table of contents
SSL_CTX_SET_MSG_CALLBACK(3) | Library Functions Manual | SSL_CTX_SET_MSG_CALLBACK(3) |
NAME¶
SSL_CTX_set_msg_callback
,
SSL_CTX_set_msg_callback_arg
,
SSL_set_msg_callback
,
SSL_set_msg_callback_arg
—
install callback for observing protocol messages
SYNOPSIS¶
#include
<openssl/ssl.h>
void
SSL_CTX_set_msg_callback
(SSL_CTX
*ctx, void (*cb)(int write_p, int version, int
content_type, const void *buf, size_t len, SSL *ssl, void *arg));
void
SSL_CTX_set_msg_callback_arg
(SSL_CTX
*ctx, void
*arg);
void
SSL_set_msg_callback
(SSL *ssl,
void (*cb)(int write_p, int version, int content_type, const
void *buf, size_t len, SSL *ssl, void *arg));
void
SSL_set_msg_callback_arg
(SSL
*ssl, void
*arg);
DESCRIPTION¶
SSL_CTX_set_msg_callback
()
or
SSL_set_msg_callback
()
can be used to define a message callback function cb
for observing all SSL/TLS protocol messages (such as handshake messages)
that are received or sent.
SSL_CTX_set_msg_callback_arg
() and
SSL_set_msg_callback_arg
() can be used to set
argument arg to the callback function, which is
available for arbitrary application use.
SSL_CTX_set_msg_callback
()
and SSL_CTX_set_msg_callback_arg
() specify default
settings that will be copied to new SSL objects by
SSL_new(3). SSL_set_msg_callback
()
and SSL_set_msg_callback_arg
() modify the actual
settings of an SSL object. Using a
NULL
pointer for cb disables
the message callback.
When cb is called by the SSL/TLS library for a protocol message, the function arguments have the following meaning:
- write_p
- This flag is 0 when a protocol message has been received and 1 when a protocol message has been sent.
- version
- The protocol version according to which the protocol message is
interpreted by the library, such as
TLS1_VERSION
,TLS1_1_VERSION
,TLS1_2_VERSION
,DTLS1_VERSION
, orDTLS1_2_VERSION
. - content_type
- This is one of the
ContentType
values defined in the protocol specification
(
SSL3_RT_CHANGE_CIPHER_SPEC
,SSL3_RT_ALERT
,SSL3_RT_HANDSHAKE
, but neverSSL3_RT_APPLICATION_DATA
because the callback will only be called for protocol messages.) - buf, len
- buf points to a buffer containing the protocol message, which consists of len bytes. The buffer is no longer valid after the callback function has returned.
- ssl
- The SSL object that received or sent the message.
- arg
- The user-defined argument optionally defined by
SSL_CTX_set_msg_callback_arg
() orSSL_set_msg_callback_arg
().
Protocol messages are passed to the callback function after decryption and fragment collection where applicable. (Thus record boundaries are not visible.)
If processing a received protocol message results in an error, the callback function may not be called. For example, the callback function will never see messages that are considered too large to be processed.
Due to automatic protocol version negotiation,
version is not necessarily the protocol version used
by the sender of the message: If a TLS 1.0 ClientHello message is received
by an SSL 3.0-only server, version will be
SSL3_VERSION
.
SEE ALSO¶
HISTORY¶
SSL_CTX_set_msg_callback
(),
SSL_CTX_set_msg_callback_arg
(),
SSL_set_msg_callback
() and
SSL_set_msg_callback_arg
() first appeared in OpenSSL
0.9.7 and have been available since OpenBSD 3.2.
April 15, 2021 | Linux 6.4.0-150600.23.25-default |