Issue #719:

[openssl.git] / doc / ssl / SSL_CTX_use_serverinfo.pod

=pod

=head1 NAME

SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file - use serverinfo extension

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
                            size_t serverinfo_length);

 int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);

=head1 DESCRIPTION

These functions load "serverinfo" TLS ServerHello Extensions into the SSL_CTX.
A "serverinfo" extension is returned in response to an empty ClientHello
Extension.

SSL_CTX_use_serverinfo() loads one or more serverinfo extensions from
a byte array into B<ctx>.  The extensions must be concatenated into a 
sequence of bytes.  Each extension must consist of a 2-byte Extension Type, 
a 2-byte length, and then length bytes of extension_data.

SSL_CTX_use_serverinfo_file() loads one or more serverinfo extensions from
B<file> into B<ctx>.  The extensions must be in PEM format.  Each extension
must consist of a 2-byte Extension Type, a 2-byte length, and then length
bytes of extension_data.  Each PEM extension name must begin with the phrase
"BEGIN SERVERINFO FOR ".

If more than one certificate (RSA/DSA) is installed using
SSL_CTX_use_certificate(), the serverinfo extension will be loaded into the
last certificate installed.  If e.g. the last item was a RSA certificate, the
loaded serverinfo extension data will be loaded for that certificate.  To
use the serverinfo extension for multiple certificates,
SSL_CTX_use_serverinfo() needs to be called multiple times, once B<after>
each time a certificate is loaded.

=head1 NOTES

=head1 RETURN VALUES

On success, the functions return 1.
On failure, the functions return 0.  Check out the error stack to find out
the reason.

=head1 SEE ALSO

=head1 HISTORY


=cut