSL_get_cipher>(const SSL *ssl); 46859191Skris 469160814Ssimon=item int B<SSL_get_cipher_bits>(const SSL *ssl, int *alg_bits); 47059191Skris 471160814Ssimon=item char *B<SSL_get_cipher_list>(const SSL *ssl, int n); 47259191Skris 473160814Ssimon=item char *B<SSL_get_cipher_name>(const SSL *ssl); 47459191Skris 475160814Ssimon=item char *B<SSL_get_cipher_version>(const SSL *ssl); 47659191Skris 477160814Ssimon=item STACK *B<SSL_get_ciphers>(const SSL *ssl); 47859191Skris 479160814Ssimon=item STACK *B<SSL_get_client_CA_list>(const SSL *ssl); 48059191Skris 48159191Skris=item SSL_CIPHER *B<SSL_get_current_cipher>(SSL *ssl); 48259191Skris 483160814Ssimon=item long B<SSL_get_default_timeout>(const SSL *ssl); 48459191Skris 485160814Ssimon=item int B<SSL_get_error>(const SSL *ssl, int i); 48659191Skris 487160814Ssimon=item char *B<SSL_get_ex_data>(const SSL *ssl, int idx); 48859191Skris 48959191Skris=item int B<SSL_get_ex_data_X509_STORE_CTX_idx>(void); 49059191Skris 49159191Skris=item int B<SSL_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) 49259191Skris 493160814Ssimon=item int B<SSL_get_fd>(const SSL *ssl); 49459191Skris 495160814Ssimon=item void (*B<SSL_get_info_callback>(const SSL *ssl);)() 49659191Skris 497160814Ssimon=item STACK *B<SSL_get_peer_cert_chain>(const SSL *ssl); 49859191Skris 499160814Ssimon=item X509 *B<SSL_get_peer_certificate>(const SSL *ssl); 50059191Skris 50159191Skris=item EVP_PKEY *B<SSL_get_privatekey>(SSL *ssl); 50259191Skris 503160814Ssimon=item int B<SSL_get_quiet_shutdown>(const SSL *ssl); 50459191Skris 505160814Ssimon=item BIO *B<SSL_get_rbio>(const SSL *ssl); 50659191Skris 507160814Ssimon=item int B<SSL_get_read_ahead>(const SSL *ssl); 50859191Skris 509160814Ssimon=item SSL_SESSION *B<SSL_get_session>(const SSL *ssl); 51059191Skris 511160814Ssimon=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len); 51259191Skris 513160814Ssimon=item int B<SSL_get_shutdown>(const SSL *ssl); 51459191Skris 51559191Skris=item SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl); 51659191Skris 517160814Ssimon=item int B<SSL_get_state>(const SSL *ssl); 51859191Skris 519160814Ssimon=item long B<SSL_get_time>(const SSL *ssl); 52059191Skris 521160814Ssimon=item long B<SSL_get_timeout>(const SSL *ssl); 52259191Skris 523160814Ssimon=item int (*B<SSL_get_verify_callback>(const SSL *ssl))(int,X509_STORE_CTX *) 52459191Skris 525160814Ssimon=item int B<SSL_get_verify_mode>(const SSL *ssl); 52659191Skris 527160814Ssimon=item long B<SSL_get_verify_result>(const SSL *ssl); 52859191Skris 529160814Ssimon=item char *B<SSL_get_version>(const SSL *ssl); 53059191Skris 531160814Ssimon=item BIO *B<SSL_get_wbio>(const SSL *ssl); 53259191Skris 53359191Skris=item int B<SSL_in_accept_init>(SSL *ssl); 53459191Skris 53559191Skris=item int B<SSL_in_before>(SSL *ssl); 53659191Skris 53759191Skris=item int B<SSL_in_connect_init>(SSL *ssl); 53859191Skris 53959191Skris=item int B<SSL_in_init>(SSL *ssl); 54059191Skris 54159191Skris=item int B<SSL_is_init_finished>(SSL *ssl); 54259191Skris 54359191Skris=item STACK *B<SSL_load_client_CA_file>(char *file); 54459191Skris 54559191Skris=item void B<SSL_load_error_strings>(void); 54659191Skris 54759191Skris=item SSL *B<SSL_new>(SSL_CTX *ctx); 54859191Skris 54959191Skris=item long B<SSL_num_renegotiations>(SSL *ssl); 55059191Skris 55176866Skris=item int B<SSL_peek>(SSL *ssl, void *buf, int num); 55259191Skris 553160814Ssimon=item int B<SSL_pending>(const SSL *ssl); 55459191Skris 55576866Skris=item int B<SSL_read>(SSL *ssl, void *buf, int num); 55659191Skris 55759191Skris=item int B<SSL_renegotiate>(SSL *ssl); 55859191Skris 55959191Skris=item char *B<SSL_rstate_string>(SSL *ssl); 56059191Skris 56159191Skris=item char *B<SSL_rstate_string_long>(SSL *ssl); 56259191Skris 56359191Skris=item long B<SSL_session_reused>(SSL *ssl); 56459191Skris 56559191Skris=item void B<SSL_set_accept_state>(SSL *ssl); 56659191Skris 56759191Skris=item void B<SSL_set_app_data>(SSL *ssl, char *arg); 56859191Skris 56959191Skris=item void B<SSL_set_bio>(SSL *ssl, BIO *rbio, BIO *wbio); 57059191Skris 57159191Skris=item int B<SSL_set_cipher_list>(SSL *ssl, char *str); 57259191Skris 57359191Skris=item