{"id":4137,"date":"2022-12-20T17:39:30","date_gmt":"2022-12-20T20:39:30","guid":{"rendered":"http:\/\/lode.uno\/linux-man\/index.php\/2022\/12\/20\/ssl-man7\/"},"modified":"2022-12-20T17:39:30","modified_gmt":"2022-12-20T20:39:30","slug":"ssl-man7","status":"publish","type":"post","link":"https:\/\/lode.uno\/linux-man\/2022\/12\/20\/ssl-man7\/","title":{"rendered":"SSL (man7)"},"content":{"rendered":"<h1 align=\"center\">SSL<\/h1>\n<p> <a href=\"#NAME\">NAME<\/a><br \/> <a href=\"#SYNOPSIS\">SYNOPSIS<\/a><br \/> <a href=\"#DESCRIPTION\">DESCRIPTION<\/a><br \/> <a href=\"#DATA STRUCTURES\">DATA STRUCTURES<\/a><br \/> <a href=\"#HEADER FILES\">HEADER FILES<\/a><br \/> <a href=\"#API FUNCTIONS\">API FUNCTIONS<\/a><br \/> <a href=\"#RETURN VALUES\">RETURN VALUES<\/a><br \/> <a href=\"#SEE ALSO\">SEE ALSO<\/a><br \/> <a href=\"#HISTORY\">HISTORY<\/a><br \/> <a href=\"#COPYRIGHT\">COPYRIGHT<\/a> <\/p>\n<hr>\n<h2>NAME <a name=\"NAME\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">ssl \u2212 OpenSSL SSL\/TLS library<\/p>\n<h2>SYNOPSIS <a name=\"SYNOPSIS\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">See the individual manual pages for details.<\/p>\n<h2>DESCRIPTION <a name=\"DESCRIPTION\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">The OpenSSL <b>ssl<\/b> library implements the Secure Sockets Layer ( <small>SSL<\/small> v2\/v3) and Transport Layer Security ( <small>TLS<\/small> v1) protocols. It provides a rich <small>API<\/small> which is documented here.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">An <b><small>SSL_CTX<\/small><\/b> object is created as a framework to establish <small>TLS\/SSL<\/small> enabled connections (see <b>SSL_CTX_new<\/b>(3)). Various options regarding certificates, algorithms etc. can be set in this object.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">When a network connection has been created, it can be assigned to an <b><small>SSL<\/small><\/b> object. After the <b><small>SSL<\/small><\/b> object has been created using <b>SSL_new<\/b>(3), <b>SSL_set_fd<\/b>(3) or <b>SSL_set_bio<\/b>(3) can be used to associate the network connection with the object.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">When the <small>TLS\/SSL<\/small> handshake is performed using <b>SSL_accept<\/b>(3) or <b>SSL_connect<\/b>(3) respectively. <b>SSL_read_ex<\/b>(3), <b>SSL_read<\/b>(3), <b>SSL_write_ex<\/b>(3) and <b>SSL_write<\/b>(3) are used to read and write data on the <small>TLS\/SSL<\/small> connection. <b>SSL_shutdown<\/b>(3) can be used to shut down the <small>TLS\/SSL<\/small> connection.<\/p>\n<h2>DATA STRUCTURES <a name=\"DATA STRUCTURES\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">Currently the OpenSSL <b>ssl<\/b> library functions deals with the following data structures: <b><small><br \/> SSL_METHOD<\/small><\/b> ( <small>SSL<\/small> Method)<\/p>\n<p style=\"margin-left:17%;\">This is a dispatch structure describing the internal <b>ssl<\/b> library methods\/functions which implement the various protocol versions (SSLv3 TLSv1, &#8230;). It\u2019s needed to create an <b><small>SSL_CTX<\/small><\/b> .<\/p>\n<p style=\"margin-left:11%;\"><b><small>SSL_CIPHER<\/small><\/b> ( <small>SSL<\/small> Cipher)<\/p>\n<p style=\"margin-left:17%;\">This structure holds the algorithm information for a particular cipher which are a core part of the <small>SSL\/TLS<\/small> protocol. The available ciphers are configured on a <b><small>SSL_CTX<\/small><\/b> basis and the actual ones used are then part of the <b><small>SSL_SESSION<\/small><\/b> .<\/p>\n<p style=\"margin-left:11%;\"><b><small>SSL_CTX<\/small><\/b> ( <small>SSL<\/small> Context)<\/p>\n<p style=\"margin-left:17%;\">This is the global context structure which is created by a server or client once per program life-time and which holds mainly default values for the <b><small>SSL<\/small><\/b> structures which are later created for the connections.<\/p>\n<p style=\"margin-left:11%;\"><b><small>SSL_SESSION<\/small><\/b> ( <small>SSL<\/small> Session)<\/p>\n<p style=\"margin-left:17%;\">This is a structure containing the current <small>TLS\/SSL<\/small> session details for a connection: <b><small>SSL_CIPHER<\/small><\/b> s, client and server certificates, keys, etc.<\/p>\n<p style=\"margin-left:11%;\"><b><small>SSL<\/small><\/b> ( <small>SSL<\/small> Connection)<\/p>\n<p style=\"margin-left:17%;\">This is the main <small>SSL\/TLS<\/small> structure which is created by a server or client per established connection. This actually is the core structure in the <small>SSL API.<\/small> At run-time the application usually deals with this structure which has links to mostly all other structures.<\/p>\n<h2>HEADER FILES <a name=\"HEADER FILES\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">Currently the OpenSSL <b>ssl<\/b> library provides the following C header files containing the prototypes for the data structures and functions: <b><br \/> ssl.h<\/b><\/p>\n<p style=\"margin-left:17%;\">This is the common header file for the <small>SSL\/TLS API.<\/small> Include it into your program to make the <small>API<\/small> of the <b>ssl<\/b> library available. It internally includes both more private <small>SSL<\/small> headers and headers from the <b>crypto<\/b> library. Whenever you need hard-core details on the internals of the <small>SSL API,<\/small> look inside this header file.<\/p>\n<p style=\"margin-left:11%;\"><b>ssl2.h<\/b><\/p>\n<p style=\"margin-left:17%;\">Unused. Present for backwards compatibility only.<\/p>\n<p style=\"margin-left:11%;\"><b>ssl3.h<\/b><\/p>\n<p style=\"margin-left:17%;\">This is the sub header file dealing with the SSLv3 protocol only. <i>Usually you don\u2019t have to include it explicitly because it\u2019s already included by ssl.h<\/i>.<\/p>\n<p style=\"margin-left:11%;\"><b>tls1.h<\/b><\/p>\n<p style=\"margin-left:17%;\">This is the sub header file dealing with the TLSv1 protocol only. <i>Usually you don\u2019t have to include it explicitly because it\u2019s already included by ssl.h<\/i>.<\/p>\n<h2>API FUNCTIONS <a name=\"API FUNCTIONS\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">Currently the OpenSSL <b>ssl<\/b> library exports 214 <small>API<\/small> functions. They are documented in the following:<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>Dealing with Protocol Methods<\/b> <br \/> Here we document the various <small>API<\/small> functions which deal with the <small>SSL\/TLS<\/small> protocol methods defined in <b><small>SSL_METHOD<\/small><\/b> structures. <br \/> const <small>SSL_METHOD<\/small> *<b>TLS_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the <i>version-flexible<\/i> <small>SSL_METHOD<\/small> structure for clients, servers or both. See <b>SSL_CTX_new<\/b>(3) for details.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLS_client_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the <i>version-flexible<\/i> <small>SSL_METHOD<\/small> structure for clients. Must be used to support the TLSv1.3 protocol.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLS_server_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the <i>version-flexible<\/i> <small>SSL_METHOD<\/small> structure for servers. Must be used to support the TLSv1.3 protocol.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLSv1_2_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the TLSv1.2 <small>SSL_METHOD<\/small> structure for clients, servers or both.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLSv1_2_client_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the TLSv1.2 <small>SSL_METHOD<\/small> structure for clients.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLSv1_2_server_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the TLSv1.2 <small>SSL_METHOD<\/small> structure for servers.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLSv1_1_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the TLSv1.1 <small>SSL_METHOD<\/small> structure for clients, servers or both.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLSv1_1_client_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the TLSv1.1 <small>SSL_METHOD<\/small> structure for clients.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLSv1_1_server_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the TLSv1.1 <small>SSL_METHOD<\/small> structure for servers.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLSv1_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the TLSv1 <small>SSL_METHOD<\/small> structure for clients, servers or both.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLSv1_client_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the TLSv1 <small>SSL_METHOD<\/small> structure for clients.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>TLSv1_server_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the TLSv1 <small>SSL_METHOD<\/small> structure for servers.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>SSLv3_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the SSLv3 <small>SSL_METHOD<\/small> structure for clients, servers or both.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>SSLv3_client_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the SSLv3 <small>SSL_METHOD<\/small> structure for clients.<\/p>\n<p style=\"margin-left:11%;\">const <small>SSL_METHOD<\/small> *<b>SSLv3_server_method<\/b>(void);<\/p>\n<p style=\"margin-left:17%;\">Constructor for the SSLv3 <small>SSL_METHOD<\/small> structure for servers.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>Dealing with Ciphers<\/b> <br \/> Here we document the various <small>API<\/small> functions which deal with the <small>SSL\/TLS<\/small> ciphers defined in <b><small>SSL_CIPHER<\/small><\/b> structures. <br \/> char *<b>SSL_CIPHER_description<\/b>( <small>SSL_CIPHER<\/small> *cipher, char *buf, int len);<\/p>\n<p style=\"margin-left:17%;\">Write a string to <i>buf<\/i> (with a maximum size of <i>len<\/i>) containing a human readable description of <i>cipher<\/i>. Returns <i>buf<\/i>.