Home Explore Help
Register Sign In
Apq
/
winscp
mirror of https://github.com/winscp/winscp.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: efa8db8eec
Branches Tags
winscp
/
libs
/
openssl
/
doc
/
man3
/
SSL_set_session_secret_cb.pod

SSL_set_session_secret_cb.pod 2.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. SSL_set_session_secret_cb, tls_session_secret_cb_fn
    6. 

  6. - set the session secret callback
    7. 

  7. 

  8. =head1 SYNOPSIS
    9. 

  9. 

  10.  #include <openssl/ssl.h>
    11. 

  11. 

  12.  typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
    13. 

  13.                                          STACK_OF(SSL_CIPHER) *peer_ciphers,
    14. 

  14.                                          const SSL_CIPHER **cipher, void *arg);
    15. 

  15. 

  16.  int SSL_set_session_secret_cb(SSL *s,
    17. 

  17.                                tls_session_secret_cb_fn session_secret_cb,
    18. 

  18.                                void *arg);
    19. 

  19. 

  20. =head1 DESCRIPTION
    21. 

  21. 

  22. SSL_set_session_secret_cb() sets the session secret callback to be used
    23. 

  23. (I<session_secret_cb>), and an optional argument (I<arg>) to be passed to that
    24. 

  24. callback when it is called. This is only useful for an implementation of
    25. 

  25. EAP-FAST (RFC4851). The presence of the callback also modifies the internal
    26. 

  26. OpenSSL TLS state machine to match the modified TLS behaviour as described in
    27. 

  27. RFC4851. Therefore this callback should not be used except when implementing
    28. 

  28. EAP-FAST.
    29. 

  29. 

  30. The callback is expected to set the master secret to be used by filling in the
    31. 

  31. data pointed to by I<*secret>. The size of the secret buffer is initially
    32. 

  32. available in I<*secret_len> and may be updated by the callback (but must not be
    33. 

  33. larger than the initial value).
    34. 

  34. 

  35. On the server side the set of ciphersuites offered by the peer is provided in
    36. 

  36. the I<peer_ciphers> stack. Optionally the callback may select the preferred
    37. 

  37. ciphersuite by setting it in I<*cipher>.
    38. 

  38. 

  39. On the client side the I<peer_ciphers> stack will always be NULL. The callback
    40. 

  40. may specify the preferred cipher in I<*cipher> and this will be associated with
    41. 

  41. the B<SSL_SESSION> - but it does not affect the ciphersuite selected by the
    42. 

  42. server.
    43. 

  43. 

  44. The callback is also supplied with an additional argument in I<arg> which is the
    45. 

  45. argument that was provided to the original SSL_set_session_secret_cb() call.
    46. 

  46. 

  47. =head1 RETURN VALUES
    48. 

  48. 

  49. SSL_set_session_secret_cb() returns 1 on success and 0 on failure.
    50. 

  50. 

  51. If the callback returns 1 then this indicates it has successfully set the
    52. 

  52. secret. A return value of 0 indicates that the secret has not been set. On the
    53. 

  53. client this will cause an immediate abort of the handshake.
    54. 

  54. 

  55. =head1 SEE ALSO
    56. 

  56. 

  57. L<ssl(7)>,
    58. 

  58. L<SSL_get_session(3)>
    59. 

  59. 

  60. =head1 COPYRIGHT
    61. 

  61. 

  62. Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
    63. 

  63. 

  64. Licensed under the Apache License 2.0 (the "License").  You may not use
    65. 

  65. this file except in compliance with the License.  You can obtain a copy
    66. 

  66. in the file LICENSE in the source distribution or at
    67. 

  67. L<https://www.openssl.org/source/license.html>.
    68. 

  68. 

  69. =cut
    70.