]>
Commit | Line | Data |
---|---|---|
3604a4d3 UM |
1 | |
2 | =pod | |
3 | ||
4 | =head1 NAME | |
5 | ||
6 | SSL - OpenSSL SSL/TLS library | |
7 | ||
8 | =head1 SYNOPSIS | |
9 | ||
11b62699 | 10 | =head1 DESCRIPTION |
3604a4d3 UM |
11 | |
12 | The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and | |
13 | Transport Layer Security (TLS v1) protocols. It provides a rich API which is | |
14 | documented here. | |
15 | ||
9bd3bd22 UM |
16 | At first the library must be initialized; see |
17 | L<SSL_library_init(3)|SSL_library_init(3)>. | |
3604a4d3 | 18 | |
9bd3bd22 UM |
19 | Then an B<SSL_CTX> object is created as a framework to establish |
20 | TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>). | |
21 | Various options regarding certificates, algorithms etc. can be set | |
22 | in this object. | |
3604a4d3 | 23 | |
9bd3bd22 UM |
24 | When a network connection has been created, it can be assigned to an |
25 | B<SSL> object. After the B<SSL> object has been created using | |
26 | L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or | |
27 | L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network | |
28 | connection with the object. | |
3604a4d3 | 29 | |
9bd3bd22 UM |
30 | Then the TLS/SSL handshake is performed using |
31 | L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)> | |
32 | respectively. | |
33 | L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used | |
34 | to read and write data on the TLS/SSL connection. | |
35 | L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the | |
36 | TLS/SSL connection. | |
3604a4d3 UM |
37 | |
38 | =head1 DATA STRUCTURES | |
39 | ||
40 | Currently the OpenSSL B<ssl> library functions deals with the following data | |
41 | structures: | |
42 | ||
43 | =over 4 | |
44 | ||
45 | =item B<SSL_METHOD> (SSL Method) | |
46 | ||
47 | That's a dispatch structure describing the internal B<ssl> library | |
48 | methods/functions which implement the various protocol versions (SSLv1, SSLv2 | |
49 | and TLSv1). It's needed to create an B<SSL_CTX>. | |
50 | ||
51 | =item B<SSL_CIPHER> (SSL Cipher) | |
52 | ||
53 | This structure holds the algorithm information for a particular cipher which | |
54 | are a core part of the SSL/TLS protocol. The available ciphers are configured | |
55 | on a B<SSL_CTX> basis and the actually used ones are then part of the | |
56 | B<SSL_SESSION>. | |
57 | ||
58 | =item B<SSL_CTX> (SSL Context) | |
59 | ||
60 | That's the global context structure which is created by a server or client | |
61 | once per program life-time and which holds mainly default values for the | |
62 | B<SSL> structures which are later created for the connections. | |
63 | ||
64 | =item B<SSL_SESSION> (SSL Session) | |
65 | ||
37b08e83 | 66 | This is a structure containing the current TLS/SSL session details for a |
3604a4d3 UM |
67 | connection: B<SSL_CIPHER>s, client and server certificates, keys, etc. |
68 | ||
69 | =item B<SSL> (SSL Connection) | |
70 | ||
71 | That's the main SSL/TLS structure which is created by a server or client per | |
72 | established connection. This actually is the core structure in the SSL API. | |
73 | Under run-time the application usually deals with this structure which has | |
74 | links to mostly all other structures. | |
75 | ||
76 | =back | |
77 | ||
9bd3bd22 UM |
78 | |
79 | =head1 HEADER FILES | |
80 | ||
81 | Currently the OpenSSL B<ssl> library provides the following C header files | |
