Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SSL_CTX_SET_TLSEXT_SERVERNAME_CALLBAOpenSCTX_SET_TLSEXT_SERVERNAME_CALLBACK(3)

NAME
       SSL_CTX_set_tlsext_servername_callback,
       SSL_CTX_set_tlsext_servername_arg, SSL_get_servername_type,
       SSL_get_servername, SSL_set_tlsext_host_name - handle server name
       indication (SNI)

SYNOPSIS
	#include <openssl/ssl.h>

	long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
					  int (*cb)(SSL	*, int *, void *));
	long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);

	const char *SSL_get_servername(const SSL *s, const int type);
	int SSL_get_servername_type(const SSL *s);

	int SSL_set_tlsext_host_name(const SSL *s, const char *name);

DESCRIPTION
       The functionality provided by the servername callback is	superseded by
       the ClientHello callback, which can be set using
       SSL_CTX_set_client_hello_cb().  The servername callback is retained for
       historical compatibility.

       SSL_CTX_set_tlsext_servername_callback()	sets the application callback
       cb used by a server to perform any actions or configuration required
       based on	the servername extension received in the incoming connection.
       When cb is NULL,	SNI is not used. The arg value is a pointer which is
       passed to the application callback.

       SSL_CTX_set_tlsext_servername_arg() sets	a context-specific argument to
       be passed into the callback for this SSL_CTX.

       SSL_get_servername() returns a servername extension value of the
       specified type if provided in the Client	Hello or NULL.

       SSL_get_servername_type() returns the servername	type or	-1 if no
       servername is present. Currently	the only supported type	(defined in
       RFC3546)	is TLSEXT_NAMETYPE_host_name.

       SSL_set_tlsext_host_name() sets the server name indication ClientHello
       extension to contain the	value name. The	type of	server name indication
       extension is set	to TLSEXT_NAMETYPE_host_name (defined in RFC3546).

NOTES
       Several callbacks are executed during ClientHello processing, including
       the ClientHello,	ALPN, and servername callbacks.	 The ClientHello
       callback	is executed first, then	the servername callback, followed by
       the ALPN	callback.

       The SSL_set_tlsext_host_name() function should only be called on	SSL
       objects that will act as	clients; otherwise the configured name will be
       ignored.

RETURN VALUES
       SSL_CTX_set_tlsext_servername_callback()	and
       SSL_CTX_set_tlsext_servername_arg() both	always return 1	indicating
       success.	 SSL_set_tlsext_host_name() returns 1 on success, 0 in case of
       error.

SEE ALSO
       ssl(7), SSL_CTX_set_alpn_select_cb(3), SSL_get0_alpn_selected(3),
       SSL_CTX_set_client_hello_cb(3)

COPYRIGHT
       Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.

       Licensed	under the OpenSSL license (the "License").  You	may not	use
       this file except	in compliance with the License.	 You can obtain	a copy
       in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.

1.1.1a				  201SSL_CTX_SET_TLSEXT_SERVERNAME_CALLBACK(3)

NAME | SYNOPSIS | DESCRIPTION | NOTES | RETURN VALUES | SEE ALSO | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=SSL_CTX_set_tlsext_servername_callback&sektion=3&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help