| 1 | =pod
|
|---|
| 2 |
|
|---|
| 3 | =head1 NAME
|
|---|
| 4 |
|
|---|
| 5 | SSL_set_connect_state, SSL_set_accept_state, SSL_is_server
|
|---|
| 6 | - functions for manipulating and examining the client or server mode of an SSL object
|
|---|
| 7 |
|
|---|
| 8 | =head1 SYNOPSIS
|
|---|
| 9 |
|
|---|
| 10 | #include <openssl/ssl.h>
|
|---|
| 11 |
|
|---|
| 12 | void SSL_set_connect_state(SSL *ssl);
|
|---|
| 13 |
|
|---|
| 14 | void SSL_set_accept_state(SSL *ssl);
|
|---|
| 15 |
|
|---|
| 16 | int SSL_is_server(const SSL *ssl);
|
|---|
| 17 |
|
|---|
| 18 | =head1 DESCRIPTION
|
|---|
| 19 |
|
|---|
| 20 | SSL_set_connect_state() sets B<ssl> to work in client mode.
|
|---|
| 21 |
|
|---|
| 22 | SSL_set_accept_state() sets B<ssl> to work in server mode.
|
|---|
| 23 |
|
|---|
| 24 | SSL_is_server() checks if B<ssl> is working in server mode.
|
|---|
| 25 |
|
|---|
| 26 | =head1 NOTES
|
|---|
| 27 |
|
|---|
| 28 | When the SSL_CTX object was created with L<SSL_CTX_new(3)>,
|
|---|
| 29 | it was either assigned a dedicated client method, a dedicated server
|
|---|
| 30 | method, or a generic method, that can be used for both client and
|
|---|
| 31 | server connections. (The method might have been changed with
|
|---|
| 32 | L<SSL_CTX_set_ssl_version(3)> or
|
|---|
| 33 | L<SSL_set_ssl_method(3)>.)
|
|---|
| 34 |
|
|---|
| 35 | When beginning a new handshake, the SSL engine must know whether it must
|
|---|
| 36 | call the connect (client) or accept (server) routines. Even though it may
|
|---|
| 37 | be clear from the method chosen, whether client or server mode was
|
|---|
| 38 | requested, the handshake routines must be explicitly set.
|
|---|
| 39 |
|
|---|
| 40 | When using the L<SSL_connect(3)> or
|
|---|
| 41 | L<SSL_accept(3)> routines, the correct handshake
|
|---|
| 42 | routines are automatically set. When performing a transparent negotiation
|
|---|
| 43 | using L<SSL_write_ex(3)>, L<SSL_write(3)>, L<SSL_read_ex(3)>, or L<SSL_read(3)>,
|
|---|
| 44 | the handshake routines must be explicitly set in advance using either
|
|---|
| 45 | SSL_set_connect_state() or SSL_set_accept_state().
|
|---|
| 46 |
|
|---|
| 47 | If SSL_is_server() is called before SSL_set_connect_state() or
|
|---|
| 48 | SSL_set_accept_state() is called (either automatically or explicitly),
|
|---|
| 49 | the result depends on what method was used when SSL_CTX was created with
|
|---|
| 50 | L<SSL_CTX_new(3)>. If a generic method or a dedicated server method was
|
|---|
| 51 | passed to L<SSL_CTX_new(3)>, SSL_is_server() returns 1; otherwise, it returns 0.
|
|---|
| 52 |
|
|---|
| 53 | =head1 RETURN VALUES
|
|---|
| 54 |
|
|---|
| 55 | SSL_set_connect_state() and SSL_set_accept_state() do not return diagnostic
|
|---|
| 56 | information.
|
|---|
| 57 |
|
|---|
| 58 | SSL_is_server() returns 1 if B<ssl> is working in server mode or 0 for client mode.
|
|---|
| 59 |
|
|---|
| 60 | =head1 SEE ALSO
|
|---|
| 61 |
|
|---|
| 62 | L<ssl(7)>, L<SSL_new(3)>, L<SSL_CTX_new(3)>,
|
|---|
| 63 | L<SSL_connect(3)>, L<SSL_accept(3)>,
|
|---|
| 64 | L<SSL_write_ex(3)>, L<SSL_write(3)>, L<SSL_read_ex(3)>, L<SSL_read(3)>,
|
|---|
| 65 | L<SSL_do_handshake(3)>,
|
|---|
| 66 | L<SSL_CTX_set_ssl_version(3)>
|
|---|
| 67 |
|
|---|
| 68 | =head1 COPYRIGHT
|
|---|
| 69 |
|
|---|
| 70 | Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
|
|---|
| 71 |
|
|---|
| 72 | Licensed under the OpenSSL license (the "License"). You may not use
|
|---|
| 73 | this file except in compliance with the License. You can obtain a copy
|
|---|
| 74 | in the file LICENSE in the source distribution or at
|
|---|
| 75 | L<https://www.openssl.org/source/license.html>.
|
|---|
| 76 |
|
|---|
| 77 | =cut
|
|---|
