SSL_CTX_new man page on MirBSD

Man page or keyword search:  
man Server   6113 pages
apropos Keyword Search (all sections)
Output format
MirBSD logo
[printable version]



SSL_CTX_NEW(3)		     OpenSSL		   SSL_CTX_NEW(3)

NAME
     SSL_CTX_new - create a new SSL_CTX object as framework for
     TLS/SSL enabled functions

SYNOPSIS
      #include <openssl/ssl.h>

      SSL_CTX *SSL_CTX_new(SSL_METHOD *method);

DESCRIPTION
     SSL_CTX_new() creates a new SSL_CTX object as framework to
     establish TLS/SSL enabled connections.

NOTES
     The SSL_CTX object uses method as connection method. The
     methods exist in a generic type (for client and server use),
     a server only type, and a client only type. method can be of
     the following types:

SSLv2_client_method(void)
     SSLv2_method(void), SSLv2_server_method(void),
	 A TLS/SSL connection established with these methods will
	 only understand the SSLv2 protocol. A client will send
	 out SSLv2 client hello messages and will also indicate
	 that it only understand SSLv2. A server will only under-
	 stand SSLv2 client hello messages.

SSLv3_client_method(void)
     SSLv3_method(void), SSLv3_server_method(void),
	 A TLS/SSL connection established with these methods will
	 only understand the SSLv3 protocol. A client will send
	 out SSLv3 client hello messages and will indicate that
	 it only understands SSLv3. A server will only understand
	 SSLv3 client hello messages. This especially means, that
	 it will not understand SSLv2 client hello messages which
	 are widely used for compatibility reasons, see
	 SSLv23_*_method().

TLSv1_client_method(void)
     TLSv1_method(void), TLSv1_server_method(void),
	 A TLS/SSL connection established with these methods will
	 only understand the TLSv1 protocol. A client will send
	 out TLSv1 client hello messages and will indicate that
	 it only understands TLSv1. A server will only understand
	 TLSv1 client hello messages. This especially means, that
	 it will not understand SSLv2 client hello messages which
	 are widely used for compatibility reasons, see
	 SSLv23_*_method(). It will also not understand SSLv3
	 client hello messages.

SSLv23_client_method(void)
     SSLv23_method(void), SSLv23_server_method(void),

MirOS BSD #10-current	   2005-02-05				1

SSL_CTX_NEW(3)		     OpenSSL		   SSL_CTX_NEW(3)

	 A TLS/SSL connection established with these methods will
	 understand the SSLv2, SSLv3, and TLSv1 protocol. A
	 client will send out SSLv2 client hello messages and
	 will indicate that it also understands SSLv3 and TLSv1.
	 A server will understand SSLv2, SSLv3, and TLSv1 client
	 hello messages. This is the best choice when compatibil-
	 ity is a concern.

     The list of protocols available can later be limited using
     the SSL_OP_NO_SSLv2, SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1
     options of the SSL_CTX_set_options() or SSL_set_options()
     functions. Using these options it is possible to choose e.g.
     SSLv23_server_method() and be able to negotiate with all
     possible clients, but to only allow newer protocols like
     SSLv3 or TLSv1.

     SSL_CTX_new() initializes the list of ciphers, the session
     cache setting, the callbacks, the keys and certificates, and
     the options to its default values.

RETURN VALUES
     The following return values can occur:

     NULL
	 The creation of a new SSL_CTX object failed. Check the
	 error stack to find out the reason.

     Pointer to an SSL_CTX object
	 The return value points to an allocated SSL_CTX object.

SEE ALSO
     SSL_CTX_free(3), SSL_accept(3), ssl(3),
     SSL_set_connect_state(3)

MirOS BSD #10-current	   2005-02-05				2

[top]

List of man pages available for MirBSD

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net