1ssl(3) OpenSSL ssl(3)
2
3
4
6 SSL - OpenSSL SSL/TLS library
7
10 The OpenSSL ssl library implements the Secure Sockets Layer (SSL v2/v3)
11 and Transport Layer Security (TLS v1) protocols. It provides a rich API
12 which is documented here.
13
14 At first the library must be initialized; see SSL_library_init(3).
15
16 Then an SSL_CTX object is created as a framework to establish TLS/SSL
17 enabled connections (see SSL_CTX_new(3)). Various options regarding
18 certificates, algorithms etc. can be set in this object.
19
20 When a network connection has been created, it can be assigned to an
21 SSL object. After the SSL object has been created using SSL_new(3),
22 SSL_set_fd(3) or SSL_set_bio(3) can be used to associate the network
23 connection with the object.
24
25 Then the TLS/SSL handshake is performed using SSL_accept(3) or
26 SSL_connect(3) respectively. SSL_read(3) and SSL_write(3) are used to
27 read and write data on the TLS/SSL connection. SSL_shutdown(3) can be
28 used to shut down the TLS/SSL connection.
29
31 Currently the OpenSSL ssl library functions deals with the following
32 data structures:
33
34 SSL_METHOD (SSL Method)
35 That's a dispatch structure describing the internal ssl library
36 methods/functions which implement the various protocol versions
37 (SSLv1, SSLv2 and TLSv1). It's needed to create an SSL_CTX.
38
39 SSL_CIPHER (SSL Cipher)
40 This structure holds the algorithm information for a particular
41 cipher which are a core part of the SSL/TLS protocol. The available
42 ciphers are configured on a SSL_CTX basis and the actually used
43 ones are then part of the SSL_SESSION.
44
45 SSL_CTX (SSL Context)
46 That's the global context structure which is created by a server or
47 client once per program life-time and which holds mainly default
48 values for the SSL structures which are later created for the
49 connections.
50
51 SSL_SESSION (SSL Session)
52 This is a structure containing the current TLS/SSL session details
53 for a connection: SSL_CIPHERs, client and server certificates,
54 keys, etc.
55
56 SSL (SSL Connection)
57 That's the main SSL/TLS structure which is created by a server or
58 client per established connection. This actually is the core
59 structure in the SSL API. Under run-time the application usually
60 deals with this structure which has links to mostly all other
61 structures.
62
64 Currently the OpenSSL ssl library provides the following C header files
65 containing the prototypes for the data structures and and functions:
66
67 ssl.h
68 That's the common header file for the SSL/TLS API. Include it into
69 your program to make the API of the ssl library available. It
70 internally includes both more private SSL headers and headers from
71 the crypto library. Whenever you need hard-core details on the
72 internals of the SSL API, look inside this header file.
73
74 ssl2.h
75 That's the sub header file dealing with the SSLv2 protocol only.
76 Usually you don't have to include it explicitly because it's
77 already included by ssl.h.
78
79 ssl3.h
80 That's the sub header file dealing with the SSLv3 protocol only.
81 Usually you don't have to include it explicitly because it's
82 already included by ssl.h.
83
84 ssl23.h
85 That's the sub header file dealing with the combined use of the
86 SSLv2 and SSLv3 protocols. Usually you don't have to include it
87 explicitly because it's already included by ssl.h.
88
89 tls1.h
90 That's the sub header file dealing with the TLSv1 protocol only.
91 Usually you don't have to include it explicitly because it's
92 already included by ssl.h.
93
95 Currently the OpenSSL ssl library exports 214 API functions. They are
96 documented in the following:
97
98 DEALING WITH PROTOCOL METHODS
99 Here we document the various API functions which deal with the SSL/TLS
100 protocol methods defined in SSL_METHOD structures.
101
102 const SSL_METHOD *SSLv2_client_method(void);
103 Constructor for the SSLv2 SSL_METHOD structure for a dedicated
104 client.
105
106 const SSL_METHOD *SSLv2_server_method(void);
107 Constructor for the SSLv2 SSL_METHOD structure for a dedicated
108 server.
109
110 const SSL_METHOD *SSLv2_method(void);
111 Constructor for the SSLv2 SSL_METHOD structure for combined client
112 and server.
113
114 const SSL_METHOD *SSLv3_client_method(void);
115 Constructor for the SSLv3 SSL_METHOD structure for a dedicated
116 client.
117
118 const SSL_METHOD *SSLv3_server_method(void);
119 Constructor for the SSLv3 SSL_METHOD structure for a dedicated
120 server.
121
122 const SSL_METHOD *SSLv3_method(void);
123 Constructor for the SSLv3 SSL_METHOD structure for combined client
124 and server.
125
126 const SSL_METHOD *TLSv1_client_method(void);
127 Constructor for the TLSv1 SSL_METHOD structure for a dedicated
128 client.
129
130 const SSL_METHOD *TLSv1_server_method(void);
131 Constructor for the TLSv1 SSL_METHOD structure for a dedicated
132 server.
133
134 const SSL_METHOD *TLSv1_method(void);
135 Constructor for the TLSv1 SSL_METHOD structure for combined client
136 and server.
137
138 DEALING WITH CIPHERS
139 Here we document the various API functions which deal with the SSL/TLS
140 ciphers defined in SSL_CIPHER structures.
141
142 char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len);
143 Write a string to buf (with a maximum size of len) containing a
144 human readable description of cipher. Returns buf.
145
146 int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);
147 Determine the number of bits in cipher. Because of export crippled
148 ciphers there are two bits: The bits the algorithm supports in
149 general (stored to alg_bits) and the bits which are actually used
150 (the return value).
151
152 const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);
153 Return the internal name of cipher as a string. These are the
154 various strings defined by the SSL2_TXT_xxx, SSL3_TXT_xxx and
155 TLS1_TXT_xxx definitions in the header files.
156
157 char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);
158 Returns a string like ""TLSv1/SSLv3"" or ""SSLv2"" which indicates
159 the SSL/TLS protocol version to which cipher belongs (i.e. where it
160 was defined in the specification the first time).
161
162 DEALING WITH PROTOCOL CONTEXTS
163 Here we document the various API functions which deal with the SSL/TLS
164 protocol context defined in the SSL_CTX structure.
165
166 int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
167 long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);
168 int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);
169 int SSL_CTX_check_private_key(const SSL_CTX *ctx);
170 long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg);
171 void SSL_CTX_flush_sessions(SSL_CTX *s, long t);
172 void SSL_CTX_free(SSL_CTX *a);
173 char *SSL_CTX_get_app_data(SSL_CTX *ctx);
174 X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);
175 STACK *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
176 int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509,
177 EVP_PKEY **pkey);
178 char *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx);
179 int SSL_CTX_get_ex_new_index(long argl, char *argp, int
180 (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
181 void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(SSL *ssl, int cb, int
182 ret);
183 int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
184 int SSL_CTX_get_session_cache_mode(SSL_CTX *ctx);
185 long SSL_CTX_get_timeout(const SSL_CTX *ctx);
186 int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int ok,
187 X509_STORE_CTX *ctx);
188 int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
189 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, char *CAfile, char
190 *CApath);
191 long SSL_CTX_need_tmp_RSA(SSL_CTX *ctx);
192 SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
193 int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);
194 int SSL_CTX_sess_accept(SSL_CTX *ctx);
195 int SSL_CTX_sess_accept_good(SSL_CTX *ctx);
196 int SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
197 int SSL_CTX_sess_cache_full(SSL_CTX *ctx);
198 int SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
199 int SSL_CTX_sess_connect(SSL_CTX *ctx);
200 int SSL_CTX_sess_connect_good(SSL_CTX *ctx);
201 int SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
202 int SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);
203 SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl,
204 unsigned char *data, int len, int *copy);
205 int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION
206 *sess);
207 void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)(SSL_CTX *ctx,
208 SSL_SESSION *sess);
209 int SSL_CTX_sess_hits(SSL_CTX *ctx);
210 int SSL_CTX_sess_misses(SSL_CTX *ctx);
211 int SSL_CTX_sess_number(SSL_CTX *ctx);
212 void SSL_CTX_sess_set_cache_size(SSL_CTX *ctx,t);
213 void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl,
214 unsigned char *data, int len, int *copy));
215 void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl,
216 SSL_SESSION *sess));
217 void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx,
218 SSL_SESSION *sess));
219 int SSL_CTX_sess_timeouts(SSL_CTX *ctx);
220 LHASH *SSL_CTX_sessions(SSL_CTX *ctx);
221 void SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg);
222 void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *cs);
223 void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(), char *arg)
224 int SSL_CTX_set_cipher_list(SSL_CTX *ctx, char *str);
225 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);
226 void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509
227 **x509, EVP_PKEY **pkey));
228 void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, int (*cb);(void))
229 void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m);
230 int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
231 int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg);
232 void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(SSL *ssl, int
233 cb, int ret));
234 void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int
235 version, int content_type, const void *buf, size_t len, SSL *ssl, void
236 *arg));
237 void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
238 void SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
239 void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
240 void SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode);
241 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
242 void SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
243 long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH *dh);
244 long SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*cb)(void));
245 long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa);
246 SSL_CTX_set_tmp_rsa_callback
247 "long SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL
248 *ssl, int export, int keylength));"
249
250 Sets the callback which will be called when a temporary private key
251 is required. The "export" flag will be set if the reason for
252 needing a temp key is that an export ciphersuite is in use, in
253 which case, "keylength" will contain the required keylength in
254 bits. Generate a key of appropriate size (using ???) and return it.
255
256 SSL_set_tmp_rsa_callback
257 long SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int
258 export, int keylength));
259
260 The same as SSL_CTX_set_tmp_rsa_callback, except it operates on an
261 SSL session instead of a context.
262
263 void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb);(void))
264 int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
265 int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char
266 *d, long len);
267 int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);
268 int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
269 int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long
270 len);
271 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);
272 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
273 int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char
274 *d);
275 int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);
276 void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, unsigned int
277 (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int
278 max_identity_len, unsigned char *psk, unsigned int max_psk_len));
279 int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
280 void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, unsigned int
281 (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int
282 max_psk_len));
283
284 DEALING WITH SESSIONS
285 Here we document the various API functions which deal with the SSL/TLS
286 sessions defined in the SSL_SESSION structures.
287
288 int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b);
289 void SSL_SESSION_free(SSL_SESSION *ss);
290 char *SSL_SESSION_get_app_data(SSL_SESSION *s);
291 char *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx);
292 int SSL_SESSION_get_ex_new_index(long argl, char *argp, int
293 (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
294 long SSL_SESSION_get_time(const SSL_SESSION *s);
295 long SSL_SESSION_get_timeout(const SSL_SESSION *s);
296 unsigned long SSL_SESSION_hash(const SSL_SESSION *a);
297 SSL_SESSION *SSL_SESSION_new(void);
298 int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x);
299 int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x);
300 void SSL_SESSION_set_app_data(SSL_SESSION *s, char *a);
301 int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, char *arg);
302 long SSL_SESSION_set_time(SSL_SESSION *s, long t);
303 long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
304
305 DEALING WITH CONNECTIONS
306 Here we document the various API functions which deal with the SSL/TLS
307 connection defined in the SSL structure.
308
309 int SSL_accept(SSL *ssl);
310 int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir);
311 int SSL_add_file_cert_subjects_to_stack(STACK *stack, const char
312 *file);
313 int SSL_add_client_CA(SSL *ssl, X509 *x);
314 char *SSL_alert_desc_string(int value);
315 char *SSL_alert_desc_string_long(int value);
316 char *SSL_alert_type_string(int value);
317 char *SSL_alert_type_string_long(int value);
318 int SSL_check_private_key(const SSL *ssl);
319 void SSL_clear(SSL *ssl);
320 long SSL_clear_num_renegotiations(SSL *ssl);
321 int SSL_connect(SSL *ssl);
322 void SSL_copy_session_id(SSL *t, const SSL *f);
323 long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg);
324 int SSL_do_handshake(SSL *ssl);
325 SSL *SSL_dup(SSL *ssl);
326 STACK *SSL_dup_CA_list(STACK *sk);
327 void SSL_free(SSL *ssl);
328 SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
329 char *SSL_get_app_data(SSL *ssl);
330 X509 *SSL_get_certificate(const SSL *ssl);
331 const char *SSL_get_cipher(const SSL *ssl);
