ssl.pod revision 160815
1 2=pod 3 4=head1 NAME 5 6SSL - OpenSSL SSL/TLS library 7 8=head1 SYNOPSIS 9 10=head1 DESCRIPTION 11 12The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and 13Transport Layer Security (TLS v1) protocols. It provides a rich API which is 14documented here. 15 16At first the library must be initialized; see 17L<SSL_library_init(3)|SSL_library_init(3)>. 18 19Then an B<SSL_CTX> object is created as a framework to establish 20TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>). 21Various options regarding certificates, algorithms etc. can be set 22in this object. 23 24When a network connection has been created, it can be assigned to an 25B<SSL> object. After the B<SSL> object has been created using 26L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or 27L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network 28connection with the object. 29 30Then the TLS/SSL handshake is performed using 31L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)> 32respectively. 33L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used 34to read and write data on the TLS/SSL connection. 35L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the 36TLS/SSL connection. 37 38=head1 DATA STRUCTURES 39 40Currently the OpenSSL B<ssl> library functions deals with the following data 41structures: 42 43=over 4 44 45=item B<SSL_METHOD> (SSL Method) 46 47That's a dispatch structure describing the internal B<ssl> library 48methods/functions which implement the various protocol versions (SSLv1, SSLv2 49and TLSv1). It's needed to create an B<SSL_CTX>. 50 51=item B<SSL_CIPHER> (SSL Cipher) 52 53This structure holds the algorithm information for a particular cipher which 54are a core part of the SSL/TLS protocol. The available ciphers are configured 55on a B<SSL_CTX> basis and the actually used ones are then part of the 56B<SSL_SESSION>. 57 58=item B<SSL_CTX> (SSL Context) 59 60That's the global context structure which is created by a server or client 61once per program life-time and which holds mainly default values for the 62B<SSL> structures which are later created for the connections. 63 64=item B<SSL_SESSION> (SSL Session) 65 66This is a structure containing the current TLS/SSL session details for a 67connection: B<SSL_CIPHER>s, client and server certificates, keys, etc. 68 69=item B<SSL> (SSL Connection) 70 71That's the main SSL/TLS structure which is created by a server or client per 72established connection. This actually is the core structure in the SSL API. 73Under run-time the application usually deals with this structure which has 74links to mostly all other structures. 75 76=back 77 78 79=head1 HEADER FILES 80 81Currently the OpenSSL B<ssl> library provides the following C header files 82containing the prototypes for the data structures and and functions: 83 84=over 4 85 86=item B<ssl.h> 87 88That's the common header file for the SSL/TLS API. Include it into your 89program to make the API of the B<ssl> library available. It internally 90includes both more private SSL headers and headers from the B<crypto> library. 91Whenever you need hard-core details on the internals of the SSL API, look 92inside this header file. 93 94=item B<ssl2.h> 95 96That's the sub header file dealing with the SSLv2 protocol only. 97I<Usually you don't have to include it explicitly because 98it's already included by ssl.h>. 99 100=item B<ssl3.h> 101 102That's the sub header file dealing with the SSLv3 protocol only. 103I<Usually you don't have to include it explicitly because 104it's already included by ssl.h>. 105 106=item B<ssl23.h> 107 108That's the sub header file dealing with the combined use of the SSLv2 and 109SSLv3 protocols. 110I<Usually you don't have to include it explicitly because 111it's already included by ssl.h>. 112 113=item B<tls1.h> 114 115That's the sub header file dealing with the TLSv1 protocol only. 116I<Usually you don't have to include it explicitly because 117it's already included by ssl.h>. 118 119=back 120 121=head1 API FUNCTIONS 122 123Currently the OpenSSL B<ssl> library exports 214 API functions. 124They are documented in the following: 125 126=head2 DEALING WITH PROTOCOL METHODS 127 128Here we document the various API functions which deal with the SSL/TLS 129protocol methods defined in B<SSL_METHOD> structures. 130 131=over 4 132 133=item SSL_METHOD *B<SSLv2_client_method>(void); 134 135Constructor for the SSLv2 SSL_METHOD structure for a dedicated client. 136 137=item SSL_METHOD *B<SSLv2_server_method>(void); 138 139Constructor for the SSLv2 SSL_METHOD structure for a dedicated server. 140 141=item SSL_METHOD *B<SSLv2_method>(void); 142 143Constructor for the SSLv2 SSL_METHOD structure for combined client and server. 144 145=item SSL_METHOD *B<SSLv3_client_method>(void); 146 147Constructor for the SSLv3 SSL_METHOD structure for a dedicated client. 148 149=item SSL_METHOD *B<SSLv3_server_method>(void); 150 151Constructor for the SSLv3 SSL_METHOD structure for a dedicated server. 152 153=item SSL_METHOD *B<SSLv3_method>(void); 154 155Constructor for the SSLv3 SSL_METHOD structure for combined client and server. 156 157=item SSL_METHOD *B<TLSv1_client_method>(void); 158 159Constructor for the TLSv1 SSL_METHOD structure for a dedicated client. 160 161=item SSL_METHOD *B<TLSv1_server_method>(void); 162 163Constructor for the TLSv1 SSL_METHOD structure for a dedicated server. 164 165=item SSL_METHOD *B<TLSv1_method>(void); 166 167Constructor for the TLSv1 SSL_METHOD structure for combined client and server. 168 169=back 170 171=head2 DEALING WITH CIPHERS 172 173Here we document the various API functions which deal with the SSL/TLS 174ciphers defined in B<SSL_CIPHER> structures. 175 176=over 4 177 178=item char *B<SSL_CIPHER_description>(SSL_CIPHER *cipher, char *buf, int len); 179 180Write a string to I<buf> (with a maximum size of I<len>) containing a human 181readable description of I<cipher>. Returns I<buf>. 182 183=item int B<SSL_CIPHER_get_bits>(SSL_CIPHER *cipher, int *alg_bits); 184 185Determine the number of bits in I<cipher>. Because of export crippled ciphers 186there are two bits: The bits the algorithm supports in general (stored to 187I<alg_bits>) and the bits which are actually used (the return value). 188 189=item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher); 190 191Return the internal name of I<cipher> as a string. These are the various 192strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx> 193definitions in the header files. 194 195=item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher); 196 197Returns a string like "C<TLSv1/SSLv3>" or "C<SSLv2>" which indicates the 198SSL/TLS protocol version to which I<cipher> belongs (i.e. where it was defined 199in the specification the first time). 200 201=back 202 203=head2 DEALING WITH PROTOCOL CONTEXTS 204 205Here we document the various API functions which deal with the SSL/TLS 206protocol context defined in the B<SSL_CTX> structure. 