82 | containing the prototypes for the data structures and and functions: | |
83 | ||
84 | =over 4 | |
85 | ||
86 | =item B<ssl.h> | |
87 | ||
88 | That's the common header file for the SSL/TLS API. Include it into your | |
89 | program to make the API of the B<ssl> library available. It internally | |
90 | includes both more private SSL headers and headers from the B<crypto> library. | |
91 | Whenever you need hard-core details on the internals of the SSL API, look | |
92 | inside this header file. | |
93 | ||
94 | =item B<ssl2.h> | |
95 | ||
96 | That's the sub header file dealing with the SSLv2 protocol only. | |
97 | I<Usually you don't have to include it explicitly because | |
98 | it's already included by ssl.h>. | |
99 | ||
100 | =item B<ssl3.h> | |
101 | ||
102 | That's the sub header file dealing with the SSLv3 protocol only. | |
103 | I<Usually you don't have to include it explicitly because | |
104 | it's already included by ssl.h>. | |
105 | ||
106 | =item B<ssl23.h> | |
107 | ||
108 | That's the sub header file dealing with the combined use of the SSLv2 and | |
109 | SSLv3 protocols. | |
110 | I<Usually you don't have to include it explicitly because | |
111 | it's already included by ssl.h>. | |
112 | ||
113 | =item B<tls1.h> | |
114 | ||
115 | That's the sub header file dealing with the TLSv1 protocol only. | |
116 | I<Usually you don't have to include it explicitly because | |
117 | it's already included by ssl.h>. | |
118 | ||
119 | =back | |
120 | ||
3604a4d3 UM |
121 | =head1 API FUNCTIONS |
122 | ||
123 | Currently the OpenSSL B<ssl> library exports 214 API functions. | |
124 | They are documented in the following: | |
125 | ||
126 | =head2 DEALING WITH PROTOCOL METHODS | |
127 | ||
128 | Here we document the various API functions which deal with the SSL/TLS | |
129 | protocol methods defined in B<SSL_METHOD> structures. | |
130 | ||
131 | =over 4 | |
132 | ||
133 | =item SSL_METHOD *B<SSLv2_client_method>(void); | |
134 | ||
135 | Constructor for the SSLv2 SSL_METHOD structure for a dedicated client. | |
136 | ||
137 | =item SSL_METHOD *B<SSLv2_server_method>(void); | |
138 | ||
139 | Constructor for the SSLv2 SSL_METHOD structure for a dedicated server. | |
140 | ||
141 | =item SSL_METHOD *B<SSLv2_method>(void); | |
142 | ||
143 | Constructor for the SSLv2 SSL_METHOD structure for combined client and server. | |
144 | ||
145 | =item SSL_METHOD *B<SSLv3_client_method>(void); | |
146 | ||
147 | Constructor for the SSLv3 SSL_METHOD structure for a dedicated client. | |
148 | ||
149 | =item SSL_METHOD *B<SSLv3_server_method>(void); | |
150 | ||
151 | Constructor for the SSLv3 SSL_METHOD structure for a dedicated server. | |
152 | ||
153 | =item SSL_METHOD *B<SSLv3_method>(void); | |
154 | ||
155 | Constructor for the SSLv3 SSL_METHOD structure for combined client and server. | |
156 | ||
157 | =item SSL_METHOD *B<TLSv1_client_method>(void); | |
158 | ||
159 | Constructor for the TLSv1 SSL_METHOD structure for a dedicated client. | |
160 | ||
161 | =item SSL_METHOD *B<TLSv1_server_method>(void); | |
162 | ||
163 | Constructor for the TLSv1 SSL_METHOD structure for a dedicated server. | |
164 | ||
165 | =item SSL_METHOD *B<TLSv1_method>(void); | |
166 | ||
167 | Constructor for the TLSv1 SSL_METHOD structure for combined client and server. | |
168 | ||
169 | =back | |
170 | ||
171 | =head2 DEALING WITH CIPHERS | |
172 | ||
173 | Here we document the various API functions which deal with the SSL/TLS | |
