aboutsummaryrefslogtreecommitdiffstats
path: root/secure/lib/libcrypto/man/man3/SSL_new.3
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/man3/SSL_new.3')
-rw-r--r--secure/lib/libcrypto/man/man3/SSL_new.371
1 files changed, 64 insertions, 7 deletions
diff --git a/secure/lib/libcrypto/man/man3/SSL_new.3 b/secure/lib/libcrypto/man/man3/SSL_new.3
index 375e0f30605b..1790a36bbcc9 100644
--- a/secure/lib/libcrypto/man/man3/SSL_new.3
+++ b/secure/lib/libcrypto/man/man3/SSL_new.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.40)
+.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "SSL_NEW 3"
-.TH SSL_NEW 3 "2020-04-21" "1.1.1g" "OpenSSL"
+.TH SSL_NEW 3 "2020-09-22" "1.1.1h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -163,10 +163,67 @@ structure are freed.
\&\fBSSL_up_ref()\fR increments the reference count for an
existing \fB\s-1SSL\s0\fR structure.
.PP
-\&\fBSSL_dup()\fR duplicates an existing \fB\s-1SSL\s0\fR structure into a new allocated one. All
-settings are inherited from the original \fB\s-1SSL\s0\fR structure. Dynamic data (i.e.
-existing connection details) are not copied, the new \fB\s-1SSL\s0\fR is set into an
-initial accept (server) or connect (client) state.
+The function \fBSSL_dup()\fR creates and returns a new \fB\s-1SSL\s0\fR structure from the same
+\&\fB\s-1SSL_CTX\s0\fR that was used to create \fIs\fR. It additionally duplicates a subset of
+the settings in \fIs\fR into the new \fB\s-1SSL\s0\fR object.
+.PP
+For \fBSSL_dup()\fR to work, the connection \s-1MUST\s0 be in its initial state and
+\&\s-1MUST NOT\s0 have yet started the \s-1SSL\s0 handshake. For connections that are not in
+their initial state \fBSSL_dup()\fR just increments an internal
+reference count and returns the \fIsame\fR handle. It may be possible to
+use \fBSSL_clear\fR\|(3) to recycle an \s-1SSL\s0 handle that is not in its initial
+state for re-use, but this is best avoided. Instead, save and restore
+the session, if desired, and construct a fresh handle for each connection.
+.PP
+The subset of settings in \fIs\fR that are duplicated are:
+.IP "any session data if configured (including the session_id_context)" 4
+.IX Item "any session data if configured (including the session_id_context)"
+.PD 0
+.IP "any tmp_dh settings set via \fBSSL_set_tmp_dh\fR\|(3), \fBSSL_set_tmp_dh_callback\fR\|(3), or \fBSSL_set_dh_auto\fR\|(3)" 4
+.IX Item "any tmp_dh settings set via SSL_set_tmp_dh, SSL_set_tmp_dh_callback, or SSL_set_dh_auto"
+.IP "any configured certificates, private keys or certificate chains" 4
+.IX Item "any configured certificates, private keys or certificate chains"
+.IP "any configured signature algorithms, or client signature algorithms" 4
+.IX Item "any configured signature algorithms, or client signature algorithms"
+.IP "any \s-1DANE\s0 settings" 4
+.IX Item "any DANE settings"
+.IP "any Options set via \fBSSL_set_options\fR\|(3)" 4
+.IX Item "any Options set via SSL_set_options"
+.IP "any Mode set via \fBSSL_set_mode\fR\|(3)" 4
+.IX Item "any Mode set via SSL_set_mode"
+.IP "any minimum or maximum protocol settings set via \fBSSL_set_min_proto_version\fR\|(3) or \fBSSL_set_max_proto_version\fR\|(3) (Note: Only from OpenSSL 1.1.1h and above)" 4
+.IX Item "any minimum or maximum protocol settings set via SSL_set_min_proto_version or SSL_set_max_proto_version (Note: Only from OpenSSL 1.1.1h and above)"
+.IP "any Verify mode, callback or depth set via \fBSSL_set_verify\fR\|(3) or \fBSSL_set_verify_depth\fR\|(3) or any configured X509 verification parameters" 4
+.IX Item "any Verify mode, callback or depth set via SSL_set_verify or SSL_set_verify_depth or any configured X509 verification parameters"
+.IP "any msg callback or info callback set via \fBSSL_set_msg_callback\fR\|(3) or \fBSSL_set_info_callback\fR\|(3)" 4
+.IX Item "any msg callback or info callback set via SSL_set_msg_callback or SSL_set_info_callback"
+.IP "any default password callback set via \fBSSL_set_default_passwd_cb\fR\|(3)" 4
+.IX Item "any default password callback set via SSL_set_default_passwd_cb"
+.IP "any session id generation callback set via \fBSSL_set_generate_session_id\fR\|(3)" 4
+.IX Item "any session id generation callback set via SSL_set_generate_session_id"
+.IP "any configured Cipher List" 4
+.IX Item "any configured Cipher List"
+.IP "initial accept (server) or connect (client) state" 4
+.IX Item "initial accept (server) or connect (client) state"
+.IP "the max cert list value set via \fBSSL_set_max_cert_list\fR\|(3)" 4
+.IX Item "the max cert list value set via SSL_set_max_cert_list"
+.IP "the read_ahead value set via \fBSSL_set_read_ahead\fR\|(3)" 4
+.IX Item "the read_ahead value set via SSL_set_read_ahead"
+.IP "application specific data set via \fBSSL_set_ex_data\fR\|(3)" 4
+.IX Item "application specific data set via SSL_set_ex_data"
+.IP "any \s-1CA\s0 list or client \s-1CA\s0 list set via \fBSSL_set0_CA_list\fR\|(3), \fBSSL_set0_client_CA_list()\fR or similar functions" 4
+.IX Item "any CA list or client CA list set via SSL_set0_CA_list, SSL_set0_client_CA_list() or similar functions"
+.IP "any security level settings or callbacks" 4
+.IX Item "any security level settings or callbacks"
+.IP "any configured serverinfo data" 4
+.IX Item "any configured serverinfo data"
+.IP "any configured \s-1PSK\s0 identity hint" 4
+.IX Item "any configured PSK identity hint"
+.IP "any configured custom extensions" 4
+.IX Item "any configured custom extensions"
+.IP "any client certificate types configured via SSL_set1_client_certificate_types" 4
+.IX Item "any client certificate types configured via SSL_set1_client_certificate_types"
+.PD
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
The following return values can occur:
@@ -187,7 +244,7 @@ The return value points to an allocated \s-1SSL\s0 structure.
\&\fBssl\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
-Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy