#ifndef OPENSSL_NO_QUIC
if (isquic) {
sbio = BIO_new_dgram(sock, BIO_NOCLOSE);
- if (!SSL_set_initial_peer_addr(con, peer_addr)) {
+ if (!SSL_set1_initial_peer_addr(con, peer_addr)) {
BIO_printf(bio_err, "Failed to set the initial peer address\n");
goto shut;
}
goto end;
}
- if (!SSL_set_initial_peer_addr(ssl, peer_addr)) {
+ if (!SSL_set1_initial_peer_addr(ssl, peer_addr)) {
printf("Failed to set the initial peer address\n");
goto end;
}
GENERATE[html/man3/SSL_set1_host.html]=man3/SSL_set1_host.pod
DEPEND[man/man3/SSL_set1_host.3]=man3/SSL_set1_host.pod
GENERATE[man/man3/SSL_set1_host.3]=man3/SSL_set1_host.pod
+DEPEND[html/man3/SSL_set1_initial_peer_addr.html]=man3/SSL_set1_initial_peer_addr.pod
+GENERATE[html/man3/SSL_set1_initial_peer_addr.html]=man3/SSL_set1_initial_peer_addr.pod
+DEPEND[man/man3/SSL_set1_initial_peer_addr.3]=man3/SSL_set1_initial_peer_addr.pod
+GENERATE[man/man3/SSL_set1_initial_peer_addr.3]=man3/SSL_set1_initial_peer_addr.pod
DEPEND[html/man3/SSL_set1_server_cert_type.html]=man3/SSL_set1_server_cert_type.pod
GENERATE[html/man3/SSL_set1_server_cert_type.html]=man3/SSL_set1_server_cert_type.pod
DEPEND[man/man3/SSL_set1_server_cert_type.3]=man3/SSL_set1_server_cert_type.pod
GENERATE[html/man3/SSL_set_incoming_stream_policy.html]=man3/SSL_set_incoming_stream_policy.pod
DEPEND[man/man3/SSL_set_incoming_stream_policy.3]=man3/SSL_set_incoming_stream_policy.pod
GENERATE[man/man3/SSL_set_incoming_stream_policy.3]=man3/SSL_set_incoming_stream_policy.pod
-DEPEND[html/man3/SSL_set_initial_peer_addr.html]=man3/SSL_set_initial_peer_addr.pod
-GENERATE[html/man3/SSL_set_initial_peer_addr.html]=man3/SSL_set_initial_peer_addr.pod
-DEPEND[man/man3/SSL_set_initial_peer_addr.3]=man3/SSL_set_initial_peer_addr.pod
-GENERATE[man/man3/SSL_set_initial_peer_addr.3]=man3/SSL_set_initial_peer_addr.pod
DEPEND[html/man3/SSL_set_retry_verify.html]=man3/SSL_set_retry_verify.pod
GENERATE[html/man3/SSL_set_retry_verify.html]=man3/SSL_set_retry_verify.pod
DEPEND[man/man3/SSL_set_retry_verify.3]=man3/SSL_set_retry_verify.pod
html/man3/SSL_rstate_string.html \
html/man3/SSL_session_reused.html \
html/man3/SSL_set1_host.html \
+html/man3/SSL_set1_initial_peer_addr.html \
html/man3/SSL_set1_server_cert_type.html \
html/man3/SSL_set_async_callback.html \
html/man3/SSL_set_bio.html \
html/man3/SSL_set_default_stream_mode.html \
html/man3/SSL_set_fd.html \
html/man3/SSL_set_incoming_stream_policy.html \
-html/man3/SSL_set_initial_peer_addr.html \
html/man3/SSL_set_retry_verify.html \
html/man3/SSL_set_session.html \
html/man3/SSL_set_shutdown.html \
man/man3/SSL_rstate_string.3 \
man/man3/SSL_session_reused.3 \
man/man3/SSL_set1_host.3 \
+man/man3/SSL_set1_initial_peer_addr.3 \
man/man3/SSL_set1_server_cert_type.3 \
man/man3/SSL_set_async_callback.3 \
man/man3/SSL_set_bio.3 \
man/man3/SSL_set_default_stream_mode.3 \
man/man3/SSL_set_fd.3 \
man/man3/SSL_set_incoming_stream_policy.3 \
-man/man3/SSL_set_initial_peer_addr.3 \
man/man3/SSL_set_retry_verify.3 \
man/man3/SSL_set_session.3 \
man/man3/SSL_set_shutdown.3 \
| `SSL_get_wpoll_descriptor` | CSSM | 🟦N | 🟩A | 🟥QSA | 🟢Done |
| `SSL_want_net_read` | CSSM | 🟦N | 🟩A | 🟥QSA | 🟢Done |
| `SSL_want_net_write` | CSSM | 🟦N | 🟩A | 🟥QSA | 🟢Done |
-| `SSL_get_initial_peer_addr` | CSSM | 🟦N | 🟩A | 🟥QSA | 🟢Done |
-| `SSL_set_initial_peer_addr` | CSSM | 🟦N | 🟩A | 🟥QSA | 🟢Done |
+| `SSL_set1_initial_peer_addr` | CSSM | 🟦N | 🟩A | 🟥QSA | 🟢Done |
| `SSL_shutdown_ex` | CSSM | 🟦N | 🟩A | 🟥QSA | 🟡TODO |
