1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5*b077aed3SPierre ProncherySSL_CTX_set_ssl_version, SSL_CTX_get_ssl_method, SSL_set_ssl_method, SSL_get_ssl_method 6e71b7053SJung-uk Kim- choose a new TLS/SSL method 7e71b7053SJung-uk Kim 8e71b7053SJung-uk Kim=head1 SYNOPSIS 9e71b7053SJung-uk Kim 10e71b7053SJung-uk Kim #include <openssl/ssl.h> 11e71b7053SJung-uk Kim 12e71b7053SJung-uk Kim int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method); 13*b077aed3SPierre Pronchery const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx); 14*b077aed3SPierre Pronchery 15e71b7053SJung-uk Kim int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); 166935a639SJung-uk Kim const SSL_METHOD *SSL_get_ssl_method(const SSL *ssl); 17e71b7053SJung-uk Kim 18e71b7053SJung-uk Kim=head1 DESCRIPTION 19e71b7053SJung-uk Kim 20e71b7053SJung-uk KimSSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects 21*b077aed3SPierre Proncherynewly created from this B<ctx>. Most of the configuration attached to the 22*b077aed3SPierre ProncherySSL_CTX object is retained, with the exception of the configured TLS ciphers, 23*b077aed3SPierre Proncherywhich are reset to the default values. SSL objects already created from this 24*b077aed3SPierre ProncherySSL_CTX with L<SSL_new(3)> are not affected, except when L<SSL_clear(3)> is 25*b077aed3SPierre Proncherybeing called, as described below. 26*b077aed3SPierre Pronchery 27*b077aed3SPierre ProncherySSL_CTX_get_ssl_method() returns the SSL_METHOD which was used to construct the 28*b077aed3SPierre ProncherySSL_CTX. 29e71b7053SJung-uk Kim 30e71b7053SJung-uk KimSSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl> 31e71b7053SJung-uk Kimobject. It may be reset, when SSL_clear() is called. 32e71b7053SJung-uk Kim 33*b077aed3SPierre ProncherySSL_get_ssl_method() returns a pointer to the TLS/SSL method 34e71b7053SJung-uk Kimset in B<ssl>. 35e71b7053SJung-uk Kim 36e71b7053SJung-uk Kim=head1 NOTES 37e71b7053SJung-uk Kim 38e71b7053SJung-uk KimThe available B<method> choices are described in 39e71b7053SJung-uk KimL<SSL_CTX_new(3)>. 40e71b7053SJung-uk Kim 41e71b7053SJung-uk KimWhen L<SSL_clear(3)> is called and no session is connected to 42e71b7053SJung-uk Kiman SSL object, the method of the SSL object is reset to the method currently 43e71b7053SJung-uk Kimset in the corresponding SSL_CTX object. 44e71b7053SJung-uk Kim 45*b077aed3SPierre ProncherySSL_CTX_set_version() has unusual semantics and no clear use case; 46*b077aed3SPierre Proncheryit would usually be preferable to create a new SSL_CTX object than to 47*b077aed3SPierre Proncherytry to reuse an existing one in this fashion. Its usage is considered 48*b077aed3SPierre Proncherydeprecated. 49*b077aed3SPierre Pronchery 50e71b7053SJung-uk Kim=head1 RETURN VALUES 51e71b7053SJung-uk Kim 52e71b7053SJung-uk KimThe following return values can occur for SSL_CTX_set_ssl_version() 53e71b7053SJung-uk Kimand SSL_set_ssl_method(): 54e71b7053SJung-uk Kim 55e71b7053SJung-uk Kim=over 4 56e71b7053SJung-uk Kim 57e71b7053SJung-uk Kim=item Z<>0 58e71b7053SJung-uk Kim 59e71b7053SJung-uk KimThe new choice failed, check the error stack to find out the reason. 60e71b7053SJung-uk Kim 61e71b7053SJung-uk Kim=item Z<>1 62e71b7053SJung-uk Kim 63e71b7053SJung-uk KimThe operation succeeded. 64e71b7053SJung-uk Kim 65e71b7053SJung-uk Kim=back 66e71b7053SJung-uk Kim 67*b077aed3SPierre ProncherySSL_CTX_get_ssl_method() and SSL_get_ssl_method() always return non-NULL 68*b077aed3SPierre Proncherypointers. 69*b077aed3SPierre Pronchery 70e71b7053SJung-uk Kim=head1 SEE ALSO 71e71b7053SJung-uk Kim 72e71b7053SJung-uk KimL<SSL_CTX_new(3)>, L<SSL_new(3)>, 73e71b7053SJung-uk KimL<SSL_clear(3)>, L<ssl(7)>, 74e71b7053SJung-uk KimL<SSL_set_connect_state(3)> 75e71b7053SJung-uk Kim 76*b077aed3SPierre Pronchery=head1 HISTORY 77*b077aed3SPierre Pronchery 78*b077aed3SPierre ProncherySSL_CTX_set_ssl_version() was deprecated in OpenSSL 3.0. 79*b077aed3SPierre Pronchery 80e71b7053SJung-uk Kim=head1 COPYRIGHT 81e71b7053SJung-uk Kim 82*b077aed3SPierre ProncheryCopyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. 83e71b7053SJung-uk Kim 84*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 85e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 86e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 87e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 88e71b7053SJung-uk Kim 89e71b7053SJung-uk Kim=cut 90