1=pod 2 3=head1 NAME 4 5SSL_CTX_set_ssl_version, SSL_CTX_get_ssl_method, SSL_set_ssl_method, SSL_get_ssl_method 6- choose a new TLS/SSL method 7 8=head1 SYNOPSIS 9 10 #include <openssl/ssl.h> 11 12 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method); 13 const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx); 14 15 int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); 16 const SSL_METHOD *SSL_get_ssl_method(const SSL *ssl); 17 18=head1 DESCRIPTION 19 20SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects 21newly created from this B<ctx>. Most of the configuration attached to the 22SSL_CTX object is retained, with the exception of the configured TLS ciphers, 23which are reset to the default values. SSL objects already created from this 24SSL_CTX with L<SSL_new(3)> are not affected, except when L<SSL_clear(3)> is 25being called, as described below. 26 27SSL_CTX_get_ssl_method() returns the SSL_METHOD which was used to construct the 28SSL_CTX. 29 30SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl> 31object. It may be reset, when SSL_clear() is called. 32 33SSL_get_ssl_method() returns a pointer to the TLS/SSL method 34set in B<ssl>. 35 36=head1 NOTES 37 38The available B<method> choices are described in 39L<SSL_CTX_new(3)>. 40 41When L<SSL_clear(3)> is called and no session is connected to 42an SSL object, the method of the SSL object is reset to the method currently 43set in the corresponding SSL_CTX object. 44 45SSL_CTX_set_version() has unusual semantics and no clear use case; 46it would usually be preferable to create a new SSL_CTX object than to 47try to reuse an existing one in this fashion. Its usage is considered 48deprecated. 49 50SSL_set_ssl_method() cannot be used to change a non-QUIC SSL object to a QUIC 51SSL object or vice versa, or change a QUIC SSL object from one QUIC method to 52another. 53 54=head1 RETURN VALUES 55 56The following return values can occur for SSL_CTX_set_ssl_version() 57and SSL_set_ssl_method(): 58 59=over 4 60 61=item Z<>0 62 63The new choice failed, check the error stack to find out the reason. 64 65=item Z<>1 66 67The operation succeeded. 68 69=back 70 71SSL_CTX_get_ssl_method() and SSL_get_ssl_method() always return non-NULL 72pointers. 73 74=head1 SEE ALSO 75 76L<SSL_CTX_new(3)>, L<SSL_new(3)>, 77L<SSL_clear(3)>, L<ssl(7)>, 78L<SSL_set_connect_state(3)> 79 80=head1 HISTORY 81 82SSL_CTX_set_ssl_version() was deprecated in OpenSSL 3.0. 83 84=head1 COPYRIGHT 85 86Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. 87 88Licensed under the Apache License 2.0 (the "License"). You may not use 89this file except in compliance with the License. You can obtain a copy 90in the file LICENSE in the source distribution or at 91L<https://www.openssl.org/source/license.html>. 92 93=cut 94