| `SSL_stream_conclude` | CSSM | 🟦N | 🟩A | 🟥QSA | 🟡TODO |
| `SSL_stream_reset` | CSSM | 🟦N | 🟩A | 🟥QSA | 🟡TODO |
- [`SSL_get_rpoll_descriptor`, `SSL_get_wpoll_descriptor`](#-ssl-get-rpoll-descriptor----ssl-get-wpoll-descriptor-)
- [`SSL_net_read_desired`, `SSL_net_write_desired`](#-ssl-want-net-read----ssl-want-net-write-)
- [`SSL_want`, `SSL_want_read`, `SSL_want_write`](#-ssl-want----ssl-want-read----ssl-want-write-)
- - [`SSL_set_initial_peer_addr`, `SSL_get_initial_peer_addr`](#-ssl-set-initial-peer-addr----ssl-get-initial-peer-addr-)
+ - [`SSL_set1_initial_peer_addr`](#-ssl-set-initial-peer-addr-)
- [`SSL_shutdown_ex`](#-ssl-shutdown-ex-)
- [`SSL_stream_conclude`](#-ssl-stream-conclude-)
- [`SSL_stream_reset`](#-ssl-stream-reset-)
returns `SSL_NOTHING`) and `SSL_net_read_desired` and `SSL_net_write_desired`
will be used instead.
-#### `SSL_set_initial_peer_addr`, `SSL_get_initial_peer_addr`
+#### `SSL_set1_initial_peer_addr`
| Semantics | `SSL_get_error` | Can Tick? | CSHL |
| --------- | ------------- | --------- | ------------- |
| New | Never | No | CS |
-`SSL_set_initial_peer_addr` sets the initial L4 UDP peer address for an outgoing
+`SSL_set1_initial_peer_addr` sets the initial L4 UDP peer address for an outgoing
QUIC connection.
The initial peer address may be autodetected if no peer address has already been
set explicitly and the QUIC connection SSL object is provided with a
`BIO_s_dgram` with a peer set.
-`SSL_set_initial_peer_addr` cannot be called after a connection is established.
+`SSL_set1_initial_peer_addr` cannot be called after a connection is established.
#### `SSL_shutdown_ex`
=head1 NAME
-SSL_set_initial_peer_addr - set the initial peer address for a QUIC connection
+SSL_set1_initial_peer_addr - set the initial peer address for a QUIC connection
=head1 SYNOPSIS
#include <openssl/ssl.h>
- int SSL_set_initial_peer_addr(SSL *s, const BIO_ADDR *addr);
+ int SSL_set1_initial_peer_addr(SSL *s, const BIO_ADDR *addr);
=head1 DESCRIPTION
-SSL_set_initial_peer_addr() sets the initial destination peer address to be used
+SSL_set1_initial_peer_addr() sets the initial destination peer address to be used
for the purposes of establishing a QUIC connection in client mode. This function
can be used only on a QUIC connection SSL object, and can be used only before a
connection attempt is first made. I<addr> must point to a B<BIO_ADDR>
B<BIO_CTRL_DGRAM_GET_PEER> returns a valid (non-B<AF_UNSPEC>) peer address and
no valid peer address has yet been set, this will be set automatically as the
initial peer address. This behaviour can be overridden by calling
-SSL_set_initial_peer_addr() with a valid peer address explicitly.
+SSL_set1_initial_peer_addr() with a valid peer address explicitly.
The destination address used by QUIC may change over time in response to
connection events, such as connection migration (where supported).
-SSL_set_initial_peer_addr() configures the destination address used for initial
+SSL_set1_initial_peer_addr() configures the destination address used for initial
connection establishment, and does not confer any guarantee about the
destination address being used for communication at any later time in the
connection lifecycle.
+This function makes a copy of the address passed by the caller; the B<BIO_ADDR>
+structure pointed to by I<addr> may be freed by the caller after this function
+returns.
+
=head1 RETURN VALUES
Returns 1 on success and 0 on failure.
=head1 HISTORY
-The SSL_set_initial_peer_addr() function was added in OpenSSL 3.2.
+The SSL_set1_initial_peer_addr() function was added in OpenSSL 3.2.
=head1 COPYRIGHT
Changes needed: Change your application to use L<BIO_s_datagram(3)> instead when
using QUIC. The socket must be configured in nonblocking mode. You may or may
-not need to use L<SSL_set_initial_peer_addr(3)> to set the initial peer address;
-see the B<QUIC-SPECIFIC APIS> section for details.
+not need to use L<SSL_set1_initial_peer_addr(3)> to set the initial peer
+address; see the B<QUIC-SPECIFIC APIS> section for details.
=item
L<SSL_get_wpoll_descriptor(3)> respectively. They determine whether the
respective poll descriptor is currently relevant for the purposes of polling.
-=item L<SSL_set_initial_peer_addr(3)>
+=item L<SSL_set1_initial_peer_addr(3)>
This function can be used to set the initial peer address for an outgoing QUIC
connection. This function must be used in the general case when creating an
outgoing QUIC connection; however, the correct initial peer address can be
-autodetected in some cases. See L<SSL_set_initial_peer_addr(3)> for details.
+autodetected in some cases. See L<SSL_set1_initial_peer_addr(3)> for details.
=item L<SSL_shutdown_ex(3)>
=item
It should configure the SSL object as desired, set an initial peer as needed
-using L<SSL_set_initial_peer_addr(3)>, and trigger the connection process by
+using L<SSL_set1_initial_peer_addr(3)>, and trigger the connection process by
calling L<SSL_connect(3)>.
=item
L<SSL_net_read_desired(3)>, L<SSL_net_write_desired(3)>,
L<SSL_get_rpoll_descriptor(3)>, L<SSL_get_wpoll_descriptor(3)>,
L<SSL_set_blocking_mode(3)>, L<SSL_shutdown_ex(3)>,
-L<SSL_set_initial_peer_addr(3)>, L<SSL_stream_conclude(3)>,
+L<SSL_set1_initial_peer_addr(3)>, L<SSL_stream_conclude(3)>,
L<SSL_stream_reset(3)>, L<SSL_get_stream_read_state(3)>,
L<SSL_get_stream_read_error_code(3)>, L<SSL_get_conn_close_info(3)>,
L<SSL_get0_connection(3)>, L<SSL_get_stream_type(3)>, L<SSL_get_stream_id(3)>,
An OpenSSL QUIC application must specify the target address of the server that
is being connected to. In L</Creating the socket and BIO> above we saved that
address away for future use. Now we need to use it via the
-L<SSL_set_initial_peer_addr(3)> function.
+L<SSL_set1_initial_peer_addr(3)> function.
- if (!SSL_set_initial_peer_addr(ssl, peer_addr)) {
+ if (!SSL_set1_initial_peer_addr(ssl, peer_addr)) {
printf("Failed to set the initial peer address\n");
goto end;
}
__owur int SSL_net_write_desired(SSL *s);
__owur int SSL_set_blocking_mode(SSL *s, int blocking);
__owur int SSL_get_blocking_mode(SSL *s);
-__owur int SSL_set_initial_peer_addr(SSL *s, const BIO_ADDR *peer_addr);
+__owur int SSL_set1_initial_peer_addr(SSL *s, const BIO_ADDR *peer_addr);
__owur SSL *SSL_get0_connection(SSL *s);
__owur int SSL_is_connection(SSL *s);
#endif
}
-int SSL_set_initial_peer_addr(SSL *s, const BIO_ADDR *peer_addr)
+int SSL_set1_initial_peer_addr(SSL *s, const BIO_ADDR *peer_addr)
{
#ifndef OPENSSL_NO_QUIC
if (!IS_QUIC(s))
(flags & QTEST_FLAG_BLOCK) != 0 ? 1 : 0)))
goto err;
- if (!TEST_true(SSL_set_initial_peer_addr(*cssl, peeraddr)))
+ if (!TEST_true(SSL_set1_initial_peer_addr(*cssl, peeraddr)))
goto err;
if (fault != NULL) {
SSL_get_wpoll_descriptor ? 3_2_0 EXIST::FUNCTION:
SSL_set_blocking_mode ? 3_2_0 EXIST::FUNCTION:
SSL_get_blocking_mode ? 3_2_0 EXIST::FUNCTION:
-SSL_set_initial_peer_addr ? 3_2_0 EXIST::FUNCTION:
+SSL_set1_initial_peer_addr ? 3_2_0 EXIST::FUNCTION:
SSL_net_read_desired ? 3_2_0 EXIST::FUNCTION:
SSL_net_write_desired ? 3_2_0 EXIST::FUNCTION:
SSL_shutdown_ex ? 3_2_0 EXIST::FUNCTION: