DragonFly On-Line Manual Pages

Search: Section:  

SSL_CTX_SET_TLSEXT... DragonFly Library Functions Manual SSL_CTX_SET_TLSEXT...


NAME

     SSL_CTX_set_tlsext_servername_callback,
     SSL_CTX_set_tlsext_servername_arg, SSL_get_servername_type,
     SSL_get_servername, SSL_set_tlsext_host_name -- handle server name indi-
     cation (SNI)


SYNOPSIS

     #include <openssl/ssl.h>

     long
     SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
	 int (*cb)(SSL_CTX *, int *, void *));

     long
     SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);

     const char *
     SSL_get_servername(const SSL *s, const int type);

     int
     SSL_get_servername_type(const SSL *s);

     int
     SSL_set_tlsext_host_name(const SSL *s, const char *name);


DESCRIPTION

     SSL_CTX_set_tlsext_servername_callback() sets the application callback cb
     used by a server to perform any actions or configuration required based
     on the servername extension received in the incoming connection.  When cb
     is NULL, SNI is not used.	The arg value is a pointer which is passed to
     the application callback.

     SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to
     be passed into the callback for ctx.

     SSL_set_tlsext_host_name() sets the server name indication ClientHello
     extension to contain the value name, or clears it if name is NULL.  The
     type of server name indication extension is set to
     TLSEXT_NAMETYPE_host_name as defined in RFC 3546.

     All three functions are implemented as macros.

     The ALPN and SNI callbacks are both executed during Client Hello process-
     ing.  The servername callback is executed first, followed by the ALPN
     callback.


RETURN VALUES

     SSL_CTX_set_tlsext_servername_callback() and
     SSL_CTX_set_tlsext_servername_arg() always return 1 indicating success.

     SSL_get_servername() returns a servername extension value of the speci-
     fied type if provided in the Client Hello, or NULL otherwise.

     SSL_get_servername_type() returns the servername type or -1 if no server-
     name is present.  Currently the only supported type (defined in RFC 3546)
     is TLSEXT_NAMETYPE_host_name.

     SSL_set_tlsext_host_name() returns 1 on success or 0 in case of an error.


SEE ALSO

     SSL_CTX_callback_ctrl(3), SSL_CTX_set_alpn_select_cb(3)


HISTORY

     These functions first appeared in OpenSSL 0.9.8f and have been available
     since OpenBSD 4.5.

DragonFly 5.5			March 23, 2018			 DragonFly 5.5

Search: Section: