SSL_CTX_set_ssl_version.pod 2.5 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889
  1. =pod
  2. =head1 NAME
  3. SSL_CTX_set_ssl_version, SSL_CTX_get_ssl_method, SSL_set_ssl_method, SSL_get_ssl_method
  4. - choose a new TLS/SSL method
  5. =head1 SYNOPSIS
  6. #include <openssl/ssl.h>
  7. int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
  8. const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx);
  9. int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
  10. const SSL_METHOD *SSL_get_ssl_method(const SSL *ssl);
  11. =head1 DESCRIPTION
  12. SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects
  13. newly created from this B<ctx>. Most of the configuration attached to the
  14. SSL_CTX object is retained, with the exception of the configured TLS ciphers,
  15. which are reset to the default values. SSL objects already created from this
  16. SSL_CTX with L<SSL_new(3)> are not affected, except when L<SSL_clear(3)> is
  17. being called, as described below.
  18. SSL_CTX_get_ssl_method() returns the SSL_METHOD which was used to construct the
  19. SSL_CTX.
  20. SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl>
  21. object. It may be reset, when SSL_clear() is called.
  22. SSL_get_ssl_method() returns a pointer to the TLS/SSL method
  23. set in B<ssl>.
  24. =head1 NOTES
  25. The available B<method> choices are described in
  26. L<SSL_CTX_new(3)>.
  27. When L<SSL_clear(3)> is called and no session is connected to
  28. an SSL object, the method of the SSL object is reset to the method currently
  29. set in the corresponding SSL_CTX object.
  30. SSL_CTX_set_version() has unusual semantics and no clear use case;
  31. it would usually be preferable to create a new SSL_CTX object than to
  32. try to reuse an existing one in this fashion. Its usage is considered
  33. deprecated.
  34. =head1 RETURN VALUES
  35. The following return values can occur for SSL_CTX_set_ssl_version()
  36. and SSL_set_ssl_method():
  37. =over 4
  38. =item Z<>0
  39. The new choice failed, check the error stack to find out the reason.
  40. =item Z<>1
  41. The operation succeeded.
  42. =back
  43. SSL_CTX_get_ssl_method() and SSL_get_ssl_method() always return non-NULL
  44. pointers.
  45. =head1 SEE ALSO
  46. L<SSL_CTX_new(3)>, L<SSL_new(3)>,
  47. L<SSL_clear(3)>, L<ssl(7)>,
  48. L<SSL_set_connect_state(3)>
  49. =head1 HISTORY
  50. SSL_CTX_set_ssl_version() was deprecated in OpenSSL 3.0.
  51. =head1 COPYRIGHT
  52. Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
  53. Licensed under the Apache License 2.0 (the "License"). You may not use
  54. this file except in compliance with the License. You can obtain a copy
  55. in the file LICENSE in the source distribution or at
  56. L<https://www.openssl.org/source/license.html>.
  57. =cut