174 | ciphers defined in B<SSL_CIPHER> structures. | |
175 | ||
176 | =over 4 | |
177 | ||
178 | =item char *B<SSL_CIPHER_description>(SSL_CIPHER *cipher, char *buf, int len); | |
179 | ||
180 | Write a string to I<buf> (with a maximum size of I<len>) containing a human | |
181 | readable description of I<cipher>. Returns I<buf>. | |
182 | ||
183 | =item int B<SSL_CIPHER_get_bits>(SSL_CIPHER *cipher, int *alg_bits); | |
184 | ||
185 | Determine the number of bits in I<cipher>. Because of export crippled ciphers | |
186 | there are two bits: The bits the algorithm supports in general (stored to | |
187 | I<alg_bits>) and the bits which are actually used (the return value). | |
188 | ||
d49f3797 | 189 | =item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher); |
3604a4d3 UM |
190 | |
191 | Return the internal name of I<cipher> as a string. These are the various | |
192 | strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx> | |
193 | definitions in the header files. | |
194 | ||
195 | =item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher); | |
196 | ||
197 | Returns a string like "C<TLSv1/SSLv3>" or "C<SSLv2>" which indicates the | |
198 | SSL/TLS protocol version to which I<cipher> belongs (i.e. where it was defined | |
199 | in the specification the first time). | |
200 | ||
201 | =back | |
202 | ||
203 | =head2 DEALING WITH PROTOCOL CONTEXTS | |
204 | ||
205 | Here we document the various API functions which deal with the SSL/TLS | |
206 | protocol context defined in the B<SSL_CTX> structure. | |
207 | ||
208 | =over 4 | |
209 | ||
210 | =item int B<SSL_CTX_add_client_CA>(SSL_CTX *ctx, X509 *x); | |
211 | ||
212 | =item long B<SSL_CTX_add_extra_chain_cert>(SSL_CTX *ctx, X509 *x509); | |
213 | ||
214 | =item int B<SSL_CTX_add_session>(SSL_CTX *ctx, SSL_SESSION *c); | |
215 | ||
216 | =item int B<SSL_CTX_check_private_key>(SSL_CTX *ctx); | |
217 | ||
218 | =item long B<SSL_CTX_ctrl>(SSL_CTX *ctx, int cmd, long larg, char *parg); | |
219 | ||
220 | =item void B<SSL_CTX_flush_sessions>(SSL_CTX *s, long t); | |
221 | ||
222 | =item void B<SSL_CTX_free>(SSL_CTX *a); | |
223 | ||
224 | =item char *B<SSL_CTX_get_app_data>(SSL_CTX *ctx); | |
225 | ||
226 | =item X509_STORE *B<SSL_CTX_get_cert_store>(SSL_CTX *ctx); | |
227 | ||
228 | =item STACK *B<SSL_CTX_get_client_CA_list>(SSL_CTX *ctx); | |
229 | ||
230 | =item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey); | |
231 | ||
232 | =item char *B<SSL_CTX_get_ex_data>(SSL_CTX *s, int idx); | |
233 | ||
234 | =item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) | |
235 | ||
236 | =item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret); | |
237 | ||
238 | =item int B<SSL_CTX_get_quiet_shutdown>(SSL_CTX *ctx); | |
239 | ||
240 | =item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx); | |
241 | ||
242 | =item long B<SSL_CTX_get_timeout>(SSL_CTX *ctx); | |
243 | ||
244 | =item int (*B<SSL_CTX_get_verify_callback>(SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx); | |
245 | ||
246 | =item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx); | |
247 | ||
248 | =item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, char *CAfile, char *CApath); | |
249 | ||
250 | =item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx); | |
251 | ||
252 | =item SSL_CTX *B<SSL_CTX_new>(SSL_METHOD *meth); | |
253 | ||
254 | =item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c); | |
255 | ||
