source-git / openssl

Clone
Source Code
GIT

Blame doc/man3/SSL_CTX_set_info_callback.pod

c8 c8s master
  1.   c4476c2d191c8f18018d947521358ac6321a212e
  2.   doc
  3.   man3
  4.   SSL_CTX_set_info_callback.pod
Blob History Raw
Packit c4476c 
=pod
Packit c4476c
Packit c4476c 
=head1 NAME
Packit c4476c
Packit c4476c 
SSL_CTX_set_info_callback,
Packit c4476c 
SSL_CTX_get_info_callback,
Packit c4476c 
SSL_set_info_callback,
Packit c4476c 
SSL_get_info_callback
Packit c4476c 
- handle information callback for SSL connections
Packit c4476c
Packit c4476c 
=head1 SYNOPSIS
Packit c4476c
Packit c4476c 
 #include <openssl/ssl.h>
Packit c4476c
Packit c4476c 
 void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
Packit c4476c 
 void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
Packit c4476c
Packit c4476c 
 void SSL_set_info_callback(SSL *ssl, void (*callback)());
Packit c4476c 
 void (*SSL_get_info_callback(const SSL *ssl))();
Packit c4476c
Packit c4476c 
=head1 DESCRIPTION
Packit c4476c
Packit c4476c 
SSL_CTX_set_info_callback() sets the B<callback> function, that can be used to
Packit c4476c 
obtain state information for SSL objects created from B<ctx> during connection
Packit c4476c 
setup and use. The setting for B<ctx> is overridden from the setting for
Packit c4476c 
a specific SSL object, if specified.
Packit c4476c 
When B<callback> is NULL, no callback function is used.
Packit c4476c
Packit c4476c 
SSL_set_info_callback() sets the B<callback> function, that can be used to
Packit c4476c 
obtain state information for B<ssl> during connection setup and use.
Packit c4476c 
When B<callback> is NULL, the callback setting currently valid for
Packit c4476c 
B<ctx> is used.
Packit c4476c
Packit c4476c 
SSL_CTX_get_info_callback() returns a pointer to the currently set information
Packit c4476c 
callback function for B<ctx>.
Packit c4476c
Packit c4476c 
SSL_get_info_callback() returns a pointer to the currently set information
Packit c4476c 
callback function for B<ssl>.
Packit c4476c
Packit c4476c 
=head1 NOTES
Packit c4476c
Packit c4476c 
When setting up a connection and during use, it is possible to obtain state
Packit c4476c 
information from the SSL/TLS engine. When set, an information callback function
Packit c4476c 
is called whenever a significant event occurs such as: the state changes,
Packit c4476c 
an alert appears, or an error occurs.
Packit c4476c
Packit c4476c 
The callback function is called as B<callback(SSL *ssl, int where, int ret)>.
Packit c4476c 
The B<where> argument specifies information about where (in which context)
Packit c4476c 
the callback function was called. If B<ret> is 0, an error condition occurred.
Packit c4476c 
If an alert is handled, SSL_CB_ALERT is set and B<ret> specifies the alert
Packit c4476c 
information.
Packit c4476c
Packit c4476c 
B<where> is a bitmask made up of the following bits:
Packit c4476c
Packit c4476c 
=over 4
Packit c4476c
Packit c4476c 
=item SSL_CB_LOOP
Packit c4476c
Packit c4476c 
Callback has been called to indicate state change or some other significant
Packit c4476c 
state machine event. This may mean that the callback gets invoked more than once
Packit c4476c 
per state in some situations.
Packit c4476c
Packit c4476c 
=item SSL_CB_EXIT
Packit c4476c
Packit c4476c 
Callback has been called to indicate exit of a handshake function. This will
Packit c4476c 
happen after the end of a handshake, but may happen at other times too such as
Packit c4476c 
on error or when IO might otherwise block and non-blocking is being used.
Packit c4476c
Packit c4476c 
=item SSL_CB_READ
Packit c4476c
Packit c4476c 
Callback has been called during read operation.
Packit c4476c
Packit c4476c 
=item SSL_CB_WRITE
Packit c4476c
Packit c4476c 
Callback has been called during write operation.
Packit c4476c
Packit c4476c 
=item SSL_CB_ALERT
Packit c4476c
Packit c4476c 
Callback has been called due to an alert being sent or received.
Packit c4476c
Packit c4476c 
=item SSL_CB_READ_ALERT               (SSL_CB_ALERT|SSL_CB_READ)
Packit c4476c
Packit c4476c 
=item SSL_CB_WRITE_ALERT              (SSL_CB_ALERT|SSL_CB_WRITE)
Packit c4476c
Packit c4476c 
=item SSL_CB_ACCEPT_LOOP              (SSL_ST_ACCEPT|SSL_CB_LOOP)
Packit c4476c
Packit c4476c 
=item SSL_CB_ACCEPT_EXIT              (SSL_ST_ACCEPT|SSL_CB_EXIT)
Packit c4476c
Packit c4476c 
=item SSL_CB_CONNECT_LOOP             (SSL_ST_CONNECT|SSL_CB_LOOP)
Packit c4476c
Packit c4476c 
=item SSL_CB_CONNECT_EXIT             (SSL_ST_CONNECT|SSL_CB_EXIT)
Packit c4476c
Packit c4476c 
=item SSL_CB_HANDSHAKE_START
Packit c4476c
Packit c4476c 
Callback has been called because a new handshake is started. It also occurs when
Packit c4476c 
resuming a handshake following a pause to handle early data.
Packit c4476c
Packit c4476c 
=item SSL_CB_HANDSHAKE_DONE
Packit c4476c
Packit c4476c 
Callback has been called because a handshake is finished.  It also occurs if the
Packit c4476c 
handshake is paused to allow the exchange of early data.
Packit c4476c
Packit c4476c 
=back
Packit c4476c
Packit c4476c 
The current state information can be obtained using the
Packit c4476c 
L<SSL_state_string(3)> family of functions.
Packit c4476c
Packit c4476c 
The B<ret> information can be evaluated using the
Packit c4476c 
L<SSL_alert_type_string(3)> family of functions.
Packit c4476c
Packit c4476c 
=head1 RETURN VALUES
Packit c4476c
Packit c4476c 
SSL_set_info_callback() does not provide diagnostic information.
Packit c4476c
Packit c4476c 
SSL_get_info_callback() returns the current setting.
Packit c4476c
Packit c4476c 
=head1 EXAMPLES
Packit c4476c
Packit c4476c 
The following example callback function prints state strings, information
Packit c4476c 
about alerts being handled and error messages to the B<bio_err> BIO.
Packit c4476c
Packit c4476c 
 void apps_ssl_info_callback(SSL *s, int where, int ret)
Packit c4476c 
 {
Packit c4476c 
     const char *str;
Packit c4476c 
     int w = where & ~SSL_ST_MASK;
Packit c4476c
Packit c4476c 
     if (w & SSL_ST_CONNECT)
Packit c4476c 
         str = "SSL_connect";
Packit c4476c 
     else if (w & SSL_ST_ACCEPT)
Packit c4476c 
         str = "SSL_accept";
Packit c4476c 
     else
Packit c4476c 
         str = "undefined";
Packit c4476c
Packit c4476c 
     if (where & SSL_CB_LOOP) {
Packit c4476c 
         BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
Packit c4476c 
     } else if (where & SSL_CB_ALERT) {
Packit c4476c 
         str = (where & SSL_CB_READ) ? "read" : "write";
Packit c4476c 
         BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n", str,
Packit c4476c 
                    SSL_alert_type_string_long(ret),
Packit c4476c 
                    SSL_alert_desc_string_long(ret));
Packit c4476c 
     } else if (where & SSL_CB_EXIT) {
Packit c4476c 
         if (ret == 0) {
Packit c4476c 
             BIO_printf(bio_err, "%s:failed in %s\n",
Packit c4476c 
                        str, SSL_state_string_long(s));
Packit c4476c 
         } else if (ret < 0) {
Packit c4476c 
             BIO_printf(bio_err, "%s:error in %s\n",
Packit c4476c 
                        str, SSL_state_string_long(s));
Packit c4476c 
         }
Packit c4476c 
     }
Packit c4476c 
 }
Packit c4476c
Packit c4476c 
=head1 SEE ALSO
Packit c4476c
Packit c4476c 
L<ssl(7)>, L<SSL_state_string(3)>,
Packit c4476c 
L<SSL_alert_type_string(3)>
Packit c4476c
Packit c4476c 
=head1 COPYRIGHT
Packit c4476c
Packit c4476c 
Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
Packit c4476c
Packit c4476c 
Licensed under the OpenSSL license (the "License").  You may not use
Packit c4476c 
this file except in compliance with the License.  You can obtain a copy
Packit c4476c 
in the file LICENSE in the source distribution or at
Packit c4476c 
L<https://www.openssl.org/source/license.html>.
Packit c4476c
Packit c4476c 
=cut

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation