DragonFly On-Line Manual Pages
ssl(3) OpenSSL ssl(3)
NAME
SSL - OpenSSL SSL/TLS library
SYNOPSIS
DESCRIPTION
The OpenSSL ssl library implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols. It provides a rich API
which is documented here.
At first the library must be initialized; see SSL_library_init(3).
Then an SSL_CTX object is created as a framework to establish TLS/SSL
enabled connections (see SSL_CTX_new(3)). Various options regarding
certificates, algorithms etc. can be set in this object.
When a network connection has been created, it can be assigned to an
SSL object. After the SSL object has been created using SSL_new(3),
SSL_set_fd(3) or SSL_set_bio(3) can be used to associate the network
connection with the object.
Then the TLS/SSL handshake is performed using SSL_accept(3) or
SSL_connect(3) respectively. SSL_read(3) and SSL_write(3) are used to
read and write data on the TLS/SSL connection. SSL_shutdown(3) can be
used to shut down the TLS/SSL connection.
DATA STRUCTURES
Currently the OpenSSL ssl library functions deals with the following
data structures:
SSL_METHOD (SSL Method)
That's a dispatch structure describing the internal ssl library
methods/functions which implement the various protocol versions
(SSLv1, SSLv2 and TLSv1). It's needed to create an SSL_CTX.
SSL_CIPHER (SSL Cipher)
This structure holds the algorithm information for a particular
cipher which are a core part of the SSL/TLS protocol. The available
ciphers are configured on a SSL_CTX basis and the actually used
ones are then part of the SSL_SESSION.
SSL_CTX (SSL Context)
That's the global context structure which is created by a server or
client once per program life-time and which holds mainly default
values for the SSL structures which are later created for the
connections.
SSL_SESSION (SSL Session)
This is a structure containing the current TLS/SSL session details
for a connection: SSL_CIPHERs, client and server certificates,
keys, etc.
SSL (SSL Connection)
That's the main SSL/TLS structure which is created by a server or
client per established connection. This actually is the core
structure in the SSL API. Under run-time the application usually
deals with this structure which has links to mostly all other
structures.
HEADER FILES
Currently the OpenSSL ssl library provides the following C header files
containing the prototypes for the data structures and and functions:
ssl.h
That's the common header file for the SSL/TLS API. Include it into
your program to make the API of the ssl library available. It
internally includes both more private SSL headers and headers from
the crypto library. Whenever you need hard-core details on the
internals of the SSL API, look inside this header file.
ssl2.h
That's the sub header file dealing with the SSLv2 protocol only.
Usually you don't have to include it explicitly because it's
already included by ssl.h.
ssl3.h
That's the sub header file dealing with the SSLv3 protocol only.
Usually you don't have to include it explicitly because it's
already included by ssl.h.
ssl23.h
That's the sub header file dealing with the combined use of the
SSLv2 and SSLv3 protocols. Usually you don't have to include it
explicitly because it's already included by ssl.h.
tls1.h
That's the sub header file dealing with the TLSv1 protocol only.
Usually you don't have to include it explicitly because it's
already included by ssl.h.
API FUNCTIONS
Currently the OpenSSL ssl library exports 214 API functions. They are
documented in the following:
DEALING WITH PROTOCOL METHODS
Here we document the various API functions which deal with the SSL/TLS
protocol methods defined in SSL_METHOD structures.
const SSL_METHOD *SSLv23_method(void);
Constructor for the version-flexible SSL_METHOD structure for
clients, servers or both. See SSL_CTX_new(3) for details.
const SSL_METHOD *SSLv23_client_method(void);
Constructor for the version-flexible SSL_METHOD structure for
clients.
const SSL_METHOD *SSLv23_client_method(void);
Constructor for the version-flexible SSL_METHOD structure for
servers.
const SSL_METHOD *TLSv1_2_method(void);
Constructor for the TLSv1.2 SSL_METHOD structure for clients,
servers or both.
const SSL_METHOD *TLSv1_2_client_method(void);
Constructor for the TLSv1.2 SSL_METHOD structure for clients.
const SSL_METHOD *TLSv1_2_server_method(void);
Constructor for the TLSv1.2 SSL_METHOD structure for servers.
const SSL_METHOD *TLSv1_1_method(void);
Constructor for the TLSv1.1 SSL_METHOD structure for clients,
servers or both.
const SSL_METHOD *TLSv1_1_client_method(void);
Constructor for the TLSv1.1 SSL_METHOD structure for clients.
const SSL_METHOD *TLSv1_1_server_method(void);
Constructor for the TLSv1.1 SSL_METHOD structure for servers.
const SSL_METHOD *TLSv1_method(void);
Constructor for the TLSv1 SSL_METHOD structure for clients, servers
or both.
const SSL_METHOD *TLSv1_client_method(void);
Constructor for the TLSv1 SSL_METHOD structure for clients.
const SSL_METHOD *TLSv1_server_method(void);
Constructor for the TLSv1 SSL_METHOD structure for servers.
const SSL_METHOD *SSLv3_method(void);
Constructor for the SSLv3 SSL_METHOD structure for clients, servers
or both.
const SSL_METHOD *SSLv3_client_method(void);
Constructor for the SSLv3 SSL_METHOD structure for clients.
const SSL_METHOD *SSLv3_server_method(void);
Constructor for the SSLv3 SSL_METHOD structure for servers.
const SSL_METHOD *SSLv2_method(void);
Constructor for the SSLv2 SSL_METHOD structure for clients, servers
or both.
const SSL_METHOD *SSLv2_client_method(void);
Constructor for the SSLv2 SSL_METHOD structure for clients.
const SSL_METHOD *SSLv2_server_method(void);
Constructor for the SSLv2 SSL_METHOD structure for servers.
DEALING WITH CIPHERS
Here we document the various API functions which deal with the SSL/TLS
ciphers defined in SSL_CIPHER structures.
char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len);
Write a string to buf (with a maximum size of len) containing a
human readable description of cipher. Returns buf.
int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);
Determine the number of bits in cipher. Because of export crippled
ciphers there are two bits: The bits the algorithm supports in
general (stored to alg_bits) and the bits which are actually used
(the return value).
const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);
Return the internal name of cipher as a string. These are the
various strings defined by the SSL2_TXT_xxx, SSL3_TXT_xxx and
TLS1_TXT_xxx definitions in the header files.
char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);
Returns a string like ""TLSv1/SSLv3"" or ""SSLv2"" which indicates
the SSL/TLS protocol version to which cipher belongs (i.e. where it
was defined in the specification the first time).
DEALING WITH PROTOCOL CONTEXTS
Here we document the various API functions which deal with the SSL/TLS
protocol context defined in the SSL_CTX structure.
int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);
int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);
int SSL_CTX_check_private_key(const SSL_CTX *ctx);
long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg);
void SSL_CTX_flush_sessions(SSL_CTX *s, long t);
void SSL_CTX_free(SSL_CTX *a);
char *SSL_CTX_get_app_data(SSL_CTX *ctx);
X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);
STACK *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509,
EVP_PKEY **pkey);
void SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);
char *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx);
int SSL_CTX_get_ex_new_index(long argl, char *argp, int
(*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(SSL *ssl, int cb, int
ret);
int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
void SSL_CTX_get_read_ahead(SSL_CTX *ctx);
int SSL_CTX_get_session_cache_mode(SSL_CTX *ctx);
long SSL_CTX_get_timeout(const SSL_CTX *ctx);
int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int ok,
X509_STORE_CTX *ctx);
int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
int SSL_CTX_load_verify_locations(SSL_CTX *ctx, char *CAfile, char
*CApath);
long SSL_CTX_need_tmp_RSA(SSL_CTX *ctx);
SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);
int SSL_CTX_sess_accept(SSL_CTX *ctx);
int SSL_CTX_sess_accept_good(SSL_CTX *ctx);
int SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
int SSL_CTX_sess_cache_full(SSL_CTX *ctx);
int SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
int SSL_CTX_sess_connect(SSL_CTX *ctx);
int SSL_CTX_sess_connect_good(SSL_CTX *ctx);
int SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
int SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);
SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl,
unsigned char *data, int len, int *copy);
int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION
*sess);
void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)(SSL_CTX *ctx,
SSL_SESSION *sess);
int SSL_CTX_sess_hits(SSL_CTX *ctx);
int SSL_CTX_sess_misses(SSL_CTX *ctx);
int SSL_CTX_sess_number(SSL_CTX *ctx);
void SSL_CTX_sess_set_cache_size(SSL_CTX *ctx,t);
void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl,
unsigned char *data, int len, int *copy));
void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl,
SSL_SESSION *sess));
void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx,
SSL_SESSION *sess));
int SSL_CTX_sess_timeouts(SSL_CTX *ctx);
LHASH *SSL_CTX_sessions(SSL_CTX *ctx);
void SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg);
void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *cs);
void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(), char *arg)
int SSL_CTX_set_cipher_list(SSL_CTX *ctx, char *str);
void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);
void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509
**x509, EVP_PKEY **pkey));
void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, int (*cb);(void))
void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m);
int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg);
void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(SSL *ssl, int
cb, int ret));
void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int
version, int content_type, const void *buf, size_t len, SSL *ssl, void
*arg));
void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
void SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int m);
void SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode);
int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
void SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH *dh);
long SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*cb)(void));
long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa);
SSL_CTX_set_tmp_rsa_callback
"long SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL
*ssl, int export, int keylength));"
Sets the callback which will be called when a temporary private key
is required. The "export" flag will be set if the reason for
needing a temp key is that an export ciphersuite is in use, in
which case, "keylength" will contain the required keylength in
bits. Generate a key of appropriate size (using ???) and return it.
SSL_set_tmp_rsa_callback
long SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int
export, int keylength));
The same as SSL_CTX_set_tmp_rsa_callback, except it operates on an
SSL session instead of a context.
void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb);(void))
int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char
*d, long len);
int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);
int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long
len);
int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);
int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char
*d);
int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);
X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, unsigned int
(*callback)(SSL *ssl, const char *hint, char *identity, unsigned int
max_identity_len, unsigned char *psk, unsigned int max_psk_len));
int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, unsigned int
(*callback)(SSL *ssl, const char *identity, unsigned char *psk, int
max_psk_len));
DEALING WITH SESSIONS
Here we document the various API functions which deal with the SSL/TLS
sessions defined in the SSL_SESSION structures.
int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b);
void SSL_SESSION_free(SSL_SESSION *ss);
char *SSL_SESSION_get_app_data(SSL_SESSION *s);
char *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx);
int SSL_SESSION_get_ex_new_index(long argl, char *argp, int
(*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
long SSL_SESSION_get_time(const SSL_SESSION *s);
long SSL_SESSION_get_timeout(const SSL_SESSION *s);
unsigned long SSL_SESSION_hash(const SSL_SESSION *a);
SSL_SESSION *SSL_SESSION_new(void);
int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x);
int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x);
void SSL_SESSION_set_app_data(SSL_SESSION *s, char *a);
int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, char *arg);
long SSL_SESSION_set_time(SSL_SESSION *s, long t);
long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
DEALING WITH CONNECTIONS
Here we document the various API functions which deal with the SSL/TLS
connection defined in the SSL structure.
