[thirdparty/openssl.git] / doc / man3 / SSL_CTX_set_ssl_version.pod

=pod

=head1 NAME

SSL_CTX_set_ssl_version, SSL_CTX_get_ssl_method, SSL_set_ssl_method, SSL_get_ssl_method
- choose a new TLS/SSL method

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
 const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx);

 int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
 const SSL_METHOD *SSL_get_ssl_method(const SSL *ssl);

=head1 DESCRIPTION

SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects
newly created from this B<ctx>.  Most of the configuration attached to the
SSL_CTX object is retained, with the exception of the configured TLS ciphers,
which are reset to the default values.  SSL objects already created from this
SSL_CTX with L<SSL_new(3)> are not affected, except when L<SSL_clear(3)> is
being called, as described below.

SSL_CTX_get_ssl_method() returns the SSL_METHOD which was used to construct the
SSL_CTX.

SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl>
object. It may be reset, when SSL_clear() is called.

SSL_get_ssl_method() returns a pointer to the TLS/SSL method
set in B<ssl>.

=head1 NOTES

The available B<method> choices are described in
L<SSL_CTX_new(3)>.

When L<SSL_clear(3)> is called and no session is connected to
an SSL object, the method of the SSL object is reset to the method currently
set in the corresponding SSL_CTX object.

SSL_CTX_set_version() has unusual semantics and no clear use case;
it would usually be preferable to create a new SSL_CTX object than to
try to reuse an existing one in this fashion.  Its usage is considered
deprecated.

=head1 RETURN VALUES

The following return values can occur for SSL_CTX_set_ssl_version()
and SSL_set_ssl_method():

=over 4

=item Z<>0

The new choice failed, check the error stack to find out the reason.

=item Z<>1

The operation succeeded.

=back

SSL_CTX_get_ssl_method() and SSL_get_ssl_method() always return non-NULL
pointers.

=head1 SEE ALSO

L<SSL_CTX_new(3)>, L<SSL_new(3)>,
L<SSL_clear(3)>, L<ssl(7)>,
L<SSL_set_connect_state(3)>

=head1 HISTORY

SSL_CTX_set_ssl_version() was deprecated in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
c19b6c92 RL	1	=pod
	2
	3	=head1 NAME
	4
e12bee78	5	SSL_CTX_set_ssl_version, SSL_CTX_get_ssl_method, SSL_set_ssl_method, SSL_get_ssl_method
c19b6c92 RL	6	- choose a new TLS/SSL method
	7
	8	=head1 SYNOPSIS
	9
	10	#include <openssl/ssl.h>
	11
4ebb342f	12	int SSL_CTX_set_ssl_version(SSL_CTX ctx, const SSL_METHOD method);
e12bee78 HL	13	const SSL_METHOD SSL_CTX_get_ssl_method(const SSL_CTX ctx);
e12bee78 HL	14
4ebb342f	15	int SSL_set_ssl_method(SSL s, const SSL_METHOD method);
3499327b	16	const SSL_METHOD SSL_get_ssl_method(const SSL ssl);
c19b6c92 RL	17
	18	=head1 DESCRIPTION
	19
	20	SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects
dd0164e7 BK	21	newly created from this B<ctx>. Most of the configuration attached to the
	22	SSL_CTX object is retained, with the exception of the configured TLS ciphers,
	23	which are reset to the default values. SSL objects already created from this
	24	SSL_CTX with L<SSL_new(3)> are not affected, except when L<SSL_clear(3)> is
	25	being called, as described below.
c19b6c92	26
e12bee78 HL	27	SSL_CTX_get_ssl_method() returns the SSL_METHOD which was used to construct the
	28	SSL_CTX.
	29
c19b6c92 RL	30	SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl>
	31	object. It may be reset, when SSL_clear() is called.
	32
e12bee78	33	SSL_get_ssl_method() returns a pointer to the TLS/SSL method
c19b6c92 RL	34	set in B<ssl>.
	35
	36	=head1 NOTES
	37
	38	The available B<method> choices are described in
9b86974e	39	L<SSL_CTX_new(3)>.
c19b6c92	40
9b86974e	41	When L<SSL_clear(3)> is called and no session is connected to
b72ff470 LJ	42	an SSL object, the method of the SSL object is reset to the method currently
b72ff470 LJ	43	set in the corresponding SSL_CTX object.
c19b6c92	44
dd0164e7 BK	45	SSL_CTX_set_version() has unusual semantics and no clear use case;
	46	it would usually be preferable to create a new SSL_CTX object than to
	47	try to reuse an existing one in this fashion. Its usage is considered
	48	deprecated.
	49
c19b6c92 RL	50	=head1 RETURN VALUES
	51
	52	The following return values can occur for SSL_CTX_set_ssl_version()
	53	and SSL_set_ssl_method():
	54
	55	=over 4
	56
c8919dde	57	=item Z<>0
c19b6c92 RL	58
	59	The new choice failed, check the error stack to find out the reason.
	60
c8919dde	61	=item Z<>1
c19b6c92 RL	62
	63	The operation succeeded.
	64
	65	=back
	66
e12bee78 HL	67	SSL_CTX_get_ssl_method() and SSL_get_ssl_method() always return non-NULL
	68	pointers.
	69
c19b6c92 RL	70	=head1 SEE ALSO
c19b6c92 RL	71
9b86974e	72	L<SSL_CTX_new(3)>, L<SSL_new(3)>,
b97fdb57	73	L<SSL_clear(3)>, L<ssl(7)>,
9b86974e	74	L<SSL_set_connect_state(3)>
c19b6c92	75
dd0164e7 BK	76	=head1 HISTORY
	77
	78	SSL_CTX_set_ssl_version() was deprecated in OpenSSL 3.0.
	79
e2f92610 RS	80	=head1 COPYRIGHT
e2f92610 RS	81
fecb3aae	82	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	83
4746f25a	84	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	85	this file except in compliance with the License. You can obtain a copy
	86	in the file LICENSE in the source distribution or at
	87	L<https://www.openssl.org/source/license.html>.
	88
	89	=cut