332 int SSL_get_cipher_bits(const SSL *ssl, int *alg_bits);
333 char *SSL_get_cipher_list(const SSL *ssl, int n);
334 char *SSL_get_cipher_name(const SSL *ssl);
335 char *SSL_get_cipher_version(const SSL *ssl);
336 STACK *SSL_get_ciphers(const SSL *ssl);
337 STACK *SSL_get_client_CA_list(const SSL *ssl);
338 SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
339 long SSL_get_default_timeout(const SSL *ssl);
340 int SSL_get_error(const SSL *ssl, int i);
341 char *SSL_get_ex_data(const SSL *ssl, int idx);
342 int SSL_get_ex_data_X509_STORE_CTX_idx(void);
343 int SSL_get_ex_new_index(long argl, char *argp, int (*new_func);(void),
344 int (*dup_func)(void), void (*free_func)(void))
345 int SSL_get_fd(const SSL *ssl);
346 void (*SSL_get_info_callback(const SSL *ssl);)()
347 STACK *SSL_get_peer_cert_chain(const SSL *ssl);
348 X509 *SSL_get_peer_certificate(const SSL *ssl);
349 EVP_PKEY *SSL_get_privatekey(SSL *ssl);
350 int SSL_get_quiet_shutdown(const SSL *ssl);
351 BIO *SSL_get_rbio(const SSL *ssl);
352 int SSL_get_read_ahead(const SSL *ssl);
353 SSL_SESSION *SSL_get_session(const SSL *ssl);
354 char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len);
355 int SSL_get_shutdown(const SSL *ssl);
356 const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
357 int SSL_get_state(const SSL *ssl);
358 long SSL_get_time(const SSL *ssl);
359 long SSL_get_timeout(const SSL *ssl);
360 int (*SSL_get_verify_callback(const SSL *ssl))(int,X509_STORE_CTX *)
361 int SSL_get_verify_mode(const SSL *ssl);
362 long SSL_get_verify_result(const SSL *ssl);
363 char *SSL_get_version(const SSL *ssl);
364 BIO *SSL_get_wbio(const SSL *ssl);
365 int SSL_in_accept_init(SSL *ssl);
366 int SSL_in_before(SSL *ssl);
367 int SSL_in_connect_init(SSL *ssl);
368 int SSL_in_init(SSL *ssl);
369 int SSL_is_init_finished(SSL *ssl);
370 STACK *SSL_load_client_CA_file(char *file);
371 void SSL_load_error_strings(void);
372 SSL *SSL_new(SSL_CTX *ctx);
373 long SSL_num_renegotiations(SSL *ssl);
374 int SSL_peek(SSL *ssl, void *buf, int num);
375 int SSL_pending(const SSL *ssl);
376 int SSL_read(SSL *ssl, void *buf, int num);
377 int SSL_renegotiate(SSL *ssl);
378 char *SSL_rstate_string(SSL *ssl);
379 char *SSL_rstate_string_long(SSL *ssl);
380 long SSL_session_reused(SSL *ssl);
381 void SSL_set_accept_state(SSL *ssl);
382 void SSL_set_app_data(SSL *ssl, char *arg);
383 void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
384 int SSL_set_cipher_list(SSL *ssl, char *str);
385 void SSL_set_client_CA_list(SSL *ssl, STACK *list);
386 void SSL_set_connect_state(SSL *ssl);
387 int SSL_set_ex_data(SSL *ssl, int idx, char *arg);
388 int SSL_set_fd(SSL *ssl, int fd);
389 void SSL_set_info_callback(SSL *ssl, void (*cb);(void))
390 void SSL_set_msg_callback(SSL *ctx, void (*cb)(int write_p, int
391 version, int content_type, const void *buf, size_t len, SSL *ssl, void
392 *arg));
393 void SSL_set_msg_callback_arg(SSL *ctx, void *arg);
394 void SSL_set_options(SSL *ssl, unsigned long op);
395 void SSL_set_quiet_shutdown(SSL *ssl, int mode);
396 void SSL_set_read_ahead(SSL *ssl, int yes);
397 int SSL_set_rfd(SSL *ssl, int fd);
398 int SSL_set_session(SSL *ssl, SSL_SESSION *session);
399 void SSL_set_shutdown(SSL *ssl, int mode);
400 int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *meth);
401 void SSL_set_time(SSL *ssl, long t);
402 void SSL_set_timeout(SSL *ssl, long t);
403 void SSL_set_verify(SSL *ssl, int mode, int (*callback);(void))
404 void SSL_set_verify_result(SSL *ssl, long arg);
405 int SSL_set_wfd(SSL *ssl, int fd);
406 int SSL_shutdown(SSL *ssl);
407 int SSL_state(const SSL *ssl);
408 char *SSL_state_string(const SSL *ssl);
409 char *SSL_state_string_long(const SSL *ssl);
410 long SSL_total_renegotiations(SSL *ssl);
411 int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
412 int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long
413 len);
414 int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);
415 int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
416 int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
417 int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);
418 int SSL_use_certificate(SSL *ssl, X509 *x);
419 int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);
420 int SSL_use_certificate_file(SSL *ssl, char *file, int type);
421 int SSL_version(const SSL *ssl);
422 int SSL_want(const SSL *ssl);
423 int SSL_want_nothing(const SSL *ssl);
424 int SSL_want_read(const SSL *ssl);
425 int SSL_want_write(const SSL *ssl);
426 int SSL_want_x509_lookup(const SSL *ssl);
427 int SSL_write(SSL *ssl, const void *buf, int num);
428 void SSL_set_psk_client_callback(SSL *ssl, unsigned int (*callback)(SSL
429 *ssl, const char *hint, char *identity, unsigned int max_identity_len,
430 unsigned char *psk, unsigned int max_psk_len));
431 int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
432 void SSL_set_psk_server_callback(SSL *ssl, unsigned int (*callback)(SSL
433 *ssl, const char *identity, unsigned char *psk, int max_psk_len));
434 const char *SSL_get_psk_identity_hint(SSL *ssl);
435 const char *SSL_get_psk_identity(SSL *ssl);
436
438 openssl(1), crypto(3), SSL_accept(3), SSL_clear(3), SSL_connect(3),
439 SSL_CIPHER_get_name(3), SSL_COMP_add_compression_method(3),
440 SSL_CTX_add_extra_chain_cert(3), SSL_CTX_add_session(3),
441 SSL_CTX_ctrl(3), SSL_CTX_flush_sessions(3),
442 SSL_CTX_get_ex_new_index(3), SSL_CTX_get_verify_mode(3),
443 SSL_CTX_load_verify_locations(3) SSL_CTX_new(3),
444 SSL_CTX_sess_number(3), SSL_CTX_sess_set_cache_size(3),
445 SSL_CTX_sess_set_get_cb(3), SSL_CTX_sessions(3),
446 SSL_CTX_set_cert_store(3), SSL_CTX_set_cert_verify_callback(3),
447 SSL_CTX_set_cipher_list(3), SSL_CTX_set_client_CA_list(3),
448 SSL_CTX_set_client_cert_cb(3), SSL_CTX_set_default_passwd_cb(3),
449 SSL_CTX_set_generate_session_id(3), SSL_CTX_set_info_callback(3),
450 SSL_CTX_set_max_cert_list(3), SSL_CTX_set_mode(3),
451 SSL_CTX_set_msg_callback(3), SSL_CTX_set_options(3),
452 SSL_CTX_set_quiet_shutdown(3), SSL_CTX_set_session_cache_mode(3),
453 SSL_CTX_set_session_id_context(3), SSL_CTX_set_ssl_version(3),
454 SSL_CTX_set_timeout(3), SSL_CTX_set_tmp_rsa_callback(3),
455 SSL_CTX_set_tmp_dh_callback(3), SSL_CTX_set_verify(3),
456 SSL_CTX_use_certificate(3), SSL_alert_type_string(3),
457 SSL_do_handshake(3), SSL_get_SSL_CTX(3), SSL_get_ciphers(3),
458 SSL_get_client_CA_list(3), SSL_get_default_timeout(3),
459 SSL_get_error(3), SSL_get_ex_data_X509_STORE_CTX_idx(3),
460 SSL_get_ex_new_index(3), SSL_get_fd(3), SSL_get_peer_cert_chain(3),
461 SSL_get_rbio(3), SSL_get_session(3), SSL_get_verify_result(3),
462 SSL_get_version(3), SSL_library_init(3), SSL_load_client_CA_file(3),
463 SSL_new(3), SSL_pending(3), SSL_read(3), SSL_rstate_string(3),
464 SSL_session_reused(3), SSL_set_bio(3), SSL_set_connect_state(3),
465 SSL_set_fd(3), SSL_set_session(3), SSL_set_shutdown(3),
466 SSL_shutdown(3), SSL_state_string(3), SSL_want(3), SSL_write(3),
467 SSL_SESSION_free(3), SSL_SESSION_get_ex_new_index(3),
468 SSL_SESSION_get_time(3), d2i_SSL_SESSION(3),
469 SSL_CTX_set_psk_client_callback(3), SSL_CTX_use_psk_identity_hint(3),
470 SSL_get_psk_identity(3)
471
473 The ssl(3) document appeared in OpenSSL 0.9.2
474
475
476
4771.0.1e 2013-02-11 ssl(3)