int SSL_accept(SSL *ssl);
int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir);
int SSL_add_file_cert_subjects_to_stack(STACK *stack, const char
*file);
int SSL_add_client_CA(SSL *ssl, X509 *x);
char *SSL_alert_desc_string(int value);
char *SSL_alert_desc_string_long(int value);
char *SSL_alert_type_string(int value);
char *SSL_alert_type_string_long(int value);
int SSL_check_private_key(const SSL *ssl);
void SSL_clear(SSL *ssl);
long SSL_clear_num_renegotiations(SSL *ssl);
int SSL_connect(SSL *ssl);
void SSL_copy_session_id(SSL *t, const SSL *f);
long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg);
int SSL_do_handshake(SSL *ssl);
SSL *SSL_dup(SSL *ssl);
STACK *SSL_dup_CA_list(STACK *sk);
void SSL_free(SSL *ssl);
SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
char *SSL_get_app_data(SSL *ssl);
X509 *SSL_get_certificate(const SSL *ssl);
const char *SSL_get_cipher(const SSL *ssl);
int SSL_get_cipher_bits(const SSL *ssl, int *alg_bits);
char *SSL_get_cipher_list(const SSL *ssl, int n);
char *SSL_get_cipher_name(const SSL *ssl);
char *SSL_get_cipher_version(const SSL *ssl);
STACK *SSL_get_ciphers(const SSL *ssl);
STACK *SSL_get_client_CA_list(const SSL *ssl);
SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
long SSL_get_default_timeout(const SSL *ssl);
int SSL_get_error(const SSL *ssl, int i);
char *SSL_get_ex_data(const SSL *ssl, int idx);
int SSL_get_ex_data_X509_STORE_CTX_idx(void);
int SSL_get_ex_new_index(long argl, char *argp, int (*new_func);(void),
int (*dup_func)(void), void (*free_func)(void))
int SSL_get_fd(const SSL *ssl);
void (*SSL_get_info_callback(const SSL *ssl);)()
STACK *SSL_get_peer_cert_chain(const SSL *ssl);
X509 *SSL_get_peer_certificate(const SSL *ssl);
EVP_PKEY *SSL_get_privatekey(const SSL *ssl);
int SSL_get_quiet_shutdown(const SSL *ssl);
BIO *SSL_get_rbio(const SSL *ssl);
int SSL_get_read_ahead(const SSL *ssl);
SSL_SESSION *SSL_get_session(const SSL *ssl);
char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len);
int SSL_get_shutdown(const SSL *ssl);
const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
int SSL_get_state(const SSL *ssl);
long SSL_get_time(const SSL *ssl);
long SSL_get_timeout(const SSL *ssl);
int (*SSL_get_verify_callback(const SSL *ssl))(int,X509_STORE_CTX *)
int SSL_get_verify_mode(const SSL *ssl);
long SSL_get_verify_result(const SSL *ssl);
char *SSL_get_version(const SSL *ssl);
BIO *SSL_get_wbio(const SSL *ssl);
int SSL_in_accept_init(SSL *ssl);
int SSL_in_before(SSL *ssl);
int SSL_in_connect_init(SSL *ssl);
int SSL_in_init(SSL *ssl);
int SSL_is_init_finished(SSL *ssl);
STACK *SSL_load_client_CA_file(char *file);
void SSL_load_error_strings(void);
SSL *SSL_new(SSL_CTX *ctx);
long SSL_num_renegotiations(SSL *ssl);
int SSL_peek(SSL *ssl, void *buf, int num);
int SSL_pending(const SSL *ssl);
int SSL_read(SSL *ssl, void *buf, int num);
int SSL_renegotiate(SSL *ssl);
char *SSL_rstate_string(SSL *ssl);
char *SSL_rstate_string_long(SSL *ssl);
long SSL_session_reused(SSL *ssl);
void SSL_set_accept_state(SSL *ssl);
void SSL_set_app_data(SSL *ssl, char *arg);
void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
int SSL_set_cipher_list(SSL *ssl, char *str);
void SSL_set_client_CA_list(SSL *ssl, STACK *list);
void SSL_set_connect_state(SSL *ssl);
int SSL_set_ex_data(SSL *ssl, int idx, char *arg);
int SSL_set_fd(SSL *ssl, int fd);
void SSL_set_info_callback(SSL *ssl, void (*cb);(void))
void SSL_set_msg_callback(SSL *ctx, void (*cb)(int write_p, int
version, int content_type, const void *buf, size_t len, SSL *ssl, void
*arg));
void SSL_set_msg_callback_arg(SSL *ctx, void *arg);
void SSL_set_options(SSL *ssl, unsigned long op);
void SSL_set_quiet_shutdown(SSL *ssl, int mode);
void SSL_set_read_ahead(SSL *ssl, int yes);
int SSL_set_rfd(SSL *ssl, int fd);
int SSL_set_session(SSL *ssl, SSL_SESSION *session);
void SSL_set_shutdown(SSL *ssl, int mode);
int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *meth);
void SSL_set_time(SSL *ssl, long t);
void SSL_set_timeout(SSL *ssl, long t);
void SSL_set_verify(SSL *ssl, int mode, int (*callback);(void))
void SSL_set_verify_result(SSL *ssl, long arg);
int SSL_set_wfd(SSL *ssl, int fd);
int SSL_shutdown(SSL *ssl);
int SSL_state(const SSL *ssl);
char *SSL_state_string(const SSL *ssl);
char *SSL_state_string_long(const SSL *ssl);
long SSL_total_renegotiations(SSL *ssl);
int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long
len);
int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);
int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);
int SSL_use_certificate(SSL *ssl, X509 *x);
int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);
int SSL_use_certificate_file(SSL *ssl, char *file, int type);
int SSL_version(const SSL *ssl);
int SSL_want(const SSL *ssl);
int SSL_want_nothing(const SSL *ssl);
int SSL_want_read(const SSL *ssl);
int SSL_want_write(const SSL *ssl);
int SSL_want_x509_lookup(const SSL *ssl);
int SSL_write(SSL *ssl, const void *buf, int num);
void SSL_set_psk_client_callback(SSL *ssl, unsigned int (*callback)(SSL
*ssl, const char *hint, char *identity, unsigned int max_identity_len,
unsigned char *psk, unsigned int max_psk_len));
int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
void SSL_set_psk_server_callback(SSL *ssl, unsigned int (*callback)(SSL
*ssl, const char *identity, unsigned char *psk, int max_psk_len));
const char *SSL_get_psk_identity_hint(SSL *ssl);
const char *SSL_get_psk_identity(SSL *ssl);
SEE ALSO
openssl(1), crypto(3), SSL_accept(3), SSL_clear(3), SSL_connect(3),
SSL_CIPHER_get_name(3), SSL_COMP_add_compression_method(3),
SSL_CTX_add_extra_chain_cert(3), SSL_CTX_add_session(3),
SSL_CTX_ctrl(3), SSL_CTX_flush_sessions(3),
SSL_CTX_get_ex_new_index(3), SSL_CTX_get_verify_mode(3),
SSL_CTX_load_verify_locations(3) SSL_CTX_new(3),
SSL_CTX_sess_number(3), SSL_CTX_sess_set_cache_size(3),
SSL_CTX_sess_set_get_cb(3), SSL_CTX_sessions(3),
SSL_CTX_set_cert_store(3), SSL_CTX_set_cert_verify_callback(3),
SSL_CTX_set_cipher_list(3), SSL_CTX_set_client_CA_list(3),
SSL_CTX_set_client_cert_cb(3), SSL_CTX_set_default_passwd_cb(3),
SSL_CTX_set_generate_session_id(3), SSL_CTX_set_info_callback(3),
SSL_CTX_set_max_cert_list(3), SSL_CTX_set_mode(3),
SSL_CTX_set_msg_callback(3), SSL_CTX_set_options(3),
SSL_CTX_set_quiet_shutdown(3), SSL_CTX_set_read_ahead(3),
SSL_CTX_set_session_cache_mode(3), SSL_CTX_set_session_id_context(3),
SSL_CTX_set_ssl_version(3), SSL_CTX_set_timeout(3),
SSL_CTX_set_tmp_rsa_callback(3), SSL_CTX_set_tmp_dh_callback(3),
SSL_CTX_set_verify(3), SSL_CTX_use_certificate(3),
SSL_alert_type_string(3), SSL_do_handshake(3), SSL_get_SSL_CTX(3),
SSL_get_ciphers(3), SSL_get_client_CA_list(3),
SSL_get_default_timeout(3), SSL_get_error(3),
SSL_get_ex_data_X509_STORE_CTX_idx(3), SSL_get_ex_new_index(3),
SSL_get_fd(3), SSL_get_peer_cert_chain(3), SSL_get_rbio(3),
SSL_get_session(3), SSL_get_verify_result(3), SSL_get_version(3),
SSL_library_init(3), SSL_load_client_CA_file(3), SSL_new(3),
SSL_pending(3), SSL_read(3), SSL_rstate_string(3),
SSL_session_reused(3), SSL_set_bio(3), SSL_set_connect_state(3),
SSL_set_fd(3), SSL_set_session(3), SSL_set_shutdown(3),
SSL_shutdown(3), SSL_state_string(3), SSL_want(3), SSL_write(3),
SSL_SESSION_free(3), SSL_SESSION_get_ex_new_index(3),
SSL_SESSION_get_time(3), d2i_SSL_SESSION(3),
SSL_CTX_set_psk_client_callback(3), SSL_CTX_use_psk_identity_hint(3),
SSL_get_psk_identity(3)
HISTORY
The ssl(3) document appeared in OpenSSL 0.9.2
1.0.2h 2016-05-03 ssl(3)
SSL_CTX_set_options(3) OpenSSL SSL_CTX_set_options(3)
NAME
SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options,
SSL_clear_options, SSL_CTX_get_options, SSL_get_options,
SSL_get_secure_renegotiation_support - manipulate SSL options
SYNOPSIS
#include <openssl/ssl.h>
long SSL_CTX_set_options(SSL_CTX *ctx, long options);
long SSL_set_options(SSL *ssl, long options);
long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
long SSL_clear_options(SSL *ssl, long options);
long SSL_CTX_get_options(SSL_CTX *ctx);
long SSL_get_options(SSL *ssl);
long SSL_get_secure_renegotiation_support(SSL *ssl);
DESCRIPTION
Note: all these functions are implemented using macros.
SSL_CTX_set_options() adds the options set via bitmask in options to
ctx. Options already set before are not cleared!
SSL_set_options() adds the options set via bitmask in options to ssl.
Options already set before are not cleared!
SSL_CTX_clear_options() clears the options set via bitmask in options
to ctx.
SSL_clear_options() clears the options set via bitmask in options to
ssl.
SSL_CTX_get_options() returns the options set for ctx.
SSL_get_options() returns the options set for ssl.
SSL_get_secure_renegotiation_support() indicates whether the peer
supports secure renegotiation.
NOTES
The behaviour of the SSL library can be changed by setting several
options. The options are coded as bitmasks and can be combined by a
logical or operation (|).
SSL_CTX_set_options() and SSL_set_options() affect the (external)
protocol behaviour of the SSL library. The (internal) behaviour of the
API can be changed by using the similar SSL_CTX_set_mode(3) and
SSL_set_mode() functions.
During a handshake, the option settings of the SSL object are used.
When a new SSL object is created from a context using SSL_new(), the
current option setting is copied. Changes to ctx do not affect already
created SSL objects. SSL_clear() does not affect the settings.
The following bug workaround options are available:
SSL_OP_MICROSOFT_SESS_ID_BUG
www.microsoft.com - when talking SSLv2, if session-id reuse is
performed, the session-id passed back in the server-finished
message is different from the one decided upon.
SSL_OP_NETSCAPE_CHALLENGE_BUG
Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
challenge but then appears to only use 16 bytes when generating the
encryption keys. Using 16 bytes is ok but it should be ok to use
32. According to the SSLv3 spec, one should use 32 bytes for the
challenge when operating in SSLv2/v3 compatibility mode, but as
mentioned above, this breaks this server so 16 bytes is the way to
go.
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
...
SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
...
SSL_OP_SAFARI_ECDHE_ECDSA_BUG
Don't prefer ECDHE-ECDSA ciphers when the client appears to be
Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-
ECDSA ciphers.
SSL_OP_SSLEAY_080_CLIENT_DH_BUG
...
SSL_OP_TLS_D5_BUG
...
