openssl/doc/man3/SSL_SESSION_get0_hostname.pod
Matt Caswell 721eb8f631 Provide better documentation for SSL_get_servername()
The behaviour of SSL_get_servername() is quite complicated and depends on
numerous factors such as whether it is called on the client or the server,
whether it is called before or after the handshake, what protocol version
was negotiated, and whether a resumption was attempted or was successful.

We attempt to document the behavior more clearly.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/10018)

(cherry picked from commit 0dc7c8e8314f27ac093b2d7bc8f13d0dfd302bdb)
2020-01-30 16:12:16 +00:00

77 lines
2.5 KiB
Text

=pod
=head1 NAME
SSL_SESSION_get0_hostname,
SSL_SESSION_set1_hostname,
SSL_SESSION_get0_alpn_selected,
SSL_SESSION_set1_alpn_selected
- get and set SNI and ALPN data associated with a session
=head1 SYNOPSIS
#include <openssl/ssl.h>
const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s);
int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname);
void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
const unsigned char **alpn,
size_t *len);
int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
size_t len);
=head1 DESCRIPTION
SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the
client when the session was created if it was accepted by the server and TLSv1.2
or below was negotiated. Otherwise NULL is returned. Note that in TLSv1.3 the
SNI hostname is negotiated with each handshake including resumption handshakes
and is therefore never associated with the session.
The value returned is a pointer to memory maintained within B<s> and
should not be free'd.
SSL_SESSION_set1_hostname() sets the SNI value for the hostname to a copy of
the string provided in hostname.
SSL_SESSION_get0_alpn_selected() retrieves the selected ALPN protocol for this
session and its associated length in bytes. The returned value of B<*alpn> is a
pointer to memory maintained within B<s> and should not be free'd.
SSL_SESSION_set1_alpn_selected() sets the ALPN protocol for this session to the
value in B<alpn> which should be of length B<len> bytes. A copy of the input
value is made, and the caller retains ownership of the memory pointed to by
B<alpn>.
=head1 RETURN VALUES
SSL_SESSION_get0_hostname() returns either a string or NULL based on if there
is the SNI value sent by client.
SSL_SESSION_set1_hostname() returns 1 on success or 0 on error.
SSL_SESSION_set1_alpn_selected() returns 1 on success or 0 on error.
=head1 SEE ALSO
L<ssl(7)>,
L<d2i_SSL_SESSION(3)>,
L<SSL_SESSION_get_time(3)>,
L<SSL_SESSION_free(3)>
=head1 HISTORY
The SSL_SESSION_set1_hostname(), SSL_SESSION_get0_alpn_selected() and
SSL_SESSION_set1_alpn_selected() functions were added in OpenSSL 1.1.1.
=head1 COPYRIGHT
Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut