1ssl(3) OpenSSL ssl(3)
2
3
4
6 SSL - OpenSSL SSL/TLS library
7
10 The OpenSSL ssl library implements the Secure Sockets Layer (SSL v2/v3)
11 and Transport Layer Security (TLS v1) protocols. It provides a rich API
12 which is documented here.
13
14 At first the library must be initialized; see SSL_library_init(3).
15
16 Then an SSL_CTX object is created as a framework to establish TLS/SSL
17 enabled connections (see SSL_CTX_new(3)). Various options regarding
18 certificates, algorithms etc. can be set in this object.
19
20 When a network connection has been created, it can be assigned to an
21 SSL object. After the SSL object has been created using SSL_new(3),
22 SSL_set_fd(3) or SSL_set_bio(3) can be used to associate the network
23 connection with the object.
24
25 Then the TLS/SSL handshake is performed using SSL_accept(3) or
26 SSL_connect(3) respectively. SSL_read(3) and SSL_write(3) are used to
27 read and write data on the TLS/SSL connection. SSL_shutdown(3) can be
28 used to shut down the TLS/SSL connection.
29
31 Currently the OpenSSL ssl library functions deals with the following
32 data structures:
33
34 SSL_METHOD (SSL Method)
35 That's a dispatch structure describing the internal ssl library
36 methods/functions which implement the various protocol versions
37 (SSLv1, SSLv2 and TLSv1). It's needed to create an SSL_CTX.
38
39 SSL_CIPHER (SSL Cipher)
40 This structure holds the algorithm information for a particular
41 cipher which are a core part of the SSL/TLS protocol. The available
42 ciphers are configured on a SSL_CTX basis and the actually used
43 ones are then part of the SSL_SESSION.
44
45 SSL_CTX (SSL Context)
46 That's the global context structure which is created by a server or
47 client once per program life-time and which holds mainly default
48 values for the SSL structures which are later created for the
49 connections.
50
51 SSL_SESSION (SSL Session)
52 This is a structure containing the current TLS/SSL session details
53 for a connection: SSL_CIPHERs, client and server certificates,
54 keys, etc.
55
56 SSL (SSL Connection)
57 That's the main SSL/TLS structure which is created by a server or
58 client per established connection. This actually is the core
59 structure in the SSL API. Under run-time the application usually
60 deals with this structure which has links to mostly all other
61 structures.
62
64 Currently the OpenSSL ssl library provides the following C header files
65 containing the prototypes for the data structures and and functions:
66
67 ssl.h
68 That's the common header file for the SSL/TLS API. Include it into
69 your program to make the API of the ssl library available. It
70 internally includes both more private SSL headers and headers from
71 the crypto library. Whenever you need hard-core details on the
72 internals of the SSL API, look inside this header file.
73
74 ssl2.h
75 That's the sub header file dealing with the SSLv2 protocol only.
76 Usually you don't have to include it explicitly because it's
77 already included by ssl.h.
78
79 ssl3.h
80 That's the sub header file dealing with the SSLv3 protocol only.
81 Usually you don't have to include it explicitly because it's
82 already included by ssl.h.
83
84 ssl23.h
85 That's the sub header file dealing with the combined use of the
86 SSLv2 and SSLv3 protocols. Usually you don't have to include it
87 explicitly because it's already included by ssl.h.
88
89 tls1.h
90 That's the sub header file dealing with the TLSv1 protocol only.
91 Usually you don't have to include it explicitly because it's
92 already included by ssl.h.
93
95 Currently the OpenSSL ssl library exports 214 API functions. They are
96 documented in the following:
97
98 DEALING WITH PROTOCOL METHODS
99 Here we document the various API functions which deal with the SSL/TLS
100 protocol methods defined in SSL_METHOD structures.
101
102 const SSL_METHOD *SSLv23_method(void);
103 Constructor for the version-flexible SSL_METHOD structure for
104 clients, servers or both. See SSL_CTX_new(3) for details.