256 | =item int B<SSL_CTX_sess_accept>(SSL_CTX *ctx); | |
257 | ||
258 | =item int B<SSL_CTX_sess_accept_good>(SSL_CTX *ctx); | |
259 | ||
260 | =item int B<SSL_CTX_sess_accept_renegotiate>(SSL_CTX *ctx); | |
261 | ||
262 | =item int B<SSL_CTX_sess_cache_full>(SSL_CTX *ctx); | |
263 | ||
264 | =item int B<SSL_CTX_sess_cb_hits>(SSL_CTX *ctx); | |
265 | ||
266 | =item int B<SSL_CTX_sess_connect>(SSL_CTX *ctx); | |
267 | ||
268 | =item int B<SSL_CTX_sess_connect_good>(SSL_CTX *ctx); | |
269 | ||
270 | =item int B<SSL_CTX_sess_connect_renegotiate>(SSL_CTX *ctx); | |
271 | ||
272 | =item int B<SSL_CTX_sess_get_cache_size>(SSL_CTX *ctx); | |
273 | ||
274 | =item SSL_SESSION *(*B<SSL_CTX_sess_get_get_cb>(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy); | |
275 | ||
276 | =item int (*B<SSL_CTX_sess_get_new_cb>(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess); | |
277 | ||
278 | =item void (*B<SSL_CTX_sess_get_remove_cb>(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess); | |
279 | ||
280 | =item int B<SSL_CTX_sess_hits>(SSL_CTX *ctx); | |
281 | ||
282 | =item int B<SSL_CTX_sess_misses>(SSL_CTX *ctx); | |
283 | ||
284 | =item int B<SSL_CTX_sess_number>(SSL_CTX *ctx); | |
285 | ||
286 | =item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx,t); | |
287 | ||
288 | =item void B<SSL_CTX_sess_set_get_cb>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy)); | |
289 | ||
290 | =item void B<SSL_CTX_sess_set_new_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess)); | |
291 | ||
292 | =item void B<SSL_CTX_sess_set_remove_cb>(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess)); | |
293 | ||
294 | =item int B<SSL_CTX_sess_timeouts>(SSL_CTX *ctx); | |
295 | ||
296 | =item LHASH *B<SSL_CTX_sessions>(SSL_CTX *ctx); | |
297 | ||
298 | =item void B<SSL_CTX_set_app_data>(SSL_CTX *ctx, void *arg); | |
299 | ||
300 | =item void B<SSL_CTX_set_cert_store>(SSL_CTX *ctx, X509_STORE *cs); | |
301 | ||
302 | =item void B<SSL_CTX_set_cert_verify_cb>(SSL_CTX *ctx, int (*cb)(SSL_CTX *), char *arg) | |
303 | ||
304 | =item int B<SSL_CTX_set_cipher_list>(SSL_CTX *ctx, char *str); | |
305 | ||
306 | =item void B<SSL_CTX_set_client_CA_list>(SSL_CTX *ctx, STACK *list); | |
307 | ||
308 | =item void B<SSL_CTX_set_client_cert_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); | |
309 | ||
310 | =item void B<SSL_CTX_set_default_passwd_cb>(SSL_CTX *ctx, int (*cb);(void)) | |
311 | ||
312 | =item void B<SSL_CTX_set_default_read_ahead>(SSL_CTX *ctx, int m); | |
313 | ||
314 | =item int B<SSL_CTX_set_default_verify_paths>(SSL_CTX *ctx); | |
315 | ||
316 | =item int B<SSL_CTX_set_ex_data>(SSL_CTX *s, int idx, char *arg); | |
317 | ||
318 | =item void B<SSL_CTX_set_info_callback>(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret)); | |
319 | ||
320 | =item void B<SSL_CTX_set_options>(SSL_CTX *ctx, unsigned long op); | |
321 | ||
322 | =item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode); | |
323 | ||
324 | =item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode); | |
325 | ||
326 | =item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, SSL_METHOD *meth); | |
327 | ||
328 | =item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t); | |
329 | ||
330 | =item long B<SSL_CTX_set_tmp_dh>(SSL_CTX* ctx, DH *dh); | |
331 | ||
332 | =item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void)); | |
333 | ||
334 | =item long B<SSL_CTX_set_tmp_rsa>(SSL_CTX *ctx, RSA *rsa); | |
335 | ||
