diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3 | 36 |
1 files changed, 29 insertions, 7 deletions
diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3 index b195e16809..6a3660a1c2 100644 --- a/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3 +++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3 | |||
| @@ -1,8 +1,9 @@ | |||
| 1 | .\" $OpenBSD: SSL_CTX_set_tlsext_status_cb.3,v 1.2 2017/04/10 14:00:51 schwarze Exp $ | 1 | .\" $OpenBSD: SSL_CTX_set_tlsext_status_cb.3,v 1.3 2018/02/18 21:04:31 schwarze Exp $ |
| 2 | .\" OpenSSL 43c34894 Nov 30 16:04:51 2015 +0000 | 2 | .\" full merge up to: OpenSSL 43c34894 Nov 30 16:04:51 2015 +0000 |
| 3 | .\" selective merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 | ||
| 3 | .\" | 4 | .\" |
| 4 | .\" This file was written by Matt Caswell <matt@openssl.org>. | 5 | .\" This file was written by Matt Caswell <matt@openssl.org>. |
| 5 | .\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. | 6 | .\" Copyright (c) 2015, 2016 The OpenSSL Project. All rights reserved. |
| 6 | .\" | 7 | .\" |
| 7 | .\" Redistribution and use in source and binary forms, with or without | 8 | .\" Redistribution and use in source and binary forms, with or without |
| 8 | .\" modification, are permitted provided that the following conditions | 9 | .\" modification, are permitted provided that the following conditions |
| @@ -48,12 +49,14 @@ | |||
| 48 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 49 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 49 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 50 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
| 50 | .\" | 51 | .\" |
| 51 | .Dd $Mdocdate: April 10 2017 $ | 52 | .Dd $Mdocdate: February 18 2018 $ |
| 52 | .Dt SSL_CTX_SET_TLSEXT_STATUS_CB 3 | 53 | .Dt SSL_CTX_SET_TLSEXT_STATUS_CB 3 |
| 53 | .Os | 54 | .Os |
| 54 | .Sh NAME | 55 | .Sh NAME |
| 55 | .Nm SSL_CTX_set_tlsext_status_cb , | 56 | .Nm SSL_CTX_set_tlsext_status_cb , |
| 57 | .Nm SSL_CTX_get_tlsext_status_cb , | ||
| 56 | .Nm SSL_CTX_set_tlsext_status_arg , | 58 | .Nm SSL_CTX_set_tlsext_status_arg , |
| 59 | .Nm SSL_CTX_get_tlsext_status_arg , | ||
| 57 | .Nm SSL_set_tlsext_status_type , | 60 | .Nm SSL_set_tlsext_status_type , |
| 58 | .Nm SSL_get_tlsext_status_ocsp_resp , | 61 | .Nm SSL_get_tlsext_status_ocsp_resp , |
| 59 | .Nm SSL_set_tlsext_status_ocsp_resp | 62 | .Nm SSL_set_tlsext_status_ocsp_resp |
| @@ -66,11 +69,21 @@ | |||
| 66 | .Fa "int (*callback)(SSL *, void *)" | 69 | .Fa "int (*callback)(SSL *, void *)" |
| 67 | .Fc | 70 | .Fc |
| 68 | .Ft long | 71 | .Ft long |
| 72 | .Fo SSL_CTX_get_tlsext_status_cb | ||
| 73 | .Fa "SSL_CTX *ctx" | ||
| 74 | .Fa "int (*callback)(SSL *, void *)" | ||
| 75 | .Fc | ||
| 76 | .Ft long | ||
| 69 | .Fo SSL_CTX_set_tlsext_status_arg | 77 | .Fo SSL_CTX_set_tlsext_status_arg |
| 70 | .Fa "SSL_CTX *ctx" | 78 | .Fa "SSL_CTX *ctx" |
| 71 | .Fa "void *arg" | 79 | .Fa "void *arg" |
| 72 | .Fc | 80 | .Fc |
| 73 | .Ft long | 81 | .Ft long |
| 82 | .Fo SSL_CTX_get_tlsext_status_arg | ||
| 83 | .Fa "SSL_CTX *ctx" | ||
| 84 | .Fa "void **arg" | ||
| 85 | .Fc | ||
| 86 | .Ft long | ||
| 74 | .Fo SSL_set_tlsext_status_type | 87 | .Fo SSL_set_tlsext_status_type |
| 75 | .Fa "SSL *s" | 88 | .Fa "SSL *s" |
| 76 | .Fa "int type" | 89 | .Fa "int type" |
| @@ -112,6 +125,13 @@ Note that the callback will not be called in the event of a handshake | |||
| 112 | where session resumption occurs (because there are no Certificates | 125 | where session resumption occurs (because there are no Certificates |
| 113 | exchanged in such a handshake). | 126 | exchanged in such a handshake). |
| 114 | .Pp | 127 | .Pp |
| 128 | The callback previously set via | ||
| 129 | .Fn SSL_CTX_set_tlsext_status_cb | ||
| 130 | can be retrieved by calling | ||
| 131 | .Fn SSL_CTX_get_tlsext_status_cb , | ||
| 132 | and the argument by calling | ||
| 133 | .Fn SSL_CTX_get_tlsext_status_arg . | ||
| 134 | .Pp | ||
| 115 | The response returned by the server can be obtained via a call to | 135 | The response returned by the server can be obtained via a call to |
| 116 | .Fn SSL_get_tlsext_status_ocsp_resp . | 136 | .Fn SSL_get_tlsext_status_ocsp_resp . |
| 117 | The value | 137 | The value |
| @@ -155,14 +175,16 @@ The callback when used on the server side should return with either | |||
| 155 | (meaning that a fatal error has occurred). | 175 | (meaning that a fatal error has occurred). |
| 156 | .Pp | 176 | .Pp |
| 157 | .Fn SSL_CTX_set_tlsext_status_cb , | 177 | .Fn SSL_CTX_set_tlsext_status_cb , |
| 178 | .Fn SSL_CTX_get_tlsext_status_cb , | ||
| 158 | .Fn SSL_CTX_set_tlsext_status_arg , | 179 | .Fn SSL_CTX_set_tlsext_status_arg , |
| 180 | .Fn SSL_CTX_get_tlsext_status_arg , | ||
| 159 | .Fn SSL_set_tlsext_status_type , | 181 | .Fn SSL_set_tlsext_status_type , |
| 160 | and | 182 | and |
| 161 | .Fn SSL_set_tlsext_status_ocsp_resp | 183 | .Fn SSL_set_tlsext_status_ocsp_resp |
| 162 | return 0 on error or 1 on success. | 184 | always return 1, indicating success. |
| 163 | .Pp | 185 | .Pp |
| 164 | .Fn SSL_get_tlsext_status_ocsp_resp | 186 | .Fn SSL_get_tlsext_status_ocsp_resp |
| 165 | returns the length of the OCSP response data or -1 if there is no OCSP | 187 | returns the length of the OCSP response data |
| 166 | response data. | 188 | or \-1 if there is no OCSP response data. |
| 167 | .Sh SEE ALSO | 189 | .Sh SEE ALSO |
| 168 | .Xr SSL_CTX_callback_ctrl 3 | 190 | .Xr SSL_CTX_callback_ctrl 3 |