xref: /freebsd/crypto/openssl/doc/man3/SSL_CTX_set_info_callback.pod (revision 4b15965daa99044daf184221b7c283bf7f2d7e66)
1=pod
2
3=head1 NAME
4
5SSL_CTX_set_info_callback,
6SSL_CTX_get_info_callback,
7SSL_set_info_callback,
8SSL_get_info_callback
9- handle information callback for SSL connections
10
11=head1 SYNOPSIS
12
13 #include <openssl/ssl.h>
14
15 void SSL_CTX_set_info_callback(SSL_CTX *ctx,
16                                void (*callback) (const SSL *ssl, int type, int val));
17
18 void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type, int val);
19
20 void SSL_set_info_callback(SSL *ssl,
21                            void (*callback) (const SSL *ssl, int type, int val));
22
23 void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type, int val);
24
25=head1 DESCRIPTION
26
27SSL_CTX_set_info_callback() sets the B<callback> function, that can be used to
28obtain state information for SSL objects created from B<ctx> during connection
29setup and use. The setting for B<ctx> is overridden from the setting for
30a specific SSL object, if specified.
31When B<callback> is NULL, no callback function is used.
32
33SSL_set_info_callback() sets the B<callback> function, that can be used to
34obtain state information for B<ssl> during connection setup and use.
35When B<callback> is NULL, the callback setting currently valid for
36B<ctx> is used. B<ssl> B<MUST NOT> be NULL.
37
38SSL_CTX_get_info_callback() returns a pointer to the currently set information
39callback function for B<ctx>.
40
41SSL_get_info_callback() returns a pointer to the currently set information
42callback function for B<ssl>.
43
44=head1 NOTES
45
46When setting up a connection and during use, it is possible to obtain state
47information from the SSL/TLS engine. When set, an information callback function
48is called whenever a significant event occurs such as: the state changes,
49an alert appears, or an error occurs.
50
51The callback function is called as B<callback(SSL *ssl, int where, int ret)>.
52The B<where> argument specifies information about where (in which context)
53the callback function was called. If B<ret> is 0, an error condition occurred.
54If an alert is handled, SSL_CB_ALERT is set and B<ret> specifies the alert
55information.
56
57B<where> is a bit-mask made up of the following bits:
58
59=over 4
60
61=item SSL_CB_LOOP
62
63Callback has been called to indicate state change or some other significant
64state machine event. This may mean that the callback gets invoked more than once
65per state in some situations.
66
67=item SSL_CB_EXIT
68
69Callback has been called to indicate exit of a handshake function. This will
70happen after the end of a handshake, but may happen at other times too such as
71on error or when IO might otherwise block and nonblocking is being used.
72
73=item SSL_CB_READ
74
75Callback has been called during read operation.
76
77=item SSL_CB_WRITE
78
79Callback has been called during write operation.
80
81=item SSL_CB_ALERT
82
83Callback has been called due to an alert being sent or received.
84
85=item SSL_CB_READ_ALERT               (SSL_CB_ALERT|SSL_CB_READ)
86
87=item SSL_CB_WRITE_ALERT              (SSL_CB_ALERT|SSL_CB_WRITE)
88
89=item SSL_CB_ACCEPT_LOOP              (SSL_ST_ACCEPT|SSL_CB_LOOP)
90
91=item SSL_CB_ACCEPT_EXIT              (SSL_ST_ACCEPT|SSL_CB_EXIT)
92
93=item SSL_CB_CONNECT_LOOP             (SSL_ST_CONNECT|SSL_CB_LOOP)
94
95=item SSL_CB_CONNECT_EXIT             (SSL_ST_CONNECT|SSL_CB_EXIT)
96
97=item SSL_CB_HANDSHAKE_START
98
99Callback has been called because a new handshake is started. It also occurs when
100resuming a handshake following a pause to handle early data.
101
102=item SSL_CB_HANDSHAKE_DONE
103
104Callback has been called because a handshake is finished.  It also occurs if the
105handshake is paused to allow the exchange of early data.
106
107=back
108
109The current state information can be obtained using the
110L<SSL_state_string(3)> family of functions.
111
112The B<ret> information can be evaluated using the
113L<SSL_alert_type_string(3)> family of functions.
114
115=head1 RETURN VALUES
116
117SSL_set_info_callback() does not provide diagnostic information.
118
119SSL_get_info_callback() returns the current setting.
120
121=head1 EXAMPLES
122
123The following example callback function prints state strings, information
124about alerts being handled and error messages to the B<bio_err> BIO.
125
126 void apps_ssl_info_callback(const SSL *s, int where, int ret)
127 {
128     const char *str;
129     int w = where & ~SSL_ST_MASK;
130
131     if (w & SSL_ST_CONNECT)
132         str = "SSL_connect";
133     else if (w & SSL_ST_ACCEPT)
134         str = "SSL_accept";
135     else
136         str = "undefined";
137
138     if (where & SSL_CB_LOOP) {
139         BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
140     } else if (where & SSL_CB_ALERT) {
141         str = (where & SSL_CB_READ) ? "read" : "write";
142         BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n", str,
143                    SSL_alert_type_string_long(ret),
144                    SSL_alert_desc_string_long(ret));
145     } else if (where & SSL_CB_EXIT) {
146         if (ret == 0) {
147             BIO_printf(bio_err, "%s:failed in %s\n",
148                        str, SSL_state_string_long(s));
149         } else if (ret < 0) {
150             BIO_printf(bio_err, "%s:error in %s\n",
151                        str, SSL_state_string_long(s));
152         }
153     }
154 }
155
156=head1 SEE ALSO
157
158L<ssl(7)>, L<SSL_state_string(3)>,
159L<SSL_alert_type_string(3)>
160
161=head1 COPYRIGHT
162
163Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
164
165Licensed under the Apache License 2.0 (the "License").  You may not use
166this file except in compliance with the License.  You can obtain a copy
167in the file LICENSE in the source distribution or at
168L<https://www.openssl.org/source/license.html>.
169
170=cut
171