xref: /freebsd/crypto/openssl/doc/man3/SSL_CTX_set_new_pending_conn_cb.pod (revision e7be843b4a162e68651d3911f0357ed464915629) 
1=pod
2
3=head1 NAME
4
5SSL_CTX_set_new_pending_conn_cb, SSL_set_new_pending_conn_cb_fn - callback function to report creation of QUIC connection SSL objects
6
7=head1 SYNOPSIS
8
9 typedef int (*SSL_set_new_pending_conn_cb_fn)(SSL_CTX *c, SSL *new_ssl,
10                                               void *arg);
11 void SSL_CTX_set_new_pending_conn_cb(SSL_CTX *c,
12                                     SSL_set_new_pending_conn_cb_fn *f,
13                                     void *arg);
14
15=head1 DESCRIPTION
16
17SSL_CTX_set_new_pending_conn_cb() sets the new_pending_conn callback function and
18associated application data argument I<arg>.  When using the QUIC transport, TLS
19handshake processing may occur independently from the thread which accepts the
20connection that the handshake is establishing.  As such, B<SSL> objects
21representing the connection may be allocated and initialized prior to a call to
22SSL_accept_connection().  This registered callback may be used to decorate the
23preallocated B<SSL> object or create other associations with its parent
24B<SSL> prior to a call to SSL_accept_connection().
25
26=head1 RETURN VALUES
27
28SSL_CTX_set_new_pending_conn_cb() returns no value.
29
30SSL_set_new_pending_conn_cb_fn() returns an integer value.  A return value of
310 indicates that the QUIC stack must discard this newly created B<SSL> object,
32implying that the associated new connection will not be available for handling
33on a subsequent call to SSL_accept_connection().  A nonzero return
34value is treated as success, allowing the new connection to be enqueued to the
35accept queue.
36
37=head1 SEE ALSO
38
39L<SSL_set_ex_data(3)>
40
41=head1 NOTES
42
43Callbacks in QUIC connections have some limitations to them that should be taken
44into consideration when writing an application.
45
46=over 4
47
48QUIC connections may begin processing prior to when an application calls
49SSL_accept_connection() on them.  As such, it may occur that callbacks are
50delivered to applications' registered TLS callbacks prior to those SSL objects
51being returned in SSL_accept_connection().  Applications should expect this
52possibility.
53
54In particular no references should be held on SSL objects passed to callbacks
55for QUIC connections until such time as they are returned through a call to
56SSL_accept_connection.
57
58=back
59
60=head1 HISTORY
61
62SSL_CTX_set_new_pending_conn_cb() was added in OpenSSL 3.5
63
64=head1 COPYRIGHT
65
66Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
67
68Licensed under the Apache License 2.0 (the "License").  You may not use
69this file except in compliance with the License.  You can obtain a copy
70in the file LICENSE in the source distribution or at
71L<https://www.openssl.org/source/license.html>.
72
73=cut
74