Home Man
Today's Posts

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:
Select Section of Man Page:
Select Man Page Repository:

CentOS 7.0 - man page for ssl_ctx_set_mode (centos section 3)

SSL_CTX_set_mode(3)			     OpenSSL			      SSL_CTX_set_mode(3)

       SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine

	#include <openssl/ssl.h>

	long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
	long SSL_set_mode(SSL *ssl, long mode);

	long SSL_CTX_get_mode(SSL_CTX *ctx);
	long SSL_get_mode(SSL *ssl);

       SSL_CTX_set_mode() adds the mode set via bitmask in mode to ctx.  Options already set
       before are not cleared.

       SSL_set_mode() adds the mode set via bitmask in mode to ssl.  Options already set before
       are not cleared.

       SSL_CTX_get_mode() returns the mode set for ctx.

       SSL_get_mode() returns the mode set for ssl.

       The following mode changes are available:

	   Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success when just a
	   single record has been written). When not set (the default), SSL_write() will only
	   report success once the complete chunk was written.	Once SSL_write() returns with r,
	   r bytes have been successfully written and the next call to SSL_write() must only send
	   the n-r bytes left, imitating the behaviour of write().

	   Make it possible to retry SSL_write() with changed buffer location (the buffer
	   contents must stay the same). This is not the default to avoid the misconception that
	   non-blocking SSL_write() behaves like non-blocking write().

	   Never bother the application with retries if the transport is blocking.  If a
	   renegotiation take place during normal operation, a SSL_read(3) or SSL_write(3) would
	   return with -1 and indicate the need to retry with SSL_ERROR_WANT_READ.  In a non-
	   blocking environment applications must be prepared to handle incomplete read/write
	   operations.	In a blocking environment, applications are not always prepared to deal
	   with read/write operations returning without success report. The flag
	   SSL_MODE_AUTO_RETRY will cause read/write operations to only return after the
	   handshake and successful completion.

	   When we no longer need a read buffer or a write buffer for a given SSL, then release
	   the memory we were using to hold it.  Released memory is either appended to a list of
	   unused RAM chunks on the SSL_CTX, or simply freed if the list of unused chunks would
	   become longer than SSL_CTX->freelist_max_len, which defaults to 32.	Using this flag
	   can save around 34k per idle SSL connection.  This flag has no effect on SSL v2
	   connections, or on DTLS connections.

       SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask after adding mode.

       SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.

       ssl(3), SSL_read(3), SSL_write(3)

       SSL_MODE_AUTO_RETRY as been added in OpenSSL 0.9.6.

1.0.1e					    2013-02-11			      SSL_CTX_set_mode(3)

All times are GMT -4. The time now is 11:12 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
Show Password