void B<SSL_set_client_CA_list>(SSL *ssl, STACK *list); 57459191Skris 57559191Skris=item void B<SSL_set_connect_state>(SSL *ssl); 57659191Skris 57759191Skris=item int B<SSL_set_ex_data>(SSL *ssl, int idx, char *arg); 57859191Skris 57959191Skris=item int B<SSL_set_fd>(SSL *ssl, int fd); 58059191Skris 58159191Skris=item void B<SSL_set_info_callback>(SSL *ssl, void (*cb);(void)) 58259191Skris 583109998Smarkm=item void B<SSL_set_msg_callback>(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); 584109998Smarkm 585109998Smarkm=item void B<SSL_set_msg_callback_arg>(SSL *ctx, void *arg); 586109998Smarkm 58759191Skris=item void B<SSL_set_options>(SSL *ssl, unsigned long op); 58859191Skris 58959191Skris=item void B<SSL_set_quiet_shutdown>(SSL *ssl, int mode); 59059191Skris 59159191Skris=item void B<SSL_set_read_ahead>(SSL *ssl, int yes); 59259191Skris 59359191Skris=item int B<SSL_set_rfd>(SSL *ssl, int fd); 59459191Skris 59559191Skris=item int B<SSL_set_session>(SSL *ssl, SSL_SESSION *session); 59659191Skris 59759191Skris=item void B<SSL_set_shutdown>(SSL *ssl, int mode); 59859191Skris 59959191Skris=item int B<SSL_set_ssl_method>(SSL *ssl, SSL_METHOD *meth); 60059191Skris 60159191Skris=item void B<SSL_set_time>(SSL *ssl, long t); 60259191Skris 60359191Skris=item void B<SSL_set_timeout>(SSL *ssl, long t); 60459191Skris 60559191Skris=item void B<SSL_set_verify>(SSL *ssl, int mode, int (*callback);(void)) 60659191Skris 60759191Skris=item void B<SSL_set_verify_result>(SSL *ssl, long arg); 60859191Skris 60959191Skris=item int B<SSL_set_wfd>(SSL *ssl, int fd); 61059191Skris 61159191Skris=item int B<SSL_shutdown>(SSL *ssl); 61259191Skris 613160814Ssimon=item int B<SSL_state>(const SSL *ssl); 61459191Skris 615160814Ssimon=item char *B<SSL_state_string>(const SSL *ssl); 61659191Skris 617160814Ssimon=item char *B<SSL_state_string_long>(const SSL *ssl); 61859191Skris 61959191Skris=item long B<SSL_total_renegotiations>(SSL *ssl); 62059191Skris 62159191Skris=item int B<SSL_use_PrivateKey>(SSL *ssl, EVP_PKEY *pkey); 62259191Skris 62359191Skris=item int B<SSL_use_PrivateKey_ASN1>(int type, SSL *ssl, unsigned char *d, long len); 62459191Skris 62559191Skris=item int B<SSL_use_PrivateKey_file>(SSL *ssl, char *file, int type); 62659191Skris 62759191Skris=item int B<SSL_use_RSAPrivateKey>(SSL *ssl, RSA *rsa); 62859191Skris 62959191Skris=item int B<SSL_use_RSAPrivateKey_ASN1>(SSL *ssl, unsigned char *d, long len); 63059191Skris 63159191Skris=item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, char *file, int type); 63259191Skris 63359191Skris=item int B<SSL_use_certificate>(SSL *ssl, X509 *x); 63459191Skris 63559191Skris=item int B<SSL_use_certificate_ASN1>(SSL *ssl, int len, unsigned char *d); 63659191Skris 63759191Skris=item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type); 63859191Skris 639160814Ssimon=item int B<SSL_version>(const SSL *ssl); 64059191Skris 641160814Ssimon=item int B<SSL_want>(const SSL *ssl); 64259191Skris 643160814Ssimon=item int B<SSL_want_nothing>(const SSL *ssl); 64459191Skris 645160814Ssimon=item int B<SSL_want_read>(const SSL *ssl); 64659191Skris 647160814Ssimon=item int B<SSL_want_write>(const SSL *ssl); 64859191Skris 649160814Ssimon=item int B<SSL_want_x509_lookup>(const SSL *ssl); 65059191Skris 65176866Skris=item int B<SSL_write>(SSL *ssl, const void *buf, int num); 65259191Skris 65359191Skris=back 65459191Skris 65559191Skris=head1 SEE ALSO 65659191Skris 65759191SkrisL<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>, 65868651SkrisL<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>, 65972613SkrisL<SSL_connect(3)|SSL_connect(3)>, 66072613SkrisL<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>, 66189837SkrisL<SSL_COMP_add_compression_method(3)|SSL_COMP_add_compression_method(3)>, 66272613SkrisL<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>, 66372613SkrisL<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>, 66489837SkrisL<SSL_CTX_ctrl(3)|SSL_CTX_ctrl(3)>, 66572613SkrisL<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>, 66672613SkrisL<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>, 66772613SkrisL<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>, 