SSL_OP_TLS_BLOCK_PADDING_BUG
...
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol
vulnerability affecting CBC ciphers, which cannot be handled by
some broken SSL implementations. This option has no effect for
connections using other ciphers.
SSL_OP_TLSEXT_PADDING
Adds a padding extension to ensure the ClientHello size is never
between 256 and 511 bytes in length. This is needed as a workaround
for some implementations.
SSL_OP_ALL
All of the above bug workarounds.
It is usually safe to use SSL_OP_ALL to enable the bug workaround
options if compatibility with somewhat broken implementations is
desired.
The following modifying options are available:
SSL_OP_TLS_ROLLBACK_BUG
Disable version rollback attack detection.
During the client key exchange, the client must send the same
information about acceptable SSL/TLS protocol levels as during the
first hello. Some clients violate this rule by adapting to the
server's answer. (Example: the client sends a SSLv2 hello and
accepts up to SSLv3.1=TLSv1, the server only understands up to
SSLv3. In this case the client must still use the same
SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with
respect to the server's answer and violate the version rollback
protection.)
SSL_OP_SINGLE_DH_USE
Always create a new key when using temporary/ephemeral DH
parameters (see SSL_CTX_set_tmp_dh_callback(3)). This option must
be used to prevent small subgroup attacks, when the DH parameters
were not generated using "strong" primes (e.g. when using DSA-
parameters, see dhparam(1)). If "strong" primes were used, it is
not strictly necessary to generate a new DH key during each
handshake but it is also recommended. SSL_OP_SINGLE_DH_USE should
therefore be enabled whenever temporary/ephemeral DH parameters are
used.
SSL_OP_EPHEMERAL_RSA
This option is no longer implemented and is treated as no op.
SSL_OP_CIPHER_SERVER_PREFERENCE
When choosing a cipher, use the server's preferences instead of the
client preferences. When not set, the SSL server will always follow
the clients preferences. When set, the SSLv3/TLSv1 server will
choose following its own preferences. Because of the different
protocol, for SSLv2 the server will send its list of preferences to
the client and the client chooses.
SSL_OP_PKCS1_CHECK_1
...
SSL_OP_PKCS1_CHECK_2
...
SSL_OP_NETSCAPE_CA_DN_BUG
If we accept a netscape connection, demand a client cert, have a
non-self-signed CA which does not have its CA in netscape, and the
browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta
SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
...
SSL_OP_NO_SSLv2
Do not use the SSLv2 protocol. As of OpenSSL 1.0.2g the
SSL_OP_NO_SSLv2 option is set by default.
SSL_OP_NO_SSLv3
Do not use the SSLv3 protocol. It is recommended that applications
should set this option.
SSL_OP_NO_TLSv1
Do not use the TLSv1 protocol.
SSL_OP_NO_TLSv1_1
Do not use the TLSv1.1 protocol.
SSL_OP_NO_TLSv1_2
Do not use the TLSv1.2 protocol.
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
When performing renegotiation as a server, always start a new
session (i.e., session resumption requests are only accepted in the
initial handshake). This option is not needed for clients.
SSL_OP_NO_TICKET
Normally clients and servers will, where possible, transparently
make use of RFC4507bis tickets for stateless session resumption.
If this option is set this functionality is disabled and tickets
will not be used by clients or servers.
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
Allow legacy insecure renegotiation between OpenSSL and unpatched
clients or servers. See the SECURE RENEGOTIATION section for more
details.
SSL_OP_LEGACY_SERVER_CONNECT
Allow legacy insecure renegotiation between OpenSSL and unpatched
servers only: this option is currently set by default. See the
SECURE RENEGOTIATION section for more details.
SECURE RENEGOTIATION
OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
described in RFC5746. This counters the prefix attack described in
CVE-2009-3555 and elsewhere.
The deprecated and highly broken SSLv2 protocol does not support
renegotiation at all: its use is strongly discouraged.
This attack has far reaching consequences which application writers
should be aware of. In the description below an implementation
supporting secure renegotiation is referred to as patched. A server not
supporting secure renegotiation is referred to as unpatched.
