SSL_CTX_SET_SSL_VERSION

Section: OpenSSL (3SSL)
Updated: 2024-03-03
Index Return to Main Contents
 

NAME

SSL_CTX_set_ssl_version, SSL_CTX_get_ssl_method, SSL_set_ssl_method, SSL_get_ssl_method - choose a new TLS/SSL method  

SYNOPSIS

 #include <openssl/ssl.h>

 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
 const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx);

 int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
 const SSL_METHOD *SSL_get_ssl_method(const SSL *ssl);
 

DESCRIPTION

SSL_CTX_set_ssl_version() sets a new default TLS/SSL method for SSL objects newly created from this ctx. Most of the configuration attached to the SSL_CTX object is retained, with the exception of the configured TLS ciphers, which are reset to the default values. SSL objects already created from this SSL_CTX with SSL_new(3) are not affected, except when SSL_clear(3) is being called, as described below.

SSL_CTX_get_ssl_method() returns the SSL_METHOD which was used to construct the SSL_CTX.

SSL_set_ssl_method() sets a new TLS/SSL method for a particular ssl object. It may be reset, when SSL_clear() is called.

SSL_get_ssl_method() returns a pointer to the TLS/SSL method set in ssl.  

NOTES

The available method choices are described in SSL_CTX_new(3).

When SSL_clear(3) is called and no session is connected to an SSL object, the method of the SSL object is reset to the method currently set in the corresponding SSL_CTX object.

SSL_CTX_set_version() has unusual semantics and no clear use case; it would usually be preferable to create a new SSL_CTX object than to try to reuse an existing one in this fashion. Its usage is considered deprecated.  

RETURN VALUES

The following return values can occur for SSL_CTX_set_ssl_version() and SSL_set_ssl_method():
0
The new choice failed, check the error stack to find out the reason.
1
The operation succeeded.

SSL_CTX_get_ssl_method() and SSL_get_ssl_method() always return non-NULL pointers.  

SEE ALSO

SSL_CTX_new(3), SSL_new(3), SSL_clear(3), ssl(7), SSL_set_connect_state(3)  

HISTORY

SSL_CTX_set_ssl_version() was deprecated in OpenSSL 3.0.  

COPYRIGHT

Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the ``License''). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.

 

Index

NAME
SYNOPSIS
DESCRIPTION
NOTES
RETURN VALUES
SEE ALSO
HISTORY
COPYRIGHT
This document was created by man2html, using the manual pages.
Time: 09:20:47 GMT, May 19, 2024