1SSL_CTX_SET_INFO_CALLBACK(3ossl) OpenSSL SSL_CTX_SET_INFO_CALLBACK(3ossl)
2
3
4
6 SSL_CTX_set_info_callback, SSL_CTX_get_info_callback,
7 SSL_set_info_callback, SSL_get_info_callback - handle information
8 callback for SSL connections
9
11 #include <openssl/ssl.h>
12
13 void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
14 void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
15
16 void SSL_set_info_callback(SSL *ssl, void (*callback)());
17 void (*SSL_get_info_callback(const SSL *ssl))();
18
20 SSL_CTX_set_info_callback() sets the callback function, that can be
21 used to obtain state information for SSL objects created from ctx
22 during connection setup and use. The setting for ctx is overridden from
23 the setting for a specific SSL object, if specified. When callback is
24 NULL, no callback function is used.
25
26 SSL_set_info_callback() sets the callback function, that can be used to
27 obtain state information for ssl during connection setup and use. When
28 callback is NULL, the callback setting currently valid for ctx is used.
29
30 SSL_CTX_get_info_callback() returns a pointer to the currently set
31 information callback function for ctx.
32
33 SSL_get_info_callback() returns a pointer to the currently set
34 information callback function for ssl.
35
37 When setting up a connection and during use, it is possible to obtain
38 state information from the SSL/TLS engine. When set, an information
39 callback function is called whenever a significant event occurs such
40 as: the state changes, an alert appears, or an error occurs.
41
42 The callback function is called as callback(SSL *ssl, int where, int
43 ret). The where argument specifies information about where (in which
44 context) the callback function was called. If ret is 0, an error
45 condition occurred. If an alert is handled, SSL_CB_ALERT is set and
46 ret specifies the alert information.
47
48 where is a bit-mask made up of the following bits:
49
50 SSL_CB_LOOP
51 Callback has been called to indicate state change or some other
52 significant state machine event. This may mean that the callback
53 gets invoked more than once per state in some situations.
54
55 SSL_CB_EXIT
56 Callback has been called to indicate exit of a handshake function.
57 This will happen after the end of a handshake, but may happen at
58 other times too such as on error or when IO might otherwise block
59 and nonblocking is being used.
60
61 SSL_CB_READ
62 Callback has been called during read operation.
63
64 SSL_CB_WRITE
65 Callback has been called during write operation.
66
67 SSL_CB_ALERT
68 Callback has been called due to an alert being sent or received.
69
70 SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
71 SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
72 SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
73 SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
74 SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
75 SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
76 SSL_CB_HANDSHAKE_START
77 Callback has been called because a new handshake is started. It
78 also occurs when resuming a handshake following a pause to handle
79 early data.
80
81 SSL_CB_HANDSHAKE_DONE
82 Callback has been called because a handshake is finished. It also
83 occurs if the handshake is paused to allow the exchange of early
84 data.
85
86 The current state information can be obtained using the
87 SSL_state_string(3) family of functions.
88
89 The ret information can be evaluated using the SSL_alert_type_string(3)
90 family of functions.
91
93 SSL_set_info_callback() does not provide diagnostic information.
94
95 SSL_get_info_callback() returns the current setting.
96
98 The following example callback function prints state strings,
99 information about alerts being handled and error messages to the
100 bio_err BIO.
101
102 void apps_ssl_info_callback(SSL *s, int where, int ret)
103 {
104 const char *str;
105 int w = where & ~SSL_ST_MASK;
106
107 if (w & SSL_ST_CONNECT)
108 str = "SSL_connect";
109 else if (w & SSL_ST_ACCEPT)
110 str = "SSL_accept";
111 else
112 str = "undefined";
113
114 if (where & SSL_CB_LOOP) {
115 BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
116 } else if (where & SSL_CB_ALERT) {
117 str = (where & SSL_CB_READ) ? "read" : "write";
118 BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n", str,
119 SSL_alert_type_string_long(ret),
120 SSL_alert_desc_string_long(ret));
121 } else if (where & SSL_CB_EXIT) {
122 if (ret == 0) {
123 BIO_printf(bio_err, "%s:failed in %s\n",
124 str, SSL_state_string_long(s));
125 } else if (ret < 0) {
126 BIO_printf(bio_err, "%s:error in %s\n",
127 str, SSL_state_string_long(s));
128 }
129 }
130 }
131
133 ssl(7), SSL_state_string(3), SSL_alert_type_string(3)
134
136 Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
137
138 Licensed under the Apache License 2.0 (the "License"). You may not use
139 this file except in compliance with the License. You can obtain a copy
140 in the file LICENSE in the source distribution or at
141 <https://www.openssl.org/source/license.html>.
142
143
144
1453.1.1 2023-08-31 SSL_CTX_SET_INFO_CALLBACK(3ossl)