=head1 NAME
TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method,
-SSL_CTX_new, SSL_CTX_new_with_libctx, SSL_CTX_up_ref, SSLv3_method,
+SSL_CTX_new, SSL_CTX_new_ex, SSL_CTX_up_ref, SSLv3_method,
SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method,
TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method,
TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method,
#include <openssl/ssl.h>
- SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
- const SSL_METHOD *method);
+ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq,
+ const SSL_METHOD *method);
SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
int SSL_CTX_up_ref(SSL_CTX *ctx);
=head1 DESCRIPTION
-SSL_CTX_new_with_libctx() creates a new B<SSL_CTX> object as a framework to
-establish TLS/SSL or DTLS enabled connections using the library context
-I<libctx> (see L<OPENSSL_CTX(3)>). Any cryptographic algorithms that are used
-by any B<SSL> objects created from this B<SSL_CTX> will be fetched from the
-I<libctx> using the property query string I<propq> (see
+SSL_CTX_new_ex() creates a new B<SSL_CTX> object, which holds various
+configuration and data relevant to TLS/SSL or DTLS session establishment. The
+library context I<libctx> (see L<OSSL_LIB_CTX(3)>) is used to provide the
+cryptographic algorithms needed for the session. Any cryptographic algorithms
+that are used by any B<SSL> objects created from this B<SSL_CTX> will be fetched
+from the I<libctx> using the property query string I<propq> (see
L<provider(7)/Fetching algorithms>. Either or both the I<libctx> or I<propq>
parameters may be NULL.
-SSL_CTX_new() does the same as SSL_CTX_new_with_libctx() except that the default
+SSL_CTX_new() does the same as SSL_CTX_new_ex() except that the default
library context is used and no property query string is specified.
An B<SSL_CTX> object is reference counted. Creating an B<SSL_CTX> object for the
or resources allocated to the B<SSL_CTX> object are freed. SSL_CTX_up_ref()
increments the reference count for an existing B<SSL_CTX> structure.
+An B<SSL_CTX> object should not be changed after it is used to create any B<SSL>
+objects or from multiple threads concurrently, since the implementation does not
+provide serialization of access for these cases.
+
=head1 NOTES
The SSL_CTX object uses I<method> as the connection method.
All version-specific methods were deprecated in OpenSSL 1.1.0.
-SSL_CTX_new_with_libctx() was added in OpenSSL 3.0.
+SSL_CTX_new_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT
-Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy