OpenSSL

Cryptography and SSL/TLS Toolkit

SSL_set1_initial_peer_addr

NAME

SSL_set1_initial_peer_addr - set the initial peer address for a QUIC connection

SYNOPSIS

#include <openssl/ssl.h>

int SSL_set1_initial_peer_addr(SSL *s, const BIO_ADDR *addr);

DESCRIPTION

SSL_set1_initial_peer_addr() sets the initial destination peer address to be used for the purposes of establishing a QUIC connection in client mode. This function can be used only on a QUIC connection SSL object, and can be used only before a connection attempt is first made. addr must point to a BIO_ADDR representing a UDP destination address of the server to connect to.

Where a QUIC connection object is provided with a write BIO which supports the BIO_CTRL_DGRAM_GET_PEER control (for example, BIO_s_dgram), the initial destination peer address can be detected automatically; if BIO_CTRL_DGRAM_GET_PEER returns a valid (non-AF_UNSPEC) peer address and no valid peer address has yet been set, this will be set automatically as the initial peer address. This behaviour can be overridden by calling SSL_set1_initial_peer_addr() with a valid peer address explicitly.

The destination address used by QUIC may change over time in response to connection events, such as connection migration (where supported). SSL_set1_initial_peer_addr() configures the destination address used for initial connection establishment, and does not confer any guarantee about the destination address being used for communication at any later time in the connection lifecycle.

This function makes a copy of the address passed by the caller; the BIO_ADDR structure pointed to by addr may be freed by the caller after this function returns.

RETURN VALUES

Returns 1 on success and 0 on failure.

SEE ALSO

BIO_ADDR(3), ssl(7)

HISTORY

The SSL_set1_initial_peer_addr() function was added in OpenSSL 3.2.

Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.