openssl/doc/man3/SSL_CTX_set_tlsext_servername_callback.pod
Jon Spillett 8c55c46147 Add documentation for SNI APIs
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3071)
2017-03-29 07:26:41 +02:00

62 lines
2 KiB
Text

=pod
=head1 NAME
SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg,
SSL_get_servername_type, SSL_get_servername - handle server name indication
(SNI)
=head1 SYNOPSIS
#include <openssl/ssl.h>
long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
int (*cb)(SSL *, int *, void *));
long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
const char *SSL_get_servername(const SSL *s, const int type);
int SSL_get_servername_type(const SSL *s);
=head1 DESCRIPTION
SSL_CTX_set_tlsext_servername_callback() sets the application callback B<cb>
used by a server to perform any actions or configuration required based on
the servername extension received in the incoming connection. When B<cb>
is NULL, SNI is not used. The B<arg> value is a pointer which is passed to
the application callback.
SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to be
passed into the callback for this B<SSL_CTX>.
SSL_get_servername() returns a servername extension value of the specified
type if provided in the Client Hello or NULL.
SSL_get_servername_type() returns the servername type or -1 if no servername
is present. Currently the only supported type (defined in RFC3546) is
B<TLSEXT_NAMETYPE_host_name>.
=head1 NOTES
The ALPN and SNI callbacks are both executed during Client Hello processing.
The servername callback is executed first, followed by the ALPN callback.
=head1 RETURN VALUES
SSL_CTX_set_tlsext_servername_callback() and
SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success.
=head1 SEE ALSO
L<ssl(7)>, L<SSL_CTX_set_alpn_select_cb(3)>,
L<SSL_get0_alpn_selected(3)>
=head1 COPYRIGHT
Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut