NAME    [Toc]    [Back]

       SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode,
       SSL_get_mode - manipulate SSL engine mode

LIBRARY    [Toc]    [Back]

       libcrypto, -lcrypto

SYNOPSIS    [Toc]    [Back]

        #include <openssl/ssl.h>

        long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
        long SSL_set_mode(SSL *ssl, long mode);

        long SSL_CTX_get_mode(SSL_CTX *ctx);
        long SSL_get_mode(SSL *ssl);

DESCRIPTION    [Toc]    [Back]

       SSL_CTX_set_mode() adds the mode set via bitmask in mode
       to ctx.  Options already set before are not cleared.

       SSL_set_mode() adds the mode set via bitmask in mode to
       ssl.  Options already set before are not cleared.

       SSL_CTX_get_mode() returns the mode set for ctx.

       SSL_get_mode() returns the mode set for ssl.

NOTES    [Toc]    [Back]

       The following mode changes are available:

       SSL_MODE_ENABLE_PARTIAL_WRITE
           Allow SSL_write(..., n) to return r with 0 < r < n
           (i.e. report success when just a single record has
           been written). When not set (the default), SSL_write()
           will only report success once the complete chunk was
           written.  Once SSL_write() returns with r, r bytes
           have been successfully written and the next call to
           SSL_write() must only send the n-r bytes left, imitating
 the behaviour of write().

       SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
           Make it possible to retry SSL_write() with changed
           buffer location (the buffer contents must stay the
           same). This is not the default to avoid the misconception
 that non-blocking SSL_write() behaves like nonblocking
 write().

       SSL_MODE_AUTO_RETRY
           Never bother the application with retries if the
           transport is blocking.  If a renegotiation take place
           during normal operation, a SSL_read(3) or SSL_write(3)
           would return with -1 and indicate the need to retry
           with SSL_ERROR_WANT_READ.  In a non-blocking environment
 applications must be prepared to handle incomplete
 read/write operations.  In a blocking environment,
 applications are not always prepared to deal
           with read/write operations returning without success
           report. The flag SSL_MODE_AUTO_RETRY will cause
           read/write operations to only return after the handshake
 and successful completion.

RETURN VALUES    [Toc]    [Back]

       SSL_CTX_set_mode() and SSL_set_mode() return the new mode
       bitmask after adding mode.

       SSL_CTX_get_mode() and SSL_get_mode() return the current
       bitmask.

SEE ALSO    [Toc]    [Back]

       ssl(3), SSL_read(3), SSL_write(3)

HISTORY    [Toc]    [Back]

       SSL_MODE_AUTO_RETRY as been added in OpenSSL 0.9.6.



2002-06-10                    0.9.6g          SSL_CTX_set_mode(3)