upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-08 08:12:27 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/doc/man3/SSL_set_async_callback.pod
Enji Cooper e4520c8bd1 openssl: Vendor import of OpenSSL-3.0.8 
Summary:

Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html .

Obtained from:  https://www.openssl.org/source/openssl-3.0.8.tar.gz
Differential Revision:	https://reviews.freebsd.org/D38835

Test Plan:
```
$ git status
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc)
openssl-3.0.8.tar.gz                                    14 MB 4507 kBps    04s
openssl-3.0.8.tar.gz.asc                               833  B   10 MBps    00s
$ set | egrep '(XLIST|OSSLVER)='
OSSLVER=3.0.8
XLIST=FREEBSD-Xlist
$ gpg --list-keys
/home/ngie/.gnupg/pubring.kbx
-----------------------------
pub   rsa4096 2014-10-04 [SC]
      7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C
uid           [ unknown] Richard Levitte <richard@levitte.org>
uid           [ unknown] Richard Levitte <levitte@lp.se>
uid           [ unknown] Richard Levitte <levitte@openssl.org>
sub   rsa4096 2014-10-04 [E]

$ gpg --verify openssl-${OSSLVER}.tar.gz.asc openssl-${OSSLVER}.tar.gz
gpg: Signature made Tue Feb  7 05:43:55 2023 PST
gpg:                using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C
gpg: Good signature from "Richard Levitte <richard@levitte.org>" [unknown]
gpg:                 aka "Richard Levitte <levitte@lp.se>" [unknown]
gpg:                 aka "Richard Levitte <levitte@openssl.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 7953 AC1F BC3D C8B3 B292  393E D5E9 E43F 7DF9 EE8C
$ (cd vendor.checkout/; git status; find . -type f -or -type l | cut -c 3- | sort > ../old)
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C ..
$ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* .
$ cat .git
gitdir: /home/ngie/git/freebsd-src/.git/worktrees/vendor.checkout
$ diff -arq ../openssl-3.0.8  .
Only in .: .git
Only in .: FREEBSD-Xlist
Only in .: FREEBSD-upgrade
$ git status FREEBSD*
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$
```

Reviewers: emaste, jkim

Subscribers: imp, andrew, dab

Differential Revision: https://reviews.freebsd.org/D38835
2023-03-06 12:41:29 -08:00

131 lines
4.1 KiB
Text
Raw Blame History

=pod
=head1 NAME
SSL_CTX_set_async_callback,
SSL_CTX_set_async_callback_arg,
SSL_set_async_callback,
SSL_set_async_callback_arg,
SSL_get_async_status,
SSL_async_callback_fn
- manage asynchronous operations
=head1 SYNOPSIS
=for openssl multiple includes
#include <openssl/ssl.h>
typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
int SSL_CTX_set_async_callback(SSL_CTX *ctx, SSL_async_callback_fn callback);
int SSL_CTX_set_async_callback_arg(SSL_CTX *ctx, void *arg);
int SSL_set_async_callback(SSL *s, SSL_async_callback_fn callback);
int SSL_set_async_callback_arg(SSL *s, void *arg);
int SSL_get_async_status(SSL *s, int *status);
=head1 DESCRIPTION
SSL_CTX_set_async_callback() sets an asynchronous callback function. All B<SSL>
objects generated based on this B<SSL_CTX> will get this callback. If an engine
supports the callback mechanism, it will be automatically called if
B<SSL_MODE_ASYNC> has been set and an asynchronous capable engine completes a
cryptography operation to notify the application to resume the paused work flow.
SSL_CTX_set_async_callback_arg() sets the callback argument.
SSL_set_async_callback() allows an application to set a callback in an
asynchronous B<SSL> object, so that when an engine completes a cryptography
operation, the callback will be called to notify the application to resume the
paused work flow.
SSL_set_async_callback_arg() sets an argument for the B<SSL> object when the
above callback is called.
SSL_get_async_status() returns the engine status. This function facilitates the
communication from the engine to the application. During an SSL session,
cryptographic operations are dispatched to an engine. The engine status is very
useful for an application to know if the operation has been successfully
dispatched. If the engine does not support this additional callback method,
B<ASYNC_STATUS_UNSUPPORTED> will be returned. See ASYNC_WAIT_CTX_set_status()
for a description of all of the status values.
An example of the above functions would be the following:
=over 4
=item 1.
Application sets the async callback and callback data on an SSL connection
by calling SSL_set_async_callback().
=item 2.
Application sets B<SSL_MODE_ASYNC> and makes an asynchronous SSL call
=item 3.
OpenSSL submits the asynchronous request to the engine. If a retry occurs at
this point then the status within the B<ASYNC_WAIT_CTX> would be set and the
async callback function would be called (goto Step 7).
=item 4.
The OpenSSL engine pauses the current job and returns, so that the
application can continue processing other connections.
=item 5.
At a future point in time (probably via a polling mechanism or via an
interrupt) the engine will become aware that the asynchronous request has
finished processing.
=item 6.
The engine will call the application's callback passing the callback data as
a parameter.
=item 7.
The callback function should then run. Note: it is a requirement that the
callback function is small and nonblocking as it will be run in the context of
a polling mechanism or an interrupt.
=item 8.
It is the application's responsibility via the callback function to schedule
recalling the OpenSSL asynchronous function and to continue processing.
=item 9.
The callback function has the option to check the status returned via
SSL_get_async_status() to determine whether a retry happened instead of the
request being submitted, allowing different processing if required.
=back
=head1 RETURN VALUES
SSL_CTX_set_async_callback(), SSL_set_async_callback(),
SSL_CTX_set_async_callback_arg(), SSL_CTX_set_async_callback_arg() and
SSL_get_async_status() return 1 on success or 0 on error.
=head1 SEE ALSO
L<ssl(7)>
=head1 HISTORY
SSL_CTX_set_async_callback(), SSL_CTX_set_async_callback_arg(),
SSL_set_async_callback(), SSL_set_async_callback_arg() and
SSL_get_async_status() were first added to OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut
Reference in a new issue View git blame Copy permalink