SSL_CONF additions.

[openssl.git] / doc / ssl / ssl.pod

diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod
index 6d3ee24e4e4766fe7cd3536c00ac97ab679c92fd..a094356131d85c65be760066a8c7b4f589416954 100644 (file)
--- a/doc/ssl/ssl.pod
+++ b/doc/ssl/ssl.pod
@@ -45,8 +45,8 @@ structures:
 =item B<SSL_METHOD> (SSL Method)
 
 That's a dispatch structure describing the internal B<ssl> library
-methods/functions which implement the various protocol versions (SSLv1, SSLv2
-and TLSv1). It's needed to create an B<SSL_CTX>.
+methods/functions which implement the various protocol versions (SSLv3
+TLSv1, ...). It's needed to create an B<SSL_CTX>.
 
 =item B<SSL_CIPHER> (SSL Cipher)
 
@@ -103,13 +103,6 @@ That's the sub header file dealing with the SSLv3 protocol only.
 I<Usually you don't have to include it explicitly because
 it's already included by ssl.h>.
 
-=item B<ssl23.h>
-
-That's the sub header file dealing with the combined use of the SSLv2 and
-SSLv3 protocols.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
 =item B<tls1.h>
 
 That's the sub header file dealing with the TLSv1 protocol only.
@@ -130,18 +123,6 @@ protocol methods defined in B<SSL_METHOD> structures.
 
 =over 4
 
-=item const SSL_METHOD *B<SSLv2_client_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
-
-=item const SSL_METHOD *B<SSLv2_server_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
-
-=item const SSL_METHOD *B<SSLv2_method>(void);
-
-Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
-
 =item const SSL_METHOD *B<SSLv3_client_method>(void);
 
 Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
@@ -189,7 +170,7 @@ I<alg_bits>) and the bits which are actually used (the return value).
 =item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher);
 
 Return the internal name of I<cipher> as a string. These are the various
-strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
+strings defined by the I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
 definitions in the header files.
 
 =item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher);
@@ -229,6 +210,8 @@ protocol context defined in the B<SSL_CTX> structure.
 
 =item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
 
+=item void B<SSL_CTX_get_default_read_ahead>(SSL_CTX *ctx);
+
 =item char *B<SSL_CTX_get_ex_data>(const SSL_CTX *s, int idx);
 
 =item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
@@ -237,6 +220,8 @@ protocol context defined in the B<SSL_CTX> structure.
 
 =item int B<SSL_CTX_get_quiet_shutdown>(const SSL_CTX *ctx);
 
+=item void B<SSL_CTX_get_read_ahead>(SSL_CTX *ctx);
+
 =item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx);
 
 =item long B<SSL_CTX_get_timeout>(const SSL_CTX *ctx);
@@ -325,6 +310,8 @@ protocol context defined in the B<SSL_CTX> structure.
 
 =item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode);
 
+=item void B<SSL_CTX_set_read_ahead>(SSL_CTX *ctx, int m);
+
 =item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
 
 =item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, const SSL_METHOD *meth);
@@ -374,6 +361,10 @@ session instead of a context.
 
 =item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type);
 
+=item X509 *B<SSL_CTX_get0_certificate>(const SSL_CTX *ctx);
+
+=item EVP_PKEY *B<SSL_CTX_get0_privatekey>(const SSL_CTX *ctx);
+
 =item void B<SSL_CTX_set_psk_client_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
 
 =item int B<SSL_CTX_use_psk_identity_hint>(SSL_CTX *ctx, const char *hint);
@@ -455,7 +446,10 @@ connection defined in the B<SSL> structure.
 
 =item int B<SSL_connect>(SSL *ssl);
 
-=item void B<SSL_copy_session_id>(SSL *t, const SSL *f);
+=item int B<SSL_copy_session_id>(SSL *t, const SSL *f);
+
+Sets the session details for B<t> to be the same as in B<f>. Returns 1 on
+success or 0 on failure.
 
 =item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg);
 
@@ -507,7 +501,7 @@ connection defined in the B<SSL> structure.
 
 =item X509 *B<SSL_get_peer_certificate>(const SSL *ssl);
 
-=item EVP_PKEY *B<SSL_get_privatekey>(SSL *ssl);
+=item EVP_PKEY *B<SSL_get_privatekey>(const SSL *ssl);
 
 =item int B<SSL_get_quiet_shutdown>(const SSL *ssl);
 
@@ -703,6 +697,7 @@ L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>,
 L<SSL_CTX_set_msg_callback(3)|SSL_CTX_set_msg_callback(3)>,
 L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
 L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
+L<SSL_CTX_set_read_ahead(3)|SSL_CTX_set_read_ahead(3)>,
 L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
 L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
 L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>,
@@ -754,5 +749,11 @@ L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)>
 
 The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2
 
+B<SSLv2_client_method>, B<SSLv2_server_method> and B<SSLv2_method> where removed
+in OpenSSL 1.1.0.
+
+The return type of B<SSL_copy_session_id> was changed from void to int in
+OpenSSL 1.1.0.
+
 =cut