336 | =item SSL_CTX_set_tmp_rsa_callback | |
337 | ||
338 | C<long B<SSL_CTX_set_tmp_rsa_callback>(SSL_CTX *B<ctx>, RSA *(*B<cb>)(SSL *B<ssl>, int B<export>, int B<keylength>));> | |
339 | ||
340 | Sets the callback which will be called when a temporary private key is | |
341 | required. The B<C<export>> flag will be set if the reason for needing | |
342 | a temp key is that an export ciphersuite is in use, in which case, | |
343 | B<C<keylength>> will contain the required keylength in bits. Generate a key of | |
344 | appropriate size (using ???) and return it. | |
345 | ||
346 | =item SSL_set_tmp_rsa_callback | |
347 | ||
348 | long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength)); | |
349 | ||
350 | The same as L<"SSL_CTX_set_tmp_rsa_callback">, except it operates on an SSL | |
351 | session instead of a context. | |
352 | ||
353 | =item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void)) | |
354 | ||
355 | =item int B<SSL_CTX_use_PrivateKey>(SSL_CTX *ctx, EVP_PKEY *pkey); | |
356 | ||
357 | =item int B<SSL_CTX_use_PrivateKey_ASN1>(int type, SSL_CTX *ctx, unsigned char *d, long len); | |
358 | ||
359 | =item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, char *file, int type); | |
360 | ||
361 | =item int B<SSL_CTX_use_RSAPrivateKey>(SSL_CTX *ctx, RSA *rsa); | |
362 | ||
363 | =item int B<SSL_CTX_use_RSAPrivateKey_ASN1>(SSL_CTX *ctx, unsigned char *d, long len); | |
364 | ||
365 | =item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, char *file, int type); | |
366 | ||
367 | =item int B<SSL_CTX_use_certificate>(SSL_CTX *ctx, X509 *x); | |
368 | ||
369 | =item int B<SSL_CTX_use_certificate_ASN1>(SSL_CTX *ctx, int len, unsigned char *d); | |
370 | ||
371 | =item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type); | |
372 | ||
373 | =back | |
374 | ||
375 | =head2 DEALING WITH SESSIONS | |
376 | ||
377 | Here we document the various API functions which deal with the SSL/TLS | |
378 | sessions defined in the B<SSL_SESSION> structures. | |
379 | ||
380 | =over 4 | |
381 | ||
382 | =item int B<SSL_SESSION_cmp>(SSL_SESSION *a, SSL_SESSION *b); | |
383 | ||
384 | =item void B<SSL_SESSION_free>(SSL_SESSION *ss); | |
385 | ||
386 | =item char *B<SSL_SESSION_get_app_data>(SSL_SESSION *s); | |
387 | ||
388 | =item char *B<SSL_SESSION_get_ex_data>(SSL_SESSION *s, int idx); | |
389 | ||
390 | =item int B<SSL_SESSION_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) | |
391 | ||
392 | =item long B<SSL_SESSION_get_time>(SSL_SESSION *s); | |
393 | ||
394 | =item long B<SSL_SESSION_get_timeout>(SSL_SESSION *s); | |
395 | ||
396 | =item unsigned long B<SSL_SESSION_hash>(SSL_SESSION *a); | |
397 | ||
398 | =item SSL_SESSION *B<SSL_SESSION_new>(void); | |
399 | ||
400 | =item int B<SSL_SESSION_print>(BIO *bp, SSL_SESSION *x); | |
401 | ||
402 | =item int B<SSL_SESSION_print_fp>(FILE *fp, SSL_SESSION *x); | |
403 | ||
404 | =item void B<SSL_SESSION_set_app_data>(SSL_SESSION *s, char *a); | |
405 | ||
406 | =item int B<SSL_SESSION_set_ex_data>(SSL_SESSION *s, int idx, char *arg); | |
407 | ||
408 | =item long B<SSL_SESSION_set_time>(SSL_SESSION *s, long t); | |
409 | ||
410 | =item long B<SSL_SESSION_set_timeout>(SSL_SESSION *s, long t); | |
411 | ||
412 | =back | |
413 | ||
414 | =head2 DEALING WITH CONNECTIONS | |
415 | ||
416 | Here we document the various API functions which deal with the SSL/TLS | |
417 | connection defined in the B<SSL> structure. | |
418 | ||
