projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Update documentation for the new PSK behaviour
[openssl.git]
/
doc
/
man3
/
SSL_CTX_set_tmp_dh_callback.pod
diff --git
a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod
b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod
index ee62d85445baee849cea5e5207dde8a296c6ffec..a2ac1c0adbbc5a31d799cbb4e9173e358c0ec071 100644
(file)
--- a/
doc/man3/SSL_CTX_set_tmp_dh_callback.pod
+++ b/
doc/man3/SSL_CTX_set_tmp_dh_callback.pod
@@
-9,11
+9,13
@@
SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_se
#include <openssl/ssl.h>
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
#include <openssl/ssl.h>
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
- DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
+ DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+ int keylength));
long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
void SSL_set_tmp_dh_callback(SSL *ctx,
long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
void SSL_set_tmp_dh_callback(SSL *ctx,
- DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
+ DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+ int keylength));
long SSL_set_tmp_dh(SSL *ssl, DH *dh)
=head1 DESCRIPTION
long SSL_set_tmp_dh(SSL *ssl, DH *dh)
=head1 DESCRIPTION
@@
-84,31
+86,27
@@
supply at least 2048-bit parameters in the callback.
Setup DH parameters with a key length of 2048 bits. (Error handling
partly left out.)
Setup DH parameters with a key length of 2048 bits. (Error handling
partly left out.)
- Command-line parameter generation:
+Command-line parameter generation:
+
$ openssl dhparam -out dh_param_2048.pem 2048
$ openssl dhparam -out dh_param_2048.pem 2048
-
Code for setting up parameters during server initialization:
+Code for setting up parameters during server initialization:
- ...
SSL_CTX ctx = SSL_CTX_new();
SSL_CTX ctx = SSL_CTX_new();
- ...
- /* Set up ephemeral DH parameters. */
DH *dh_2048 = NULL;
DH *dh_2048 = NULL;
- FILE *paramfile;
- paramfile = fopen("dh_param_2048.pem", "r");
+ FILE *paramfile
= fopen("dh_param_2048.pem", "r")
;
+
if (paramfile) {
if (paramfile) {
- dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
- fclose(paramfile);
+
dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+
fclose(paramfile);
} else {
} else {
- /* Error. */
- }
- if (dh_2048 == NULL) {
- /* Error. */
- }
- if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {
- /* Error. */
+ /* Error. */
}
}
+ if (dh_2048 == NULL)
+ /* Error. */
+ if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1)
+ /* Error. */
...
=head1 RETURN VALUES
...
=head1 RETURN VALUES