Update per latest manual pages after running 'man-update'.
[dragonfly.git] / secure / lib / libssl / man / SSL_CTX_new.3
CommitLineData
a7d27d5a
JR
1.rn '' }`
2''' $RCSfile$$Revision$$Date$
3'''
4''' $Log$
5'''
6.de Sh
984263bc
MD
7.br
8.if t .Sp
9.ne 5
10.PP
11\fB\\$1\fR
12.PP
13..
a7d27d5a 14.de Sp
984263bc
MD
15.if t .sp .5v
16.if n .sp
17..
a7d27d5a 18.de Ip
984263bc
MD
19.br
20.ie \\n(.$>=3 .ne \\$3
21.el .ne 3
22.IP "\\$1" \\$2
23..
a7d27d5a 24.de Vb
984263bc
MD
25.ft CW
26.nf
27.ne \\$1
28..
a7d27d5a 29.de Ve
984263bc
MD
30.ft R
31
32.fi
33..
a7d27d5a
JR
34'''
35'''
36''' Set up \*(-- to give an unbreakable dash;
37''' string Tr holds user defined translation string.
38''' Bell System Logo is used as a dummy character.
39'''
984263bc 40.tr \(*W-|\(bv\*(Tr
984263bc 41.ie n \{\
a7d27d5a
JR
42.ds -- \(*W-
43.ds PI pi
44.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
45.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
46.ds L" ""
47.ds R" ""
48''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
49''' \*(L" and \*(R", except that they are used on ".xx" lines,
50''' such as .IP and .SH, which do another additional levels of
51''' double-quote interpretation
52.ds M" """
53.ds S" """
54.ds N" """""
55.ds T" """""
56.ds L' '
57.ds R' '
58.ds M' '
59.ds S' '
60.ds N' '
61.ds T' '
984263bc
MD
62'br\}
63.el\{\
a7d27d5a
JR
64.ds -- \(em\|
65.tr \*(Tr
66.ds L" ``
67.ds R" ''
68.ds M" ``
69.ds S" ''
70.ds N" ``
71.ds T" ''
72.ds L' `
73.ds R' '
74.ds M' `
75.ds S' '
76.ds N' `
77.ds T' '
78.ds PI \(*p
984263bc 79'br\}
a7d27d5a
JR
80.\" If the F register is turned on, we'll generate
81.\" index entries out stderr for the following things:
82.\" TH Title
83.\" SH Header
84.\" Sh Subsection
85.\" Ip Item
86.\" X<> Xref (embedded
87.\" Of course, you have to process the output yourself
88.\" in some meaninful fashion.
89.if \nF \{
90.de IX
91.tm Index:\\$1\t\\n%\t"\\$2"
984263bc 92..
a7d27d5a
JR
93.nr % 0
94.rr F
984263bc 95.\}
a7d27d5a
JR
96.TH SSL_CTX_new 3 "0.9.7d" "2/Sep/2004" "OpenSSL"
97.UC
98.if n .hy 0
984263bc 99.if n .na
a7d27d5a
JR
100.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
101.de CQ \" put $1 in typewriter font
102.ft CW
103'if n "\c
104'if t \\&\\$1\c
105'if n \\&\\$1\c
106'if n \&"
107\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
108'.ft R
109..
110.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
111. \" AM - accent mark definitions
984263bc 112.bd B 3
a7d27d5a 113. \" fudge factors for nroff and troff
984263bc 114.if n \{\
a7d27d5a
JR
115. ds #H 0
116. ds #V .8m
117. ds #F .3m
118. ds #[ \f1
119. ds #] \fP
984263bc
MD
120.\}
121.if t \{\
a7d27d5a
JR
122. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
123. ds #V .6m
124. ds #F 0
125. ds #[ \&
126. ds #] \&
984263bc 127.\}
a7d27d5a 128. \" simple accents for nroff and troff
984263bc 129.if n \{\
a7d27d5a
JR
130. ds ' \&
131. ds ` \&
132. ds ^ \&
133. ds , \&
134. ds ~ ~
135. ds ? ?
136. ds ! !
137. ds /
138. ds q
984263bc
MD
139.\}
140.if t \{\
a7d27d5a
JR
141. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
142. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
143. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
144. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
145. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
146. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
147. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
148. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
149. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
984263bc 150.\}
a7d27d5a 151. \" troff and (daisy-wheel) nroff accents
984263bc
MD
152.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
153.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
a7d27d5a
JR
154.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
155.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
156.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
157.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
984263bc
MD
158.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
159.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
160.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
161.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
162.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
163.ds ae a\h'-(\w'a'u*4/10)'e
164.ds Ae A\h'-(\w'A'u*4/10)'E
a7d27d5a
JR
165.ds oe o\h'-(\w'o'u*4/10)'e
166.ds Oe O\h'-(\w'O'u*4/10)'E
167. \" corrections for vroff
984263bc
MD
168.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
169.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
a7d27d5a 170. \" for low resolution devices (crt and lpr)
984263bc
MD
171.if \n(.H>23 .if \n(.V>19 \
172\{\
a7d27d5a
JR
173. ds : e
174. ds 8 ss
175. ds v \h'-1'\o'\(aa\(ga'
176. ds _ \h'-1'^
177. ds . \h'-1'.
