diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man3/SSL_new.3')
-rw-r--r-- | secure/lib/libcrypto/man/man3/SSL_new.3 | 71 |
1 files changed, 64 insertions, 7 deletions
diff --git a/secure/lib/libcrypto/man/man3/SSL_new.3 b/secure/lib/libcrypto/man/man3/SSL_new.3 index 375e0f30605b..1790a36bbcc9 100644 --- a/secure/lib/libcrypto/man/man3/SSL_new.3 +++ b/secure/lib/libcrypto/man/man3/SSL_new.3 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.40) +.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40) .\" .\" Standard preamble: .\" ======================================================================== @@ -133,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "SSL_NEW 3" -.TH SSL_NEW 3 "2020-04-21" "1.1.1g" "OpenSSL" +.TH SSL_NEW 3 "2020-09-22" "1.1.1h" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -163,10 +163,67 @@ structure are freed. \&\fBSSL_up_ref()\fR increments the reference count for an existing \fB\s-1SSL\s0\fR structure. .PP -\&\fBSSL_dup()\fR duplicates an existing \fB\s-1SSL\s0\fR structure into a new allocated one. All -settings are inherited from the original \fB\s-1SSL\s0\fR structure. Dynamic data (i.e. -existing connection details) are not copied, the new \fB\s-1SSL\s0\fR is set into an -initial accept (server) or connect (client) state. +The function \fBSSL_dup()\fR creates and returns a new \fB\s-1SSL\s0\fR structure from the same +\&\fB\s-1SSL_CTX\s0\fR that was used to create \fIs\fR. It additionally duplicates a subset of +the settings in \fIs\fR into the new \fB\s-1SSL\s0\fR object. +.PP +For \fBSSL_dup()\fR to work, the connection \s-1MUST\s0 be in its initial state and +\&\s-1MUST NOT\s0 have yet started the \s-1SSL\s0 handshake. For connections that are not in +their initial state \fBSSL_dup()\fR just increments an internal +reference count and returns the \fIsame\fR handle. It may be possible to +use \fBSSL_clear\fR\|(3) to recycle an \s-1SSL\s0 handle that is not in its initial +state for re-use, but this is best avoided. Instead, save and restore +the session, if desired, and construct a fresh handle for each connection. +.PP +The subset of settings in \fIs\fR that are duplicated are: +.IP "any session data if configured (including the session_id_context)" 4 +.IX Item "any session data if configured (including the session_id_context)" +.PD 0 +.IP "any tmp_dh settings set via \fBSSL_set_tmp_dh\fR\|(3), \fBSSL_set_tmp_dh_callback\fR\|(3), or \fBSSL_set_dh_auto\fR\|(3)" 4 +.IX Item "any tmp_dh settings set via SSL_set_tmp_dh, SSL_set_tmp_dh_callback, or SSL_set_dh_auto" +.IP "any configured certificates, private keys or certificate chains" 4 +.IX Item "any configured certificates, private keys or certificate chains" +.IP "any configured signature algorithms, or client signature algorithms" 4 +.IX Item "any configured signature algorithms, or client signature algorithms" +.IP "any \s-1DANE\s0 settings" 4 +.IX Item "any DANE settings" +.IP "any Options set via \fBSSL_set_options\fR\|(3)" 4 +.IX Item "any Options set via SSL_set_options" +.IP "any Mode set via \fBSSL_set_mode\fR\|(3)" 4 +.IX Item "any Mode set via SSL_set_mode" +.IP "any minimum or maximum protocol settings set via \fBSSL_set_min_proto_version\fR\|(3) or \fBSSL_set_max_proto_version\fR\|(3) (Note: Only from OpenSSL 1.1.1h and above)" 4 +.IX Item "any minimum or maximum protocol settings set via SSL_set_min_proto_version or SSL_set_max_proto_version (Note: Only from OpenSSL 1.1.1h and above)" +.IP "any Verify mode, callback or depth set via \fBSSL_set_verify\fR\|(3) or \fBSSL_set_verify_depth\fR\|(3) or any configured X509 verification parameters" 4 +.IX Item "any Verify mode, callback or depth set via SSL_set_verify or SSL_set_verify_depth or any configured X509 verification parameters" +.IP "any msg callback or info callback set via \fBSSL_set_msg_callback\fR\|(3) or \fBSSL_set_info_callback\fR\|(3)" 4 +.IX Item "any msg callback or info callback set via SSL_set_msg_callback or SSL_set_info_callback" +.IP "any default password callback set via \fBSSL_set_default_passwd_cb\fR\|(3)" 4 +.IX Item "any default password callback set via SSL_set_default_passwd_cb" +.IP "any session id generation callback set via \fBSSL_set_generate_session_id\fR\|(3)" 4 +.IX Item "any session id generation callback set via SSL_set_generate_session_id" +.IP "any configured Cipher List" 4 +.IX Item "any configured Cipher List" +.IP "initial accept (server) or connect (client) state" 4 +.IX Item "initial accept (server) or connect (client) state" +.IP "the max cert list value set via \fBSSL_set_max_cert_list\fR\|(3)" 4 +.IX Item "the max cert list value set via SSL_set_max_cert_list" +.IP "the read_ahead value set via \fBSSL_set_read_ahead\fR\|(3)" 4 +.IX Item "the read_ahead value set via SSL_set_read_ahead" +.IP "application specific data set via \fBSSL_set_ex_data\fR\|(3)" 4 +.IX Item "application specific data set via SSL_set_ex_data" +.IP "any \s-1CA\s0 list or client \s-1CA\s0 list set via \fBSSL_set0_CA_list\fR\|(3), \fBSSL_set0_client_CA_list()\fR or similar functions" 4 +.IX Item "any CA list or client CA list set via SSL_set0_CA_list, SSL_set0_client_CA_list() or similar functions" +.IP "any security level settings or callbacks" 4 +.IX Item "any security level settings or callbacks" +.IP "any configured serverinfo data" 4 +.IX Item "any configured serverinfo data" +.IP "any configured \s-1PSK\s0 identity hint" 4 +.IX Item "any configured PSK identity hint" +.IP "any configured custom extensions" 4 +.IX Item "any configured custom extensions" +.IP "any client certificate types configured via SSL_set1_client_certificate_types" 4 +.IX Item "any client certificate types configured via SSL_set1_client_certificate_types" +.PD .SH "RETURN VALUES" .IX Header "RETURN VALUES" The following return values can occur: @@ -187,7 +244,7 @@ The return value points to an allocated \s-1SSL\s0 structure. \&\fBssl\fR\|(7) .SH "COPYRIGHT" .IX Header "COPYRIGHT" -Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000\-2020 The OpenSSL Project Authors. All Rights Reserved. .PP Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use this file except in compliance with the License. You can obtain a copy |