[thirdparty/openssl.git] / doc / man3 / SSL_CTX_set_min_proto_version.pod

=pod

=head1 NAME

SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version,
SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version,
SSL_set_min_proto_version, SSL_set_max_proto_version,
SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum
and maximum supported protocol version

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
 int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
 int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
 int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);

 int SSL_set_min_proto_version(SSL *ssl, int version);
 int SSL_set_max_proto_version(SSL *ssl, int version);
 int SSL_get_min_proto_version(SSL *ssl);
 int SSL_get_max_proto_version(SSL *ssl);

=head1 DESCRIPTION

The functions get or set the minimum and maximum supported protocol versions
for the B<ctx> or B<ssl>.
This works in combination with the options set via
L<SSL_CTX_set_options(3)> that also make it possible to disable
specific protocol versions.
Use these functions instead of disabling specific protocol versions.

Setting the minimum or maximum version to 0, will enable protocol
versions down to the lowest version, or up to the highest version
supported by the library, respectively.

Getters return 0 in case B<ctx> or B<ssl> have been configured to
automatically use the lowest or highest version supported by the library.

Currently supported versions are B<SSL3_VERSION>, B<TLS1_VERSION>,
B<TLS1_1_VERSION>, B<TLS1_2_VERSION>, B<TLS1_3_VERSION> for TLS and
B<DTLS1_VERSION>, B<DTLS1_2_VERSION> for DTLS.

=head1 RETURN VALUES

These setter functions return 1 on success and 0 on failure. The getter
functions return the configured version or 0 for auto-configuration of
lowest or highest protocol, respectively.

=head1 NOTES

All these functions are implemented using macros.

=head1 SEE ALSO

L<ssl(7)>,
L<SSL_CTX_set_options(3)>, L<SSL_CONF_cmd(3)>

=head1 HISTORY

The setter functions were added in OpenSSL 1.1.0. The getter functions
were added in OpenSSL 1.1.1.

=head1 COPYRIGHT

Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
7946ab33 KR	1	=pod
	2
	3	=head1 NAME
	4
57ce7b61	5	SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version,
3edabd3c CH	6	SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version,
	7	SSL_set_min_proto_version, SSL_set_max_proto_version,
	8	SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum
57ce7b61	9	and maximum supported protocol version
7946ab33 KR	10
	11	=head1 SYNOPSIS
	12
	13	#include <openssl/ssl.h>
	14
	15	int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
	16	int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
3edabd3c CH	17	int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
3edabd3c CH	18	int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
e9b77246	19
7946ab33 KR	20	int SSL_set_min_proto_version(SSL *ssl, int version);
7946ab33 KR	21	int SSL_set_max_proto_version(SSL *ssl, int version);
3edabd3c CH	22	int SSL_get_min_proto_version(SSL *ssl);
3edabd3c CH	23	int SSL_get_max_proto_version(SSL *ssl);
7946ab33 KR	24
	25	=head1 DESCRIPTION
	26
3edabd3c	27	The functions get or set the minimum and maximum supported protocol versions
57ce7b61	28	for the B<ctx> or B<ssl>.
8106cb8b VD	29	This works in combination with the options set via
	30	L<SSL_CTX_set_options(3)> that also make it possible to disable
	31	specific protocol versions.
57ce7b61	32	Use these functions instead of disabling specific protocol versions.
7946ab33	33
57ce7b61 VD	34	Setting the minimum or maximum version to 0, will enable protocol
	35	versions down to the lowest version, or up to the highest version
	36	supported by the library, respectively.
7946ab33	37
3edabd3c CH	38	Getters return 0 in case B<ctx> or B<ssl> have been configured to
	39	automatically use the lowest or highest version supported by the library.
	40
57ce7b61	41	Currently supported versions are B<SSL3_VERSION>, B<TLS1_VERSION>,
582a17d6 MC	42	B<TLS1_1_VERSION>, B<TLS1_2_VERSION>, B<TLS1_3_VERSION> for TLS and
582a17d6 MC	43	B<DTLS1_VERSION>, B<DTLS1_2_VERSION> for DTLS.
7946ab33 KR	44
	45	=head1 RETURN VALUES
	46
3edabd3c CH	47	These setter functions return 1 on success and 0 on failure. The getter
	48	functions return the configured version or 0 for auto-configuration of
	49	lowest or highest protocol, respectively.
7946ab33 KR	50
	51	=head1 NOTES
	52
	53	All these functions are implemented using macros.
	54
b5c4bbbe JL	55	=head1 SEE ALSO
b5c4bbbe JL	56
98ca37e4	57	L<ssl(7)>,
b5c4bbbe JL	58	L<SSL_CTX_set_options(3)>, L<SSL_CONF_cmd(3)>
b5c4bbbe JL	59
7946ab33 KR	60	=head1 HISTORY
7946ab33 KR	61
3edabd3c CH	62	The setter functions were added in OpenSSL 1.1.0. The getter functions
3edabd3c CH	63	were added in OpenSSL 1.1.1.
7946ab33	64
e2f92610 RS	65	=head1 COPYRIGHT
e2f92610 RS	66
b5c4bbbe	67	Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	68
4746f25a	69	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	70	this file except in compliance with the License. You can obtain a copy
	71	in the file LICENSE in the source distribution or at
	72	L<https://www.openssl.org/source/license.html>.
	73
	74	=cut