1ssl(3)                              OpenSSL                             ssl(3)
2
3
4

NAME

6       SSL - OpenSSL SSL/TLS library
7

SYNOPSIS

DESCRIPTION

10       The OpenSSL ssl library implements the Secure Sockets Layer (SSL v2/v3)
11       and Transport Layer Security (TLS v1) protocols. It provides a rich API
12       which is documented here.
13
14       At first the library must be initialized; see SSL_library_init(3).
15
16       Then an SSL_CTX object is created as a framework to establish TLS/SSL
17       enabled connections (see SSL_CTX_new(3)).  Various options regarding
18       certificates, algorithms etc. can be set in this object.
19
20       When a network connection has been created, it can be assigned to an
21       SSL object. After the SSL object has been created using SSL_new(3),
22       SSL_set_fd(3) or SSL_set_bio(3) can be used to associate the network
23       connection with the object.
24
25       Then the TLS/SSL handshake is performed using SSL_accept(3) or
26       SSL_connect(3) respectively.  SSL_read(3) and SSL_write(3) are used to
27       read and write data on the TLS/SSL connection.  SSL_shutdown(3) can be
28       used to shut down the TLS/SSL connection.
29

DATA STRUCTURES

31       Currently the OpenSSL ssl library functions deals with the following
32       data structures:
33
34       SSL_METHOD (SSL Method)
35           That's a dispatch structure describing the internal ssl library
36           methods/functions which implement the various protocol versions
37           (SSLv1, SSLv2 and TLSv1). It's needed to create an SSL_CTX.
38
39       SSL_CIPHER (SSL Cipher)
40           This structure holds the algorithm information for a particular
41           cipher which are a core part of the SSL/TLS protocol. The available
42           ciphers are configured on a SSL_CTX basis and the actually used
43           ones are then part of the SSL_SESSION.
44
45       SSL_CTX (SSL Context)
46           That's the global context structure which is created by a server or
47           client once per program life-time and which holds mainly default
48           values for the SSL structures which are later created for the
49           connections.
50
51       SSL_SESSION (SSL Session)
52           This is a structure containing the current TLS/SSL session details
53           for a connection: SSL_CIPHERs, client and server certificates,
54           keys, etc.
55
56       SSL (SSL Connection)
57           That's the main SSL/TLS structure which is created by a server or
58           client per established connection. This actually is the core
59           structure in the SSL API.  Under run-time the application usually
60           deals with this structure which has links to mostly all other
61           structures.
62

HEADER FILES

64       Currently the OpenSSL ssl library provides the following C header files
65       containing the prototypes for the data structures and and functions:
66
67       ssl.h
68           That's the common header file for the SSL/TLS API.  Include it into
69           your program to make the API of the ssl library available. It
70           internally includes both more private SSL headers and headers from
71           the crypto library.  Whenever you need hard-core details on the
72           internals of the SSL API, look inside this header file.
73
74       ssl2.h
75           That's the sub header file dealing with the SSLv2 protocol only.
76           Usually you don't have to include it explicitly because it's
77           already included by ssl.h.
78
79       ssl3.h
80           That's the sub header file dealing with the SSLv3 protocol only.
81           Usually you don't have to include it explicitly because it's
82           already included by ssl.h.
83
84       ssl23.h
85           That's the sub header file dealing with the combined use of the
86           SSLv2 and SSLv3 protocols.  Usually you don't have to include it
87           explicitly because it's already included by ssl.h.
88
89       tls1.h
90           That's the sub header file dealing with the TLSv1 protocol only.
91           Usually you don't have to include it explicitly because it's
92           already included by ssl.h.
93

API FUNCTIONS

95       Currently the OpenSSL ssl library exports 214 API functions.  They are
96       documented in the following:
97
98   DEALING WITH PROTOCOL METHODS
99       Here we document the various API functions which deal with the SSL/TLS
100       protocol methods defined in SSL_METHOD structures.
101
102       const SSL_METHOD *SSLv23_method(void);
103           Constructor for the version-flexible SSL_METHOD structure for
104           clients, servers or both.  See SSL_CTX_new(3) for details.
105
106       const SSL_METHOD *SSLv23_client_method(void);
107           Constructor for the version-flexible SSL_METHOD structure for
108           clients.
109
110       const SSL_METHOD *SSLv23_client_method(void);
111           Constructor for the version-flexible SSL_METHOD structure for
112           servers.
113
114       const SSL_METHOD *TLSv1_2_method(void);
115           Constructor for the TLSv1.2 SSL_METHOD structure for clients,
116           servers or both.
117
118       const SSL_METHOD *TLSv1_2_client_method(void);
119           Constructor for the TLSv1.2 SSL_METHOD structure for clients.
120
121       const SSL_METHOD *TLSv1_2_server_method(void);
122           Constructor for the TLSv1.2 SSL_METHOD structure for servers.
123
124       const SSL_METHOD *TLSv1_1_method(void);
125           Constructor for the TLSv1.1 SSL_METHOD structure for clients,
126           servers or both.
127
128       const SSL_METHOD *TLSv1_1_client_method(void);
129           Constructor for the TLSv1.1 SSL_METHOD structure for clients.
130
131       const SSL_METHOD *TLSv1_1_server_method(void);
132           Constructor for the TLSv1.1 SSL_METHOD structure for servers.
133
134       const SSL_METHOD *TLSv1_method(void);
135           Constructor for the TLSv1 SSL_METHOD structure for clients, servers
136           or both.
137
138       const SSL_METHOD *TLSv1_client_method(void);
139           Constructor for the TLSv1 SSL_METHOD structure for clients.
140
141       const SSL_METHOD *TLSv1_server_method(void);
142           Constructor for the TLSv1 SSL_METHOD structure for servers.
143
144       const SSL_METHOD *SSLv3_method(void);
145           Constructor for the SSLv3 SSL_METHOD structure for clients, servers
146           or both.
147
148       const SSL_METHOD *SSLv3_client_method(void);
149           Constructor for the SSLv3 SSL_METHOD structure for clients.
150
151       const SSL_METHOD *SSLv3_server_method(void);
152           Constructor for the SSLv3 SSL_METHOD structure for servers.
153
154       const SSL_METHOD *SSLv2_method(void);
155           Constructor for the SSLv2 SSL_METHOD structure for clients, servers
156           or both.
157
158       const SSL_METHOD *SSLv2_client_method(void);
159           Constructor for the SSLv2 SSL_METHOD structure for clients.
160
161       const SSL_METHOD *SSLv2_server_method(void);
162           Constructor for the SSLv2 SSL_METHOD structure for servers.
163
164   DEALING WITH CIPHERS
165       Here we document the various API functions which deal with the SSL/TLS
166       ciphers defined in SSL_CIPHER structures.
167
168       char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len);
169           Write a string to buf (with a maximum size of len) containing a
170           human readable description of cipher. Returns buf.
171
172       int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);
173           Determine the number of bits in cipher. Because of export crippled
174           ciphers there are two bits: The bits the algorithm supports in
175           general (stored to alg_bits) and the bits which are actually used
176           (the return value).
177
178       const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);
179           Return the internal name of cipher as a string. These are the
180           various strings defined by the SSL2_TXT_xxx, SSL3_TXT_xxx and
181           TLS1_TXT_xxx definitions in the header files.
182
183       char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);
184           Returns a string like ""TLSv1/SSLv3"" or ""SSLv2"" which indicates
185           the SSL/TLS protocol version to which cipher belongs (i.e. where it
186           was defined in the specification the first time).
187
188   DEALING WITH PROTOCOL CONTEXTS
189       Here we document the various API functions which deal with the SSL/TLS
190       protocol context defined in the SSL_CTX structure.
191
192       int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
193       long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);
194       int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);
195       int SSL_CTX_check_private_key(const SSL_CTX *ctx);
196       long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg);
197       void SSL_CTX_flush_sessions(SSL_CTX *s, long t);
198       void SSL_CTX_free(SSL_CTX *a);
199       char *SSL_CTX_get_app_data(SSL_CTX *ctx);
200       X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);
