<?xml version="1.0" ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>SSL_CTX_use_serverinfo</title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <link rev="made" href="mailto:root@localhost" /> </head> <body style="background-color: white"> <ul id="index"> <li><a href="#NAME">NAME</a></li> <li><a href="#SYNOPSIS">SYNOPSIS</a></li> <li><a href="#DESCRIPTION">DESCRIPTION</a></li> <li><a href="#RETURN-VALUES">RETURN VALUES</a></li> <li><a href="#COPYRIGHT">COPYRIGHT</a></li> </ul> <h1 id="NAME">NAME</h1> <p>SSL_CTX_use_serverinfo_ex, SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file - use serverinfo extension</p> <h1 id="SYNOPSIS">SYNOPSIS</h1> <pre><code> #include <openssl/ssl.h> int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version, const unsigned char *serverinfo, size_t serverinfo_length); int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, size_t serverinfo_length); int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);</code></pre> <h1 id="DESCRIPTION">DESCRIPTION</h1> <p>These functions load "serverinfo" TLS extensions into the SSL_CTX. A "serverinfo" extension is returned in response to an empty ClientHello Extension.</p> <p>SSL_CTX_use_serverinfo_ex() loads one or more serverinfo extensions from a byte array into <b>ctx</b>. The <b>version</b> parameter specifies the format of the byte array provided in <b>*serverinfo</b> which is of length <b>serverinfo_length</b>.</p> <p>If <b>version</b> is <b>SSL_SERVERINFOV2</b> then the extensions in the array must consist of a 4-byte context, a 2-byte Extension Type, a 2-byte length, and then length bytes of extension_data. The context and type values have the same meaning as for <a href="../man3/SSL_CTX_add_custom_ext.html">SSL_CTX_add_custom_ext(3)</a>. If serverinfo is being loaded for extensions to be added to a Certificate message, then the extension will only be added for the first certificate in the message (which is always the end-entity certificate).</p> <p>If <b>version</b> is <b>SSL_SERVERINFOV1</b> then the extensions in the array must consist of a 2-byte Extension Type, a 2-byte length, and then length bytes of extension_data. The type value has the same meaning as for <a href="../man3/SSL_CTX_add_custom_ext.html">SSL_CTX_add_custom_ext(3)</a>. The following default context value will be used in this case:</p> <pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre> <p>SSL_CTX_use_serverinfo() does the same thing as SSL_CTX_use_serverinfo_ex() except that there is no <b>version</b> parameter so a default version of SSL_SERVERINFOV1 is used instead.</p> <p>SSL_CTX_use_serverinfo_file() loads one or more serverinfo extensions from <b>file</b> into <b>ctx</b>. The extensions must be in PEM format. Each extension must be in a format as described above for SSL_CTX_use_serverinfo_ex(). Each PEM extension name must begin with the phrase "BEGIN SERVERINFOV2 FOR " for SSL_SERVERINFOV2 data or "BEGIN SERVERINFO FOR " for SSL_SERVERINFOV1 data.</p> <p>If more than one certificate (RSA/DSA) is installed using SSL_CTX_use_certificate(), the serverinfo extension will be loaded into the last certificate installed. If e.g. the last item was a RSA certificate, the loaded serverinfo extension data will be loaded for that certificate. To use the serverinfo extension for multiple certificates, SSL_CTX_use_serverinfo() needs to be called multiple times, once <b>after</b> each time a certificate is loaded via a call to SSL_CTX_use_certificate().</p> <h1 id="RETURN-VALUES">RETURN VALUES</h1> <p>On success, the functions return 1. On failure, the functions return 0. Check out the error stack to find out the reason.</p> <h1 id="COPYRIGHT">COPYRIGHT</h1> <p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p> <p>Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p> </body> </html>