419 | =over 4 | |
420 | ||
421 | =item int B<SSL_accept>(SSL *ssl); | |
422 | ||
423 | =item int B<SSL_add_dir_cert_subjects_to_stack>(STACK *stack, const char *dir); | |
424 | ||
425 | =item int B<SSL_add_file_cert_subjects_to_stack>(STACK *stack, const char *file); | |
426 | ||
427 | =item int B<SSL_add_client_CA>(SSL *ssl, X509 *x); | |
428 | ||
429 | =item char *B<SSL_alert_desc_string>(int value); | |
430 | ||
431 | =item char *B<SSL_alert_desc_string_long>(int value); | |
432 | ||
433 | =item char *B<SSL_alert_type_string>(int value); | |
434 | ||
435 | =item char *B<SSL_alert_type_string_long>(int value); | |
436 | ||
437 | =item int B<SSL_check_private_key>(SSL *ssl); | |
438 | ||
439 | =item void B<SSL_clear>(SSL *ssl); | |
440 | ||
441 | =item long B<SSL_clear_num_renegotiations>(SSL *ssl); | |
442 | ||
443 | =item int B<SSL_connect>(SSL *ssl); | |
444 | ||
445 | =item void B<SSL_copy_session_id>(SSL *t, SSL *f); | |
446 | ||
447 | =item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg); | |
448 | ||
449 | =item int B<SSL_do_handshake>(SSL *ssl); | |
450 | ||
451 | =item SSL *B<SSL_dup>(SSL *ssl); | |
452 | ||
453 | =item STACK *B<SSL_dup_CA_list>(STACK *sk); | |
454 | ||
455 | =item void B<SSL_free>(SSL *ssl); | |
456 | ||
457 | =item SSL_CTX *B<SSL_get_SSL_CTX>(SSL *ssl); | |
458 | ||
459 | =item char *B<SSL_get_app_data>(SSL *ssl); | |
460 | ||
461 | =item X509 *B<SSL_get_certificate>(SSL *ssl); | |
462 | ||
d49f3797 | 463 | =item const char *B<SSL_get_cipher>(SSL *ssl); |
3604a4d3 UM |
464 | |
465 | =item int B<SSL_get_cipher_bits>(SSL *ssl, int *alg_bits); | |
466 | ||
467 | =item char *B<SSL_get_cipher_list>(SSL *ssl, int n); | |
468 | ||
469 | =item char *B<SSL_get_cipher_name>(SSL *ssl); | |
470 | ||
471 | =item char *B<SSL_get_cipher_version>(SSL *ssl); | |
472 | ||
473 | =item STACK *B<SSL_get_ciphers>(SSL *ssl); | |
474 | ||
475 | =item STACK *B<SSL_get_client_CA_list>(SSL *ssl); | |
476 | ||
477 | =item SSL_CIPHER *B<SSL_get_current_cipher>(SSL *ssl); | |
478 | ||
479 | =item long B<SSL_get_default_timeout>(SSL *ssl); | |
480 | ||
481 | =item int B<SSL_get_error>(SSL *ssl, int i); | |
482 | ||
483 | =item char *B<SSL_get_ex_data>(SSL *ssl, int idx); | |
484 | ||
485 | =item int B<SSL_get_ex_data_X509_STORE_CTX_idx>(void); | |
486 | ||
487 | =item int B<SSL_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) | |
488 | ||
489 | =item int B<SSL_get_fd>(SSL *ssl); | |
490 | ||
491 | =item void (*B<SSL_get_info_callback>(SSL *ssl);)(void) | |
492 | ||
493 | =item STACK *B<SSL_get_peer_cert_chain>(SSL *ssl); | |
494 | ||
495 | =item X509 *B<SSL_get_peer_certificate>(SSL *ssl); | |
496 | ||
497 | =item EVP_PKEY *B<SSL_get_privatekey>(SSL *ssl); | |
498 | ||
499 | =item int B<SSL_get_quiet_shutdown>(SSL *ssl); | |
500 | ||
501 | =item BIO *B<SSL_get_rbio>(SSL *ssl); | |
502 | ||
503 | =item int B<SSL_get_read_ahead>(SSL *ssl); | |
504 | ||
505 | =item SSL_SESSION *B<SSL_get_session>(SSL *ssl); | |
506 | ||
507 | =item char *B<SSL_get_shared_ciphers>(SSL *ssl, char *buf, int len); | |
508 | ||
509 | =item int B<SSL_get_shutdown>(SSL *ssl); | |
510 | ||
511 | =item SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl); | |
512 | ||
513 | =item int B<SSL_get_state>(SSL *ssl); | |
514 | ||
515 | =item long B<SSL_get_time>(SSL *ssl); | |
516 | ||
517 | =item long B<SSL_get_timeout>(SSL *ssl); | |
518 | ||
519 | =item int (*B<SSL_get_verify_callback>(SSL *ssl);)(void) | |
520 | ||
