-*- mode: troff; coding: utf-8 -*-
Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)

Standard preamble:
========================================================================
..

..

.. \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
. ds C` "" . ds C' "" 'br\} . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.

If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.

Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF ========================================================================

Title "SSL_NEW_DOMAIN 3ossl" For nroff, turn off justification. Always turn off hyphenation; it makes
way too many mistakes in technical documents.
SSL_new_domain, SSL_is_domain, SSL_get0_domain \- SSL object interface for managing QUIC event domains Header "SYNOPSIS" .Vb 1 #include <openssl/ssl.h> \& SSL *SSL_new_domain(SSL_CTX *ctx, uint64_t flags); \& int SSL_is_domain(SSL *ssl); SSL *SSL_get0_domain(SSL *ssl); .Ve Header "DESCRIPTION" The SSL_new_domain() function creates a new QUIC event domain, represented as an SSL object. This is known as a QUIC domain SSL object (QDSO). The concept of a QUIC event domain is discussed in detail in openssl-quic-concurrency\|(7).

The flags argument to SSL_new_domain() specifies a set of domain flags. If the \fIflags argument to SSL_new_domain() does not specify one of the flags \fBSSL_DOMAIN_FLAG_SINGLE_THREAD, SSL_DOMAIN_FLAG_MULTI_THREAD or \fBSSL_DOMAIN_FLAG_THREAD_ASSISTED, the domain flags configured on the \fBSSL_CTX are inherited as a default and any other flags in flags are added to the set of inherited flags. Otherwise, the domain flags in flags are used. See SSL_CTX_set_domain_flags\|(3) for details of the available domain flags and how they can be configured on a SSL_CTX.

A QUIC domain SSL object can be managed in the same way as any other SSL object, in that it can be refcounted and freed normally. A QUIC domain SSL object is the parent of a number of child objects such as QUIC listener SSL objects. Once a QUIC domain SSL object has been created, a listener can be created under it using SSL_new_listener_from\|(3).

\fBSSL_is_domain() returns 1 if a SSL object is a QUIC domain SSL object.

\fBSSL_get0_domain() obtains a pointer to the QUIC domain SSL object in a SSL object hierarchy (if any).

All SSL objects in a QUIC event domain use the same domain flags, and the domain flags for a QUIC domain cannot be changed after construction.

Subsection "Supported Operations" A QUIC domain SSL object exists to contain other QUIC SSL objects and provide unified event handling. As such, it supports only the following operations: Standard reference counting and free operations, such as SSL_up_ref\|(3) and \fBSSL_free\|(3); Event processing and polling enablement APIs such as SSL_handle_events\|(3), and SSL_get_event_timeout\|(3). Creating listeners under the domain using SSL_new_listener_from\|(3).

The basic workflow of using a domain object is as follows:

Create a new domain object using SSL_new_domain() using a SSL_CTX which uses a supported SSL_METHOD (such as OSSL_QUIC_server_method\|(3)); Create listeners under the domain using SSL_new_listener_from\|(3).

Refer to SSL_new_listener_from\|(3) for details on using listeners.

Currently, domain SSL objects are only supported for QUIC usage via any QUIC \fBSSL_METHOD.

Header "RETURN VALUES" \fBSSL_new_domain() returns a new domain SSL object or NULL on failure.

\fBSSL_is_domain() returns 0 or 1 depending on the type of the SSL object on which it is called.

\fBSSL_get0_domain() returns an SSL object pointer (potentially to the same object on which it is called) or NULL.

Header "SEE ALSO" \fBSSL_new_listener_from\|(3) SSL_handle_events\|(3), \fBSSL_CTX_set_domain_flags\|(3), openssl-quic-concurrency\|(7) Header "HISTORY" These functions were added in OpenSSL 3.5. Header "COPYRIGHT" Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.