SSL_CTX_set_tlsext_status_type (3)
Leading comments
Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35) Standard preamble: ========================================================================
NAME
SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functionsSYNOPSIS
#include <openssl/tls1.h> long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *)); long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *)); long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg); long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg); long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type); long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx); long SSL_set_tlsext_status_type(SSL *s, int type); long SSL_get_tlsext_status_type(SSL *s); long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp); long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);
DESCRIPTION
A client application may request that a server send back anThe client should additionally provide a callback function to decide what to do with the returned
On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return TLSEXT_STATUSTYPE_ocsp if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested
The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value *resp will be updated to point to the
A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with
RETURN VALUES
The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.The callback when used on the server side should return with either
SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.
SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.
SSL_get_tlsext_status_ocsp_resp() returns the length of the
SSL_get_tlsext_status_type() returns TLSEXT_STATUSTYPE_ocsp on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested
HISTORY
SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() were added in OpenSSL 1.1.0.COPYRIGHT
Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.Licensed under the OpenSSL license (the ``License''). You may not use this file except in compliance with the License. You can obtain a copy in the file