diff options
author | bazmoz <bazmoz@protonmail.com> | 2020-12-27 22:05:14 +0530 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-01-05 18:09:11 +0000 |
commit | 3497cc8776d50397ceefbd41bd3356a7f5d30c14 (patch) | |
tree | 68cfa4b6d95c7b448f9ca833e61a9d4af7c256b8 | |
parent | b043c41c0059786eb78492fb64217053272ef37d (diff) |
Updated SSL_CTX_new doc
Fixes #13703
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13741)
-rw-r--r-- | doc/man3/SSL_CTX_new.pod | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/doc/man3/SSL_CTX_new.pod b/doc/man3/SSL_CTX_new.pod index b71cda9be0..4093e657e8 100644 --- a/doc/man3/SSL_CTX_new.pod +++ b/doc/man3/SSL_CTX_new.pod @@ -73,11 +73,12 @@ functions =head1 DESCRIPTION -SSL_CTX_new_ex() creates a new B<SSL_CTX> object as a framework to -establish TLS/SSL or DTLS enabled connections using the library context -I<libctx> (see L<OSSL_LIB_CTX(3)>). Any cryptographic algorithms that are used -by any B<SSL> objects created from this B<SSL_CTX> will be fetched from the -I<libctx> using the property query string I<propq> (see +SSL_CTX_new_ex() creates a new B<SSL_CTX> object, which holds various +configuration and data relevant to TLS/SSL or DTLS session establishment. The +library context I<libctx> (see L<OSSL_LIB_CTX(3)>) is used to provide the +cryptographic algorithms needed for the session. Any cryptographic algorithms +that are used by any B<SSL> objects created from this B<SSL_CTX> will be fetched +from the I<libctx> using the property query string I<propq> (see L<provider(7)/Fetching algorithms>. Either or both the I<libctx> or I<propq> parameters may be NULL. @@ -90,6 +91,10 @@ SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the B<SSL_CTX> object are freed. SSL_CTX_up_ref() increments the reference count for an existing B<SSL_CTX> structure. +An B<SSL_CTX> object should not be changed after it is used to create any B<SSL> +objects or from multiple threads concurrently, since the implementation does not +provide serialization of access for these cases. + =head1 NOTES The SSL_CTX object uses I<method> as the connection method. |