#use wml::openssl-macros area=docs page=SSL_CTX_set_mode

<title>Documents, SSL_CTX_set_mode(3)</title>

<h1>SSL_CTX_set_mode(3)</h1>

#use wml::imp::generic

{:
## What's this? [[s|(<STRONG>[^<].+?)</A>(</STRONG><DD>)|$1$2|sg]]
[[s|<P>\s+<P>|<P>|sg]]
[[s|<P>\s+</|</|sg]]
[[s|<DD>\s*<DT>|<DD>&nbsp;<DT>|sg]]
[[s|<DD>\s*</DL>|<DD>&nbsp;</DL>|sg]]
[[s|\[|&#91;|sg]]
[[s|\]|&#93;|sg]]

<!-- INDEX BEGIN -->

<UL>

	<LI><A HREF="#NAME">NAME</A>
	<LI><A HREF="#SYNOPSIS">SYNOPSIS</A>
	<LI><A HREF="#DESCRIPTION">DESCRIPTION</A>
	<LI><A HREF="#NOTES">NOTES</A>
	<LI><A HREF="#RETURN_VALUES">RETURN VALUES</A>
	<LI><A HREF="#SEE_ALSO">SEE ALSO</A>
	<LI><A HREF="#HISTORY">HISTORY</A>
</UL>
<!-- INDEX END -->

<HR>
<P>
<HR>
<H1><A NAME="NAME">NAME</A></H1>
<P>
SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate
SSL engine mode

</P>
<P>
<HR>
<H1><A NAME="SYNOPSIS">SYNOPSIS</A></H1>
<PRE> #include &lt;openssl/ssl.h&gt;
</PRE>
<PRE> long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
 long SSL_set_mode(SSL *ssl, long mode);
</PRE>
<PRE> long SSL_CTX_get_mode(SSL_CTX *ctx);
 long SSL_get_mode(SSL *ssl);
</PRE>
<P>
<HR>
<H1><A NAME="DESCRIPTION">DESCRIPTION</A></H1>
<P>
<CODE>SSL_CTX_set_mode()</CODE> adds the mode set via bitmask in <STRONG>mode</STRONG> to <STRONG>ctx</STRONG>. Options already set before are not cleared.

</P>
<P>
<CODE>SSL_set_mode()</CODE> adds the mode set via bitmask in <STRONG>mode</STRONG> to <STRONG>ssl</STRONG>. Options already set before are not cleared.

</P>
<P>
<CODE>SSL_CTX_get_mode()</CODE> returns the mode set for <STRONG>ctx</STRONG>.

</P>
<P>
<CODE>SSL_get_mode()</CODE> returns the mode set for <STRONG>ssl</STRONG>.

</P>
<P>
<HR>
<H1><A NAME="NOTES">NOTES</A></H1>
<P>
The following mode changes are available:

</P>
<DL>
<DT><STRONG><A NAME="item_SSL_MODE_ENABLE_PARTIAL_WRITE">SSL_MODE_ENABLE_PARTIAL_WRITE</A></STRONG><DD>
<P>
Allow <CODE>SSL_write(...,</CODE> n) to return r with 0 &lt; r &lt; n (i.e.
report success when just a single record has been written). When not set
(the default), <CODE>SSL_write()</CODE> will only report success once the
complete chunk was written. Once <CODE>SSL_write()</CODE> returns with r, r
bytes have been successfully written and the next call to
<CODE>SSL_write()</CODE> must only send the n-r bytes left, imitating the
behaviour of <CODE>write().</CODE>

</P>
<DT><STRONG><A NAME="item_SSL_MODE_ACCEPT_MOVING_WRITE_BUF">SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER</A></STRONG><DD>
<P>
Make it possible to retry <CODE>SSL_write()</CODE> with changed buffer
location (the buffer contents must stay the same). This is not the default
to avoid the misconception that non-blocking <CODE>SSL_write()</CODE>
behaves like non-blocking <CODE>write().</CODE>

</P>
<DT><STRONG><A NAME="item_SSL_MODE_AUTO_RETRY">SSL_MODE_AUTO_RETRY</A></STRONG><DD>
<P>
Never bother the application with retries if the transport is blocking. If
a renegotiation take place during normal operation, a
<A HREF="../ssl/SSL_read.html#">SSL_read(3)</A> or <A HREF="../ssl/SSL_write.html#">SSL_write(3)</A> would return with -1 and indicate the need to retry with
SSL_ERROR_WANT_READ. In a non-blocking environment applications must be
prepared to handle incomplete read/write operations. In a blocking
environment, applications are not always prepared to deal with read/write
operations returning without success report. The flag SSL_MODE_AUTO_RETRY
will cause read/write operations to only return after the handshake and
successful completion.

</P>
<DT><STRONG><A NAME="item_SSL_MODE_RELEASE_BUFFERS">SSL_MODE_RELEASE_BUFFERS</A></STRONG><DD>
<P>
When we no longer need a read buffer or a write buffer for a given SSL,
then release the memory we were using to hold it. Released memory is either
appended to a list of unused RAM chunks on the SSL_CTX, or simply freed if
the list of unused chunks would become longer than
SSL_CTX-&gt;freelist_max_len, which defaults to 32. Using this flag can
save around 34k per idle SSL connection. This flag has no effect on SSL v2
connections, or on DTLS connections.

</P>
</DL>
<P>
<HR>
<H1><A NAME="RETURN_VALUES">RETURN VALUES</A></H1>
<P>
<CODE>SSL_CTX_set_mode()</CODE> and <CODE>SSL_set_mode()</CODE> return the
new mode bitmask after adding <STRONG>mode</STRONG>.

</P>
<P>
<CODE>SSL_CTX_get_mode()</CODE> and <CODE>SSL_get_mode()</CODE> return the
current bitmask.

</P>
<P>
<HR>
<H1><A NAME="SEE_ALSO">SEE ALSO</A></H1>
<P>
<A HREF="../ssl/ssl.html#">ssl(3)</A>, <A HREF="../ssl/SSL_read.html#">SSL_read(3)</A>, <A HREF="../ssl/SSL_write.html#">SSL_write(3)</A>



</P>
<P>
<HR>
<H1><A NAME="HISTORY">HISTORY</A></H1>
<P>
SSL_MODE_AUTO_RETRY as been added in OpenSSL 0.9.6.

</P>
:}