SSL_do_handshake.pod 2.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475
  1. =pod
  2. =head1 NAME
  3. SSL_do_handshake - perform a TLS/SSL handshake
  4. =head1 SYNOPSIS
  5. #include <openssl/ssl.h>
  6. int SSL_do_handshake(SSL *ssl);
  7. =head1 DESCRIPTION
  8. SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If the
  9. connection is in client mode, the handshake will be started. The handshake
  10. routines may have to be explicitly set in advance using either
  11. L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or
  12. L<SSL_set_accept_state(3)|SSL_set_accept_state(3)>.
  13. =head1 NOTES
  14. The behaviour of SSL_do_handshake() depends on the underlying BIO.
  15. If the underlying BIO is B<blocking>, SSL_do_handshake() will only return
  16. once the handshake has been finished or an error occurred, except for SGC
  17. (Server Gated Cryptography). For SGC, SSL_do_handshake() may return with -1,
  18. but SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and
  19. SSL_do_handshake() should be called again.
  20. If the underlying BIO is B<non-blocking>, SSL_do_handshake() will also return
  21. when the underlying BIO could not satisfy the needs of SSL_do_handshake()
  22. to continue the handshake. In this case a call to SSL_get_error() with the
  23. return value of SSL_do_handshake() will yield B<SSL_ERROR_WANT_READ> or
  24. B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
  25. taking appropriate action to satisfy the needs of SSL_do_handshake().
  26. The action depends on the underlying BIO. When using a non-blocking socket,
  27. nothing is to be done, but select() can be used to check for the required
  28. condition. When using a buffering BIO, like a BIO pair, data must be written
  29. into or retrieved out of the BIO before being able to continue.
  30. =head1 RETURN VALUES
  31. The following return values can occur:
  32. =over 4
  33. =item Z<>0
  34. The TLS/SSL handshake was not successful but was shut down controlled and
  35. by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
  36. return value B<ret> to find out the reason.
  37. =item Z<>1
  38. The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
  39. established.
  40. =item E<lt>0
  41. The TLS/SSL handshake was not successful because a fatal error occurred either
  42. at the protocol level or a connection failure occurred. The shutdown was
  43. not clean. It can also occur of action is need to continue the operation
  44. for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
  45. to find out the reason.
  46. =back
  47. =head1 SEE ALSO
  48. L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
  49. L<SSL_accept(3)|SSL_accept(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
  50. L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
  51. =cut