| SSL_SET_PSK_USE_SESSION_CALLBACK(3) | Library Functions Manual | SSL_SET_PSK_USE_SESSION_CALLBACK(3) |
NAME
SSL_set_psk_use_session_callback,
SSL_psk_use_session_cb_func —
set TLS pre-shared key client callback
SYNOPSIS
#include
<openssl/ssl.h>
typedef int
(*SSL_psk_use_session_cb_func)(SSL
*ssl, const EVP_MD *md, const
unsigned char **id, size_t *idlen,
SSL_SESSION **session);
void
SSL_set_psk_use_session_callback(SSL
*ssl, SSL_psk_use_session_cb_func cb);
DESCRIPTION
LibreSSL provides the stub function
SSL_set_psk_use_session_callback()
to allow compiling application programs that contain optional support for
TLSv1.3 pre-shared keys.
LibreSSL does not support
TLS pre-shared keys, and no action occurs when
SSL_set_psk_use_session_callback()
is called. In particular, both arguments are ignored. During session
negotiation, LibreSSL never calls the callback cb and
always behaves as if that callback succeeded and set the
*session pointer to NULL. That
is, LibreSSL never sends a pre-shared key to the server and never aborts the
handshake for lack of a pre-shared key.
With OpenSSL, a client
application wishing to use TLSv1.3 pre-shared keys can install a callback
function cb using
SSL_set_psk_use_session_callback().
The OpenSSL library may call cb once or twice during
session negotiation. If the callback fails, OpenSSL aborts connection setup.
If the callback succeeds but sets the *session pointer
to NULL, OpenSSL continues the handshake but does
not send a pre-shared key to the server.
RETURN VALUES
The SSL_psk_use_session_cb_func() callback
is expected to return 1 on success or 0 on failure.
HISTORY
SSL_set_psk_use_session_callback() and
SSL_psk_use_session_cb_func() first appeared in
OpenSSL 1.1.1 and have been available since OpenBSD
7.0.
| September 14, 2021 | Linux 6.8.2-arch2-1 |