DragonFly On-Line Manual Pages

Search: Section:  

SSL_SET_TMP_ECDH(3)   DragonFly Library Functions Manual   SSL_SET_TMP_ECDH(3)


NAME

     SSL_set_tmp_ecdh, SSL_CTX_set_tmp_ecdh, SSL_set_ecdh_auto,
     SSL_CTX_set_ecdh_auto, SSL_set_tmp_ecdh_callback,
     SSL_CTX_set_tmp_ecdh_callback -- select a curve for ECDH ephemeral key
     exchange


SYNOPSIS

     #include <openssl/ssl.h>

     long
     SSL_set_tmp_ecdh(SSL *ssl, EC_KEY *ecdh);

     long
     SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, EC_KEY *ecdh);

     long
     SSL_set_ecdh_auto(SSL *ssl, int state);

     long
     SSL_CTX_set_ecdh_auto(SSL_CTX *ctx, int state);

     void
     SSL_set_tmp_ecdh_callback(SSL *ssl,
	 EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));

     void
     SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
	 EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));


DESCRIPTION

     Automatic EC curve selection and generation is always enabled in
     LibreSSL, and applications cannot manually provide EC keys for use with
     ECDHE key exchange.

     The only remaining effect of SSL_set_tmp_ecdh() is that the curve of the
     given ecdh key becomes the only curve enabled for the ssl connection, so
     it is equivalent to calling SSL_set1_groups_list(3) with the same single
     curve name.

     SSL_CTX_set_tmp_ecdh() has the same effect on all connections that will
     be created from ctx in the future.

     The functions SSL_set_ecdh_auto(), SSL_CTX_set_ecdh_auto(),
     SSL_set_tmp_ecdh_callback(), and SSL_CTX_set_tmp_ecdh_callback() are dep-
     recated and have no effect.


RETURN VALUES

     SSL_set_tmp_ecdh() and SSL_CTX_set_tmp_ecdh() return 1 on success or 0 on
     failure.

     SSL_set_ecdh_auto(), SSL_CTX_set_ecdh_auto(),
     SSL_set_tmp_ecdh_callback(), and SSL_CTX_set_tmp_ecdh_callback() always
     return 1.


SEE ALSO

     ssl(3), SSL_CTX_set1_groups(3), SSL_CTX_set_cipher_list(3),
     SSL_CTX_set_options(3), SSL_CTX_set_tmp_dh_callback(3), SSL_new(3)


HISTORY

     SSL_set_tmp_ecdh(), SSL_CTX_set_tmp_ecdh(), SSL_set_tmp_ecdh_callback(),
     and SSL_CTX_set_tmp_ecdh_callback() first appeared in OpenSSL 0.9.8 and
     have been available since OpenBSD 4.5.

     SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto() first appeared in OpenSSL
     1.0.2 and have been available since OpenBSD 5.7.

DragonFly 5.5			March 23, 2018			 DragonFly 5.5

Search: Section: