Add SSL_CTX_set_tmp_ecdh.pod

[openssl.git] / doc / man7 / ssl.pod

diff --git a/doc/man7/ssl.pod b/doc/man7/ssl.pod
index 63b47baa16988f3991da4bf15e3a3901e6906236..1695f7ea19d9a656001d9b604b8a693f9f581546 100644 (file)
--- a/doc/man7/ssl.pod
+++ b/doc/man7/ssl.pod
@@ -89,12 +89,6 @@ includes both more private SSL headers and headers from the B<crypto> library.
 Whenever you need hard-core details on the internals of the SSL API, look
 inside this header file.
 
-OPENSSL_VERSION_AT_LEAST(major,minor) can be
-used in C<#if> statements in order to determine which version of the library is
-being used. This can be used to either enable optional features at compile
-time, or work around issues with a previous version.
-See L<OPENSSL_VERSION_NUMBER(3)>.
-
 =item B<ssl2.h>
 
 Unused. Present for backwards compatibility only.
@@ -134,10 +128,12 @@ See L<SSL_CTX_new(3)> for details.
 =item const SSL_METHOD *B<TLS_client_method>(void);
 
 Constructor for the I<version-flexible> SSL_METHOD structure for clients.
+Must be used to support the TLSv1.3 protocol.
 
 =item const SSL_METHOD *B<TLS_server_method>(void);
 
 Constructor for the I<version-flexible> SSL_METHOD structure for servers.
+Must be used to support the TLSv1.3 protocol.
 
 =item const SSL_METHOD *B<TLSv1_2_method>(void);
 
@@ -258,6 +254,10 @@ protocol context defined in the B<SSL_CTX> structure.
 
 =item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
 
+=item long B<SSL_CTX_get_extra_chain_certs>(SSL_CTX *ctx, STACK_OF(X509) **sk);
+
+=item long B<SSL_CTX_get_extra_chain_certs_only>(SSL_CTX *ctx, STACK_OF(X509) **sk);
+
 =item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);
 
 =item int B<SSL_CTX_get_quiet_shutdown>(const SSL_CTX *ctx);
@@ -383,6 +383,8 @@ Use the file path to locate trusted CA certificates.
 
 =item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void));
 
+=item long B<SSL_CTX_set_tmp_ecdh>(SSL_CTX* ctx, const EC_KEY *ecdh);
+
 =item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void))
 
 =item int B<SSL_CTX_use_PrivateKey>(SSL_CTX *ctx, EVP_PKEY *pkey);
@@ -403,6 +405,8 @@ Use the file path to locate trusted CA certificates.
 
 =item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, const char *file, int type);
 
+=item int B<SSL_CTX_use_cert_and_key>(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+
 =item X509 *B<SSL_CTX_get0_certificate>(const SSL_CTX *ctx);
 
 =item EVP_PKEY *B<SSL_CTX_get0_privatekey>(const SSL_CTX *ctx);
@@ -574,7 +578,7 @@ fresh handle for each connection.
 
 =item SSL_SESSION *B<SSL_get_session>(const SSL *ssl);
 
-=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len);
+=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int size);
 
 =item int B<SSL_get_shutdown>(const SSL *ssl);
 
@@ -676,6 +680,12 @@ fresh handle for each connection.
 
 =item void B<SSL_set_timeout>(SSL *ssl, long t);
 
+=item long B<SSL_set_tmp_dh>(SSL *ssl, DH *dh);
+
+=item long B<SSL_set_tmp_dh_callback>(SSL *ssl, DH *(*cb)(void));
+
+=item long B<SSL_set_tmp_ecdh>(SSL *ssl, const EC_KEY *ecdh);
+
 =item void B<SSL_set_verify>(SSL *ssl, int mode, int (*callback);(void))
 
 =item void B<SSL_set_verify_result>(SSL *ssl, long arg);
@@ -712,6 +722,8 @@ Returns the current handshake state.
 
 =item int B<SSL_use_certificate_file>(SSL *ssl, const char *file, int type);
 
+=item int B<SSL_use_cert_and_key>(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+
 =item int B<SSL_version>(const SSL *ssl);
 
 =item int B<SSL_want>(const SSL *ssl);
@@ -781,6 +793,7 @@ L<SSL_CTX_set_session_id_context(3)>,
 L<SSL_CTX_set_ssl_version(3)>,
 L<SSL_CTX_set_timeout(3)>,
 L<SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_CTX_set_tmp_ecdh(3)>,
 L<SSL_CTX_set_verify(3)>,
 L<SSL_CTX_use_certificate(3)>,
 L<SSL_alert_type_string(3)>,