manpagez: man pages & more
man SSL_set_msg_callback(3)
Home | html | info | man
SSL_CTX_SET_MSG_CALLBACK(3ossl)     OpenSSL    SSL_CTX_SET_MSG_CALLBACK(3ossl)



NAME

       SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg,
       SSL_set_msg_callback, SSL_set_msg_callback_arg, SSL_trace - install
       callback for observing protocol messages


SYNOPSIS

        #include <openssl/ssl.h>

        void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
                                      void (*cb)(int write_p, int version,
                                                 int content_type, const void *buf,
                                                 size_t len, SSL *ssl, void *arg));
        void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);

        void SSL_set_msg_callback(SSL *ssl,
                                  void (*cb)(int write_p, int version,
                                             int content_type, const void *buf,
                                             size_t len, SSL *ssl, void *arg));
        void SSL_set_msg_callback_arg(SSL *ssl, void *arg);

        void SSL_trace(int write_p, int version, int content_type,
                       const void *buf, size_t len, SSL *ssl, void *arg);


DESCRIPTION

       SSL_set_msg_callback(3) can be used to
       define a message callback function cb for observing all SSL/TLS/QUIC
       protocol messages (such as handshake messages) that are received or
       sent, as well as other events that occur during processing.
       SSL_CTX_set_msg_callback_arg() and SSL_set_msg_callback_arg() can be
       used to set argument arg to the callback function, which is available
       for arbitrary application use.

       SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify
       default settings that will be copied to new SSL objects by SSL_new(3).
       SSL_set_msg_callback(3) and SSL_set_msg_callback_arg() modify the actual
       settings of an SSL object. Using a NULL pointer for cb disables the
       message callback.

       When cb is called by the SSL/TLS/QUIC library the function arguments
       have the following meaning:

       write_p
           This flag is 0 when a protocol message has been received and 1 when
           a protocol message has been sent.

       version
           The protocol version according to which the protocol message is
           interpreted by the library such as TLS1_3_VERSION, TLS1_2_VERSION,
           OSSL_QUIC1_VERSION etc. For the SSL3_RT_HEADER pseudo content type
           (see NOTES below) this value will be the decoded
           version/legacy_version field of the record header.

       content_type
           This is one of the content type values defined in the protocol
           specification (SSL3_RT_CHANGE_CIPHER_SPEC, SSL3_RT_ALERT,
           SSL3_RT_HANDSHAKE; but never SSL3_RT_APPLICATION_DATA because the
           callback will only be called for protocol messages). Alternatively
           it may be a "pseudo" content type. These pseudo content types are
           used to signal some other event in the processing of data (see
           NOTES below).

       buf, len
           buf points to a buffer containing the protocol message or other
           data (in the case of pseudo content types), which consists of len
           bytes. The buffer is no longer valid after the callback function
           has returned.

       ssl The SSL object that received or sent the message.

       arg The user-defined argument optionally defined by
           SSL_CTX_set_msg_callback_arg() or SSL_set_msg_callback_arg().

       The SSL_trace() function can be used as a pre-written callback in a
       call to SSL_set_msg_callback(3). It
       requires a BIO to be set as the callback argument via
       SSL_CTX_set_msg_callback_arg() or SSL_set_msg_callback_arg(). Setting
       this callback will cause human readable diagostic tracing information
       about an SSL/TLS/QUIC connection to be written to the BIO.


NOTES

       Protocol messages are passed to the callback function after decryption
       and fragment collection where applicable. (Thus record boundaries are
       not visible.)

       If processing a received protocol message results in an error, the
       callback function may not be called.  For example, the callback
       function will never see messages that are considered too large to be
       processed.

       Due to automatic protocol version negotiation, version is not
       necessarily the protocol version used by the sender of the message: If
       a TLS 1.0 ClientHello message is received by an SSL 3.0-only server,
       version will be SSL3_VERSION.

       Pseudo content type values may be sent at various points during the
       processing of data. The following pseudo content types are currently
       defined:

       SSL3_RT_HEADER
           Used when a TLS record is sent or received. The buf contains the
           record header bytes only.

       SSL3_RT_INNER_CONTENT_TYPE
           Used when an encrypted TLSv1.3 record is sent or received. In
           encrypted TLSv1.3 records the content type in the record header is
           always SSL3_RT_APPLICATION_DATA. The real content type for the
           record is contained in an "inner" content type. buf contains the
           encoded "inner" content type byte.

       SSL3_RT_QUIC_DATAGRAM
           Used when a QUIC datagram is sent or received.

       SSL3_RT_QUIC_PACKET
           Used when a QUIC packet is sent or received.

       SSL3_RT_QUIC_FRAME_FULL
           Used when a QUIC frame is sent or received. This is only used for
           non-crypto and stream data related frames. The full QUIC frame data
           is supplied.

       SSL3_RT_QUIC_FRAME_HEADER
           Used when a QUIC stream data or crypto frame is sent or received.
           Only the QUIC frame header data is supplied.

       SSL3_RT_QUIC_FRAME_PADDING
           Used when a sequence of one or more QUIC padding frames is sent or
           received.  A padding frame consists of a single byte and it is
           common to have multiple such frames in a sequence. Rather than
           supplying each frame individually the callback will supply all the
           padding frames in one go via this pseudo content type.


RETURN VALUES

       SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(),
       SSL_set_msg_callback(3) and SSL_set_msg_callback_arg() do not return
       values.


SEE ALSO

       ssl(7), SSL_new(3)


HISTORY

       The pseudo content type SSL3_RT_INNER_CONTENT_TYPE was added in OpenSSL
       1.1.1.

       The pseudo content types SSL3_RT_QUIC_DATAGRAM, SSL3_RT_QUIC_PACKET,
       SSL3_RT_QUIC_FRAME_FULL, SSL3_RT_QUIC_FRAME_HEADER and
       SSL3_RT_QUIC_FRAME_PADDING were added in OpenSSL 3.2.

       In versions previous to OpenSSL 3.0 cb was called with 0 as version for
       the pseudo content type SSL3_RT_HEADER for TLS records.

       In versions previous to OpenSSL 3.2 cb was called with 0 as version for
       the pseudo content type SSL3_RT_HEADER for DTLS records.


COPYRIGHT

       Copyright 2001-2023 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the Apache License 2.0 (the "License").  You may not use
       this file except in compliance with the License.  You can obtain a copy
       in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.

3.2.0                             2023-11-23   SSL_CTX_SET_MSG_CALLBACK(3ossl)

openssl 3.2.0 - Generated Fri Dec 1 07:40:15 CST 2023
© manpagez.com 2000-2024
Individual documents may contain additional copyright information.