Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
Standard preamble:
========================================================================
..
.... \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
. ds C` "" . ds C' "" 'br\} . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.
If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.
Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF ========================================================================
Title "SSL_SET_QUIC_TLS_CBS 3ossl"
way too many mistakes in technical documents.
An OSSL_DISPATCH table should consist of an array of OSSL_DISPATCH entries where each entry is a function id, and a function pointer. The array should be terminated with an empty entry (i.e. a 0 function id, and a NULL function pointer).
Calling the SSL_set_quic_tls_cbs() function will switch off the \fBSSL_OP_ENABLE_MIDDLEBOX_COMPAT option (if set). See SSL_set_options\|(3). Additionally the minimum TLS protocol version will be set to TLS1_3_VERSION. It is an error to call this function with anything other than a TLS connection SSL object.
The OSSL_FUNC_SSL_QUIC_TLS_crypto_send_fn callback (function id \fBOSSL_FUNC_SSL_QUIC_TLS_CRYPTO_SEND) is called when CRYPTO frame data should be sent to the peer. The data to be sent is supplied in the buffer buf which is of length buf_len. The callback may choose to consume less data than was supplied in the buffer. On successful completion of the callback the consumed parameter should be populated with the amount of data that the callback consumed. This should be less than or equal to the value in buf_len. CRYPTO data should be sent using the most recent write encryption level set via the OSSL_FUNC_SSL_QUIC_TLS_yield_secret_fn callback (if it has been called).
The OSSL_FUNC_SSL_QUIC_TLS_crypto_recv_rcd_fn callback (function id \fBOSSL_FUNC_SSL_QUIC_TLS_CRYPTO_RECV_RCD) is used to receive CRYPTO frame data from the peer. When OpenSSL wants to read data from the peer this callback is called. The callback should populate *buf with a pointer to a buffer containing CRYPTO data that has been received from the peer. The size of the buffer should be populated in *bytes_read. The buffer should remain valid until OpenSSL calls the OSSL_FUNC_SSL_QUIC_TLS_crypto_release_rcd_fn callback. CRYPTO frame data is assumed to have been decrypted using the most recent read protection level set via the yield_secret_cb callback (if it has been called).
The OSSL_FUNC_SSL_QUIC_TLS_crypto_release_rcd_fn callback (function id \fBOSSL_FUNC_SSL_QUIC_TLS_CRYPTO_RELEASE_RCD) is called when data previously read via OSSL_FUNC_SSL_QUIC_TLS_crypto_recv_rcd_fn is no longer required. The \fIbytes_read argument is always equal to the size of the buffer previously provided in the crypto_receive_rcd_cb callback. Only one record at a time will ever be read by OpenSSL.
The OSSL_FUNC_SSL_QUIC_TLS_yield_secret_fn callback (function id \fBOSSL_FUNC_SSL_QUIC_TLS_YIELD_SECRET) is called when a new secret has been established. The prot_level argument identities the TLS protection level and will be one of OSSL_RECORD_PROTECTION_LEVEL_NONE, \fBOSSL_RECORD_PROTECTION_LEVEL_EARLY, OSSL_RECORD_PROTECTION_LEVEL_HANDSHAKE or OSSL_RECORD_PROTECTION_LEVEL_APPLICATION. The direction will either be 0 (for the read secret) or 1 (for the write secret). The secret itself will be in the buffer pointed to by secret and the buffer will be of length \fIsecret_len.
The OSSL_FUNC_SSL_QUIC_TLS_got_transport_params_fn callback (function id \fBOSSL_FUNC_SSL_QUIC_TLS_GOT_TRANSPORT_PARAMS) is called when transport parameters have been received from the peer. The parameters are held in the \fIparams buffer which is of length params_len.
The OSSL_FUNC_SSL_QUIC_TLS_alert_fn callback (function id \fBOSSL_FUNC_SSL_QUIC_TLS_ALERT) is called when OpenSSL is attempting to send an alert to the peer. The code for the alert is supplied in alert_code.
The SSL_set_quic_tls_transport_params() function is used to set the transport parameters to be sent by this endpoint. The parameters are in the params buffer which should be of length params_len. The buffer containing the parameters should remain valid until after the parameters have been sent. This function must have been called by the time the transport parameters need to be sent. For a client this will be before the connection has been initiated. For a server this might typically occur during the got_transport_params_cb.
The SSL_set_quic_tls_early_data_enabled() function is used to enable the 0-RTT feature for a third party QUIC implementation.
All of the callbacks should also return 1 on success and 0 on failure. A failure response is fatal to the connection.
.Vb 10 const OSSL_DISPATCH qtdis[] = { {OSSL_FUNC_SSL_QUIC_TLS_CRYPTO_SEND, (void (*)(void))crypto_send_cb}, {OSSL_FUNC_SSL_QUIC_TLS_CRYPTO_RECV_RCD, (void (*)(void))crypto_recv_rcd_cb}, {OSSL_FUNC_SSL_QUIC_TLS_CRYPTO_RELEASE_RCD, (void (*)(void))crypto_release_rcd_cb}, {OSSL_FUNC_SSL_QUIC_TLS_YIELD_SECRET, (void (*)(void))yield_secret_cb}, {OSSL_FUNC_SSL_QUIC_TLS_GOT_TRANSPORT_PARAMS, (void (*)(void))got_transport_params_cb}, {OSSL_FUNC_SSL_QUIC_TLS_ALERT, (void (*)(void))alert_cb}, {0, NULL} }; \& if (!SSL_set_quic_tls_cbs(ssl, qtdis, NULL)) goto err; .Ve
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.