105
106 const SSL_METHOD *SSLv23_client_method(void);
107 Constructor for the version-flexible SSL_METHOD structure for
108 clients.
109
110 const SSL_METHOD *SSLv23_client_method(void);
111 Constructor for the version-flexible SSL_METHOD structure for
112 servers.
113
114 const SSL_METHOD *TLSv1_2_method(void);
115 Constructor for the TLSv1.2 SSL_METHOD structure for clients,
116 servers or both.
117
118 const SSL_METHOD *TLSv1_2_client_method(void);
119 Constructor for the TLSv1.2 SSL_METHOD structure for clients.
120
121 const SSL_METHOD *TLSv1_2_server_method(void);
122 Constructor for the TLSv1.2 SSL_METHOD structure for servers.
123
124 const SSL_METHOD *TLSv1_1_method(void);
125 Constructor for the TLSv1.1 SSL_METHOD structure for clients,
126 servers or both.
127
128 const SSL_METHOD *TLSv1_1_client_method(void);
129 Constructor for the TLSv1.1 SSL_METHOD structure for clients.
130
131 const SSL_METHOD *TLSv1_1_server_method(void);
132 Constructor for the TLSv1.1 SSL_METHOD structure for servers.
133
134 const SSL_METHOD *TLSv1_method(void);
135 Constructor for the TLSv1 SSL_METHOD structure for clients, servers
136 or both.
137
138 const SSL_METHOD *TLSv1_client_method(void);
139 Constructor for the TLSv1 SSL_METHOD structure for clients.
140
141 const SSL_METHOD *TLSv1_server_method(void);
142 Constructor for the TLSv1 SSL_METHOD structure for servers.
143
144 const SSL_METHOD *SSLv3_method(void);
145 Constructor for the SSLv3 SSL_METHOD structure for clients, servers
146 or both.
147
148 const SSL_METHOD *SSLv3_client_method(void);
149 Constructor for the SSLv3 SSL_METHOD structure for clients.
150
151 const SSL_METHOD *SSLv3_server_method(void);
152 Constructor for the SSLv3 SSL_METHOD structure for servers.
153
154 const SSL_METHOD *SSLv2_method(void);
155 Constructor for the SSLv2 SSL_METHOD structure for clients, servers
156 or both.
157
158 const SSL_METHOD *SSLv2_client_method(void);
159 Constructor for the SSLv2 SSL_METHOD structure for clients.
160
161 const SSL_METHOD *SSLv2_server_method(void);
162 Constructor for the SSLv2 SSL_METHOD structure for servers.
163
164 DEALING WITH CIPHERS
165 Here we document the various API functions which deal with the SSL/TLS
166 ciphers defined in SSL_CIPHER structures.
167
168 char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len);
169 Write a string to buf (with a maximum size of len) containing a
170 human readable description of cipher. Returns buf.
171
172 int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);
173 Determine the number of bits in cipher. Because of export crippled
174 ciphers there are two bits: The bits the algorithm supports in
175 general (stored to alg_bits) and the bits which are actually used
176 (the return value).
177
178 const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);
179 Return the internal name of cipher as a string. These are the
180 various strings defined by the SSL2_TXT_xxx, SSL3_TXT_xxx and
181 TLS1_TXT_xxx definitions in the header files.
182
183 char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);
184 Returns a string like ""TLSv1/SSLv3"" or ""SSLv2"" which indicates
185 the SSL/TLS protocol version to which cipher belongs (i.e. where it
186 was defined in the specification the first time).
187
188 DEALING WITH PROTOCOL CONTEXTS
189 Here we document the various API functions which deal with the SSL/TLS
190 protocol context defined in the SSL_CTX structure.