<\/p>\n<p style=\"margin-left:11%;\">int <b>SSL_CIPHER_get_bits<\/b>( <small>SSL_CIPHER<\/small> *cipher, int *alg_bits);<\/p>\n<p style=\"margin-left:17%;\">Determine the number of bits in <i>cipher<\/i>. Because of export crippled ciphers there are two bits: The bits the algorithm supports in general (stored to <i>alg_bits<\/i>) and the bits which are actually used (the return value).<\/p>\n<p style=\"margin-left:11%;\">const char *<b>SSL_CIPHER_get_name<\/b>( <small>SSL_CIPHER<\/small> *cipher);<\/p>\n<p style=\"margin-left:17%;\">Return the internal name of <i>cipher<\/i> as a string. These are the various strings defined by the <i>SSL3_TXT_xxx<\/i> and <i>TLS1_TXT_xxx<\/i> definitions in the header files.<\/p>\n<p style=\"margin-left:11%;\">const char *<b>SSL_CIPHER_get_version<\/b>( <small>SSL_CIPHER<\/small> *cipher);<\/p>\n<p style=\"margin-left:17%;\">Returns a string like &#8220;&#8221;SSLv3&#8243;&#8221; or &#8220;&#8221;TLSv1.2&#8243;&#8221; which indicates the <small>SSL\/TLS<\/small> protocol version to which <i>cipher<\/i> belongs (i.e. where it was defined in the specification the first time).<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>Dealing with Protocol Contexts<\/b> <br \/> Here we document the various <small>API<\/small> functions which deal with the <small>SSL\/TLS<\/small> protocol context defined in the <b><small>SSL_CTX<\/small><\/b> structure. <br \/> int <b>SSL_CTX_add_client_CA<\/b>( <small>SSL_CTX<\/small> *ctx, X509 *x); <br \/> long <b>SSL_CTX_add_extra_chain_cert<\/b>( <small>SSL_CTX<\/small> *ctx, X509 *x509); <br \/> int <b>SSL_CTX_add_session<\/b>( <small>SSL_CTX<\/small> *ctx, <small>SSL_SESSION<\/small> *c); <br \/> int <b>SSL_CTX_check_private_key<\/b>(const <small>SSL_CTX<\/small> *ctx); <br \/> long <b>SSL_CTX_ctrl<\/b>( <small>SSL_CTX<\/small> *ctx, int cmd, long larg, char *parg); <br \/> void <b>SSL_CTX_flush_sessions<\/b>( <small>SSL_CTX<\/small> *s, long t); <br \/> void <b>SSL_CTX_free<\/b>( <small>SSL_CTX<\/small> *a); <br \/> char *<b>SSL_CTX_get_app_data<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> X509_STORE *<b>SSL_CTX_get_cert_store<\/b>( <small>SSL_CTX<\/small> *ctx); <small><br \/> STACK<\/small> *<b>SSL_CTX_get_ciphers<\/b>(const <small>SSL_CTX<\/small> *ctx); <small><br \/> STACK<\/small> *<b>SSL_CTX_get_client_CA_list<\/b>(const <small>SSL_CTX<\/small> *ctx); <br \/> int (*<b>SSL_CTX_get_client_cert_cb<\/b>( <small>SSL_CTX<\/small> *ctx))( <small>SSL<\/small> *ssl, X509 **x509, <small><br \/> EVP_PKEY<\/small> **pkey); <br \/> void <b>SSL_CTX_get_default_read_ahead<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> char *<b>SSL_CTX_get_ex_data<\/b>(const <small>SSL_CTX<\/small> *s, int idx); <br \/> int <b>SSL_CTX_get_ex_new_index<\/b>(long argl, char *argp, int <br \/> (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) <br \/> void (*<b>SSL_CTX_get_info_callback<\/b>( <small>SSL_CTX<\/small> *ctx))( <small>SSL<\/small> *ssl, int cb, int <br \/> ret); <br \/> int <b>SSL_CTX_get_quiet_shutdown<\/b>(const <small>SSL_CTX<\/small> *ctx); <br \/> void <b>SSL_CTX_get_read_ahead<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_get_session_cache_mode<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> long <b>SSL_CTX_get_timeout<\/b>(const <small>SSL_CTX<\/small> *ctx); <br \/> int (*<b>SSL_CTX_get_verify_callback<\/b>(const <small>SSL_CTX<\/small> *ctx))(int ok, <br \/> X509_STORE_CTX *ctx); <br \/> int <b>SSL_CTX_get_verify_mode<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_load_verify_locations<\/b>( <small>SSL_CTX<\/small> *ctx, const char *CAfile, <br \/> const char *CApath); <small><br \/> SSL_CTX<\/small> *<b>SSL_CTX_new<\/b>(const <small>SSL_METHOD<\/small> *meth); <br \/> int SSL_CTX_up_ref( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_remove_session<\/b>( <small>SSL_CTX<\/small> *ctx, <small>SSL_SESSION<\/small> *c); <br \/> int <b>SSL_CTX_sess_accept<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_accept_good<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_accept_renegotiate<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_cache_full<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_cb_hits<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_connect<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_connect_good<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_connect_renegotiate<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_get_cache_size<\/b>( <small>SSL_CTX<\/small> *ctx); <small><br \/> SSL_SESSION<\/small> *(*<b>SSL_CTX_sess_get_get_cb<\/b>( <small>SSL_CTX<\/small> *ctx))( <small>SSL<\/small> *ssl, <br \/> unsigned char *data, int len, int *copy); <br \/> int (*<b>SSL_CTX_sess_get_new_cb<\/b>( <small>SSL_CTX<\/small> *ctx)( <small>SSL<\/small> *ssl, <small>SSL_SESSION<\/small> <br \/> *sess); <br \/> void (*<b>SSL_CTX_sess_get_remove_cb<\/b>( <small>SSL_CTX<\/small> *ctx)( <small>SSL_CTX<\/small> *ctx, <small><br \/> SSL_SESSION<\/small> *sess); <br \/> int <b>SSL_CTX_sess_hits<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_misses<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_sess_number<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> void <b>SSL_CTX_sess_set_cache_size<\/b>( <small>SSL_CTX<\/small> *ctx, t); <br \/> void <b>SSL_CTX_sess_set_get_cb<\/b>( <small>SSL_CTX<\/small> *ctx, <small>SSL_SESSION<\/small> *(*cb)( <small>SSL<\/small> *ssl, <br \/> unsigned char *data, int len, int *copy)); <br \/> void <b>SSL_CTX_sess_set_new_cb<\/b>( <small>SSL_CTX<\/small> *ctx, int (*cb)( <small>SSL<\/small> *ssl, <small><br \/> SSL_SESSION<\/small> *sess)); <br \/> void <b>SSL_CTX_sess_set_remove_cb<\/b>( <small>SSL_CTX<\/small> *ctx, void (*cb)( <small>SSL_CTX<\/small> *ctx, <small><br \/> SSL_SESSION<\/small> *sess)); <br \/> int <b>SSL_CTX_sess_timeouts<\/b>( <small>SSL_CTX<\/small> *ctx); <small><br \/> LHASH<\/small> *<b>SSL_CTX_sessions<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int <b>SSL_CTX_set_app_data<\/b>( <small>SSL_CTX<\/small> *ctx, void *arg); <br \/> void <b>SSL_CTX_set_cert_store<\/b>( <small>SSL_CTX<\/small> *ctx, X509_STORE *cs); <br \/> void <b>SSL_CTX_set1_cert_store<\/b>( <small>SSL_CTX<\/small> *ctx, X509_STORE *cs); <br \/> void <b>SSL_CTX_set_cert_verify_cb<\/b>( <small>SSL_CTX<\/small> *ctx, int (*cb)(), char *arg) <br \/> int <b>SSL_CTX_set_cipher_list<\/b>( <small>SSL_CTX<\/small> *ctx, char *str); <br \/> void <b>SSL_CTX_set_client_CA_list<\/b>( <small>SSL_CTX<\/small> *ctx, <small>STACK<\/small> *list); <br \/> void <b>SSL_CTX_set_client_cert_cb<\/b>( <small>SSL_CTX<\/small> *ctx, int (*cb)( <small>SSL<\/small> *ssl, X509 <br \/> **x509, <small>EVP_PKEY<\/small> **pkey)); <br \/> int <b>SSL_CTX_set_ct_validation_callback<\/b>( <small>SSL_CTX<\/small> *ctx, <br \/> ssl_ct_validation_cb callback, void *arg); <br \/> void <b>SSL_CTX_set_default_passwd_cb<\/b>( <small>SSL_CTX<\/small> *ctx, int (*cb);(void)) <br \/> void <b>SSL_CTX_set_default_read_ahead<\/b>( <small>SSL_CTX<\/small> *ctx, int m); <br \/> int <b>SSL_CTX_set_default_verify_paths<\/b>( <small>SSL_CTX<\/small> *ctx);<\/p>\n<p style=\"margin-left:17%;\">Use the default paths to locate trusted <small>CA<\/small> certificates. There is one default directory path and one default file path. Both are set via this call.<\/p>\n<p style=\"margin-left:11%;\">int <b>SSL_CTX_set_default_verify_dir<\/b>( <small>SSL_CTX<\/small> *ctx)<\/p>\n<p style=\"margin-left:17%;\">Use the default directory path to locate trusted <small>CA<\/small> certificates.<\/p>\n<p style=\"margin-left:11%;\">int <b>SSL_CTX_set_default_verify_file<\/b>( <small>SSL_CTX<\/small> *ctx)<\/p>\n<p style=\"margin-left:17%;\">Use the file path to locate trusted <small>CA<\/small> certificates.<\/p>\n<p style=\"margin-left:11%;\">int <b>SSL_CTX_set_ex_data<\/b>( <small>SSL_CTX<\/small> *s, int idx, char *arg); <br \/> void <b>SSL_CTX_set_info_callback<\/b>( <small>SSL_CTX<\/small> *ctx, void (*cb)( <small>SSL<\/small> *ssl, int <br \/> cb, int ret)); <br \/> void <b>SSL_CTX_set_msg_callback<\/b>( <small>SSL_CTX<\/small> *ctx, void (*cb)(int write_p, int <br \/> version, int content_type, const void *buf, size_t len, <small>SSL<\/small> *ssl, void <br \/> *arg)); <br \/> void <b>SSL_CTX_set_msg_callback_arg<\/b>( <small>SSL_CTX<\/small> *ctx, void *arg); <br \/> unsigned long <b>SSL_CTX_clear_options<\/b>( <small>SSL_CTX<\/small> *ctx, unsigned long op); <br \/> unsigned long <b>SSL_CTX_get_options<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> unsigned long <b>SSL_CTX_set_options<\/b>( <small>SSL_CTX<\/small> *ctx, unsigned long op); <br \/> void <b>SSL_CTX_set_quiet_shutdown<\/b>( <small>SSL_CTX<\/small> *ctx, int mode); <br \/> void <b>SSL_CTX_set_read_ahead<\/b>( <small>SSL_CTX<\/small> *ctx, int m); <br \/> void <b>SSL_CTX_set_session_cache_mode<\/b>( <small>SSL_CTX<\/small> *ctx, int mode); <br \/> int <b>SSL_CTX_set_ssl_version<\/b>( <small>SSL_CTX<\/small> *ctx, const <small>SSL_METHOD<\/small> *meth); <br \/> void <b>SSL_CTX_set_timeout<\/b>( <small>SSL_CTX<\/small> *ctx, long t); <br \/> long <b>SSL_CTX_set_tmp_dh<\/b>(SSL_CTX* ctx, <small>DH<\/small> *dh); <br \/> long <b>SSL_CTX_set_tmp_dh_callback<\/b>( <small>SSL_CTX<\/small> *ctx, <small>DH<\/small> *(*cb)(void)); <br \/> void <b>SSL_CTX_set_verify<\/b>( <small>SSL_CTX<\/small> *ctx, int mode, int (*cb);(void)) <br \/> int <b>SSL_CTX_use_PrivateKey<\/b>( <small>SSL_CTX<\/small> *ctx, <small>EVP_PKEY<\/small> *pkey); <br \/> int <b>SSL_CTX_use_PrivateKey_ASN1<\/b>(int type, <small>SSL_CTX<\/small> *ctx, unsigned char <br \/> *d, long len); <br \/> int <b>SSL_CTX_use_PrivateKey_file<\/b>( <small>SSL_CTX<\/small> *ctx, const char *file, int <br \/> type); <br \/> int <b>SSL_CTX_use_RSAPrivateKey<\/b>( <small>SSL_CTX<\/small> *ctx, <small>RSA<\/small> *rsa); <br \/> int <b>SSL_CTX_use_RSAPrivateKey_ASN1<\/b>( <small>SSL_CTX<\/small> *ctx, unsigned char *d, long <br \/> len); <br \/> int <b>SSL_CTX_use_RSAPrivateKey_file<\/b>( <small>SSL_CTX<\/small> *ctx, const char *file, int <br \/> type); <br \/> int <b>SSL_CTX_use_certificate<\/b>( <small>SSL_CTX<\/small> *ctx, X509 *x); <br \/> int <b>SSL_CTX_use_certificate_ASN1<\/b>( <small>SSL_CTX<\/small> *ctx, int len, unsigned char <br \/> *d); <br \/> int <b>SSL_CTX_use_certificate_file<\/b>( <small>SSL_CTX<\/small> *ctx, const char *file, int <br \/> type); <br \/> int <b>SSL_CTX_use_cert_and_key<\/b>( <small>SSL_CTX<\/small> *ctx, X509 *x, <small>EVP_PKEY<\/small> *pkey, <small><br \/> STACK_OF<\/small> (X509) *chain, int override); <br \/> X509 *<b>SSL_CTX_get0_certificate<\/b>(const <small>SSL_CTX<\/small> *ctx); <small><br \/> EVP_PKEY<\/small> *<b>SSL_CTX_get0_privatekey<\/b>(const <small>SSL_CTX<\/small> *ctx); <br \/> void <b>SSL_CTX_set_psk_client_callback<\/b>( <small>SSL_CTX<\/small> *ctx, unsigned int <br \/> (*callback)( <small>SSL<\/small> *ssl, const char *hint, char *identity, unsigned int <br \/> max_identity_len, unsigned char *psk, unsigned int max_psk_len)); <br \/> int <b>SSL_CTX_use_psk_identity_hint<\/b>( <small>SSL_CTX<\/small> *ctx, const char *hint); <br \/> void <b>SSL_CTX_set_psk_server_callback<\/b>( <small>SSL_CTX<\/small> *ctx, unsigned int <br \/> (*callback)( <small>SSL<\/small> *ssl, const char *identity, unsigned char *psk, int <br \/> max_psk_len));<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>Dealing with Sessions<\/b> <br \/> Here we document the various <small>API<\/small> functions which deal with the <small>SSL\/TLS<\/small> sessions defined in the <b><small>SSL_SESSION<\/small><\/b> structures. <br \/> int <b>SSL_SESSION_cmp<\/b>(const <small>SSL_SESSION<\/small> *a, const <small>SSL_SESSION<\/small> *b); <br \/> void <b>SSL_SESSION_free<\/b>( <small>SSL_SESSION<\/small> *ss); <br \/> char *<b>SSL_SESSION_get_app_data<\/b>( <small>SSL_SESSION<\/small> *s); <br \/> char *<b>SSL_SESSION_get_ex_data<\/b>(const <small>SSL_SESSION<\/small> *s, int idx); <br \/> int <b>SSL_SESSION_get_ex_new_index<\/b>(long argl, char *argp, int <br \/> (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) <br \/> long <b>SSL_SESSION_get_time<\/b>(const <small>SSL_SESSION<\/small> *s); <br \/> long <b>SSL_SESSION_get_timeout<\/b>(const <small>SSL_SESSION<\/small> *s); <br \/> unsigned long <b>SSL_SESSION_hash<\/b>(const <small>SSL_SESSION<\/small> *a); <small><br \/> SSL_SESSION<\/small> *<b>SSL_SESSION_new<\/b>(void); <br \/> int <b>SSL_SESSION_print<\/b>( <small>BIO<\/small> *bp, const <small>SSL_SESSION<\/small> *x); <br \/> int <b>SSL_SESSION_print_fp<\/b>( <small>FILE<\/small> *fp, const <small>SSL_SESSION<\/small> *x); <br \/> int <b>SSL_SESSION_set_app_data<\/b>( <small>SSL_SESSION<\/small> *s, char *a); <br \/> int <b>SSL_SESSION_set_ex_data<\/b>( <small>SSL_SESSION<\/small> *s, int idx, char *arg); <br \/> long <b>SSL_SESSION_set_time<\/b>( <small>SSL_SESSION<\/small> *s, long t); <br \/> long <b>SSL_SESSION_set_timeout<\/b>( <small>SSL_SESSION<\/small> *s, long t);<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>Dealing with Connections<\/b> <br \/> Here we document the various <small>API<\/small> functions which deal with the <small>SSL\/TLS<\/small> connection defined in the <b><small>SSL<\/small><\/b> structure. <br \/> int <b>SSL_accept<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_add_dir_cert_subjects_to_stack<\/b>( <small>STACK<\/small> *stack, const char *dir); <br \/> int <b>SSL_add_file_cert_subjects_to_stack<\/b>( <small>STACK<\/small> *stack, const char <br \/> *file); <br \/> int <b>SSL_add_client_CA<\/b>( <small>SSL<\/small> *ssl, X509 *x); <br \/> char *<b>SSL_alert_desc_string<\/b>(int value); <br \/> char *<b>SSL_alert_desc_string_long<\/b>(int value); <br \/> char *<b>SSL_alert_type_string<\/b>(int value); <br \/> char *<b>SSL_alert_type_string_long<\/b>(int value); <br \/> int <b>SSL_check_private_key<\/b>(const <small>SSL<\/small> *ssl); <br \/> void <b>SSL_clear<\/b>( <small>SSL<\/small> *ssl); <br \/> long <b>SSL_clear_num_renegotiations<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_connect<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_copy_session_id<\/b>( <small>SSL<\/small> *t, const <small>SSL<\/small> *f);<\/p>\n<p style=\"margin-left:17%;\">Sets the session details for <b>t<\/b> to be the same as in <b>f<\/b>. Returns 1 on success or 0 on failure.<\/p>\n<p style=\"margin-left:11%;\">long <b>SSL_ctrl<\/b>( <small>SSL<\/small> *ssl, int cmd, long larg, char *parg); <br \/> int <b>SSL_do_handshake<\/b>( <small>SSL<\/small> *ssl); <small><br \/> SSL<\/small> *<b>SSL_dup<\/b>( <small>SSL<\/small> *ssl);<\/p>\n<p style=\"margin-left:17%;\"><b>SSL_dup()<\/b> allows applications to configure an <small>SSL<\/small> handle for use in multiple <small>SSL<\/small> connections, and then duplicate it prior to initiating each connection with the duplicated handle. Use of <b>SSL_dup()<\/b> avoids the need to repeat the configuration of the handles for each connection.<\/p>\n<p style=\"margin-left:17%; margin-top: 1em\">For <b>SSL_dup()<\/b> to work, the connection <small>MUST<\/small> be in its initial state and <small>MUST NOT<\/small> have not yet have started the <small>SSL<\/small> handshake. For connections that are not in their initial state <b>SSL_dup()<\/b> just increments an internal reference count and returns the <i>same<\/i> handle. It may be possible to use <b>SSL_clear<\/b>(3) to recycle an <small>SSL<\/small> handle that is not in its initial state for re-use, but this is best avoided. Instead, save and restore the session, if desired, and construct a fresh handle for each connection.<\/p>\n<p style=\"margin-left:11%;\"><small>STACK<\/small> *<b>SSL_dup_CA_list<\/b>( <small>STACK<\/small> *sk); <br \/> void <b>SSL_free<\/b>( <small>SSL<\/small> *ssl); <small><br \/> SSL_CTX<\/small> *<b>SSL_get_SSL_CTX<\/b>(const <small>SSL<\/small> *ssl); <br \/> char *<b>SSL_get_app_data<\/b>( <small>SSL<\/small> *ssl); <br \/> X509 *<b>SSL_get_certificate<\/b>(const <small>SSL<\/small> *ssl); <br \/> const char *<b>SSL_get_cipher<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_is_dtls<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_get_cipher_bits<\/b>(const <small>SSL<\/small> *ssl, int *alg_bits); <br \/> char *<b>SSL_get_cipher_list<\/b>(const <small>SSL<\/small> *ssl, int n); <br \/> char *<b>SSL_get_cipher_name<\/b>(const <small>SSL<\/small> *ssl); <br \/> char *<b>SSL_get_cipher_version<\/b>(const <small>SSL<\/small> *ssl); <small><br \/> STACK<\/small> *<b>SSL_get_ciphers<\/b>(const <small>SSL<\/small> *ssl); <small><br \/> STACK<\/small> *<b>SSL_get_client_CA_list<\/b>(const <small>SSL<\/small> *ssl); <small><br \/> SSL_CIPHER<\/small> *<b>SSL_get_current_cipher<\/b>( <small>SSL<\/small> *ssl); <br \/> long <b>SSL_get_default_timeout<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_get_error<\/b>(const <small>SSL<\/small> *ssl, int i); <br \/> char *<b>SSL_get_ex_data<\/b>(const <small>SSL<\/small> *ssl, int idx); <br \/> int <b>SSL_get_ex_data_X509_STORE_CTX_idx<\/b>(void); <br \/> int <b>SSL_get_ex_new_index<\/b>(long argl, char *argp, int (*new_func);(void), <br \/> int (*dup_func)(void), void (*free_func)(void)) <br \/> int <b>SSL_get_fd<\/b>(const <small>SSL<\/small> *ssl); <br \/> void (*<b>SSL_get_info_callback<\/b>(const <small>SSL<\/small> *ssl);)() <br \/> int <b>SSL_get_key_update_type<\/b>( <small>SSL<\/small> *s); <small><br \/> STACK<\/small> *<b>SSL_get_peer_cert_chain<\/b>(const <small>SSL<\/small> *ssl); <br \/> X509 *<b>SSL_get_peer_certificate<\/b>(const <small>SSL<\/small> *ssl); <br \/> const <small>STACK_OF<\/small> ( <small>SCT<\/small> ) *<b>SSL_get0_peer_scts<\/b>( <small>SSL<\/small> *s); <small><br \/> EVP_PKEY<\/small> *<b>SSL_get_privatekey<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_get_quiet_shutdown<\/b>(const <small>SSL<\/small> *ssl); <small><br \/> BIO<\/small> *<b>SSL_get_rbio<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_get_read_ahead<\/b>(const <small>SSL<\/small> *ssl); <small><br \/> SSL_SESSION<\/small> *<b>SSL_get_session<\/b>(const <small>SSL<\/small> *ssl); <br \/> char *<b>SSL_get_shared_ciphers<\/b>(const <small>SSL<\/small> *ssl, char *buf, int size); <br \/> int <b>SSL_get_shutdown<\/b>(const <small>SSL<\/small> *ssl); <br \/> const <small>SSL_METHOD<\/small> *<b>SSL_get_ssl_method<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_get_state<\/b>(const <small>SSL<\/small> *ssl); <br \/> long <b>SSL_get_time<\/b>(const <small>SSL<\/small> *ssl); <br \/> long <b>SSL_get_timeout<\/b>(const <small>SSL<\/small> *ssl); <br \/> int (*<b>SSL_get_verify_callback<\/b>(const <small>SSL<\/small> *ssl))(int, X509_STORE_CTX *) <br \/> int <b>SSL_get_verify_mode<\/b>(const <small>SSL<\/small> *ssl); <br \/> long <b>SSL_get_verify_result<\/b>(const <small>SSL<\/small> *ssl); <br \/> char *<b>SSL_get_version<\/b>(const <small>SSL<\/small> *ssl); <small><br \/> BIO<\/small> *<b>SSL_get_wbio<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_in_accept_init<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_in_before<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_in_connect_init<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_in_init<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_is_init_finished<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_key_update<\/b>( <small>SSL<\/small> *s, int updatetype); <small><br \/> STACK<\/small> *<b>SSL_load_client_CA_file<\/b>(const char *file); <small><br \/> SSL<\/small> *<b>SSL_new<\/b>( <small>SSL_CTX<\/small> *ctx); <br \/> int SSL_up_ref( <small>SSL<\/small> *s); <br \/> long <b>SSL_num_renegotiations<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_peek<\/b>( <small>SSL<\/small> *ssl, void *buf, int num); <br \/> int <b>SSL_pending<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_read<\/b>( <small>SSL<\/small> *ssl, void *buf, int num); <br \/> int <b>SSL_renegotiate<\/b>( <small>SSL<\/small> *ssl); <br \/> char *<b>SSL_rstate_string<\/b>( <small>SSL<\/small> *ssl); <br \/> char *<b>SSL_rstate_string_long<\/b>( <small>SSL<\/small> *ssl); <br \/> long <b>SSL_session_reused<\/b>( <small>SSL<\/small> *ssl); <br \/> void <b>SSL_set_accept_state<\/b>( <small>SSL<\/small> *ssl); <br \/> void <b>SSL_set_app_data<\/b>( <small>SSL<\/small> *ssl, char *arg); <br \/> void <b>SSL_set_bio<\/b>( <small>SSL<\/small> *ssl, <small>BIO<\/small> *rbio, <small>BIO<\/small> *wbio); <br \/> int <b>SSL_set_cipher_list<\/b>( <small>SSL<\/small> *ssl, char *str); <br \/> void <b>SSL_set_client_CA_list<\/b>( <small>SSL<\/small> *ssl, <small>STACK<\/small> *list); <br \/> void <b>SSL_set_connect_state<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_set_ct_validation_callback<\/b>( <small>SSL<\/small> *ssl, ssl_ct_validation_cb <br \/> callback, void *arg); <br \/> int <b>SSL_set_ex_data<\/b>( <small>SSL<\/small> *ssl, int idx, char *arg); <br \/> int <b>SSL_set_fd<\/b>( <small>SSL<\/small> *ssl, int fd); <br \/> void <b>SSL_set_info_callback<\/b>( <small>SSL<\/small> *ssl, void (*cb);(void)) <br \/> void <b>SSL_set_msg_callback<\/b>( <small>SSL<\/small> *ctx, void (*cb)(int write_p, int <br \/> version, int content_type, const void *buf, size_t len, <small>SSL<\/small> *ssl, void <br \/> *arg)); <br \/> void <b>SSL_set_msg_callback_arg<\/b>( <small>SSL<\/small> *ctx, void *arg); <br \/> unsigned long <b>SSL_clear_options<\/b>( <small>SSL<\/small> *ssl, unsigned long op); <br \/> unsigned long <b>SSL_get_options<\/b>( <small>SSL<\/small> *ssl); <br \/> unsigned long <b>SSL_set_options<\/b>( <small>SSL<\/small> *ssl, unsigned long op); <br \/> void <b>SSL_set_quiet_shutdown<\/b>( <small>SSL<\/small> *ssl, int mode); <br \/> void <b>SSL_set_read_ahead<\/b>( <small>SSL<\/small> *ssl, int yes); <br \/> int <b>SSL_set_rfd<\/b>( <small>SSL<\/small> *ssl, int fd); <br \/> int <b>SSL_set_session<\/b>( <small>SSL<\/small> *ssl, <small>SSL_SESSION<\/small> *session); <br \/> void <b>SSL_set_shutdown<\/b>( <small>SSL<\/small> *ssl, int mode); <br \/> int <b>SSL_set_ssl_method<\/b>( <small>SSL<\/small> *ssl, const <small>SSL_METHOD<\/small> *meth); <br \/> void <b>SSL_set_time<\/b>( <small>SSL<\/small> *ssl, long t); <br \/> void <b>SSL_set_timeout<\/b>( <small>SSL<\/small> *ssl, long t); <br \/> void <b>SSL_set_verify<\/b>( <small>SSL<\/small> *ssl, int mode, int (*callback);(void)) <br \/> void <b>SSL_set_verify_result<\/b>( <small>SSL<\/small> *ssl, long arg); <br \/> int <b>SSL_set_wfd<\/b>( <small>SSL<\/small> *ssl, int fd); <br \/> int <b>SSL_shutdown<\/b>( <small>SSL<\/small> *ssl); <small><br \/> OSSL_HANDSHAKE_STATE<\/small> <b>SSL_get_state<\/b>(const <small>SSL<\/small> *ssl);<\/p>\n<p style=\"margin-left:17%;\">Returns the current handshake state.<\/p>\n<p style=\"margin-left:11%;\">char *<b>SSL_state_string<\/b>(const <small>SSL<\/small> *ssl); <br \/> char *<b>SSL_state_string_long<\/b>(const <small>SSL<\/small> *ssl); <br \/> long <b>SSL_total_renegotiations<\/b>( <small>SSL<\/small> *ssl); <br \/> int <b>SSL_use_PrivateKey<\/b>( <small>SSL<\/small> *ssl, <small>EVP_PKEY<\/small> *pkey); <br \/> int <b>SSL_use_PrivateKey_ASN1<\/b>(int type, <small>SSL<\/small> *ssl, unsigned char *d, long <br \/> len); <br \/> int <b>SSL_use_PrivateKey_file<\/b>( <small>SSL<\/small> *ssl, const char *file, int type); <br \/> int <b>SSL_use_RSAPrivateKey<\/b>( <small>SSL<\/small> *ssl, <small>RSA<\/small> *rsa); <br \/> int <b>SSL_use_RSAPrivateKey_ASN1<\/b>( <small>SSL<\/small> *ssl, unsigned char *d, long len); <br \/> int <b>SSL_use_RSAPrivateKey_file<\/b>( <small>SSL<\/small> *ssl, const char *file, int type); <br \/> int <b>SSL_use_certificate<\/b>( <small>SSL<\/small> *ssl, X509 *x); <br \/> int <b>SSL_use_certificate_ASN1<\/b>( <small>SSL<\/small> *ssl, int len, unsigned char *d); <br \/> int <b>SSL_use_certificate_file<\/b>( <small>SSL<\/small> *ssl, const char *file, int type); <br \/> int <b>SSL_use_cert_and_key<\/b>( <small>SSL<\/small> *ssl, X509 *x, <small>EVP_PKEY<\/small> *pkey, <small><br \/> STACK_OF<\/small> (X509) *chain, int override); <br \/> int <b>SSL_version<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_want<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_want_nothing<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_want_read<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_want_write<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_want_x509_lookup<\/b>(const <small>SSL<\/small> *ssl); <br \/> int <b>SSL_write<\/b>( <small>SSL<\/small> *ssl, const void *buf, int num); <br \/> void <b>SSL_set_psk_client_callback<\/b>( <small>SSL<\/small> *ssl, unsigned int (*callback)( <small>SSL<\/small> <br \/> *ssl, const char *hint, char *identity, unsigned int max_identity_len, <br \/> unsigned char *psk, unsigned int max_psk_len)); <br \/> int <b>SSL_use_psk_identity_hint<\/b>( <small>SSL<\/small> *ssl, const char *hint); <br \/> void <b>SSL_set_psk_server_callback<\/b>( <small>SSL<\/small> *ssl, unsigned int (*callback)( <small>SSL<\/small> <br \/> *ssl, const char *identity, unsigned char *psk, int max_psk_len)); <br \/> const char *<b>SSL_get_psk_identity_hint<\/b>( <small>SSL<\/small> *ssl); <br \/> const char *<b>SSL_get_psk_identity<\/b>( <small>SSL<\/small> *ssl);<\/p>\n<h2>RETURN VALUES <a name=\"RETURN VALUES\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">See the individual manual pages for details.<\/p>\n<h2>SEE ALSO <a name=\"SEE ALSO\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>openssl<\/b>(1), <b>crypto<\/b>(7), <b>CRYPTO_get_ex_new_index<\/b>(3), <b>SSL_accept<\/b>(3), <b>SSL_clear<\/b>(3), <b>SSL_connect<\/b>(3), <b>SSL_CIPHER_get_name<\/b>(3), <b>SSL_COMP_add_compression_method<\/b>(3), <b>SSL_CTX_add_extra_chain_cert<\/b>(3), <b>SSL_CTX_add_session<\/b>(3), <b>SSL_CTX_ctrl<\/b>(3), <b>SSL_CTX_flush_sessions<\/b>(3), <b>SSL_CTX_get_verify_mode<\/b>(3), <b>SSL_CTX_load_verify_locations<\/b>(3) <b>SSL_CTX_new<\/b>(3), <b>SSL_CTX_sess_number<\/b>(3), <b>SSL_CTX_sess_set_cache_size<\/b>(3), <b>SSL_CTX_sess_set_get_cb<\/b>(3), <b>SSL_CTX_sessions<\/b>(3), <b>SSL_CTX_set_cert_store<\/b>(3), <b>SSL_CTX_set_cert_verify_callback<\/b>(3), <b>SSL_CTX_set_cipher_list<\/b>(3), <b>SSL_CTX_set_client_CA_list<\/b>(3), <b>SSL_CTX_set_client_cert_cb<\/b>(3), <b>SSL_CTX_set_default_passwd_cb<\/b>(3), <b>SSL_CTX_set_generate_session_id<\/b>(3), <b>SSL_CTX_set_info_callback<\/b>(3), <b>SSL_CTX_set_max_cert_list<\/b>(3), <b>SSL_CTX_set_mode<\/b>(3), <b>SSL_CTX_set_msg_callback<\/b>(3), <b>SSL_CTX_set_options<\/b>(3), <b>SSL_CTX_set_quiet_shutdown<\/b>(3), <b>SSL_CTX_set_read_ahead<\/b>(3), <b>SSL_CTX_set_security_level<\/b>(3), <b>SSL_CTX_set_session_cache_mode<\/b>(3), <b>SSL_CTX_set_session_id_context<\/b>(3), <b>SSL_CTX_set_ssl_version<\/b>(3), <b>SSL_CTX_set_timeout<\/b>(3), <b>SSL_CTX_set_tmp_dh_callback<\/b>(3), <b>SSL_CTX_set_verify<\/b>(3), <b>SSL_CTX_use_certificate<\/b>(3), <b>SSL_alert_type_string<\/b>(3), <b>SSL_do_handshake<\/b>(3), <b>SSL_enable_ct<\/b>(3), <b>SSL_get_SSL_CTX<\/b>(3), <b>SSL_get_ciphers<\/b>(3), <b>SSL_get_client_CA_list<\/b>(3), <b>SSL_get_default_timeout<\/b>(3), <b>SSL_get_error<\/b>(3), <b>SSL_get_ex_data_X509_STORE_CTX_idx<\/b>(3), <b>SSL_get_fd<\/b>(3), <b>SSL_get_peer_cert_chain<\/b>(3), <b>SSL_get_rbio<\/b>(3), <b>SSL_get_session<\/b>(3), <b>SSL_get_verify_result<\/b>(3), <b>SSL_get_version<\/b>(3), <b>SSL_load_client_CA_file<\/b>(3), <b>SSL_new<\/b>(3), <b>SSL_pending<\/b>(3), <b>SSL_read_ex<\/b>(3), <b>SSL_read<\/b>(3), <b>SSL_rstate_string<\/b>(3), <b>SSL_session_reused<\/b>(3), <b>SSL_set_bio<\/b>(3), <b>SSL_set_connect_state<\/b>(3), <b>SSL_set_fd<\/b>(3), <b>SSL_set_session<\/b>(3), <b>SSL_set_shutdown<\/b>(3), <b>SSL_shutdown<\/b>(3), <b>SSL_state_string<\/b>(3), <b>SSL_want<\/b>(3), <b>SSL_write_ex<\/b>(3), <b>SSL_write<\/b>(3), <b>SSL_SESSION_free<\/b>(3), <b>SSL_SESSION_get_time<\/b>(3), <b>d2i_SSL_SESSION<\/b>(3), <b>SSL_CTX_set_psk_client_callback<\/b>(3), <b>SSL_CTX_use_psk_identity_hint<\/b>(3), <b>SSL_get_psk_identity<\/b>(3), <b>DTLSv1_listen<\/b>(3)<\/p>\n<h2>HISTORY <a name=\"HISTORY\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>SSLv2_client_method<\/b>, <b>SSLv2_server_method<\/b> and <b>SSLv2_method<\/b> were removed in OpenSSL 1.1.0.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">The return type of <b>SSL_copy_session_id<\/b> was changed from void to int in OpenSSL 1.1.0.<\/p>\n<h2>COPYRIGHT <a name=\"COPYRIGHT\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">Copyright 2000\u22122018 The OpenSSL Project Authors. All Rights Reserved.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">Licensed under the OpenSSL license (the &#8220;License&#8221;). You may not use this file except in compliance with the License. You can obtain a copy in the file <small>LICENSE<\/small> in the source distribution or at <https:\/\/www.openssl.org\/source\/license.html>.<\/p>\n<hr>\n","protected":false},"excerpt":{"rendered":"<p>  ssl \u2212 OpenSSL SSL\/TLS library <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[971],"tags":[973,972,1214],"class_list":["post-4137","post","type-post","status-publish","format-standard","hentry","category-7-miscelanea","tag-973","tag-man7","tag-ssl"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/4137","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/comments?post=4137"}],"version-history":[{"count":0,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/4137\/revisions"}],"wp:attachment":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/media?parent=4137"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/categories?post=4137"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/tags?post=4137"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}