521 | =item int B<SSL_get_verify_mode>(SSL *ssl); | |
522 | ||
523 | =item long B<SSL_get_verify_result>(SSL *ssl); | |
524 | ||
525 | =item char *B<SSL_get_version>(SSL *ssl); | |
526 | ||
527 | =item BIO *B<SSL_get_wbio>(SSL *ssl); | |
528 | ||
529 | =item int B<SSL_in_accept_init>(SSL *ssl); | |
530 | ||
531 | =item int B<SSL_in_before>(SSL *ssl); | |
532 | ||
533 | =item int B<SSL_in_connect_init>(SSL *ssl); | |
534 | ||
535 | =item int B<SSL_in_init>(SSL *ssl); | |
536 | ||
537 | =item int B<SSL_is_init_finished>(SSL *ssl); | |
538 | ||
539 | =item STACK *B<SSL_load_client_CA_file>(char *file); | |
540 | ||
541 | =item void B<SSL_load_error_strings>(void); | |
542 | ||
543 | =item SSL *B<SSL_new>(SSL_CTX *ctx); | |
544 | ||
545 | =item long B<SSL_num_renegotiations>(SSL *ssl); | |
546 | ||
547 | =item int B<SSL_peek>(SSL *ssl, char *buf, int num); | |
548 | ||
549 | =item int B<SSL_pending>(SSL *ssl); | |
550 | ||
551 | =item int B<SSL_read>(SSL *ssl, char *buf, int num); | |
552 | ||
553 | =item int B<SSL_renegotiate>(SSL *ssl); | |
554 | ||
555 | =item char *B<SSL_rstate_string>(SSL *ssl); | |
556 | ||
557 | =item char *B<SSL_rstate_string_long>(SSL *ssl); | |
558 | ||
559 | =item long B<SSL_session_reused>(SSL *ssl); | |
560 | ||
561 | =item void B<SSL_set_accept_state>(SSL *ssl); | |
562 | ||
563 | =item void B<SSL_set_app_data>(SSL *ssl, char *arg); | |
564 | ||
565 | =item void B<SSL_set_bio>(SSL *ssl, BIO *rbio, BIO *wbio); | |
566 | ||
567 | =item int B<SSL_set_cipher_list>(SSL *ssl, char *str); | |
568 | ||
569 | =item void B<SSL_set_client_CA_list>(SSL *ssl, STACK *list); | |
570 | ||
571 | =item void B<SSL_set_connect_state>(SSL *ssl); | |
572 | ||
573 | =item int B<SSL_set_ex_data>(SSL *ssl, int idx, char *arg); | |
574 | ||
575 | =item int B<SSL_set_fd>(SSL *ssl, int fd); | |
576 | ||
577 | =item void B<SSL_set_info_callback>(SSL *ssl, void (*cb);(void)) | |
578 | ||
579 | =item void B<SSL_set_options>(SSL *ssl, unsigned long op); | |
580 | ||
581 | =item void B<SSL_set_quiet_shutdown>(SSL *ssl, int mode); | |
582 | ||
583 | =item void B<SSL_set_read_ahead>(SSL *ssl, int yes); | |
584 | ||
585 | =item int B<SSL_set_rfd>(SSL *ssl, int fd); | |
586 | ||
587 | =item int B<SSL_set_session>(SSL *ssl, SSL_SESSION *session); | |
588 | ||
589 | =item void B<SSL_set_shutdown>(SSL *ssl, int mode); | |
590 | ||
591 | =item int B<SSL_set_ssl_method>(SSL *ssl, SSL_METHOD *meth); | |
592 | ||
593 | =item void B<SSL_set_time>(SSL *ssl, long t); | |
594 | ||
595 | =item void B<SSL_set_timeout>(SSL *ssl, long t); | |
596 | ||
597 | =item void B<SSL_set_verify>(SSL *ssl, int mode, int (*callback);(void)) | |
598 | ||
599 | =item void B<SSL_set_verify_result>(SSL *ssl, long arg); | |
600 | ||
601 | =item int B<SSL_set_wfd>(SSL *ssl, int fd); | |
602 | ||
603 | =item int B<SSL_shutdown>(SSL *ssl); | |
604 | ||
605 | =item int B<SSL_state>(SSL *ssl); | |
606 | ||
607 | =item char *B<SSL_state_string>(SSL *ssl); | |
608 | ||
609 | =item char *B<SSL_state_string_long>(SSL *ssl); | |
610 | ||
611 | =item long B<SSL_total_renegotiations>(SSL *ssl); | |
612 | ||
613 | =item int B<SSL_use_PrivateKey>(SSL *ssl, EVP_PKEY *pkey); | |
614 | ||
615 | =item int B<SSL_use_PrivateKey_ASN1>(int type, SSL *ssl, unsigned char *d, long len); | |
616 | ||
617 | =item int B<SSL_use_PrivateKey_file>(SSL *ssl, char *file, int type); | |
618 | ||
619 | =item int B<SSL_use_RSAPrivateKey>(SSL *ssl, RSA *rsa); | |
620 | ||
621 | =item int B<SSL_use_RSAPrivateKey_ASN1>(SSL *ssl, unsigned char *d, long len); | |
622 | ||
623 | =item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, char *file, int type); | |
624 | ||
625 | =item int B<SSL_use_certificate>(SSL *ssl, X509 *x); | |
626 | ||
627 | =item int B<SSL_use_certificate_ASN1>(SSL *ssl, int len, unsigned char *d); | |
628 | ||
629 | =item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type); | |
630 | ||
631 | =item int B<SSL_version>(SSL *ssl); | |
632 | ||
633 | =item int B<SSL_want>(SSL *ssl); | |
634 | ||
635 | =item int B<SSL_want_nothing>(SSL *ssl); | |
636 | ||
637 | =item int B<SSL_want_read>(SSL *ssl); | |
638 | ||
639 | =item int B<SSL_want_write>(SSL *ssl); | |
640 | ||
641 | =item int B<SSL_want_x509_lookup>(s); | |
642 | ||
643 | =item int B<SSL_write>(SSL *ssl, char *buf, int num); | |
644 | ||
645 | =back | |
646 | ||
647 | =head1 SEE ALSO | |
648 | ||
20ead2c6 | 649 | L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>, |
53e44d90 | 650 | L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>, |
356c06c7 | 651 | L<SSL_connect(3)|SSL_connect(3)>, |
553615f5 | 652 | L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>, |
66ebbb6a | 653 | L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>, |
e58d808a | 654 | L<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>, |
553615f5 | 655 | L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>, |
356c06c7 RL |
656 | L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> |
657 | L<SSL_CTX_new(3)|SSL_CTX_new(3)>, | |
66ebbb6a LJ |
658 | L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>, |
659 | L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>, | |
cd6aa710 | 660 | L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>, |
69431c29 | 661 | L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>, |
553615f5 | 662 | L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, |
66ebbb6a | 663 | L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, |
69431c29 | 664 | L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, |
356c06c7 | 665 | L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, |
751b5e8f LJ |
666 | L<SSL_get_error(3)|SSL_get_error(3)>, |
667 | L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>, | |
668 | L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>, | |
669 | L<SSL_get_fd(3)|SSL_get_fd(3)>, | |
69431c29 | 670 | L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>, |
53e44d90 | 671 | L<SSL_get_rbio(3)|SSL_get_rbio(3)>, |
69431c29 UM |
672 | L<SSL_get_session(3)|SSL_get_session(3)>, |
673 | L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, | |
356c06c7 RL |
674 | L<SSL_library_init(3)|SSL_library_init(3)>, |
675 | L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>, | |
676 | L<SSL_new(3)|SSL_new(3)>, | |
53e44d90 | 677 | L<SSL_read(3)|SSL_read(3)>, L<SSL_set_bio(3)|SSL_set_bio(3)>, |
69431c29 | 678 | L<SSL_set_fd(3)|SSL_set_fd(3)>, L<SSL_pending(3)|SSL_pending(3)>, |
53e44d90 UM |
679 | L<SSL_set_session(3)|SSL_set_session(3)>, |
680 | L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_write(3)|SSL_write(3)>, | |
e58d808a LJ |
681 | L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, |
682 | L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)> | |
3604a4d3 UM |
683 | |
684 | =head1 HISTORY | |
685 | ||
bb075f88 | 686 | The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2 |
3604a4d3 UM |
687 | |
688 | =cut | |
689 |