1=pod 2 3=head1 NAME 4 5SSL_CTX_set_info_callback, 6SSL_CTX_get_info_callback, 7SSL_set_info_callback, 8SSL_get_info_callback 9- handle information callback for SSL connections 10 11=head1 SYNOPSIS 12 13 #include <openssl/ssl.h> 14 15 void SSL_CTX_set_info_callback(SSL_CTX *ctx, 16 void (*callback) (const SSL *ssl, int type, int val)); 17 18 void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type, int val); 19 20 void SSL_set_info_callback(SSL *ssl, 21 void (*callback) (const SSL *ssl, int type, int val)); 22 23 void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type, int val); 24 25=head1 DESCRIPTION 26 27SSL_CTX_set_info_callback() sets the B<callback> function, that can be used to 28obtain state information for SSL objects created from B<ctx> during connection 29setup and use. The setting for B<ctx> is overridden from the setting for 30a specific SSL object, if specified. 31When B<callback> is NULL, no callback function is used. 32 33SSL_set_info_callback() sets the B<callback> function, that can be used to 34obtain state information for B<ssl> during connection setup and use. 35When B<callback> is NULL, the callback setting currently valid for 36B<ctx> is used. B<ssl> B<MUST NOT> be NULL. 37 38SSL_CTX_get_info_callback() returns a pointer to the currently set information 39callback function for B<ctx>. 40 41SSL_get_info_callback() returns a pointer to the currently set information 42callback function for B<ssl>. 43 44=head1 NOTES 45 46When setting up a connection and during use, it is possible to obtain state 47information from the SSL/TLS engine. When set, an information callback function 48is called whenever a significant event occurs such as: the state changes, 49an alert appears, or an error occurs. 50 51The callback function is called as B<callback(SSL *ssl, int where, int ret)>. 52The B<where> argument specifies information about where (in which context) 53the callback function was called. If B<ret> is 0, an error condition occurred. 54If an alert is handled, SSL_CB_ALERT is set and B<ret> specifies the alert 55information. 56 57B<where> is a bit-mask made up of the following bits: 58 59=over 4 60 61=item SSL_CB_LOOP 62 63Callback has been called to indicate state change or some other significant 64state machine event. This may mean that the callback gets invoked more than once 65per state in some situations. 66 67=item SSL_CB_EXIT 68 69Callback has been called to indicate exit of a handshake function. This will 70happen after the end of a handshake, but may happen at other times too such as 71on error or when IO might otherwise block and nonblocking is being used. 72 73=item SSL_CB_READ 74 75Callback has been called during read operation. 76 77=item SSL_CB_WRITE 78 79Callback has been called during write operation. 80 81=item SSL_CB_ALERT 82 83Callback has been called due to an alert being sent or received. 84 85=item SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ) 86 87=item SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE) 88 89=item SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP) 90 91=item SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT) 92 93=item SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP) 94 95=item SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT) 96 97=item SSL_CB_HANDSHAKE_START 98 99Callback has been called because a new handshake is started. It also occurs when 100resuming a handshake following a pause to handle early data. 101 102=item SSL_CB_HANDSHAKE_DONE 103 104Callback has been called because a handshake is finished. It also occurs if the 105handshake is paused to allow the exchange of early data. 106 107=back 108 109The current state information can be obtained using the 110L<SSL_state_string(3)> family of functions. 111 112The B<ret> information can be evaluated using the 113L<SSL_alert_type_string(3)> family of functions. 114 115=head1 RETURN VALUES 116 117SSL_set_info_callback() does not provide diagnostic information. 118 119SSL_get_info_callback() returns the current setting. 120 121=head1 EXAMPLES 122 123The following example callback function prints state strings, information 124about alerts being handled and error messages to the B<bio_err> BIO. 125 126 void apps_ssl_info_callback(const SSL *s, int where, int ret) 127 { 128 const char *str; 129 int w = where & ~SSL_ST_MASK; 130 131 if (w & SSL_ST_CONNECT) 132 str = "SSL_connect"; 133 else if (w & SSL_ST_ACCEPT) 134 str = "SSL_accept"; 135 else 136 str = "undefined"; 137 138 if (where & SSL_CB_LOOP) { 139 BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s)); 140 } else if (where & SSL_CB_ALERT) { 141 str = (where & SSL_CB_READ) ? "read" : "write"; 142 BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n", str, 143 SSL_alert_type_string_long(ret), 144 SSL_alert_desc_string_long(ret)); 145 } else if (where & SSL_CB_EXIT) { 146 if (ret == 0) { 147 BIO_printf(bio_err, "%s:failed in %s\n", 148 str, SSL_state_string_long(s)); 149 } else if (ret < 0) { 150 BIO_printf(bio_err, "%s:error in %s\n", 151 str, SSL_state_string_long(s)); 152 } 153 } 154 } 155 156=head1 SEE ALSO 157 158L<ssl(7)>, L<SSL_state_string(3)>, 159L<SSL_alert_type_string(3)> 160 161=head1 COPYRIGHT 162 163Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. 164 165Licensed under the Apache License 2.0 (the "License"). You may not use 166this file except in compliance with the License. You can obtain a copy 167in the file LICENSE in the source distribution or at 168L<https://www.openssl.org/source/license.html>. 169 170=cut 171