201       STACK *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
202       int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509,
203       EVP_PKEY **pkey);
204       void SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);
205       char *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx);
206       int SSL_CTX_get_ex_new_index(long argl, char *argp, int
207       (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
208       void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(SSL *ssl, int cb, int
209       ret);
210       int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
211       void SSL_CTX_get_read_ahead(SSL_CTX *ctx);
212       int SSL_CTX_get_session_cache_mode(SSL_CTX *ctx);
213       long SSL_CTX_get_timeout(const SSL_CTX *ctx);
214       int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int ok,
215       X509_STORE_CTX *ctx);
216       int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
217       int SSL_CTX_load_verify_locations(SSL_CTX *ctx, char *CAfile, char
218       *CApath);
219       long SSL_CTX_need_tmp_RSA(SSL_CTX *ctx);
220       SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
221       int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);
222       int SSL_CTX_sess_accept(SSL_CTX *ctx);
223       int SSL_CTX_sess_accept_good(SSL_CTX *ctx);
224       int SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
225       int SSL_CTX_sess_cache_full(SSL_CTX *ctx);
226       int SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
227       int SSL_CTX_sess_connect(SSL_CTX *ctx);
228       int SSL_CTX_sess_connect_good(SSL_CTX *ctx);
229       int SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
230       int SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);
231       SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl,
232       unsigned char *data, int len, int *copy);
233       int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION
234       *sess);
235       void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)(SSL_CTX *ctx,
236       SSL_SESSION *sess);
237       int SSL_CTX_sess_hits(SSL_CTX *ctx);
238       int SSL_CTX_sess_misses(SSL_CTX *ctx);
239       int SSL_CTX_sess_number(SSL_CTX *ctx);
240       void SSL_CTX_sess_set_cache_size(SSL_CTX *ctx,t);
241       void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl,
242       unsigned char *data, int len, int *copy));
243       void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl,
244       SSL_SESSION *sess));
245       void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx,
246       SSL_SESSION *sess));
247       int SSL_CTX_sess_timeouts(SSL_CTX *ctx);
248       LHASH *SSL_CTX_sessions(SSL_CTX *ctx);
249       void SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg);
250       void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *cs);
251       void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(), char *arg)
252       int SSL_CTX_set_cipher_list(SSL_CTX *ctx, char *str);
253       void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);
254       void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509
255       **x509, EVP_PKEY **pkey));
256       void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, int (*cb);(void))
257       void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m);
258       int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
259       int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg);
260       void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(SSL *ssl, int
261       cb, int ret));
262       void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int
263       version, int content_type, const void *buf, size_t len, SSL *ssl, void
264       *arg));
265       void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
266       void SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
267       void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
268       void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int m);
269       void SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode);
270       int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
271       void SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
272       long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH *dh);
273       long SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*cb)(void));
274       long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa);
275       SSL_CTX_set_tmp_rsa_callback
276           "long SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL
277           *ssl, int export, int keylength));"
278
279           Sets the callback which will be called when a temporary private key
280           is required. The "export" flag will be set if the reason for
281           needing a temp key is that an export ciphersuite is in use, in
282           which case, "keylength" will contain the required keylength in
283           bits. Generate a key of appropriate size (using ???) and return it.
284
285       SSL_set_tmp_rsa_callback
286           long SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int
287           export, int keylength));
288
289           The same as SSL_CTX_set_tmp_rsa_callback, except it operates on an
290           SSL session instead of a context.
291
292       void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb);(void))
293       int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
294       int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char
295       *d, long len);
296       int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);
297       int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
298       int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long
299       len);
300       int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);
301       int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
302       int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char
303       *d);
304       int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);
305       X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
306       EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
307       void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, unsigned int
308       (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int
309       max_identity_len, unsigned char *psk, unsigned int max_psk_len));
310       int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
311       void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, unsigned int
312       (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int
313       max_psk_len));
314
315   DEALING WITH SESSIONS
316       Here we document the various API functions which deal with the SSL/TLS
317       sessions defined in the SSL_SESSION structures.
318
319       int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b);
320       void SSL_SESSION_free(SSL_SESSION *ss);
321       char *SSL_SESSION_get_app_data(SSL_SESSION *s);
322       char *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx);
323       int SSL_SESSION_get_ex_new_index(long argl, char *argp, int
324       (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
325       long SSL_SESSION_get_time(const SSL_SESSION *s);
326       long SSL_SESSION_get_timeout(const SSL_SESSION *s);
327       unsigned long SSL_SESSION_hash(const SSL_SESSION *a);
328       SSL_SESSION *SSL_SESSION_new(void);
329       int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x);
330       int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x);
331       void SSL_SESSION_set_app_data(SSL_SESSION *s, char *a);
332       int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, char *arg);
333       long SSL_SESSION_set_time(SSL_SESSION *s, long t);
334       long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
335
336   DEALING WITH CONNECTIONS
337       Here we document the various API functions which deal with the SSL/TLS
338       connection defined in the SSL structure.
339
340       int SSL_accept(SSL *ssl);
341       int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir);
342       int SSL_add_file_cert_subjects_to_stack(STACK *stack, const char
343       *file);
344       int SSL_add_client_CA(SSL *ssl, X509 *x);
345       char *SSL_alert_desc_string(int value);
346       char *SSL_alert_desc_string_long(int value);
347       char *SSL_alert_type_string(int value);
348       char *SSL_alert_type_string_long(int value);
349       int SSL_check_private_key(const SSL *ssl);
350       void SSL_clear(SSL *ssl);
351       long SSL_clear_num_renegotiations(SSL *ssl);
352       int SSL_connect(SSL *ssl);
353       void SSL_copy_session_id(SSL *t, const SSL *f);
354       long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg);
355       int SSL_do_handshake(SSL *ssl);
356       SSL *SSL_dup(SSL *ssl);
357       STACK *SSL_dup_CA_list(STACK *sk);
358       void SSL_free(SSL *ssl);
359       SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
360       char *SSL_get_app_data(SSL *ssl);
361       X509 *SSL_get_certificate(const SSL *ssl);
362       const char *SSL_get_cipher(const SSL *ssl);
363       int SSL_get_cipher_bits(const SSL *ssl, int *alg_bits);
364       char *SSL_get_cipher_list(const SSL *ssl, int n);
365       char *SSL_get_cipher_name(const SSL *ssl);
366       char *SSL_get_cipher_version(const SSL *ssl);
367       STACK *SSL_get_ciphers(const SSL *ssl);
368       STACK *SSL_get_client_CA_list(const SSL *ssl);
369       SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
370       long SSL_get_default_timeout(const SSL *ssl);
371       int SSL_get_error(const SSL *ssl, int i);
372       char *SSL_get_ex_data(const SSL *ssl, int idx);
373       int SSL_get_ex_data_X509_STORE_CTX_idx(void);
374       int SSL_get_ex_new_index(long argl, char *argp, int (*new_func);(void),
375       int (*dup_func)(void), void (*free_func)(void))
376       int SSL_get_fd(const SSL *ssl);
377       void (*SSL_get_info_callback(const SSL *ssl);)()
378       STACK *SSL_get_peer_cert_chain(const SSL *ssl);
379       X509 *SSL_get_peer_certificate(const SSL *ssl);
380       EVP_PKEY *SSL_get_privatekey(const SSL *ssl);
381       int SSL_get_quiet_shutdown(const SSL *ssl);
382       BIO *SSL_get_rbio(const SSL *ssl);
383       int SSL_get_read_ahead(const SSL *ssl);
384       SSL_SESSION *SSL_get_session(const SSL *ssl);
385       char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len);
386       int SSL_get_shutdown(const SSL *ssl);
387       const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
388       int SSL_get_state(const SSL *ssl);
389       long SSL_get_time(const SSL *ssl);
390       long SSL_get_timeout(const SSL *ssl);
391       int (*SSL_get_verify_callback(const SSL *ssl))(int,X509_STORE_CTX *)
392       int SSL_get_verify_mode(const SSL *ssl);
393       long SSL_get_verify_result(const SSL *ssl);
394       char *SSL_get_version(const SSL *ssl);
395       BIO *SSL_get_wbio(const SSL *ssl);
396       int SSL_in_accept_init(SSL *ssl);
397       int SSL_in_before(SSL *ssl);
398       int SSL_in_connect_init(SSL *ssl);
399       int SSL_in_init(SSL *ssl);
400       int SSL_is_init_finished(SSL *ssl);
401       STACK *SSL_load_client_CA_file(char *file);
402       void SSL_load_error_strings(void);
403       SSL *SSL_new(SSL_CTX *ctx);
404       long SSL_num_renegotiations(SSL *ssl);
405       int SSL_peek(SSL *ssl, void *buf, int num);
406       int SSL_pending(const SSL *ssl);
407       int SSL_read(SSL *ssl, void *buf, int num);
408       int SSL_renegotiate(SSL *ssl);
409       char *SSL_rstate_string(SSL *ssl);
410       char *SSL_rstate_string_long(SSL *ssl);
411       long SSL_session_reused(SSL *ssl);
412       void SSL_set_accept_state(SSL *ssl);
413       void SSL_set_app_data(SSL *ssl, char *arg);
414       void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
415       int SSL_set_cipher_list(SSL *ssl, char *str);
416       void SSL_set_client_CA_list(SSL *ssl, STACK *list);
417       void SSL_set_connect_state(SSL *ssl);
418       int SSL_set_ex_data(SSL *ssl, int idx, char *arg);
419       int SSL_set_fd(SSL *ssl, int fd);
420       void SSL_set_info_callback(SSL *ssl, void (*cb);(void))
421       void SSL_set_msg_callback(SSL *ctx, void (*cb)(int write_p, int
422       version, int content_type, const void *buf, size_t len, SSL *ssl, void
423       *arg));
424       void SSL_set_msg_callback_arg(SSL *ctx, void *arg);
425       void SSL_set_options(SSL *ssl, unsigned long op);
426       void SSL_set_quiet_shutdown(SSL *ssl, int mode);
427       void SSL_set_read_ahead(SSL *ssl, int yes);
428       int SSL_set_rfd(SSL *ssl, int fd);
429       int SSL_set_session(SSL *ssl, SSL_SESSION *session);
430       void SSL_set_shutdown(SSL *ssl, int mode);
431       int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *meth);
432       void SSL_set_time(SSL *ssl, long t);
433       void SSL_set_timeout(SSL *ssl, long t);
434       void SSL_set_verify(SSL *ssl, int mode, int (*callback);(void))
435       void SSL_set_verify_result(SSL *ssl, long arg);
436       int SSL_set_wfd(SSL *ssl, int fd);
437       int SSL_shutdown(SSL *ssl);
438       int SSL_state(const SSL *ssl);
439       char *SSL_state_string(const SSL *ssl);
440       char *SSL_state_string_long(const SSL *ssl);
441       long SSL_total_renegotiations(SSL *ssl);
442       int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
443       int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long
444       len);
445       int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);
446       int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
447       int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
448       int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);
449       int SSL_use_certificate(SSL *ssl, X509 *x);
450       int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);
451       int SSL_use_certificate_file(SSL *ssl, char *file, int type);
452       int SSL_version(const SSL *ssl);
453       int SSL_want(const SSL *ssl);
454       int SSL_want_nothing(const SSL *ssl);
455       int SSL_want_read(const SSL *ssl);
456       int SSL_want_write(const SSL *ssl);
457       int SSL_want_x509_lookup(const SSL *ssl);
458       int SSL_write(SSL *ssl, const void *buf, int num);
459       void SSL_set_psk_client_callback(SSL *ssl, unsigned int (*callback)(SSL
460       *ssl, const char *hint, char *identity, unsigned int max_identity_len,
461       unsigned char *psk, unsigned int max_psk_len));
462       int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
463       void SSL_set_psk_server_callback(SSL *ssl, unsigned int (*callback)(SSL
464       *ssl, const char *identity, unsigned char *psk, int max_psk_len));
465       const char *SSL_get_psk_identity_hint(SSL *ssl);
466       const char *SSL_get_psk_identity(SSL *ssl);
467

