NAME

       SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, SSL_set_msg_callback, SSL_set_msg_callback_arg -
       install callback for observing protocol messages

SYNOPSIS

        #include <openssl/ssl.h>

        void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
                                      void (*cb)(int write_p, int version,
                                                 int content_type, const void *buf,
                                                 size_t len, SSL *ssl, void *arg));
        void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);

        void SSL_set_msg_callback(SSL *ssl,
                                  void (*cb)(int write_p, int version,
                                             int content_type, const void *buf,
                                             size_t len, SSL *ssl, void *arg));
        void SSL_set_msg_callback_arg(SSL *ssl, void *arg);

DESCRIPTION

       SSL_CTX_set_msg_callback() or SSL_set_msg_callback() can be used to define a message callback function cb
       for observing all SSL/TLS protocol messages (such as handshake messages) that are received or sent, as
       well as other events that occur during processing.  SSL_CTX_set_msg_callback_arg() and
       SSL_set_msg_callback_arg() can be used to set argument arg to the callback function, which is available
       for arbitrary application use.

       SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify default settings that will be
       copied to new SSL objects by SSL_new(3). SSL_set_msg_callback() and SSL_set_msg_callback_arg() modify the
       actual settings of an SSL object. Using a NULL pointer for cb disables the message callback.

       When cb is called by the SSL/TLS library the function arguments have the following meaning:

       write_p
           This flag is 0 when a protocol message has been received and 1 when a protocol message has been sent.

       version
           The  protocol  version  according to which the protocol message is interpreted by the library such as
           TLS1_3_VERSION, TLS1_2_VERSION etc.  This is set to 0 for the SSL3_RT_HEADER pseudo content type (see
           NOTES below).

       content_type
           This   is   one   of   the   content   type   values   defined   in   the   protocol    specification
           (SSL3_RT_CHANGE_CIPHER_SPEC,  SSL3_RT_ALERT,  SSL3_RT_HANDSHAKE;  but  never SSL3_RT_APPLICATION_DATA
           because the callback will only be called for protocol messages). Alternatively it may be  a  "pseudo"
           content  type.  These  pseudo  content types are used to signal some other event in the processing of
           data (see NOTES below).

       buf, len
           buf points to a buffer containing the protocol message or other data (in the case of  pseudo  content
           types),  which  consists  of len bytes. The buffer is no longer valid after the callback function has
           returned.

       ssl The SSL object that received or sent the message.

       arg The   user-defined    argument    optionally    defined    by    SSL_CTX_set_msg_callback_arg()    or
           SSL_set_msg_callback_arg().

NOTES

       Protocol  messages  are  passed  to  the callback function after decryption and fragment collection where
       applicable. (Thus record boundaries are not visible.)

       If processing a received protocol message results in an error, the callback function may not  be  called.
       For example, the callback function will never see messages that are considered too large to be processed.

       Due  to  automatic  protocol version negotiation, version is not necessarily the protocol version used by
       the sender of the message: If a TLS 1.0 ClientHello message  is  received  by  an  SSL  3.0-only  server,
       version will be SSL3_VERSION.

       Pseudo  content  type  values  may be sent at various points during the processing of data. The following
       pseudo content types are currently defined:

       SSL3_RT_HEADER
           Used when a record is sent or received. The buf contains the record header bytes only.

       SSL3_RT_INNER_CONTENT_TYPE
           Used when an encrypted TLSv1.3 record is sent or received. In encrypted TLSv1.3 records  the  content
           type in the record header is always SSL3_RT_APPLICATION_DATA. The real content type for the record is
           contained in an "inner" content type. buf contains the encoded "inner" content type byte.

RETURN VALUES

       SSL_CTX_set_msg_callback(),        SSL_CTX_set_msg_callback_arg(),       SSL_set_msg_callback()       and
       SSL_set_msg_callback_arg() do not return values.

SEE ALSO

       ssl(7), SSL_new(3)

HISTORY

       The pseudo content type SSL3_RT_INNER_CONTENT_TYPE was added in OpenSSL 1.1.1.

COPYRIGHT

       Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the Apache License 2.0 (the "License").  You may not use this file  except  in  compliance
       with  the  License.   You  can  obtain  a  copy  in  the  file  LICENSE  in the source distribution or at
       <https://www.openssl.org/source/license.html>.

3.0.13                                             2025-02-05                     SSL_CTX_SET_MSG_CALLBACK(3SSL)