178. ds 3 3
179. ds o a
180. ds d- d\h'-1'\(ga
181. ds D- D\h'-1'\(hy
182. ds th \o'bp'
183. ds Th \o'LP'
184. ds ae ae
185. ds Ae AE
186. ds oe oe
187. ds Oe OE
984263bc
MD
188.\}
189.rm #[ #] #H #V #F C
984263bc 190.SH "NAME"
a7d27d5a 191SSL_CTX_new \- create a new SSL_CTX object as framework for TLS/SSL enabled functions
984263bc 192.SH "SYNOPSIS"
a7d27d5a 193.PP
984263bc
MD
194.Vb 1
195\& #include <openssl/ssl.h>
196.Ve
197.Vb 1
198\& SSL_CTX *SSL_CTX_new(SSL_METHOD *method);
199.Ve
200.SH "DESCRIPTION"
a7d27d5a
JR
201\fISSL_CTX_new()\fR creates a new \fBSSL_CTX\fR object as framework to establish
202TLS/SSL enabled connections.
984263bc 203.SH "NOTES"
a7d27d5a 204The SSL_CTX object uses \fBmethod\fR as connection method. The methods exist
984263bc
MD
205in a generic type (for client and server use), a server only type, and a
206client only type. \fBmethod\fR can be of the following types:
207.Ip "SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)" 4
984263bc
MD
208A \s-1TLS/SSL\s0 connection established with these methods will only understand
209the SSLv2 protocol. A client will send out SSLv2 client hello messages
210and will also indicate that it only understand SSLv2. A server will only
211understand SSLv2 client hello messages.
212.Ip "SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)" 4
984263bc
MD
213A \s-1TLS/SSL\s0 connection established with these methods will only understand the
214SSLv3 protocol. A client will send out SSLv3 client hello messages
215and will indicate that it only understands SSLv3. A server will only understand
216SSLv3 client hello messages. This especially means, that it will
217not understand SSLv2 client hello messages which are widely used for
218compatibility reasons, see SSLv23_*\fI_method()\fR.
219.Ip "TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void)" 4
984263bc
MD
220A \s-1TLS/SSL\s0 connection established with these methods will only understand the
221TLSv1 protocol. A client will send out TLSv1 client hello messages
222and will indicate that it only understands TLSv1. A server will only understand
223TLSv1 client hello messages. This especially means, that it will
224not understand SSLv2 client hello messages which are widely used for
225compatibility reasons, see SSLv23_*\fI_method()\fR. It will also not understand
226SSLv3 client hello messages.
227.Ip "SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)" 4
984263bc
MD
228A \s-1TLS/SSL\s0 connection established with these methods will understand the SSLv2,
229SSLv3, and TLSv1 protocol. A client will send out SSLv2 client hello messages
230and will indicate that it also understands SSLv3 and TLSv1. A server will
231understand SSLv2, SSLv3, and TLSv1 client hello messages. This is the best
232choice when compatibility is a concern.
233.PP
234The list of protocols available can later be limited using the SSL_OP_NO_SSLv2,
a7d27d5a
JR
235SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1 options of the \fBSSL_CTX_set_options()\fR or
236\fBSSL_set_options()\fR functions. Using these options it is possible to choose
984263bc
MD
237e.g. \fISSLv23_server_method()\fR and be able to negotiate with all possible
238clients, but to only allow newer protocols like SSLv3 or TLSv1.
239.PP
a7d27d5a 240\fISSL_CTX_new()\fR initializes the list of ciphers, the session cache setting,
984263bc
MD
241the callbacks, the keys and certificates, and the options to its default
242values.
243.SH "RETURN VALUES"
984263bc
MD
244The following return values can occur:
245.Ip "\s-1NULL\s0" 4
984263bc
MD
246The creation of a new \s-1SSL_CTX\s0 object failed. Check the error stack to
247find out the reason.
248.Ip "Pointer to an \s-1SSL_CTX\s0 object" 4
984263bc
MD
249The return value points to an allocated \s-1SSL_CTX\s0 object.
250.SH "SEE ALSO"
984263bc
MD
251SSL_CTX_free(3), SSL_accept(3),
252ssl(3), SSL_set_connect_state(3)
a7d27d5a
JR
253
254.rn }` ''
255.IX Title "SSL_CTX_new 3"
256.IX Name "SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions"
257
258.IX Header "NAME"
259
260.IX Header "SYNOPSIS"
261
262.IX Header "DESCRIPTION"
263
264.IX Header "NOTES"
265
266.IX Item "SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)"
267
268.IX Item "SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)"
269
270.IX Item "TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void)"
271
272.IX Item "SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)"
273
274.IX Header "RETURN VALUES"
275
276.IX Item "\s-1NULL\s0"
277
278.IX Item "Pointer to an \s-1SSL_CTX\s0 object"
279
280.IX Header "SEE ALSO"
281