Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Branch: OpenSSL_0_9_7-stable
Branches Tags
openssl
/
doc
/
ssl
/
SSL_CTX_set_info_callback.pod

SSL_CTX_set_info_callback.pod 4.3 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, SSL_get_info_callback - handle information callback for SSL connections
    6. 

  6. 

  7. =head1 SYNOPSIS
    8. 

  8. 

  9.  #include <openssl/ssl.h>
    10. 

  10. 

  11.  void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
    12. 

  12.  void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
    13. 

  13. 

  14.  void SSL_set_info_callback(SSL *ssl, void (*callback)());
    15. 

  15.  void (*SSL_get_info_callback(const SSL *ssl))();
    16. 

  16. 

  17. =head1 DESCRIPTION
    18. 

  18. 

  19. SSL_CTX_set_info_callback() sets the B<callback> function, that can be used to
    20. 

  20. obtain state information for SSL objects created from B<ctx> during connection
    21. 

  21. setup and use. The setting for B<ctx> is overridden from the setting for
    22. 

  22. a specific SSL object, if specified.
    23. 

  23. When B<callback> is NULL, not callback function is used.
    24. 

  24. 

  25. SSL_set_info_callback() sets the B<callback> function, that can be used to
    26. 

  26. obtain state information for B<ssl> during connection setup and use.
    27. 

  27. When B<callback> is NULL, the callback setting currently valid for
    28. 

  28. B<ctx> is used.
    29. 

  29. 

  30. SSL_CTX_get_info_callback() returns a pointer to the currently set information
    31. 

  31. callback function for B<ctx>.
    32. 

  32. 

  33. SSL_get_info_callback() returns a pointer to the currently set information
    34. 

  34. callback function for B<ssl>.
    35. 

  35. 

  36. =head1 NOTES
    37. 

  37. 

  38. When setting up a connection and during use, it is possible to obtain state
    39. 

  39. information from the SSL/TLS engine. When set, an information callback function
    40. 

  40. is called whenever the state changes, an alert appears, or an error occurs.
    41. 

  41. 

  42. The callback function is called as B<callback(SSL *ssl, int where, int ret)>.
    43. 

  43. The B<where> argument specifies information about where (in which context)
    44. 

  44. the callback function was called. If B<ret> is 0, an error condition occurred.
    45. 

  45. If an alert is handled, SSL_CB_ALERT is set and B<ret> specifies the alert
    46. 

  46. information.
    47. 

  47. 

  48. B<where> is a bitmask made up of the following bits:
    49. 

  49. 

  50. =over 4
    51. 

  51. 

  52. =item SSL_CB_LOOP
    53. 

  53. 

  54. Callback has been called to indicate state change inside a loop.
    55. 

  55. 

  56. =item SSL_CB_EXIT
    57. 

  57. 

  58. Callback has been called to indicate error exit of a handshake function.
    59. 

  59. (May be soft error with retry option for non-blocking setups.)
    60. 

  60. 

  61. =item SSL_CB_READ
    62. 

  62. 

  63. Callback has been called during read operation.
    64. 

  64. 

  65. =item SSL_CB_WRITE
    66. 

  66. 

  67. Callback has been called during write operation.
    68. 

  68. 

  69. =item SSL_CB_ALERT
    70. 

  70. 

  71. Callback has been called due to an alert being sent or received.
    72. 

  72. 

  73. =item SSL_CB_READ_ALERT               (SSL_CB_ALERT|SSL_CB_READ)
    74. 

  74. 

  75. =item SSL_CB_WRITE_ALERT              (SSL_CB_ALERT|SSL_CB_WRITE)
    76. 

  76. 

  77. =item SSL_CB_ACCEPT_LOOP              (SSL_ST_ACCEPT|SSL_CB_LOOP)
    78. 

  78. 

  79. =item SSL_CB_ACCEPT_EXIT              (SSL_ST_ACCEPT|SSL_CB_EXIT)
    80. 

  80. 

  81. =item SSL_CB_CONNECT_LOOP             (SSL_ST_CONNECT|SSL_CB_LOOP)
    82. 

  82. 

  83. =item SSL_CB_CONNECT_EXIT             (SSL_ST_CONNECT|SSL_CB_EXIT)
    84. 

  84. 

  85. =item SSL_CB_HANDSHAKE_START
    86. 

  86. 

  87. Callback has been called because a new handshake is started.
    88. 

  88. 

  89. =item SSL_CB_HANDSHAKE_DONE           0x20
    90. 

  90. 

  91. Callback has been called because a handshake is finished.
    92. 

  92. 

  93. =back
    94. 

  94. 

  95. The current state information can be obtained using the
    96. 

  96. L<SSL_state_string(3)|SSL_state_string(3)> family of functions.
    97. 

  97. 

  98. The B<ret> information can be evaluated using the
    99. 

  99. L<SSL_alert_type_string(3)|SSL_alert_type_string(3)> family of functions.
    100. 

  100. 

  101. =head1 RETURN VALUES
    102. 

  102. 

  103. SSL_set_info_callback() does not provide diagnostic information.
    104. 

  104. 

  105. SSL_get_info_callback() returns the current setting.
    106. 

  106. 

  107. =head1 EXAMPLES
    108. 

  108. 

  109. The following example callback function prints state strings, information
    110. 

  110. about alerts being handled and error messages to the B<bio_err> BIO.
    111. 

  111. 

  112.  void apps_ssl_info_callback(SSL *s, int where, int ret)
    113. 

  113. 	{
    114. 

  114. 	const char *str;
    115. 

  115. 	int w;
    116. 

  116. 

  117. 	w=where& ~SSL_ST_MASK;
    118. 

  118. 

  119. 	if (w & SSL_ST_CONNECT) str="SSL_connect";
    120. 

  120. 	else if (w & SSL_ST_ACCEPT) str="SSL_accept";
    121. 

  121. 	else str="undefined";
    122. 

  122. 

  123. 	if (where & SSL_CB_LOOP)
    124. 

  124. 		{
    125. 

  125. 		BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
    126. 

  126. 		}
    127. 

  127. 	else if (where & SSL_CB_ALERT)
    128. 

  128. 		{
    129. 

  129. 		str=(where & SSL_CB_READ)?"read":"write";
    130. 

  130. 		BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
    131. 

  131. 			str,
    132. 

  132. 			SSL_alert_type_string_long(ret),
    133. 

  133. 			SSL_alert_desc_string_long(ret));
    134. 

  134. 		}
    135. 

  135. 	else if (where & SSL_CB_EXIT)
    136. 

  136. 		{
    137. 

  137. 		if (ret == 0)
    138. 

  138. 			BIO_printf(bio_err,"%s:failed in %s\n",
    139. 

  139. 				str,SSL_state_string_long(s));
    140. 

  140. 		else if (ret < 0)
    141. 

  141. 			{
    142. 

  142. 			BIO_printf(bio_err,"%s:error in %s\n",
    143. 

  143. 				str,SSL_state_string_long(s));
    144. 

  144. 			}
    145. 

  145. 		}
    146. 

  146. 	}
    147. 

  147. 

  148. =head1 SEE ALSO
    149. 

  149. 

  150. L<ssl(3)|ssl(3)>, L<SSL_state_string(3)|SSL_state_string(3)>,
    151. 

  151. L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>
    152. 

  152. 

  153. =cut
    154.