]>
Commit | Line | Data |
---|---|---|
c19b6c92 RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
e12bee78 | 5 | SSL_CTX_set_ssl_version, SSL_CTX_get_ssl_method, SSL_set_ssl_method, SSL_get_ssl_method |
c19b6c92 RL |
6 | - choose a new TLS/SSL method |
7 | ||
8 | =head1 SYNOPSIS | |
9 | ||
10 | #include <openssl/ssl.h> | |
11 | ||
4ebb342f | 12 | int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method); |
e12bee78 HL |
13 | const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx); |
14 | ||
4ebb342f | 15 | int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); |
3499327b | 16 | const SSL_METHOD *SSL_get_ssl_method(const SSL *ssl); |
c19b6c92 RL |
17 | |
18 | =head1 DESCRIPTION | |
19 | ||
20 | SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects | |
dd0164e7 BK |
21 | newly created from this B<ctx>. Most of the configuration attached to the |
22 | SSL_CTX object is retained, with the exception of the configured TLS ciphers, | |
23 | which are reset to the default values. SSL objects already created from this | |
24 | SSL_CTX with L<SSL_new(3)> are not affected, except when L<SSL_clear(3)> is | |
25 | being called, as described below. | |
c19b6c92 | 26 | |
e12bee78 HL |
27 | SSL_CTX_get_ssl_method() returns the SSL_METHOD which was used to construct the |
28 | SSL_CTX. | |
29 | ||
c19b6c92 RL |
30 | SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl> |
31 | object. It may be reset, when SSL_clear() is called. | |
32 | ||
e12bee78 | 33 | SSL_get_ssl_method() returns a pointer to the TLS/SSL method |
c19b6c92 RL |
34 | set in B<ssl>. |
35 | ||
36 | =head1 NOTES | |
37 | ||
38 | The available B<method> choices are described in | |
9b86974e | 39 | L<SSL_CTX_new(3)>. |
c19b6c92 | 40 | |
9b86974e | 41 | When L<SSL_clear(3)> is called and no session is connected to |
b72ff470 LJ |
42 | an SSL object, the method of the SSL object is reset to the method currently |
43 | set in the corresponding SSL_CTX object. | |
c19b6c92 | 44 | |
dd0164e7 BK |
45 | SSL_CTX_set_version() has unusual semantics and no clear use case; |
46 | it would usually be preferable to create a new SSL_CTX object than to | |
47 | try to reuse an existing one in this fashion. Its usage is considered | |
48 | deprecated. | |
49 | ||
c19b6c92 RL |
50 | =head1 RETURN VALUES |
51 | ||
52 | The following return values can occur for SSL_CTX_set_ssl_version() | |
53 | and SSL_set_ssl_method(): | |
54 | ||
55 | =over 4 | |
56 | ||
c8919dde | 57 | =item Z<>0 |
c19b6c92 RL |
58 | |
59 | The new choice failed, check the error stack to find out the reason. | |
60 | ||
c8919dde | 61 | =item Z<>1 |
c19b6c92 RL |
62 | |
63 | The operation succeeded. | |
64 | ||
65 | =back | |
66 | ||
e12bee78 HL |
67 | SSL_CTX_get_ssl_method() and SSL_get_ssl_method() always return non-NULL |
68 | pointers. | |
69 | ||
c19b6c92 RL |
70 | =head1 SEE ALSO |
71 | ||
9b86974e | 72 | L<SSL_CTX_new(3)>, L<SSL_new(3)>, |
b97fdb57 | 73 | L<SSL_clear(3)>, L<ssl(7)>, |
9b86974e | 74 | L<SSL_set_connect_state(3)> |
c19b6c92 | 75 | |
dd0164e7 BK |
76 | =head1 HISTORY |
77 | ||
78 | SSL_CTX_set_ssl_version() was deprecated in OpenSSL 3.0. | |
79 | ||
e2f92610 RS |
80 | =head1 COPYRIGHT |
81 | ||
fecb3aae | 82 | Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 83 | |
4746f25a | 84 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
85 | this file except in compliance with the License. You can obtain a copy |
86 | in the file LICENSE in the source distribution or at | |
87 | L<https://www.openssl.org/source/license.html>. | |
88 | ||
89 | =cut |