The following sections describe the operations permitted by OpenSSL's
secure renegotiation implementation.
Patched client and server
Connections and renegotiation are always permitted by OpenSSL
implementations.
Unpatched client and patched OpenSSL server
The initial connection succeeds but client renegotiation is denied by
the server with a no_renegotiation warning alert if TLS v1.0 is used or
a fatal handshake_failure alert in SSL v3.0.
If the patched OpenSSL server attempts to renegotiate a fatal
handshake_failure alert is sent. This is because the server code may be
unaware of the unpatched nature of the client.
If the option SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION is set then
renegotiation always succeeds.
NB: a bug in OpenSSL clients earlier than 0.9.8m (all of which are
unpatched) will result in the connection hanging if it receives a
no_renegotiation alert. OpenSSL versions 0.9.8m and later will regard a
no_renegotiation alert as fatal and respond with a fatal
handshake_failure alert. This is because the OpenSSL API currently has
no provision to indicate to an application that a renegotiation attempt
was refused.
Patched OpenSSL client and unpatched server.
If the option SSL_OP_LEGACY_SERVER_CONNECT or
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION is set then initial
connections and renegotiation between patched OpenSSL clients and
unpatched servers succeeds. If neither option is set then initial
connections to unpatched servers will fail.
The option SSL_OP_LEGACY_SERVER_CONNECT is currently set by default
even though it has security implications: otherwise it would be
impossible to connect to unpatched servers (i.e. all of them initially)
and this is clearly not acceptable. Renegotiation is permitted because
this does not add any additional security issues: during an attack
clients do not see any renegotiations anyway.
As more servers become patched the option SSL_OP_LEGACY_SERVER_CONNECT
will not be set by default in a future version of OpenSSL.
OpenSSL client applications wishing to ensure they can connect to
unpatched servers should always set SSL_OP_LEGACY_SERVER_CONNECT
OpenSSL client applications that want to ensure they can not connect to
unpatched servers (and thus avoid any security issues) should always
clear SSL_OP_LEGACY_SERVER_CONNECT using SSL_CTX_clear_options() or
SSL_clear_options().
The difference between the SSL_OP_LEGACY_SERVER_CONNECT and
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION options is that
SSL_OP_LEGACY_SERVER_CONNECT enables initial connections and secure
renegotiation between OpenSSL clients and unpatched servers only, while
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION allows initial connections and
renegotiation between OpenSSL and unpatched clients or servers.
RETURN VALUES
SSL_CTX_set_options() and SSL_set_options() return the new options
bitmask after adding options.
SSL_CTX_clear_options() and SSL_clear_options() return the new options
bitmask after clearing options.
SSL_CTX_get_options() and SSL_get_options() return the current bitmask.
SSL_get_secure_renegotiation_support() returns 1 is the peer supports
secure renegotiation and 0 if it does not.
SEE ALSO
ssl(3), SSL_new(3), SSL_clear(3), SSL_CTX_set_tmp_dh_callback(3),
SSL_CTX_set_tmp_rsa_callback(3), dhparam(1)
HISTORY
SSL_OP_CIPHER_SERVER_PREFERENCE and
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION have been added in
OpenSSL 0.9.7.
SSL_OP_TLS_ROLLBACK_BUG has been added in OpenSSL 0.9.6 and was
automatically enabled with SSL_OP_ALL. As of 0.9.7, it is no longer
included in SSL_OP_ALL and must be explicitly set.
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS has been added in OpenSSL 0.9.6e.
Versions up to OpenSSL 0.9.6c do not include the countermeasure that
can be disabled with this option (in OpenSSL 0.9.6d, it was always
enabled).
SSL_CTX_clear_options() and SSL_clear_options() were first added in
OpenSSL 0.9.8m.
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, SSL_OP_LEGACY_SERVER_CONNECT
and the function SSL_get_secure_renegotiation_support() were first
added in OpenSSL 0.9.8m.
1.0.2h 2016-05-03 SSL_CTX_set_options(3)