HEX
Server: nginx/1.28.1
System: Linux 10-41-63-61 6.8.0-31-generic #31-Ubuntu SMP PREEMPT_DYNAMIC Sat Apr 20 00:40:06 UTC 2024 x86_64
User: www (1001)
PHP: 7.4.33
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /usr/local/openssl/man/man3/
Upload Files
File: //usr/local/openssl/man/man3/SSL_CTX_get_mode.3
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "SSL_CTX_set_mode 3"
.TH SSL_CTX_set_mode 3 2019-12-20 1.0.2u OpenSSL
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH NAME
SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode, SSL_get_mode \- manipulate SSL engine mode
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/ssl.h>
\&
\& long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
\& long SSL_set_mode(SSL *ssl, long mode);
\&
\& long SSL_CTX_get_mode(SSL_CTX *ctx);
\& long SSL_get_mode(SSL *ssl);
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBSSL_CTX_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBctx\fR.
Options already set before are not cleared.
.PP
\&\fBSSL_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBssl\fR.
Options already set before are not cleared.
.PP
\&\fBSSL_CTX_get_mode()\fR returns the mode set for \fBctx\fR.
.PP
\&\fBSSL_get_mode()\fR returns the mode set for \fBssl\fR.
.SH NOTES
.IX Header "NOTES"
The following mode changes are available:
.IP SSL_MODE_ENABLE_PARTIAL_WRITE 4
.IX Item "SSL_MODE_ENABLE_PARTIAL_WRITE"
Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
when just a single record has been written). When not set (the default),
\&\fBSSL_write()\fR will only report success once the complete chunk was written.
Once \fBSSL_write()\fR returns with r, r bytes have been successfully written
and the next call to \fBSSL_write()\fR must only send the n\-r bytes left,
imitating the behaviour of \fBwrite()\fR.
.IP SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 4
.IX Item "SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER"
Make it possible to retry \fBSSL_write()\fR with changed buffer location
(the buffer contents must stay the same). This is not the default to avoid
the misconception that non-blocking \fBSSL_write()\fR behaves like
non-blocking \fBwrite()\fR.
.IP SSL_MODE_AUTO_RETRY 4
.IX Item "SSL_MODE_AUTO_RETRY"
Never bother the application with retries if the transport is blocking.
If a renegotiation take place during normal operation, a
\&\fBSSL_read\fR\|(3) or \fBSSL_write\fR\|(3) would return
with \-1 and indicate the need to retry with SSL_ERROR_WANT_READ.
In a non-blocking environment applications must be prepared to handle
incomplete read/write operations.
In a blocking environment, applications are not always prepared to
deal with read/write operations returning without success report. The
flag SSL_MODE_AUTO_RETRY will cause read/write operations to only
return after the handshake and successful completion.
.IP SSL_MODE_RELEASE_BUFFERS 4
.IX Item "SSL_MODE_RELEASE_BUFFERS"
When we no longer need a read buffer or a write buffer for a given SSL,
then release the memory we were using to hold it.  Released memory is
either appended to a list of unused RAM chunks on the SSL_CTX, or simply
freed if the list of unused chunks would become longer than 
SSL_CTX\->freelist_max_len, which defaults to 32.  Using this flag can
save around 34k per idle SSL connection.
This flag has no effect on SSL v2 connections, or on DTLS connections.
.IP SSL_MODE_SEND_FALLBACK_SCSV 4
.IX Item "SSL_MODE_SEND_FALLBACK_SCSV"
Send TLS_FALLBACK_SCSV in the ClientHello.
To be set only by applications that reconnect with a downgraded protocol
version; see draft\-ietf\-tls\-downgrade\-scsv\-00 for details.
.Sp
DO NOT ENABLE THIS if your application attempts a normal handshake.
Only use this in explicit fallback retries, following the guidance
in draft\-ietf\-tls\-downgrade\-scsv\-00.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBSSL_CTX_set_mode()\fR and \fBSSL_set_mode()\fR return the new mode bitmask
after adding \fBmode\fR.
.PP
\&\fBSSL_CTX_get_mode()\fR and \fBSSL_get_mode()\fR return the current bitmask.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBssl\fR\|(3), \fBSSL_read\fR\|(3), \fBSSL_write\fR\|(3)
.SH HISTORY
.IX Header "HISTORY"
SSL_MODE_AUTO_RETRY as been added in OpenSSL 0.9.6.
@ Telegram