207 208=over 4 209 210=item int B<SSL_CTX_add_client_CA>(SSL_CTX *ctx, X509 *x); 211 212=item long B<SSL_CTX_add_extra_chain_cert>(SSL_CTX *ctx, X509 *x509); 213 214=item int B<SSL_CTX_add_session>(SSL_CTX *ctx, SSL_SESSION *c); 215 216=item int B<SSL_CTX_check_private_key>(const SSL_CTX *ctx); 217 218=item long B<SSL_CTX_ctrl>(SSL_CTX *ctx, int cmd, long larg, char *parg); 219 220=item void B<SSL_CTX_flush_sessions>(SSL_CTX *s, long t); 221 222=item void B<SSL_CTX_free>(SSL_CTX *a); 223 224=item char *B<SSL_CTX_get_app_data>(SSL_CTX *ctx); 225 226=item X509_STORE *B<SSL_CTX_get_cert_store>(SSL_CTX *ctx); 227 228=item STACK *B<SSL_CTX_get_client_CA_list>(const SSL_CTX *ctx); 229 230=item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey); 231 232=item char *B<SSL_CTX_get_ex_data>(const SSL_CTX *s, int idx); 233 234=item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) 235 236=item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret); 237 238=item int B<SSL_CTX_get_quiet_shutdown>(const SSL_CTX *ctx); 239 240=item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx); 241 242=item long B<SSL_CTX_get_timeout>(const SSL_CTX *ctx); 243 244=item int (*B<SSL_CTX_get_verify_callback>(const SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx); 245 246=item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx); 247 248=item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, char *CAfile, char *CApath); 249 250=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx); 251 252=item SSL_CTX *B<SSL_CTX_new>(SSL_METHOD *meth); 253 254=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c); 255 256=item int B<SSL_CTX_sess_accept>(SSL_CTX *ctx); 257 258=item int B<SSL_CTX_sess_accept_good>(SSL_CTX *ctx); 259 260=item int B<SSL_CTX_sess_accept_renegotiate>(SSL_CTX *ctx); 261 262=item int B<SSL_CTX_sess_cache_full>(SSL_CTX *ctx); 263 264=item int B<SSL_CTX_sess_cb_hits>(SSL_CTX *ctx); 265 266=item int B<SSL_CTX_sess_connect>(SSL_CTX *ctx); 267 268=item int B<SSL_CTX_sess_connect_good>(SSL_CTX *ctx); 269 270=item int B<SSL_CTX_sess_connect_renegotiate>(SSL_CTX *ctx); 271 272=item int B<SSL_CTX_sess_get_cache_size>(SSL_CTX *ctx); 273 274=item SSL_SESSION *(*B<SSL_CTX_sess_get_get_cb>(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy); 275 276=item int (*B<SSL_CTX_sess_get_new_cb>(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess); 277 278=item void (*B<SSL_CTX_sess_get_remove_cb>(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess); 279 280=item int B<SSL_CTX_sess_hits>(SSL_CTX *ctx); 281 282=item int B<SSL_CTX_sess_misses>(SSL_CTX *ctx); 283 284=item int B<SSL_CTX_sess_number>(SSL_CTX *ctx); 285 286=item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx,t); 287 288=item void B<SSL_CTX_sess_set_get_cb>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy)); 289 290=item void B<SSL_CTX_sess_set_new_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess)); 291 292=item void B<SSL_CTX_sess_set_remove_cb>(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess)); 293 294=item int B<SSL_CTX_sess_timeouts>(SSL_CTX *ctx); 295 296=item LHASH *B<SSL_CTX_sessions>(SSL_CTX *ctx); 297 298=item void B<SSL_CTX_set_app_data>(SSL_CTX *ctx, void *arg); 299 300=item void B<SSL_CTX_set_cert_store>(SSL_CTX *ctx, X509_STORE *cs); 301 302=item void B<SSL_CTX_set_cert_verify_cb>(SSL_CTX *ctx, int (*cb)(), char *arg) 303 304=item int B<SSL_CTX_set_cipher_list>(SSL_CTX *ctx, char *str); 305 306=item void B<SSL_CTX_set_client_CA_list>(SSL_CTX *ctx, STACK *list); 307 308=item void B<SSL_CTX_set_client_cert_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); 309 310=item void B<SSL_CTX_set_default_passwd_cb>(SSL_CTX *ctx, int (*cb);(void)) 311 312=item void B<SSL_CTX_set_default_read_ahead>(SSL_CTX *ctx, int m); 313 314=item int B<SSL_CTX_set_default_verify_paths>(SSL_CTX *ctx); 315 316=item int B<SSL_CTX_set_ex_data>(SSL_CTX *s, int idx, char *arg); 317 318=item void B<SSL_CTX_set_info_callback>(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret)); 319 320=item void B<SSL_CTX_set_msg_callback>(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); 321 322=item void B<SSL_CTX_set_msg_callback_arg>(SSL_CTX *ctx, void *arg); 323 324=item void B<SSL_CTX_set_options>(SSL_CTX *ctx, unsigned long op); 325 326=item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode); 327 328=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode); 329 330=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, SSL_METHOD *meth); 331 332=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t); 333 334=item long B<SSL_CTX_set_tmp_dh>(SSL_CTX* ctx, DH *dh); 335 336=item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void)); 337 338=item long B<SSL_CTX_set_tmp_rsa>(SSL_CTX *ctx, RSA *rsa); 339 340=item SSL_CTX_set_tmp_rsa_callback 341 342C<long B<SSL_CTX_set_tmp_rsa_callback>(SSL_CTX *B<ctx>, RSA *(*B<cb>)(SSL *B<ssl>, int B<export>, int B<keylength>));> 343 344Sets the callback which will be called when a temporary private key is 345required. The B<C<export>> flag will be set if the reason for needing 346a temp key is that an export ciphersuite is in use, in which case, 347B<C<keylength>> will contain the required keylength in bits. Generate a key of 348appropriate size (using ???) and return it. 349 350=item SSL_set_tmp_rsa_callback 351 352long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength)); 353 354The same as B<SSL_CTX_set_tmp_rsa_callback>, except it operates on an SSL 355session instead of a context. 356 357=item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void)) 358 359=item int B<SSL_CTX_use_PrivateKey>(SSL_CTX *ctx, EVP_PKEY *pkey); 360 361=item int B<SSL_CTX_use_PrivateKey_ASN1>(int type, SSL_CTX *ctx, unsigned char *d, long len); 362 363=item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, char *file, int type); 364 365=item int B<SSL_CTX_use_RSAPrivateKey>(SSL_CTX *ctx, RSA *rsa); 366 367=item int B<SSL_CTX_use_RSAPrivateKey_ASN1>(SSL_CTX *ctx, unsigned char *d, long len); 368 369=item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, char *file, int type); 370 371=item int B<SSL_CTX_use_certificate>(SSL_CTX *ctx, X509 *x); 372 373=item int B<SSL_CTX_use_certificate_ASN1>(SSL_CTX *ctx, int len, unsigned char *d); 374 375=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type); 376 377=back 378 379=head2 DEALING WITH SESSIONS 380 381Here we document the various API functions which deal with the SSL/TLS 382sessions defined in the B<SSL_SESSION> structures. 383 384=over 4 385 386=item int B<SSL_SESSION_cmp>(const SSL_SESSION *a, const SSL_SESSION *b); 387 388=item void B<SSL_SESSION_free>(SSL_SESSION *ss); 389 390=item char *B<SSL_SESSION_get_app_data>(SSL_SESSION *s); 391 392=item char *B<SSL_SESSION_get_ex_data>(const SSL_SESSION *s, int idx); 393 394=item int B<SSL_SESSION_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) 395 396=item long B<SSL_SESSION_get_time>(const SSL_SESSION *s); 397 398=item long B<SSL_SESSION_get_timeout>(const SSL_SESSION *s); 399 400=item unsigned long B<SSL_SESSION_hash>(const SSL_SESSION *a); 401 402=item SSL_SESSION *B<SSL_SESSION_new>(void); 403 404=item int B<SSL_SESSION_print>(BIO *bp, const SSL_SESSION *x); 405 406=item int B<SSL_SESSION_print_fp>(FILE *fp, const SSL_SESSION *x); 407 408=item void B<SSL_SESSION_set_app_data>(SSL_SESSION *s, char *a); 409 410=item int B<SSL_SESSION_set_ex_data>(SSL_SESSION *s, int idx, char *arg); 411 412=item long B<SSL_SESSION_set_time>(SSL_SESSION *s, long t); 413 414=item long B<SSL_SESSION_set_timeout>(SSL_SESSION *s, long t); 415 416=back 417 418=head2 DEALING WITH CONNECTIONS 419 420Here we document the various API functions which deal with the SSL/TLS 421connection defined in the B<SSL> structure. 422 423=over 4 424 425=item int B<SSL_accept>(SSL *ssl); 426 427=item int B<SSL_add_dir_cert_subjects_to_stack>(STACK *stack, const char *dir); 428 429=item int B<SSL_add_file_cert_subjects_to_stack>(STACK *stack, const char *file); 430 431=item int B<SSL_add_client_CA>(SSL *ssl, X509 *x); 432 433=item char *B<SSL_alert_desc_string>(int value); 434 435=item char *B<SSL_alert_desc_string_long>(int value); 436 437=item char *B<SSL_alert_type_string>(int value); 438 439=item char *B<SSL_alert_type_string_long>(int value); 440 441=item int B<SSL_check_private_key>(const SSL *ssl); 442 443=item void B<SSL_clear>(SSL *ssl); 444 445=item long B<SSL_clear_num_renegotiations>(SSL *ssl); 446 447=item int B<SSL_connect>(SSL *ssl); 448 449=item void B<SSL_copy_session_id>(SSL *t, const SSL *f); 450 451=item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg); 452 453=item int B<SSL_do_handshake>(SSL *ssl); 454 455=item SSL *B<SSL_dup>(SSL *ssl); 456 457=item STACK *B<SSL_dup_CA_list>(STACK *sk); 458 459=item void B<SSL_free>(SSL *ssl); 460 461=item SSL_CTX *B<SSL_get_SSL_CTX>(const SSL *ssl); 462 463=item char *B<SSL_get_app_data>(SSL *ssl); 464 465=item X509 *B<SSL_get_certificate>(const SSL *ssl); 466 467=item const char *B<SSL_get_cipher>(const SSL *ssl); 468 469=item int B<SSL_get_cipher_bits>(const SSL *ssl, int *alg_bits); 470 471=item char *B<SSL_get_cipher_list>(const SSL *ssl, int n); 472 473=item char *B<SSL_get_cipher_name>(const SSL *ssl); 474 475=item char *B<SSL_get_cipher_version>(const SSL *ssl); 476 477=item STACK *B<SSL_get_ciphers>(const SSL *ssl); 478 479=item STACK *B<SSL_get_client_CA_list>(const SSL *ssl); 480 481=item SSL_CIPHER *B<SSL_get_current_cipher>(SSL *ssl); 482 483=item long B<SSL_get_default_timeout>(const SSL *ssl); 484 485=item int B<SSL_get_error>(const SSL *ssl, int i); 486 487=item char *B<SSL_get_ex_data>(const SSL *ssl, int idx); 488 489=item int B<SSL_get_ex_data_X509_STORE_CTX_idx>(void); 490 491=item int B<SSL_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) 492 493=item int B<SSL_get_fd>(const SSL *ssl); 494 495=item void (*B<SSL_get_info_callback>(const SSL *ssl);)() 496 497=item STACK *B<SSL_get_peer_cert_chain>(const SSL *ssl); 498 499=item X509 *B<SSL_get_peer_certificate>(const SSL *ssl); 500 501=item EVP_PKEY *B<SSL_get_privatekey>(SSL *ssl); 502 503=item int B<SSL_get_quiet_shutdown>(const SSL *ssl); 504 505=item BIO *B<SSL_get_rbio>(const SSL *ssl); 506 507=item int B<SSL_get_read_ahead>(const SSL *ssl); 508 509=item SSL_SESSION *B<SSL_get_session>(const SSL *ssl); 510 511=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len); 512 513=item int B<SSL_get_shutdown>(const SSL *ssl); 514 515=item SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl); 516 517=item int B<SSL_get_state>(const SSL *ssl); 518 519=item long B<SSL_get_time>(const SSL *ssl); 520 521=item long B<SSL_get_timeout>(const SSL *ssl); 522 523=item int (*B<SSL_get_verify_callback>(const SSL *ssl))(int,X509_STORE_CTX *) 524 525=item int B<SSL_get_verify_mode>(const SSL *ssl); 526 527=item long B<SSL_get_verify_result>(const SSL *ssl); 528 529=item char *B<SSL_get_version>(const SSL *ssl); 530 531=item BIO *B<SSL_get_wbio>(const SSL *ssl); 532 533=item int B<SSL_in_accept_init>(SSL *ssl); 534 535=item int B<SSL_in_before>(SSL *ssl); 536 537=item int B<SSL_in_connect_init>(SSL *ssl); 538 539=item int B<SSL_in_init>(SSL *ssl); 540 541=item int B<SSL_is_init_finished>(SSL *ssl); 542 543=item STACK *B<SSL_load_client_CA_file>(char *file); 544 545=item void B<SSL_load_error_strings>(void); 546 547=item SSL *B<SSL_new>(SSL_CTX *ctx); 548 549=item long B<SSL_num_renegotiations>(SSL *ssl); 550 551=item int B<SSL_peek>(SSL *ssl, void *buf, int num); 552 553=item int B<SSL_pending>(const SSL *ssl); 554 555=item int B<SSL_read>(SSL *ssl, void *buf, int num); 556 557=item int B<SSL_renegotiate>(SSL *ssl); 558 559=item char *B<SSL_rstate_string>(SSL *ssl); 560 561=item char *B<SSL_rstate_string_long>(SSL *ssl); 562 563=item long B<SSL_session_reused>(SSL *ssl); 564 565=item void B<SSL_set_accept_state>(SSL *ssl); 566 567=item void B<SSL_set_app_data>(SSL *ssl, char *arg); 568 569=item void B<SSL_set_bio>(SSL *ssl, BIO *rbio, BIO *wbio); 570 571=item int B<SSL_set_cipher_list>(SSL *ssl, char *str); 572 573=item void B<SSL_set_client_CA_list>(SSL *ssl, STACK *list); 574 575=item void B<SSL_set_connect_state>(SSL *ssl); 576 577=item int B<SSL_set_ex_data>(SSL *ssl, int idx, char *arg); 578 579=item int B<SSL_set_fd>(SSL *ssl, int fd); 580 581=item void B<SSL_set_info_callback>(SSL *ssl, void (*cb);(void)) 582 583=item void B<SSL_set_msg_callback>(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); 584 585=item void B<SSL_set_msg_callback_arg>(SSL *ctx, void *arg); 586 587=item void B<SSL_set_options>(SSL *ssl, unsigned long op); 588 589=item void B<SSL_set_quiet_shutdown>(SSL *ssl, int mode); 590 591=item void B<SSL_set_read_ahead>(SSL *ssl, int yes); 592 593=item int B<SSL_set_rfd>(SSL *ssl, int fd); 594 595=item int B<SSL_set_session>(SSL *ssl, SSL_SESSION *session); 596 597=item void B<SSL_set_shutdown>(SSL *ssl, int mode); 598 599=item int B<SSL_set_ssl_method>(SSL *ssl, SSL_METHOD *meth); 600 601=item void B<SSL_set_time>(SSL *ssl, long t); 602 603=item void B<SSL_set_timeout>(SSL *ssl, long t); 604 605=item void B<SSL_set_verify>(SSL *ssl, int mode, int (*callback);(void)) 606 607=item void B<SSL_set_verify_result>(SSL *ssl, long arg); 608 609=item int B<SSL_set_wfd>(SSL *ssl, int fd); 610 611=item int B<SSL_shutdown>(SSL *ssl); 612 613=item int B<SSL_state>(const SSL *ssl); 614 615=item char *B<SSL_state_string>(const SSL *ssl); 616 617=item char *B<SSL_state_string_long>(const SSL *ssl); 618 619=item long B<SSL_total_renegotiations>(SSL *ssl); 620 621=item int B<SSL_use_PrivateKey>(SSL *ssl, EVP_PKEY *pkey); 622 623=item int B<SSL_use_PrivateKey_ASN1>(int type, SSL *ssl, unsigned char *d, long len); 624 625=item int B<SSL_use_PrivateKey_file>(SSL *ssl, char *file, int type); 626 627=item int B<SSL_use_RSAPrivateKey>(SSL *ssl, RSA *rsa); 628 629=item int B<SSL_use_RSAPrivateKey_ASN1>(SSL *ssl, unsigned char *d, long len); 630 631=item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, char *file, int type); 632 633=item int B<SSL_use_certificate>(SSL *ssl, X509 *x); 634 635=item int B<SSL_use_certificate_ASN1>(SSL *ssl, int len, unsigned char *d); 636 637=item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type); 638 639=item int B<SSL_version>(const SSL *ssl); 640 641=item int B<SSL_want>(const SSL *ssl); 642 643=item int B<SSL_want_nothing>(const SSL *ssl); 644 645=item int B<SSL_want_read>(const SSL *ssl); 646 647=item int B<SSL_want_write>(const SSL *ssl); 648 649=item int B<SSL_want_x509_lookup>(const SSL *ssl); 650 651=item int B<SSL_write>(SSL *ssl, const void *buf, int num); 652 653=back 654 655=head1 SEE ALSO 656 657L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>, 658L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>, 659L<SSL_connect(3)|SSL_connect(3)>, 660L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>, 661L<SSL_COMP_add_compression_method(3)|SSL_COMP_add_compression_method(3)>, 662L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>, 663L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>, 664L<SSL_CTX_ctrl(3)|SSL_CTX_ctrl(3)>, 665L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>, 666L<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>, 667L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>, 668L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 669L<SSL_CTX_new(3)|SSL_CTX_new(3)>, 670L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>, 671L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>, 672L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>, 673L<SSL_CTX_sessions(3)|SSL_CTX_sessions(3)>, 674L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>, 675L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>, 676L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>, 677L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>, 678L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>, 679L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>, 680L<SSL_CTX_set_generate_session_id(3)|SSL_CTX_set_generate_session_id(3)>, 681L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>, 682L<SSL_CTX_set_max_cert_list(3)|SSL_CTX_set_max_cert_list(3)>, 683L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, 684L<SSL_CTX_set_msg_callback(3)|SSL_CTX_set_msg_callback(3)>, 685L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, 686L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>, 687L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, 688L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>, 689L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>, 690L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, 691L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>, 692L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>, 693L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, 694L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, 695L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>, 696L<SSL_do_handshake(3)|SSL_do_handshake(3)>, 697L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>, 698L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, 699L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, 700L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>, 701L<SSL_get_error(3)|SSL_get_error(3)>, 702L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>, 703L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>, 704L<SSL_get_fd(3)|SSL_get_fd(3)>, 705L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>, 706L<SSL_get_rbio(3)|SSL_get_rbio(3)>, 707L<SSL_get_session(3)|SSL_get_session(3)>, 708L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, 709L<SSL_get_version(3)|SSL_get_version(3)>, 710L<SSL_library_init(3)|SSL_library_init(3)>, 711L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>, 712L<SSL_new(3)|SSL_new(3)>, 713L<SSL_pending(3)|SSL_pending(3)>, 714L<SSL_read(3)|SSL_read(3)>, 715L<SSL_rstate_string(3)|SSL_rstate_string(3)>, 716L<SSL_session_reused(3)|SSL_session_reused(3)>, 717L<SSL_set_bio(3)|SSL_set_bio(3)>, 718L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>, 719L<SSL_set_fd(3)|SSL_set_fd(3)>, 720L<SSL_set_session(3)|SSL_set_session(3)>, 721L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>, 722L<SSL_shutdown(3)|SSL_shutdown(3)>, 723L<SSL_state_string(3)|SSL_state_string(3)>, 724L<SSL_want(3)|SSL_want(3)>, 725L<SSL_write(3)|SSL_write(3)>, 726L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, 727L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>, 728L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>, 729L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)> 730 731=head1 HISTORY 732 733The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2 734 735=cut 736 737