66872613SkrisL<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 66972613SkrisL<SSL_CTX_new(3)|SSL_CTX_new(3)>, 67076866SkrisL<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>, 67172613SkrisL<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>, 67272613SkrisL<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>, 67372613SkrisL<SSL_CTX_sessions(3)|SSL_CTX_sessions(3)>, 67489837SkrisL<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>, 67589837SkrisL<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>, 67689837SkrisL<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>, 67772613SkrisL<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>, 678100928SnectarL<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>, 67972613SkrisL<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>, 680109998SmarkmL<SSL_CTX_set_generate_session_id(3)|SSL_CTX_set_generate_session_id(3)>, 68189837SkrisL<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>, 682109998SmarkmL<SSL_CTX_set_max_cert_list(3)|SSL_CTX_set_max_cert_list(3)>, 68376866SkrisL<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, 684109998SmarkmL<SSL_CTX_set_msg_callback(3)|SSL_CTX_set_msg_callback(3)>, 68572613SkrisL<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, 68689837SkrisL<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>, 68772613SkrisL<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, 68872613SkrisL<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>, 68968651SkrisL<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>, 69072613SkrisL<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, 69189837SkrisL<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>, 69289837SkrisL<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>, 69372613SkrisL<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, 69472613SkrisL<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, 69589837SkrisL<SSL_alert_type_string(3)|SSL_alert_type_string(3)>, 696100936SnectarL<SSL_do_handshake(3)|SSL_do_handshake(3)>, 69789837SkrisL<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>, 69868651SkrisL<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, 69972613SkrisL<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, 70089837SkrisL<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>, 70172613SkrisL<SSL_get_error(3)|SSL_get_error(3)>, 70272613SkrisL<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>, 70372613SkrisL<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>, 70472613SkrisL<SSL_get_fd(3)|SSL_get_fd(3)>, 70568651SkrisL<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>, 70668651SkrisL<SSL_get_rbio(3)|SSL_get_rbio(3)>, 70768651SkrisL<SSL_get_session(3)|SSL_get_session(3)>, 70868651SkrisL<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, 70976866SkrisL<SSL_get_version(3)|SSL_get_version(3)>, 71072613SkrisL<SSL_library_init(3)|SSL_library_init(3)>, 71172613SkrisL<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>, 71272613SkrisL<SSL_new(3)|SSL_new(3)>, 71389837SkrisL<SSL_pending(3)|SSL_pending(3)>, 71489837SkrisL<SSL_read(3)|SSL_read(3)>, 71589837SkrisL<SSL_rstate_string(3)|SSL_rstate_string(3)>, 71689837SkrisL<SSL_session_reused(3)|SSL_session_reused(3)>, 71789837SkrisL<SSL_set_bio(3)|SSL_set_bio(3)>, 71876866SkrisL<SSL_set_connect_state(3)|SSL_set_connect_state(3)>, 71989837SkrisL<SSL_set_fd(3)|SSL_set_fd(3)>, 72068651SkrisL<SSL_set_session(3)|SSL_set_session(3)>, 72176866SkrisL<SSL_set_shutdown(3)|SSL_set_shutdown(3)>, 72289837SkrisL<SSL_shutdown(3)|SSL_shutdown(3)>, 72389837SkrisL<SSL_state_string(3)|SSL_state_string(3)>, 72489837SkrisL<SSL_want(3)|SSL_want(3)>, 72589837SkrisL<SSL_write(3)|SSL_write(3)>, 72672613SkrisL<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, 72772613SkrisL<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>, 72872613SkrisL<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>, 72972613SkrisL<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)> 73059191Skris 73159191Skris=head1 HISTORY 73259191Skris 73359191SkrisThe L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2 73459191Skris 73559191Skris=cut 73659191Skris 737