diff options
author | Paul Yang <yang.yang@baishancloud.com> | 2017-06-28 15:46:13 +0800 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2017-07-28 11:51:59 -0400 |
commit | 190b9a03b72a8029c27e4bd0ab000129e240a413 (patch) | |
tree | 9d0c1d44825c86a1ce1b2a7e3008072cdf7617f9 /doc | |
parent | 3ca1f892a7d94fb1595408f5fe80dee51dceb3b8 (diff) |
Make SSL_set_tlsext_host_name no effect from server side
Documentation and test cases are also updated
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3783)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/SSL_CTX_set_tlsext_servername_callback.pod | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/doc/man3/SSL_CTX_set_tlsext_servername_callback.pod b/doc/man3/SSL_CTX_set_tlsext_servername_callback.pod index 673d98fac8..151de16079 100644 --- a/doc/man3/SSL_CTX_set_tlsext_servername_callback.pod +++ b/doc/man3/SSL_CTX_set_tlsext_servername_callback.pod @@ -3,8 +3,8 @@ =head1 NAME SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg, -SSL_get_servername_type, SSL_get_servername - handle server name indication -(SNI) +SSL_get_servername_type, SSL_get_servername, +SSL_set_tlsext_host_name - handle server name indication (SNI) =head1 SYNOPSIS @@ -17,6 +17,8 @@ SSL_get_servername_type, SSL_get_servername - handle server name indication const char *SSL_get_servername(const SSL *s, const int type); int SSL_get_servername_type(const SSL *s); + int SSL_set_tlsext_host_name(const SSL *s, const char *name); + =head1 DESCRIPTION The functionality provided by the servername callback is superseded by @@ -39,16 +41,24 @@ SSL_get_servername_type() returns the servername type or -1 if no servername is present. Currently the only supported type (defined in RFC3546) is B<TLSEXT_NAMETYPE_host_name>. +SSL_set_tlsext_host_name() sets the server name indication ClientHello extension +to contain the value B<name>. The type of server name indication extension is set +to B<TLSEXT_NAMETYPE_host_name> (defined in RFC3546). + =head1 NOTES Several callbacks are executed during ClientHello processing, including the early, ALPN, and servername callbacks. The early callback is executed first, then the servername callback, followed by the ALPN callback. +The SSL_set_tlsext_host_name() function should only be called on SSL objects +that will act as clients; otherwise the configured B<name> will be ignored. + =head1 RETURN VALUES SSL_CTX_set_tlsext_servername_callback() and SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success. +SSL_set_tlsext_host_name() returns 1 on success, 0 in case of error. =head1 SEE ALSO |