191
192 int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
193 long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);
194 int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);
195 int SSL_CTX_check_private_key(const SSL_CTX *ctx);
196 long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg);
197 void SSL_CTX_flush_sessions(SSL_CTX *s, long t);
198 void SSL_CTX_free(SSL_CTX *a);
199 char *SSL_CTX_get_app_data(SSL_CTX *ctx);
200 X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);
201 STACK *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
202 int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509,
203 EVP_PKEY **pkey);
204 void SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);
205 char *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx);
206 int SSL_CTX_get_ex_new_index(long argl, char *argp, int
207 (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
208 void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(SSL *ssl, int cb, int
209 ret);
210 int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
211 void SSL_CTX_get_read_ahead(SSL_CTX *ctx);
212 int SSL_CTX_get_session_cache_mode(SSL_CTX *ctx);
213 long SSL_CTX_get_timeout(const SSL_CTX *ctx);
214 int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int ok,
215 X509_STORE_CTX *ctx);
216 int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
217 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, char *CAfile, char
218 *CApath);
219 long SSL_CTX_need_tmp_RSA(SSL_CTX *ctx);
220 SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
221 int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);
222 int SSL_CTX_sess_accept(SSL_CTX *ctx);
223 int SSL_CTX_sess_accept_good(SSL_CTX *ctx);
224 int SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
225 int SSL_CTX_sess_cache_full(SSL_CTX *ctx);
226 int SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
227 int SSL_CTX_sess_connect(SSL_CTX *ctx);
228 int SSL_CTX_sess_connect_good(SSL_CTX *ctx);
229 int SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
230 int SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);
231 SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl,
232 unsigned char *data, int len, int *copy);
233 int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION
234 *sess);
235 void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)(SSL_CTX *ctx,
236 SSL_SESSION *sess);
237 int SSL_CTX_sess_hits(SSL_CTX *ctx);
238 int SSL_CTX_sess_misses(SSL_CTX *ctx);
239 int SSL_CTX_sess_number(SSL_CTX *ctx);
240 void SSL_CTX_sess_set_cache_size(SSL_CTX *ctx,t);
241 void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl,
242 unsigned char *data, int len, int *copy));
243 void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl,
244 SSL_SESSION *sess));
245 void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx,
246 SSL_SESSION *sess));
247 int SSL_CTX_sess_timeouts(SSL_CTX *ctx);
248 LHASH *SSL_CTX_sessions(SSL_CTX *ctx);
249 void SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg);
250 void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *cs);
251 void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(), char *arg)
252 int SSL_CTX_set_cipher_list(SSL_CTX *ctx, char *str);
253 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);
254 void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509
255 **x509, EVP_PKEY **pkey));
256 void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, int (*cb);(void))
257 void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m);
258 int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
259 int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg);
260 void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(SSL *ssl, int
261 cb, int ret));
262 void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int
263 version, int content_type, const void *buf, size_t len, SSL *ssl, void
264 *arg));
265 void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
266 void SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
267 void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
268 void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int m);
269 void SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode);
270 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
271 void SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
272 long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH *dh);
273 long SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*cb)(void));
274 long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa);
275 SSL_CTX_set_tmp_rsa_callback
276 "long SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL
277 *ssl, int export, int keylength));"
278
279 Sets the callback which will be called when a temporary private key
280 is required. The "export" flag will be set if the reason for
281 needing a temp key is that an export ciphersuite is in use, in
282 which case, "keylength" will contain the required keylength in
283 bits. Generate a key of appropriate size (using ???) and return it.
284
285 SSL_set_tmp_rsa_callback
286 long SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int
287 export, int keylength));
288
289 The same as SSL_CTX_set_tmp_rsa_callback, except it operates on an
290 SSL session instead of a context.
291
292 void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb);(void))
293 int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
294 int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char
295 *d, long len);
296 int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);
297 int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
298 int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long
299 len);
300 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);
301 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
302 int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char
303 *d);
304 int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);
305 X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
306 EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
307 void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, unsigned int
308 (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int
309 max_identity_len, unsigned char *psk, unsigned int max_psk_len));
310 int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
311 void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, unsigned int
312 (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int
313 max_psk_len));
314
315 DEALING WITH SESSIONS
316 Here we document the various API functions which deal with the SSL/TLS
317 sessions defined in the SSL_SESSION structures.
318
319 int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b);
320 void SSL_SESSION_free(SSL_SESSION *ss);
321 char *SSL_SESSION_get_app_data(SSL_SESSION *s);
322 char *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx);
323 int SSL_SESSION_get_ex_new_index(long argl, char *argp, int
324 (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
325 long SSL_SESSION_get_time(const SSL_SESSION *s);
326 long SSL_SESSION_get_timeout(const SSL_SESSION *s);
327 unsigned long SSL_SESSION_hash(const SSL_SESSION *a);
328 SSL_SESSION *SSL_SESSION_new(void);
329 int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x);
330 int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x);
331 void SSL_SESSION_set_app_data(SSL_SESSION *s, char *a);
332 int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, char *arg);
333 long SSL_SESSION_set_time(SSL_SESSION *s, long t);
334 long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
335
336 DEALING WITH CONNECTIONS
337 Here we document the various API functions which deal with the SSL/TLS
338 connection defined in the SSL structure.
339
340 int SSL_accept(SSL *ssl);
341 int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir);
342 int SSL_add_file_cert_subjects_to_stack(STACK *stack, const char
343 *file);
344 int SSL_add_client_CA(SSL *ssl, X509 *x);
345 char *SSL_alert_desc_string(int value);
346 char *SSL_alert_desc_string_long(int value);
347 char *SSL_alert_type_string(int value);
348 char *SSL_alert_type_string_long(int value);
349 int SSL_check_private_key(const SSL *ssl);
350 void SSL_clear(SSL *ssl);
351 long SSL_clear_num_renegotiations(SSL *ssl);
352 int SSL_connect(SSL *ssl);
353 void SSL_copy_session_id(SSL *t, const SSL *f);
354 long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg);
355 int SSL_do_handshake(SSL *ssl);
356 SSL *SSL_dup(SSL *ssl);
357 STACK *SSL_dup_CA_list(STACK *sk);
358 void SSL_free(SSL *ssl);
359 SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
360 char *SSL_get_app_data(SSL *ssl);
361 X509 *SSL_get_certificate(const SSL *ssl);
362 const char *SSL_get_cipher(const SSL *ssl);
363 int SSL_get_cipher_bits(const SSL *ssl, int *alg_bits);
364 char *SSL_get_cipher_list(const SSL *ssl, int n);
365 char *SSL_get_cipher_name(const SSL *ssl);
366 char *SSL_get_cipher_version(const SSL *ssl);
367 STACK *SSL_get_ciphers(const SSL *ssl);
368 STACK *SSL_get_client_CA_list(const SSL *ssl);
369 SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
370 long SSL_get_default_timeout(const SSL *ssl);
371 int SSL_get_error(const SSL *ssl, int i);
372 char *SSL_get_ex_data(const SSL *ssl, int idx);
373 int SSL_get_ex_data_X509_STORE_CTX_idx(void);
374 int SSL_get_ex_new_index(long argl, char *argp, int (*new_func);(void),
375 int (*dup_func)(void), void (*free_func)(void))
376 int SSL_get_fd(const SSL *ssl);
377 void (*SSL_get_info_callback(const SSL *ssl);)()
378 STACK *SSL_get_peer_cert_chain(const SSL *ssl);
379 X509 *SSL_get_peer_certificate(const SSL *ssl);
380 EVP_PKEY *SSL_get_privatekey(const SSL *ssl);
381 int SSL_get_quiet_shutdown(const SSL *ssl);
382 BIO *SSL_get_rbio(const SSL *ssl);
