=head1 SYNOPSIS
-=head1 DESCRIPTION
+=head1 OVERVIEW
The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and
Transport Layer Security (TLS v1) protocols. It provides a rich API which is
documented here.
-=head1 HEADER FILES
-
-Currently the OpenSSL B<ssl> library provides the following C header files
-containing the prototypes for the data structures and and functions:
+At first the library must be initialized; see
+L<SSL_library_init(3)|SSL_library_init(3)>.
-=over 4
+Then an B<SSL_CTX> object is created as a framework to establish
+TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>).
+Various options regarding certificates, algorithms etc. can be set
+in this object.
-=item B<ssl.h>
+When a network connection has been created, it can be assigned to an
+B<SSL> object. After the B<SSL> object has been created using
+L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or
+L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network
+connection with the object.
-That's the common header file for the SSL/TLS API. Include it into your
-program to make the API of the B<ssl> library available. It internally
-includes both more private SSL headers and headers from the B<crypto> library.
-Whenever you need hard-core details on the internals of the SSL API, look
-inside this header file.
-
-=item B<ssl2.h>
-
-That's the sub header file dealing with the SSLv2 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<ssl3.h>
-
-That's the sub header file dealing with the SSLv3 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<ssl23.h>
-
-That's the sub header file dealing with the combined use of the SSLv2 and
-SSLv3 protocols.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=item B<tls1.h>
-
-That's the sub header file dealing with the TLSv1 protocol only.
-I<Usually you don't have to include it explicitly because
-it's already included by ssl.h>.
-
-=back
+Then the TLS/SSL handshake is performed using
+L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)>
+respectively.
+L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used
+to read and write data on the TLS/SSL connection.
+L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the
+TLS/SSL connection.
=head1 DATA STRUCTURES
=back
+
+=head1 HEADER FILES
+
+Currently the OpenSSL B<ssl> library provides the following C header files
+containing the prototypes for the data structures and and functions:
+
+=over 4
+
+=item B<ssl.h>
+
+That's the common header file for the SSL/TLS API. Include it into your
+program to make the API of the B<ssl> library available. It internally
+includes both more private SSL headers and headers from the B<crypto> library.
+Whenever you need hard-core details on the internals of the SSL API, look
+inside this header file.
+
+=item B<ssl2.h>
+
+That's the sub header file dealing with the SSLv2 protocol only.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=item B<ssl3.h>
+
+That's the sub header file dealing with the SSLv3 protocol only.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=item B<ssl23.h>
+
+That's the sub header file dealing with the combined use of the SSLv2 and
+SSLv3 protocols.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=item B<tls1.h>
+
+That's the sub header file dealing with the TLSv1 protocol only.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=back
+
=head1 API FUNCTIONS
Currently the OpenSSL B<ssl> library exports 214 API functions.