1*2175Sjp161948=pod 2*2175Sjp161948 3*2175Sjp161948=head1 NAME 4*2175Sjp161948 5*2175Sjp161948SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine mode 6*2175Sjp161948 7*2175Sjp161948=head1 SYNOPSIS 8*2175Sjp161948 9*2175Sjp161948 #include <openssl/ssl.h> 10*2175Sjp161948 11*2175Sjp161948 long SSL_CTX_set_mode(SSL_CTX *ctx, long mode); 12*2175Sjp161948 long SSL_set_mode(SSL *ssl, long mode); 13*2175Sjp161948 14*2175Sjp161948 long SSL_CTX_get_mode(SSL_CTX *ctx); 15*2175Sjp161948 long SSL_get_mode(SSL *ssl); 16*2175Sjp161948 17*2175Sjp161948=head1 DESCRIPTION 18*2175Sjp161948 19*2175Sjp161948SSL_CTX_set_mode() adds the mode set via bitmask in B<mode> to B<ctx>. 20*2175Sjp161948Options already set before are not cleared. 21*2175Sjp161948 22*2175Sjp161948SSL_set_mode() adds the mode set via bitmask in B<mode> to B<ssl>. 23*2175Sjp161948Options already set before are not cleared. 24*2175Sjp161948 25*2175Sjp161948SSL_CTX_get_mode() returns the mode set for B<ctx>. 26*2175Sjp161948 27*2175Sjp161948SSL_get_mode() returns the mode set for B<ssl>. 28*2175Sjp161948 29*2175Sjp161948=head1 NOTES 30*2175Sjp161948 31*2175Sjp161948The following mode changes are available: 32*2175Sjp161948 33*2175Sjp161948=over 4 34*2175Sjp161948 35*2175Sjp161948=item SSL_MODE_ENABLE_PARTIAL_WRITE 36*2175Sjp161948 37*2175Sjp161948Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success 38*2175Sjp161948when just a single record has been written). When not set (the default), 39*2175Sjp161948SSL_write() will only report success once the complete chunk was written. 40*2175Sjp161948Once SSL_write() returns with r, r bytes have been successfully written 41*2175Sjp161948and the next call to SSL_write() must only send the n-r bytes left, 42*2175Sjp161948imitating the behaviour of write(). 43*2175Sjp161948 44*2175Sjp161948=item SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 45*2175Sjp161948 46*2175Sjp161948Make it possible to retry SSL_write() with changed buffer location 47*2175Sjp161948(the buffer contents must stay the same). This is not the default to avoid 48*2175Sjp161948the misconception that non-blocking SSL_write() behaves like 49*2175Sjp161948non-blocking write(). 50*2175Sjp161948 51*2175Sjp161948=item SSL_MODE_AUTO_RETRY 52*2175Sjp161948 53*2175Sjp161948Never bother the application with retries if the transport is blocking. 54*2175Sjp161948If a renegotiation take place during normal operation, a 55*2175Sjp161948L<SSL_read(3)|SSL_read(3)> or L<SSL_write(3)|SSL_write(3)> would return 56*2175Sjp161948with -1 and indicate the need to retry with SSL_ERROR_WANT_READ. 57*2175Sjp161948In a non-blocking environment applications must be prepared to handle 58*2175Sjp161948incomplete read/write operations. 59*2175Sjp161948In a blocking environment, applications are not always prepared to 60*2175Sjp161948deal with read/write operations returning without success report. The 61*2175Sjp161948flag SSL_MODE_AUTO_RETRY will cause read/write operations to only 62*2175Sjp161948return after the handshake and successful completion. 63*2175Sjp161948 64*2175Sjp161948=back 65*2175Sjp161948 66*2175Sjp161948=head1 RETURN VALUES 67*2175Sjp161948 68*2175Sjp161948SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask 69*2175Sjp161948after adding B<mode>. 70*2175Sjp161948 71*2175Sjp161948SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask. 72*2175Sjp161948 73*2175Sjp161948=head1 SEE ALSO 74*2175Sjp161948 75*2175Sjp161948L<ssl(3)|ssl(3)>, L<SSL_read(3)|SSL_read(3)>, L<SSL_write(3)|SSL_write(3)> 76*2175Sjp161948 77*2175Sjp161948=head1 HISTORY 78*2175Sjp161948 79*2175Sjp161948SSL_MODE_AUTO_RETRY as been added in OpenSSL 0.9.6. 80*2175Sjp161948 81*2175Sjp161948=cut 82