383 int SSL_get_read_ahead(const SSL *ssl);
384 SSL_SESSION *SSL_get_session(const SSL *ssl);
385 char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len);
386 int SSL_get_shutdown(const SSL *ssl);
387 const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
388 int SSL_get_state(const SSL *ssl);
389 long SSL_get_time(const SSL *ssl);
390 long SSL_get_timeout(const SSL *ssl);
391 int (*SSL_get_verify_callback(const SSL *ssl))(int,X509_STORE_CTX *)
392 int SSL_get_verify_mode(const SSL *ssl);
393 long SSL_get_verify_result(const SSL *ssl);
394 char *SSL_get_version(const SSL *ssl);
395 BIO *SSL_get_wbio(const SSL *ssl);
396 int SSL_in_accept_init(SSL *ssl);
397 int SSL_in_before(SSL *ssl);
398 int SSL_in_connect_init(SSL *ssl);
399 int SSL_in_init(SSL *ssl);
400 int SSL_is_init_finished(SSL *ssl);
401 STACK *SSL_load_client_CA_file(char *file);
402 void SSL_load_error_strings(void);
403 SSL *SSL_new(SSL_CTX *ctx);
404 long SSL_num_renegotiations(SSL *ssl);
405 int SSL_peek(SSL *ssl, void *buf, int num);
406 int SSL_pending(const SSL *ssl);
407 int SSL_read(SSL *ssl, void *buf, int num);
408 int SSL_renegotiate(SSL *ssl);
409 char *SSL_rstate_string(SSL *ssl);
410 char *SSL_rstate_string_long(SSL *ssl);
411 long SSL_session_reused(SSL *ssl);
412 void SSL_set_accept_state(SSL *ssl);
413 void SSL_set_app_data(SSL *ssl, char *arg);
414 void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
415 int SSL_set_cipher_list(SSL *ssl, char *str);
416 void SSL_set_client_CA_list(SSL *ssl, STACK *list);
417 void SSL_set_connect_state(SSL *ssl);
418 int SSL_set_ex_data(SSL *ssl, int idx, char *arg);
419 int SSL_set_fd(SSL *ssl, int fd);
420 void SSL_set_info_callback(SSL *ssl, void (*cb);(void))
421 void SSL_set_msg_callback(SSL *ctx, void (*cb)(int write_p, int
422 version, int content_type, const void *buf, size_t len, SSL *ssl, void
423 *arg));
424 void SSL_set_msg_callback_arg(SSL *ctx, void *arg);
425 void SSL_set_options(SSL *ssl, unsigned long op);
426 void SSL_set_quiet_shutdown(SSL *ssl, int mode);
427 void SSL_set_read_ahead(SSL *ssl, int yes);
428 int SSL_set_rfd(SSL *ssl, int fd);
429 int SSL_set_session(SSL *ssl, SSL_SESSION *session);
430 void SSL_set_shutdown(SSL *ssl, int mode);
431 int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *meth);
432 void SSL_set_time(SSL *ssl, long t);
433 void SSL_set_timeout(SSL *ssl, long t);
434 void SSL_set_verify(SSL *ssl, int mode, int (*callback);(void))
435 void SSL_set_verify_result(SSL *ssl, long arg);
436 int SSL_set_wfd(SSL *ssl, int fd);
437 int SSL_shutdown(SSL *ssl);
438 int SSL_state(const SSL *ssl);
439 char *SSL_state_string(const SSL *ssl);
440 char *SSL_state_string_long(const SSL *ssl);
441 long SSL_total_renegotiations(SSL *ssl);
442 int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
443 int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long
444 len);
445 int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);
446 int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
447 int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
448 int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);
449 int SSL_use_certificate(SSL *ssl, X509 *x);
450 int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);
451 int SSL_use_certificate_file(SSL *ssl, char *file, int type);
452 int SSL_version(const SSL *ssl);
453 int SSL_want(const SSL *ssl);
454 int SSL_want_nothing(const SSL *ssl);
455 int SSL_want_read(const SSL *ssl);
456 int SSL_want_write(const SSL *ssl);
457 int SSL_want_x509_lookup(const SSL *ssl);
458 int SSL_write(SSL *ssl, const void *buf, int num);
459 void SSL_set_psk_client_callback(SSL *ssl, unsigned int (*callback)(SSL
460 *ssl, const char *hint, char *identity, unsigned int max_identity_len,
461 unsigned char *psk, unsigned int max_psk_len));
462 int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
463 void SSL_set_psk_server_callback(SSL *ssl, unsigned int (*callback)(SSL
464 *ssl, const char *identity, unsigned char *psk, int max_psk_len));
465 const char *SSL_get_psk_identity_hint(SSL *ssl);
466 const char *SSL_get_psk_identity(SSL *ssl);
467
469 openssl(1), crypto(3), SSL_accept(3), SSL_clear(3), SSL_connect(3),
470 SSL_CIPHER_get_name(3), SSL_COMP_add_compression_method(3),
471 SSL_CTX_add_extra_chain_cert(3), SSL_CTX_add_session(3),
472 SSL_CTX_ctrl(3), SSL_CTX_flush_sessions(3),
473 SSL_CTX_get_ex_new_index(3), SSL_CTX_get_verify_mode(3),
474 SSL_CTX_load_verify_locations(3) SSL_CTX_new(3),
475 SSL_CTX_sess_number(3), SSL_CTX_sess_set_cache_size(3),
476 SSL_CTX_sess_set_get_cb(3), SSL_CTX_sessions(3),
477 SSL_CTX_set_cert_store(3), SSL_CTX_set_cert_verify_callback(3),
478 SSL_CTX_set_cipher_list(3), SSL_CTX_set_client_CA_list(3),
479 SSL_CTX_set_client_cert_cb(3), SSL_CTX_set_default_passwd_cb(3),
480 SSL_CTX_set_generate_session_id(3), SSL_CTX_set_info_callback(3),
481 SSL_CTX_set_max_cert_list(3), SSL_CTX_set_mode(3),
482 SSL_CTX_set_msg_callback(3), SSL_CTX_set_options(3),
483 SSL_CTX_set_quiet_shutdown(3), SSL_CTX_set_read_ahead(3),
484 SSL_CTX_set_session_cache_mode(3), SSL_CTX_set_session_id_context(3),
485 SSL_CTX_set_ssl_version(3), SSL_CTX_set_timeout(3),
486 SSL_CTX_set_tmp_rsa_callback(3), SSL_CTX_set_tmp_dh_callback(3),
487 SSL_CTX_set_verify(3), SSL_CTX_use_certificate(3),
488 SSL_alert_type_string(3), SSL_do_handshake(3), SSL_get_SSL_CTX(3),
489 SSL_get_ciphers(3), SSL_get_client_CA_list(3),
490 SSL_get_default_timeout(3), SSL_get_error(3),
491 SSL_get_ex_data_X509_STORE_CTX_idx(3), SSL_get_ex_new_index(3),
492 SSL_get_fd(3), SSL_get_peer_cert_chain(3), SSL_get_rbio(3),
493 SSL_get_session(3), SSL_get_verify_result(3), SSL_get_version(3),
494 SSL_library_init(3), SSL_load_client_CA_file(3), SSL_new(3),
495 SSL_pending(3), SSL_read(3), SSL_rstate_string(3),
496 SSL_session_reused(3), SSL_set_bio(3), SSL_set_connect_state(3),
497 SSL_set_fd(3), SSL_set_session(3), SSL_set_shutdown(3),
498 SSL_shutdown(3), SSL_state_string(3), SSL_want(3), SSL_write(3),
499 SSL_SESSION_free(3), SSL_SESSION_get_ex_new_index(3),
500 SSL_SESSION_get_time(3), d2i_SSL_SESSION(3),
501 SSL_CTX_set_psk_client_callback(3), SSL_CTX_use_psk_identity_hint(3),
502 SSL_get_psk_identity(3)
503
505 The ssl(3) document appeared in OpenSSL 0.9.2
506
507
508
5091.0.2k 2017-01-26 ssl(3)