SEE ALSO

469       openssl(1), crypto(3), SSL_accept(3), SSL_clear(3), SSL_connect(3),
470       SSL_CIPHER_get_name(3), SSL_COMP_add_compression_method(3),
471       SSL_CTX_add_extra_chain_cert(3), SSL_CTX_add_session(3),
472       SSL_CTX_ctrl(3), SSL_CTX_flush_sessions(3),
473       SSL_CTX_get_ex_new_index(3), SSL_CTX_get_verify_mode(3),
474       SSL_CTX_load_verify_locations(3) SSL_CTX_new(3),
475       SSL_CTX_sess_number(3), SSL_CTX_sess_set_cache_size(3),
476       SSL_CTX_sess_set_get_cb(3), SSL_CTX_sessions(3),
477       SSL_CTX_set_cert_store(3), SSL_CTX_set_cert_verify_callback(3),
478       SSL_CTX_set_cipher_list(3), SSL_CTX_set_client_CA_list(3),
479       SSL_CTX_set_client_cert_cb(3), SSL_CTX_set_default_passwd_cb(3),
480       SSL_CTX_set_generate_session_id(3), SSL_CTX_set_info_callback(3),
481       SSL_CTX_set_max_cert_list(3), SSL_CTX_set_mode(3),
482       SSL_CTX_set_msg_callback(3), SSL_CTX_set_options(3),
483       SSL_CTX_set_quiet_shutdown(3), SSL_CTX_set_read_ahead(3),
484       SSL_CTX_set_session_cache_mode(3), SSL_CTX_set_session_id_context(3),
485       SSL_CTX_set_ssl_version(3), SSL_CTX_set_timeout(3),
486       SSL_CTX_set_tmp_rsa_callback(3), SSL_CTX_set_tmp_dh_callback(3),
487       SSL_CTX_set_verify(3), SSL_CTX_use_certificate(3),
488       SSL_alert_type_string(3), SSL_do_handshake(3), SSL_get_SSL_CTX(3),
489       SSL_get_ciphers(3), SSL_get_client_CA_list(3),
490       SSL_get_default_timeout(3), SSL_get_error(3),
491       SSL_get_ex_data_X509_STORE_CTX_idx(3), SSL_get_ex_new_index(3),
492       SSL_get_fd(3), SSL_get_peer_cert_chain(3), SSL_get_rbio(3),
493       SSL_get_session(3), SSL_get_verify_result(3), SSL_get_version(3),
494       SSL_library_init(3), SSL_load_client_CA_file(3), SSL_new(3),
495       SSL_pending(3), SSL_read(3), SSL_rstate_string(3),
496       SSL_session_reused(3), SSL_set_bio(3), SSL_set_connect_state(3),
497       SSL_set_fd(3), SSL_set_session(3), SSL_set_shutdown(3),
498       SSL_shutdown(3), SSL_state_string(3), SSL_want(3), SSL_write(3),
499       SSL_SESSION_free(3), SSL_SESSION_get_ex_new_index(3),
500       SSL_SESSION_get_time(3), d2i_SSL_SESSION(3),
501       SSL_CTX_set_psk_client_callback(3), SSL_CTX_use_psk_identity_hint(3),
502       SSL_get_psk_identity(3)
503

HISTORY

505       The ssl(3) document appeared in OpenSSL 0.9.2
506
507
508
5091.0.2k                            2017-01-26                            ssl(3)
Impressum